Detection of AAF enablement

Change-Id: I049e88bec2c83f6224ba1d1f24b93e0fb1aa807e
Issue-ID: POLICY-1216
Signed-off-by: Jorge Hernandez <jorge.hernandez-herrero@att.com>

diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java
index 1f008a8..c4db9fb 100644 (file)
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java
@@ -49,6 +49,18 @@ public interface HttpServletServer extends Startable {
      */
     void setBasicAuthentication(String user, String password, String relativeUriPath);
 
+    /**
+     * Enables AAF based authentication.
+     *
+     * @param filterPath filter path
+     */
+    void setAafAuthentication(String filterPath);
+
+    /**
+     * Checks if AAF authentication has been enabled.
+     */
+    boolean isAaf();
+
     /**
      * Adds a filter at the specified path.
      *

diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
index 488512f..4a33f56 100644 (file)
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
@@ -247,7 +247,7 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
             /* authentication method either AAF or HTTP Basic Auth */
 
             if (aaf) {
-                service.addFilterClass(contextUriPath, CadiFilter.class.getCanonicalName());
+                service.setAafAuthentication(contextUriPath);
             } else if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) {
                 service.setBasicAuthentication(userName, password, authUriPath);
             }

diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
index ebac41e..0c52aca 100644 (file)
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
@@ -37,10 +37,12 @@ import org.eclipse.jetty.server.SecureRequestCustomizer;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.server.Slf4jRequestLog;
+import org.eclipse.jetty.servlet.FilterHolder;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Credential;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.onap.aaf.cadi.filter.CadiFilter;
 import org.onap.policy.common.endpoints.http.server.HttpServletServer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -233,6 +235,21 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable
         return new ServerConnector(this.jettyServer);
     }
 
+    @Override
+    public void setAafAuthentication(String filterPath) {
+        this.addFilterClass(filterPath, CadiFilter.class.getCanonicalName());
+    }
+
+    @Override
+    public boolean isAaf() {
+        for (FilterHolder filter : context.getServletHandler().getFilters()) {
+            if (CadiFilter.class.getCanonicalName().equals(filter.getClassName())) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     @Override
     public void setBasicAuthentication(String user, String password, String servletPath) {
         String srvltPath = servletPath;

diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java
index 4552109..084847c 100644 (file)
--- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java
+++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java
@@ -21,6 +21,7 @@
 package org.onap.policy.common.endpoints.http.server.test;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 
 import java.io.BufferedReader;
@@ -56,6 +57,7 @@ public class HttpServerTest {
         server.waitedStart(5000);
 
         assertTrue(HttpServletServer.factory.get(5678).isAlive());
+        assertFalse(HttpServletServer.factory.get(5678).isAaf());
 
         String response = http(HttpServletServer.factory.get(5678), "http://localhost:5678/junit/echo/hello");
         assertTrue("hello".equals(response));
@@ -74,6 +76,9 @@ public class HttpServerTest {
         assertTrue(HttpServletServer.factory.get(5678).isAlive());
         assertTrue(HttpServletServer.factory.inventory().size() == 1);
 
+        server.setAafAuthentication("/*");
+        assertTrue(HttpServletServer.factory.get(5678).isAaf());
+
         HttpServletServer.factory.destroy(5678);
         assertTrue(HttpServletServer.factory.inventory().size() == 0);
     }