X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fclamp%2Fclds%2Ffilter%2FClampCadiFilter.java;h=c673f544a9dc1e60cd3c41e0cc444d787d8a53ad;hb=68af81034f311e6a25221648f48ae6db7c8e30b6;hp=cd141ae77f29147dae179d9c1bf378d6eb39dd84;hpb=4afddd63a79e21cd632646c1a9446fa2d2f2fbbb;p=clamp.git diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java index cd141ae7..c673f544 100644 --- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java +++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java @@ -25,7 +25,6 @@ package org.onap.clamp.clds.filter; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; - import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; @@ -36,16 +35,15 @@ import java.nio.file.StandardCopyOption; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; - import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; - import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.clamp.clds.util.ResourceFileUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.ApplicationContext; @@ -59,19 +57,19 @@ public class ClampCadiFilter extends CadiFilter { @Value("${server.ssl.key-store:#{null}}") private String keyStore; - @Value("${clamp.config.cadi.cadiKeystorePassword:#{null}}") + @Value("${server.ssl.key-store-password:#{null}}") private String keyStorePass; @Value("${server.ssl.trust-store:#{null}}") private String trustStore; - @Value("${clamp.config.cadi.cadiTruststorePassword:#{null}}") + @Value("${server.ssl.trust-store-password:#{null}}") private String trustStorePass; @Value("${server.ssl.key-alias:clamp@clamp.onap.org}") private String alias; - @Value("${clamp.config.cadi.keyFile:#{null}}") + @Value("${clamp.config.keyFile:#{null}}") private String keyFile; @Value("${clamp.config.cadi.cadiLoglevel:#{null}}") @@ -101,6 +99,9 @@ public class ClampCadiFilter extends CadiFilter { @Value("${clamp.config.cadi.cadiX509Issuers:#{null}}") private String cadiX509Issuers; + @Value("${clamp.config.caCerts:#{null}}") + private String caCertsPath; + private void checkIfNullProperty(String key, String value) { /* * When value is null, so not defined in application.properties set nothing in @@ -150,13 +151,18 @@ public class ClampCadiFilter extends CadiFilter { X509Certificate cert = (X509Certificate) certificateFactory .generateCertificate(new ByteArrayInputStream( URLDecoder.decode(certHeader, StandardCharsets.UTF_8.toString()).getBytes())); + X509Certificate caCert = (X509Certificate) certificateFactory + .generateCertificate(new ByteArrayInputStream( + ResourceFileUtils.getResourceAsString(this.caCertsPath).getBytes())); + X509Certificate[] certifArray = ((X509Certificate[]) request .getAttribute("javax.servlet.request.X509Certificate")); if (certifArray == null) { - certifArray = new X509Certificate[] { cert }; + certifArray = new X509Certificate[] { cert, caCert }; request.setAttribute("javax.servlet.request.X509Certificate", certifArray); } else { certifArray[0] = cert; + certifArray[1] = caCert; } }