optionally disable client auth in gizmo
Change-Id: I62ba93ce8ec29c08ee311ce585dae2b16bf405ac
Issue-ID: AAI-2116
Signed-off-by: Bansal, Nitin (nb121v) <nitin.bansal@amdocs.com>
props.put("schema.service.ssl.key-store-password", deobfuscatedKeyStorePassword);
props.put("schema.service.ssl.trust-store-password", deobfuscatedKeyStorePassword);
-
+ String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+ if (requireClientAuth == null || requireClientAuth.isEmpty()) {
+ props.put("server.ssl.client-auth", "need");
+ }else {
+ props.put("server.ssl.client-auth",requireClientAuth.equals("true")?"need":"want");
+ }
new CrudApplication()
.configure(new SpringApplicationBuilder(CrudApplication.class).properties(props))
server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
server.ssl.enabled=true
-server.ssl.client-auth=need
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
schema.ingest.file=${CONFIG_HOME}/schema-ingest.properties