From 0afd8dd50d1a9c141b9135f491de9f8cc83f9b29 Mon Sep 17 00:00:00 2001 From: Serban Popescu Date: Fri, 1 Feb 2019 14:22:17 -0500 Subject: [PATCH] Optionally disable client authentication based on an env. variable, client authentication can be disabled Change-Id: I6d787644ef1439b8e88dcc3dec7f5181b11b7f11 Issue-ID: AAI-2132 Signed-off-by: Serban Popescu --- src/main/java/org/onap/aai/sa/Application.java | 7 +++++++ src/main/resources/application.properties | 1 - 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/onap/aai/sa/Application.java b/src/main/java/org/onap/aai/sa/Application.java index f2b8db1..059ca22 100644 --- a/src/main/java/org/onap/aai/sa/Application.java +++ b/src/main/java/org/onap/aai/sa/Application.java @@ -46,6 +46,13 @@ public class Application extends SpringBootServletInitializer { props.put("server.ssl.trust-store-password", trustStorePassword); } + String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH"); + if (requireClientAuth == null || requireClientAuth.isEmpty()) { + props.put("server.ssl.client-auth", "need"); + }else { + props.put("server.ssl.client-auth", Boolean.valueOf(requireClientAuth)? "need" : "want"); + } + new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args); } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 20dc028..7d169a7 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,5 +1,4 @@ server.ssl.key-store=/opt/app/search-data-service/config/auth/tomcat_keystore server.ssl.enabled=true server.port=9509 -server.ssl.client-auth=need server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -- 2.16.6