From: Serban Popescu Date: Tue, 5 Feb 2019 14:12:03 +0000 (-0500) Subject: Optionally disable client authentication X-Git-Tag: 1.4.0~11 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=aai%2Fdata-router.git;a=commitdiff_plain;h=3b49121e2e86b3d22704ff52d468f85fcd74d9b2 Optionally disable client authentication based on an env. variable, client authentication can be disabled Change-Id: Ib1a45adee8bf889705a3f8a5db45945caeb6ea94 Issue-ID: AAI-2132 Signed-off-by: Serban Popescu --- diff --git a/src/main/java/org/onap/aai/datarouter/Application.java b/src/main/java/org/onap/aai/datarouter/Application.java index 1a2a5e7..d217a2f 100644 --- a/src/main/java/org/onap/aai/datarouter/Application.java +++ b/src/main/java/org/onap/aai/datarouter/Application.java @@ -67,8 +67,11 @@ public class Application extends SpringBootServletInitializer{ trustStorePassword = trustStorePassword.startsWith(JETTY_OBFUSCATION_PATTERN)?Password.deobfuscate(trustStorePassword):trustStorePassword; props.put("server.ssl.trust-store", trustStoreLocation); props.put("server.ssl.trust-store-password", trustStorePassword); - } - + } + + String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH"); + props.put("server.ssl.client-auth", + Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need"); new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args); } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 5724b46..1227ded 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -2,5 +2,4 @@ camel.springboot.xmlRoutes=file:${DYNAMIC_ROUTES}/*.route server.ssl.key-store=file:${CONFIG_HOME}/auth/tomcat_keystore server.ssl.enabled=true server.port=9502 -server.ssl.client-auth=need server.ssl.enabled-protocols=TLSv1.1,TLSv1.2