Optionally disable client authentication

based on an env. variable, client authentication can be disabled

Change-Id: I6d787644ef1439b8e88dcc3dec7f5181b11b7f11
Issue-ID: AAI-2132
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>

diff --git a/src/main/java/org/onap/aai/sa/Application.java b/src/main/java/org/onap/aai/sa/Application.java
index f2b8db1..059ca22 100644 (file)
--- a/src/main/java/org/onap/aai/sa/Application.java
+++ b/src/main/java/org/onap/aai/sa/Application.java
@@ -46,6 +46,13 @@ public class Application extends SpringBootServletInitializer {
             props.put("server.ssl.trust-store-password", trustStorePassword);\r
         }\r
 \r
+        String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");\r
+        if (requireClientAuth == null || requireClientAuth.isEmpty()) {\r
+            props.put("server.ssl.client-auth", "need");\r
+        }else {\r
+            props.put("server.ssl.client-auth", Boolean.valueOf(requireClientAuth)? "need" : "want");\r
+        }\r
+               \r
         new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args);\r
     }\r
 }\r

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 20dc028..7d169a7 100644 (file)
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,5 +1,4 @@
 server.ssl.key-store=/opt/app/search-data-service/config/auth/tomcat_keystore\r
 server.ssl.enabled=true\r
 server.port=9509\r
-server.ssl.client-auth=need\r
 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2\r