From 4dfacd240b7c403b43b7e691c335a28d260dfc94 Mon Sep 17 00:00:00 2001 From: sebdet Date: Wed, 21 Apr 2021 12:51:06 +0200 Subject: Fix Sonar bugs Fix sonar bugs reported in the ClampServlet Issue-ID: POLICY-3200 Signed-off-by: sebdet Change-Id: I8d823d0b25d7379bb0fc8c87f31628bc63f51f5d --- .../org/onap/policy/clamp/clds/ClampServlet.java | 24 ++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) (limited to 'src/main') diff --git a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java index dcaa2acf3..eb64438bf 100644 --- a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java +++ b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java @@ -1,6 +1,6 @@ /*- * ============LICENSE_START======================================================= - * ONAP CLAMP + * ONAP POLICY-CLAMP * ================================================================================ * Copyright (C) 2018, 2021 AT&T Intellectual Property. All rights * reserved. @@ -31,12 +31,14 @@ import java.io.IOException; import java.security.Principal; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.List; import java.util.stream.Collectors; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.camel.component.servlet.CamelHttpTransportServlet; +import org.apache.commons.lang3.StringUtils; import org.onap.policy.clamp.authorization.SecureServicePermission; import org.springframework.context.ApplicationContext; import org.springframework.http.HttpStatus; @@ -46,6 +48,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; +import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; public class ClampServlet extends CamelHttpTransportServlet { @@ -70,9 +73,22 @@ public class ClampServlet extends CamelHttpTransportServlet { private static List permissionList; private synchronized List loadDynamicAuthenticationClasses() { - return Arrays.stream(WebApplicationContextUtils.getWebApplicationContext(getServletContext()) - .getEnvironment().getProperty(AUTHENTICATION_CLASS).split(",")).map(String::trim) - .collect(Collectors.toList()); + WebApplicationContext webAppContext = WebApplicationContextUtils.getWebApplicationContext(getServletContext()); + if (webAppContext != null) { + String authClassProperty = webAppContext.getEnvironment().getProperty(AUTHENTICATION_CLASS); + if (StringUtils.isBlank(authClassProperty)) { + return Arrays.stream(authClassProperty.split(",")).map(String::trim) + .collect(Collectors.toList()); + } + logger.warn( + "No authentication classes defined in Clamp BE config " + AUTHENTICATION_CLASS + + " AAF authentication could be broken due to that"); + } else { + logger.error( + "WebApplicationContext is NULL, no authentication classes will be loaded in clamp BE" + + ", AAF authentication could be broken"); + } + return Collections.emptyList(); } private synchronized List getPermissionList() { -- cgit 1.2.3-korg