X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ONAP-PDP-REST%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fpolicy%2Fpdp%2Frest%2Fconfig%2FPDPApiAuth.java;h=246f5a26d4cda21a8fed924fafef068231a2843d;hb=6accdc2ae0340ed84a59c739bd345ced2ff323c5;hp=d06321d64e5d8c50c6d22a79cddb30d01247e308;hpb=e9312923e96a2678f794fcf08ff5918d1b005bbd;p=policy%2Fengine.git

diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
index d06321d64..246f5a26d 100644
--- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
+++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * ONAP-PDP-REST
  * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -90,7 +90,7 @@ public class PDPApiAuth {
      */
     public static boolean checkPermissions(String clientEncoding, String requestID,
             String resource) {
-        try{
+        try{            
             String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding);
             if(userNamePass==null || userNamePass.length==0){
                 String usernameAndPassword = null;
@@ -105,7 +105,14 @@ public class PDPApiAuth {
             Boolean result = false;
             // Check Backward Compatibility. 
             try{
-                result = clientAuth(userNamePass);
+                /*
+                 * If AAF is NOT enabled in the properties we will allow the user to 
+                 * continue to use the client.properties file to authenticate.
+                 * Note: Disabling AAF is for testing purposes and not intended for production.
+                 */
+                if ("false".equals(XACMLProperties.getProperty("enable_aaf"))) {
+                    result = clientAuth(userNamePass);
+                }
             }catch(Exception e){
                 LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
             }