X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Ffilter%2FAUTHZServlet.java;fp=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Ffilter%2FAUTHZServlet.java;h=f72a99bfae1a6e9fa2e4bf4cc4f6c5dbeabd6d5e;hb=1070cc920c5cfa8af29f83137da79fba28341609;hp=f7c4b7f1f9414c3a2b4e1cecc4cec6db4393d459;hpb=9a03e67324d26cc655342be2db68fdd85651b567;p=aaf%2Fauthz.git

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
index f7c4b7f1..f72a99bf 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
@@ -47,7 +47,7 @@ public class AUTHZServlet<S extends Servlet> implements Servlet {
 			delegate = null;
 		}
 		RolesAllowed rolesAllowed = cls.getAnnotation(RolesAllowed.class);
-		if(rolesAllowed == null) {
+		if (rolesAllowed == null) {
 			roles = null;
 		} else {
 			roles = rolesAllowed.value();
@@ -55,7 +55,9 @@ public class AUTHZServlet<S extends Servlet> implements Servlet {
 	}
 	
 	public void init(ServletConfig sc) throws ServletException {
-		if(delegate == null) throw new ServletException("Invalid Servlet Delegate");
+		if (delegate == null) {
+			throw new ServletException("Invalid Servlet Delegate");
+		}
 		delegate.init(sc);
 	}
 	
@@ -68,27 +70,24 @@ public class AUTHZServlet<S extends Servlet> implements Servlet {
 	}
 
 	public void service(ServletRequest req, ServletResponse resp) throws ServletException, IOException {
-		if(roles==null) {
-			delegate.service(req,resp);
-		} else { // Validate
-			try {
-				HttpServletRequest hreq = (HttpServletRequest)req;
-				boolean proceed = false;
-				for(String role : roles) {
-					if(hreq.isUserInRole(role)) {
-						proceed = true;
-						break;
-					}
-				}
-				if(proceed) {
-					delegate.service(req,resp);
-				} else {
-					//baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
-					((HttpServletResponse)resp).sendError(403); // forbidden
+		if (roles == null) {
+			delegate.service(req, resp);
+			return;
+		}
+
+		// Validate
+		try {
+			HttpServletRequest hreq = (HttpServletRequest)req;
+			for (String role : roles) {
+				if (hreq.isUserInRole(role)) {
+					delegate.service(req, resp);
+					return;
 				}
-			} catch(ClassCastException e) {
-				throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse");
 			}
+
+			((HttpServletResponse)resp).sendError(403); // forbidden
+		} catch (ClassCastException e) {
+			throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse");
 		}
 	}
 
@@ -96,5 +95,4 @@ public class AUTHZServlet<S extends Servlet> implements Servlet {
 		delegate.destroy();
 	}
 
-
 }