-
Bug
-
Resolution: Not a Bug
-
Medium
-
Jakarta Release
-
None
Current behavior
When we communicate with NCMP we send basic auth in the header for authenticating with NCMP
Authorization: Basic TOKEN
This Authorization header is forwarded to the dmiPlugin when NCMP sends requests to the dmiPlugin.
Request Headers Authorization: Basic Y3BzdXNlcjppZHVuRXIhY3NzABCD=
Expected behavior
As dmiPlugin could have different authorization/authentication method and could use different authentication credentials it can cause failures in the dmiPlugin.
In our case it is causing huge amount of error printouts because spring founds unexpected authorization headers with unexpected format in the request.
Solution could be not to forward this header element to the dmiPlugins.
Reproduction
Send get request which contains Authorization header with Basic auth
<ncmp_url>/ncmp/v1/ch/<cmhandle_id>/data/ds/ncmp-datastore:passthrough-operational?resourceIdentifier=ExistingItem=ExistingItem
Request Headers Content-Type: application/json Cookie: JSESSIONID=1c7ce174-580e-40b9-86f6-cc789565e9a0; JSESSIONID=node01lnpb18wrd7l61dpbxwk17ce3l2430.node0 Authorization: Basic Y3BzdXNlcjppZHVuRXIhY3NzABCD= User-Agent: PostmanRuntime/7.29.0 Accept: */* Postman-Token: ba6b47ff-8b36-44e6-aa3e-d954cab80088 Host: <ncmp_url> Accept-Encoding: gzip, deflate, br Connection: keep-alive
Check outgoing request (towards dmiPlugin), it contains the Authorization: Basic in the header
- relates to
-
CPS-703 Implement ONAP Service Mesh for CPS services
- Open