Optionally disable client authentication

based on an env. variable, client authentication can be disabled

Change-Id: Ifa3e5d109d0609e0836ddaea2c1183799252ddd3
Issue-ID: AAI-2132
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>

diff --git a/src/main/java/org/onap/aai/babel/BabelApplication.java b/src/main/java/org/onap/aai/babel/BabelApplication.java
index 9cf1078..0b0285b 100644 (file)
--- a/src/main/java/org/onap/aai/babel/BabelApplication.java
+++ b/src/main/java/org/onap/aai/babel/BabelApplication.java
@@ -46,6 +46,11 @@ public class BabelApplication extends SpringBootServletInitializer {
         HashMap<String, Object> props = new HashMap<>();
         String decryptedValue = keyStorePassword.startsWith(OBFS_PATTERN)? Password.deobfuscate(keyStorePassword) : keyStorePassword;
         props.put("server.ssl.key-store-password", decryptedValue);
+
+        String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+        props.put("server.ssl.client-auth",
+                Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
+
         new BabelApplication().configure(new SpringApplicationBuilder(BabelApplication.class).properties(props))
                 .run(args);
     }

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index c9982d6..1f5d420 100644 (file)
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,6 +1,5 @@
 server.port=9516
 server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
-server.ssl.client-auth=need
 
 server.contextPath=/services/babel-service