CADI authentication and authorization filters

[dmaap/dbcapi.git] / src / main / java / org / onap / dmaap / dbcapi / aaf / AafConnection.java

diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java
index 1d7b273..934e541 100644 (file)
--- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java
@@ -3,6 +3,8 @@
   * org.onap.dmaap
  * ================================================================================
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -35,8 +37,11 @@ import java.net.UnknownHostException;
 import java.net.ConnectException;
 
 import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLHandshakeException;
 
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import org.apache.commons.codec.binary.Base64;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
@@ -79,7 +84,6 @@ public class AafConnection extends BaseLoggingClass {
                } catch (Exception e) {
                        logger.error("Error", e);
                errorLogger.error(DmaapbcLogMessageEnum.HTTP_CONNECTION_ERROR,  pURL, e.getMessage());
-            e.printStackTrace();
             return(false);
         }
 
@@ -128,6 +132,10 @@ public class AafConnection extends BaseLoggingClass {
                        uc.setRequestProperty( "Content-Length", Integer.toString( postData.length ));
                        uc.setUseCaches(false);
                        uc.setDoOutput(true);
+
+                       SSLContext sc = SSLContext.getInstance("SSL");
+                       sc.init(null, trustAllCerts, new java.security.SecureRandom());
+                       uc.setSSLSocketFactory(sc.getSocketFactory());
                        OutputStream os = null;
 
                        
@@ -295,6 +303,27 @@ public class AafConnection extends BaseLoggingClass {
                return rc;
                
        }
+
+       private TrustManager[] trustAllCerts = new TrustManager[]{
+               new X509TrustManager() {
+
+                       @Override
+                       public java.security.cert.X509Certificate[] getAcceptedIssuers()
+                       {
+                               return null;
+                       }
+                       @Override
+                       public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
+                       {
+                               //No need to implement.
+                       }
+                       @Override
+                       public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
+                       {
+                               //No need to implement.
+                       }
+               }
+       };
        
 
 }