X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fcrud%2Fservice%2FCrudRestService.java;h=734c4d50569ea322eb46a1e5aa3777fcc252f387;hb=0c40bcde9facc109ceb8dabb91156df2b4fb4129;hp=f97534739609193b975651db5505597b09cf644f;hpb=dee6c34b3e5d3b40bc74fc73fafc1d116126c7fc;p=aai%2Fgizmo.git

diff --git a/src/main/java/org/onap/crud/service/CrudRestService.java b/src/main/java/org/onap/crud/service/CrudRestService.java
index f975347..734c4d5 100644
--- a/src/main/java/org/onap/crud/service/CrudRestService.java
+++ b/src/main/java/org/onap/crud/service/CrudRestService.java
@@ -56,9 +56,6 @@ import org.onap.aaiauth.auth.Auth;
 import org.onap.crud.exception.CrudException;
 import org.onap.crud.logging.CrudServiceMsgs;
 import org.onap.crud.logging.LoggingUtil;
-import org.onap.crud.parser.BulkPayload;
-import org.onap.crud.parser.EdgePayload;
-import org.onap.crud.parser.VertexPayload;
 import org.onap.crud.util.CrudProperties;
 import org.onap.crud.util.CrudServiceConstants;
 import org.onap.crud.util.CrudServiceUtil;
@@ -80,6 +77,7 @@ public class CrudRestService {
     Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
     Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
     private Auth auth;
+    private boolean authorizationEnabled;
 
     private String mediaType = MediaType.APPLICATION_JSON;
     public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
@@ -87,7 +85,14 @@ public class CrudRestService {
 
     public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
         this.graphDataService = graphDataService;
-        this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
+        
+        this.authorizationEnabled = Boolean.parseBoolean(
+                CrudProperties.get(CrudServiceConstants.CRD_AUTHORIZATION_ENABLED, "true"));
+
+        this.auth = null;
+        if (this.authorizationEnabled) {
+            this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
+        }        
     }
 
     // For unit testing
@@ -1063,6 +1068,12 @@ public class CrudRestService {
 
     protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
             String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
+        
+        if (!authorizationEnabled) {
+            validateRequestHeader(headers);
+            return true;
+        }
+        
         boolean isValid = false;
         try {
             String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");