based on an env. variable, client authentication can be disabled
Change-Id: Ib1a45adee8bf889705a3f8a5db45945caeb6ea94
Issue-ID: AAI-2132
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>
trustStorePassword = trustStorePassword.startsWith(JETTY_OBFUSCATION_PATTERN)?Password.deobfuscate(trustStorePassword):trustStorePassword;
props.put("server.ssl.trust-store", trustStoreLocation);
props.put("server.ssl.trust-store-password", trustStorePassword);
- }
-
+ }
+
+ String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+ props.put("server.ssl.client-auth",
+ Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args);
}
server.ssl.key-store=file:${CONFIG_HOME}/auth/tomcat_keystore
server.ssl.enabled=true
server.port=9502
-server.ssl.client-auth=need
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2