From ffb54325630df1550f76d72af9978186630db221 Mon Sep 17 00:00:00 2001 From: Jorge Hernandez Date: Fri, 26 Oct 2018 08:46:00 -0500 Subject: Detection of AAF enablement Change-Id: I049e88bec2c83f6224ba1d1f24b93e0fb1aa807e Issue-ID: POLICY-1216 Signed-off-by: Jorge Hernandez --- .../common/endpoints/http/server/HttpServletServer.java | 12 ++++++++++++ .../endpoints/http/server/HttpServletServerFactory.java | 2 +- .../http/server/internal/JettyServletServer.java | 17 +++++++++++++++++ .../endpoints/http/server/test/HttpServerTest.java | 5 +++++ 4 files changed, 35 insertions(+), 1 deletion(-) diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java index 1f008a8b..c4db9fbe 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java @@ -49,6 +49,18 @@ public interface HttpServletServer extends Startable { */ void setBasicAuthentication(String user, String password, String relativeUriPath); + /** + * Enables AAF based authentication. + * + * @param filterPath filter path + */ + void setAafAuthentication(String filterPath); + + /** + * Checks if AAF authentication has been enabled. + */ + boolean isAaf(); + /** * Adds a filter at the specified path. * diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java index 488512f9..4a33f568 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java @@ -247,7 +247,7 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory { /* authentication method either AAF or HTTP Basic Auth */ if (aaf) { - service.addFilterClass(contextUriPath, CadiFilter.class.getCanonicalName()); + service.setAafAuthentication(contextUriPath); } else if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) { service.setBasicAuthentication(userName, password, authUriPath); } diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java index ebac41ef..0c52aca8 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java @@ -37,10 +37,12 @@ import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.Slf4jRequestLog; +import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.util.security.Constraint; import org.eclipse.jetty.util.security.Credential; import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.onap.aaf.cadi.filter.CadiFilter; import org.onap.policy.common.endpoints.http.server.HttpServletServer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -233,6 +235,21 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable return new ServerConnector(this.jettyServer); } + @Override + public void setAafAuthentication(String filterPath) { + this.addFilterClass(filterPath, CadiFilter.class.getCanonicalName()); + } + + @Override + public boolean isAaf() { + for (FilterHolder filter : context.getServletHandler().getFilters()) { + if (CadiFilter.class.getCanonicalName().equals(filter.getClassName())) { + return true; + } + } + return false; + } + @Override public void setBasicAuthentication(String user, String password, String servletPath) { String srvltPath = servletPath; diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java index 4552109d..084847ce 100644 --- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java +++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java @@ -21,6 +21,7 @@ package org.onap.policy.common.endpoints.http.server.test; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import java.io.BufferedReader; @@ -56,6 +57,7 @@ public class HttpServerTest { server.waitedStart(5000); assertTrue(HttpServletServer.factory.get(5678).isAlive()); + assertFalse(HttpServletServer.factory.get(5678).isAaf()); String response = http(HttpServletServer.factory.get(5678), "http://localhost:5678/junit/echo/hello"); assertTrue("hello".equals(response)); @@ -74,6 +76,9 @@ public class HttpServerTest { assertTrue(HttpServletServer.factory.get(5678).isAlive()); assertTrue(HttpServletServer.factory.inventory().size() == 1); + server.setAafAuthentication("/*"); + assertTrue(HttpServletServer.factory.get(5678).isAaf()); + HttpServletServer.factory.destroy(5678); assertTrue(HttpServletServer.factory.inventory().size() == 0); } -- cgit 1.2.3-korg