Make DMaap Service mesh compliant with 3 types of changes:

• Disable HTTPS
• Override AAF authentication for service mesh
• Add/Forward X-B3-* and Authorization header in response

In order to make above changes, here is the preliminary analysis done so far base on the DMaap source code:

• HTTPS configuration is environment specific and belongs to server configuration. One can disable HTTPS in property file used in environment, Exact change can be identified once environment would be available on which Sylvain needs to work.
• Currently DMaap Message Router is using DMaaPAuthFilter for AAF authentication. Overriding AAF authentication can be done in two ways:
  • Add Service mesh property as system variable or
  • send this information in request header
    • Based on either of the one setting AAF skip logic can be added in shouldFilterWithCADI method of DMaaPAuthFilter class.
• For Adding/Forwarding X-B3-* and Authorization header, Sleuth can be added which is going to take care of X-B3-* headers and for Authorization one can simply add one filter in case of serviceMesh profile or system property.

*further validation and testing of approach is possible in any working environment only.