X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fresources%2FAuthorizationFilter.java;h=3ed571763e5f72f6dab534ce2fac11dfcb7eb23a;hb=03b16f6df6fe5545a4ed219916c77dd696694ea2;hp=9dafb55974e77eabaa80acbaf4d3d72c8ae82c26;hpb=38e9612306fdc1453382e3555002663c4a5ed6fd;p=dmaap%2Fdbcapi.git

diff --git a/src/main/java/org/onap/dmaap/dbcapi/resources/AuthorizationFilter.java b/src/main/java/org/onap/dmaap/dbcapi/resources/AuthorizationFilter.java
index 9dafb55..3ed5717 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/resources/AuthorizationFilter.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/resources/AuthorizationFilter.java
@@ -20,44 +20,50 @@
 
 package org.onap.dmaap.dbcapi.resources;
 
-import java.io.IOException;
-
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerRequestFilter;
 
 import org.apache.log4j.Logger;
 import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException;
 import org.onap.dmaap.dbcapi.service.ApiService;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
 
 
 @Authorization
 public class AuthorizationFilter implements ContainerRequestFilter   {
-	
-	private Logger logger = Logger.getLogger(AuthorizationFilter.class.getName());
-	
+
+	private static final String AAF_FLAG = "UseAAF";
+	private final Logger logger = Logger.getLogger(AuthorizationFilter.class.getName());
+	private final ResponseBuilder responseBuilder = new ResponseBuilder();
+	private final boolean isAafEnabled;
+
+
+	public AuthorizationFilter() {
+		DmaapConfig dmaapConfig = (DmaapConfig) DmaapConfig.getConfig();
+		String flag = dmaapConfig.getProperty(AAF_FLAG, "false");
+		isAafEnabled = "true".equalsIgnoreCase(flag);
+	}
+
 	@Override
-	public void filter(ContainerRequestContext requestContext)
-			throws IOException {
-
-		ApiService apiResp = new ApiService()
-			.setAuth( requestContext.getHeaderString("Authorization") )
-			.setUriPath(requestContext.getUriInfo().getPath())
-			.setHttpMethod( requestContext.getMethod() )
-			.setRequestId( requestContext.getHeaderString("X-ECOMP-RequestID") );
-		
-		try {
-			apiResp.checkAuthorization();
-		} catch ( AuthenticationErrorException ae ) {
-			logger.error("Error", ae);
-			requestContext.abortWith( apiResp.unauthorized( apiResp.getErr().getMessage() ) );
-			return ;
-		} catch ( Exception e ) {
-			logger.error("Error", e);
-			requestContext.abortWith( apiResp.unavailable() ); 
-			return;
-		}
-		
+	public void filter(ContainerRequestContext requestContext) {
 
+		if(!isAafEnabled) {
+			ApiService apiResp = new ApiService()
+				.setAuth(requestContext.getHeaderString("Authorization"))
+				.setUriPath(requestContext.getUriInfo().getPath())
+				.setHttpMethod(requestContext.getMethod())
+				.setRequestId(requestContext.getHeaderString("X-ECOMP-RequestID"));
+
+			try {
+				apiResp.checkAuthorization();
+			} catch (AuthenticationErrorException ae) {
+				logger.error("Error", ae);
+				requestContext.abortWith(responseBuilder.unauthorized(apiResp.getErr().getMessage()));
+			} catch (Exception e) {
+				logger.error("Error", e);
+				requestContext.abortWith(responseBuilder.unavailable());
+			}
+		}
 	}
 
 }