-
Sub-task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
DMAAP-Dub-01-(12/3/18-12/13)
- permission check should keep "boot env" functionality
- remove usePE flag from configuration files (remember to remove all references from code)
- new solution should be based on ApiPermission.class and associated interface (ApiAuthorizationCheckInterface) for backward compatibility purpose
Implementation details:
UseAAF flag has been used to turn on all AAF functionality:
- adding perms to AAF when creating/updating DMaaP instance
- authentication check using CADI
- authorization check using CADI and dynamically built permission to check for each resource endpoint
For backward compatibility if AAF flag is turned on previous implementation is enabled based on current AuthorizationFilter and ApiPermission class. This filter switchong has been made due to the technology differences: Jersey filters do not implement directly servlet api, but CADI filter is based on it.