summaryrefslogtreecommitdiffstats
path: root/policy-management
diff options
context:
space:
mode:
authorJorge Hernandez <jorge.hernandez-herrero@att.com>2018-10-26 09:27:05 -0500
committerJorge Hernandez <jorge.hernandez-herrero@att.com>2018-10-26 09:46:46 -0500
commit7f983422c4970efdf778b99318e346e5de0cd60f (patch)
tree0d47d1f4f9eb769999c0911467b7d7ca7989ed94 /policy-management
parent5bf8486284313c32de3dc8c05233eeb621c845ab (diff)
Enable Authorization AAF Filter programmatically3.0.0-ONAP
The intent is to reduce configuration options and automatically set up the authorization filter (that will complement the authentication filter that the policy-endpoints common framework automatically provides). Previously to enable the AAF authorization filter, it will need the configuration had to kept track of AAF flag, and the "filterClasses" property configuration, make a bit more difficult to keep them sync, and easily turn on/off AAF. Change-Id: I3d59de6fa83986c5dcb6b3d38077278b8e75689a Issue-ID: POLICY-1216 Signed-off-by: Jorge Hernandez <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'policy-management')
-rw-r--r--policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java12
-rw-r--r--policy-management/src/main/server/config/policy-engine.properties1
2 files changed, 11 insertions, 2 deletions
diff --git a/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java b/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java
index b181ff59..e08b3704 100644
--- a/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java
+++ b/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java
@@ -51,6 +51,7 @@ import org.onap.policy.drools.protocol.coders.EventProtocolCoder;
import org.onap.policy.drools.protocol.configuration.ControllerConfiguration;
import org.onap.policy.drools.protocol.configuration.PdpdConfiguration;
import org.onap.policy.drools.server.restful.RestManager;
+import org.onap.policy.drools.server.restful.aaf.AafTelemetryAuthFilter;
import org.onap.policy.drools.utils.logging.LoggerUtil;
import org.onap.policy.drools.utils.logging.MDCTransaction;
import org.slf4j.Logger;
@@ -336,12 +337,14 @@ public interface PolicyEngine extends Startable, Lockable, TopicListener {
* Policy Engine Manager Implementation.
*/
class PolicyEngineManager implements PolicyEngine {
- private static final String INVALID_TOPIC_MSG = "Invalid Topic";
+ /**
+ * String literals.
+ */
+ private static final String INVALID_TOPIC_MSG = "Invalid Topic";
private static final String INVALID_EVENT_MSG = "Invalid Event";
private static final String ENGINE_STOPPED_MSG = "Policy Engine is stopped";
-
private static final String ENGINE_LOCKED_MSG = "Policy Engine is locked";
/**
@@ -509,6 +512,11 @@ class PolicyEngineManager implements PolicyEngine {
try {
this.httpServers = getServletFactory().build(properties);
+ for (HttpServletServer server : this.httpServers) {
+ if (server.isAaf()) {
+ server.addFilterClass(null, AafTelemetryAuthFilter.class.getCanonicalName());
+ }
+ }
} catch (final IllegalArgumentException e) {
logger.error("{}: add-http-servers failed", this, e);
}
diff --git a/policy-management/src/main/server/config/policy-engine.properties b/policy-management/src/main/server/config/policy-engine.properties
index 8e517528..81b7db78 100644
--- a/policy-management/src/main/server/config/policy-engine.properties
+++ b/policy-management/src/main/server/config/policy-engine.properties
@@ -49,6 +49,7 @@ http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.r
http.server.services.SECURED-CONFIG.managed=false
http.server.services.SECURED-CONFIG.swagger=true
http.server.services.SECURED-CONFIG.https=true
+http.server.services.SECURED-CONFIG.aaf=${{AAF}}
aaf.namespace=${{AAF_NAMESPACE}}
aaf.root.permission=${{AAF_NAMESPACE}}.pdpd