3 files changed, 14 insertions, 3 deletions

diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
index d06321d64..246f5a26d 100644
--- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
+++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * ONAP-PDP-REST
  * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -90,7 +90,7 @@ public class PDPApiAuth {
      */
     public static boolean checkPermissions(String clientEncoding, String requestID,
             String resource) {
-        try{
+        try{            
             String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding);
             if(userNamePass==null || userNamePass.length==0){
                 String usernameAndPassword = null;
@@ -105,7 +105,14 @@ public class PDPApiAuth {
             Boolean result = false;
             // Check Backward Compatibility. 
             try{
-                result = clientAuth(userNamePass);
+                /*
+                 * If AAF is NOT enabled in the properties we will allow the user to 
+                 * continue to use the client.properties file to authenticate.
+                 * Note: Disabling AAF is for testing purposes and not intended for production.
+                 */
+                if ("false".equals(XACMLProperties.getProperty("enable_aaf"))) {
+                    result = clientAuth(userNamePass);
+                }
             }catch(Exception e){
                 LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
             }
diff --git a/ONAP-PDP-REST/src/test/resources/notification.xacml.pdp.properties b/ONAP-PDP-REST/src/test/resources/notification.xacml.pdp.properties
index 2a3600559..345de16b0 100644
--- a/ONAP-PDP-REST/src/test/resources/notification.xacml.pdp.properties
+++ b/ONAP-PDP-REST/src/test/resources/notification.xacml.pdp.properties
@@ -167,5 +167,7 @@ xacml.rest.pep.idfile = src/test/resources/client.properties
 #Not Mandatory for Open Onap
 policy.aaf.namespace = 
 policy.aaf.resource = 
+enable_aaf=false
+
 #
 DMAAP_AAF_LOGIN =
diff --git a/ONAP-PDP-REST/src/test/resources/pass.xacml.pdp.properties b/ONAP-PDP-REST/src/test/resources/pass.xacml.pdp.properties
index c3eda591f..cf6d92753 100644
--- a/ONAP-PDP-REST/src/test/resources/pass.xacml.pdp.properties
+++ b/ONAP-PDP-REST/src/test/resources/pass.xacml.pdp.properties
@@ -167,5 +167,7 @@ xacml.rest.pep.idfile = src/test/resources/client.properties
 #Not Mandatory for Open Onap
 policy.aaf.namespace = 
 policy.aaf.resource = 
+enable_aaf=false
+
 #
 DMAAP_AAF_LOGIN =