Optionally disable client authentication

based on an env. variable, client authentication can be disabled

Change-Id: Ib1a45adee8bf889705a3f8a5db45945caeb6ea94
Issue-ID: AAI-2132
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>

diff --git a/src/main/java/org/onap/aai/datarouter/Application.java b/src/main/java/org/onap/aai/datarouter/Application.java
index 1a2a5e7..d217a2f 100644 (file)
--- a/src/main/java/org/onap/aai/datarouter/Application.java
+++ b/src/main/java/org/onap/aai/datarouter/Application.java
@@ -67,8 +67,11 @@ public class Application extends SpringBootServletInitializer{
           trustStorePassword = trustStorePassword.startsWith(JETTY_OBFUSCATION_PATTERN)?Password.deobfuscate(trustStorePassword):trustStorePassword;
           props.put("server.ssl.trust-store", trustStoreLocation);
           props.put("server.ssl.trust-store-password", trustStorePassword);
-      } 
-      
+      }
+
+      String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+      props.put("server.ssl.client-auth",
+          Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
 
       new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args);
     }

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 5724b46..1227ded 100644 (file)
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -2,5 +2,4 @@ camel.springboot.xmlRoutes=file:${DYNAMIC_ROUTES}/*.route
 server.ssl.key-store=file:${CONFIG_HOME}/auth/tomcat_keystore
 server.ssl.enabled=true
 server.port=9502
-server.ssl.client-auth=need
 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2