diff options
Diffstat (limited to 'ONAP-PDP-REST/src/main')
-rw-r--r-- | ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java index d06321d64..246f5a26d 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -90,7 +90,7 @@ public class PDPApiAuth { */ public static boolean checkPermissions(String clientEncoding, String requestID, String resource) { - try{ + try{ String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding); if(userNamePass==null || userNamePass.length==0){ String usernameAndPassword = null; @@ -105,7 +105,14 @@ public class PDPApiAuth { Boolean result = false; // Check Backward Compatibility. try{ - result = clientAuth(userNamePass); + /* + * If AAF is NOT enabled in the properties we will allow the user to + * continue to use the client.properties file to authenticate. + * Note: Disabling AAF is for testing purposes and not intended for production. + */ + if ("false".equals(XACMLProperties.getProperty("enable_aaf"))) { + result = clientAuth(userNamePass); + } }catch(Exception e){ LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e); } |