Disable authorization for /util/echo

Issue-ID: AAI-1612
Change-Id: I12a14eacb85ed33296e1db5edf77d8abb250d239
Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com>

diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
index 22cd2cc..653fc51 100644 (file)
--- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
+++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
@@ -56,6 +56,9 @@ public class AafAuthorizationFilter extends OrderedRequestContextFilter {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
         String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase());
+        if(request.getRequestURI().matches("^.*/util/echo$")){
+            filterChain.doFilter(request, response);
+        }
         if(!request.isUserInRole(permission)){
             errorResponse(request, response);
         }else{

diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
index a1047e0..f1aa7c1 100644 (file)
--- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
+++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
@@ -55,9 +55,13 @@ public class AafFilter extends OrderedRequestContextFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
-        cadiFilter.doFilter(request, response, filterChain);
-        if(response.getStatus() >=400 && response.getStatus() < 500){
-            errorResponse(request, response);
+        if(!request.getRequestURI().matches("^.*/util/echo$")){
+            cadiFilter.doFilter(request, response, filterChain);
+            if(response.getStatus() >=400 && response.getStatus() < 500){
+                errorResponse(request, response);
+            }
+        } else {
+            filterChain.doFilter(request, response);
         }
     }
 

diff --git a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
index 1f8a6ec..a6c5ed9 100644 (file)
--- a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
+++ b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
@@ -50,6 +50,10 @@ public class OneWaySslAuthorization extends AAIContainerFilter implements Contai
     public void filter(ContainerRequestContext containerRequestContext) throws IOException
     {
 
+        if(containerRequestContext.getUriInfo().getRequestUri().getPath().matches("^.*/util/echo$")){
+            return;
+        }
+
         String basicAuth = containerRequestContext.getHeaderString("Authorization");
         List<MediaType> acceptHeaderValues = containerRequestContext.getAcceptableMediaTypes();