diff options
author | guangxingwang <gw1218@att.com> | 2018-02-15 11:13:18 -0600 |
---|---|---|
committer | guangxingwang <gw1218@att.com> | 2018-02-19 16:42:19 -0600 |
commit | 5ba143338d6fbc2b4d1e36c0efcbbabe15c65301 (patch) | |
tree | 7b5898632763ee06f09a2fd548107bd4e5750f8f /ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java | |
parent | e5c628fee6a6e6bb57a34d5b73e092d89ee26a5c (diff) |
Fix Fortify Scan Issue:
1) Fix Fortify Header Manipulation issue by checking the format of the
message before adding it response header.
2) Fix Fortify Hardcoded Password issue by using encryption and decryption
Issue-ID: POLICY-543
Change-Id: I16b44b9b0670b1af75094c9ae9d1f7d352fa894a
Signed-off-by: guangxingwang <gw1218@att.com>
Diffstat (limited to 'ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java')
-rw-r--r-- | ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java index 9ab4252c7..59194841f 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java @@ -40,6 +40,7 @@ import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; import org.onap.policy.pdp.rest.config.PDPApiAuth; import org.onap.policy.rest.XACMLRestProperties; +import org.onap.policy.utils.CryptoUtils; import org.onap.policy.xacml.api.XACMLErrorConstants; import org.onap.policy.xacml.std.pap.StdPDPPolicy; @@ -76,7 +77,7 @@ public class PAPServices { private String getPAPEncoding(){ if(encoding == null){ String userID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); - String pass = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS); + String pass =CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); Base64.Encoder encoder = Base64.getEncoder(); encoding = encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8)); } |