Fix lesser used options

25b54dba775b31021a3a4677eb79e9771bcb97f7 missed several cases where we
had ifndef instead of ifdef.  because these weren't the defaults, these
don't show up as failures when testing.

Tested: Redfish service validator passes.  Inspection primarily.
Mechanical change.

Change-Id: I3f6915a97eb44d071795aed76476c6bee7e8ed27
Signed-off-by: Ed Tanous <ed@tanous.net>

1 files changed, 28 insertions, 25 deletions

diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index 29e876d0a9..4d9c9806ef 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -273,20 +273,21 @@ class Connection :
         keepAlive = req->keepAlive();
         if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>)
         {
-#ifndef BMCWEB_INSECURE_DISABLE_AUTHX
-            if (!crow::authentication::isOnAllowlist(req->url().path(),
-                                                     req->method()) &&
-                req->session == nullptr)
+            if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH)
             {
-                BMCWEB_LOG_WARNING("Authentication failed");
-                forward_unauthorized::sendUnauthorized(
-                    req->url().encoded_path(),
-                    req->getHeaderValue("X-Requested-With"),
-                    req->getHeaderValue("Accept"), res);
-                completeRequest(res);
-                return;
+                if (!crow::authentication::isOnAllowlist(req->url().path(),
+                                                         req->method()) &&
+                    req->session == nullptr)
+                {
+                    BMCWEB_LOG_WARNING("Authentication failed");
+                    forward_unauthorized::sendUnauthorized(
+                        req->url().encoded_path(),
+                        req->getHeaderValue("X-Requested-With"),
+                        req->getHeaderValue("Accept"), res);
+                    completeRequest(res);
+                    return;
+                }
             }
-#endif // BMCWEB_INSECURE_DISABLE_AUTHX
         }
         auto asyncResp = std::make_shared<bmcweb::AsyncResp>();
         BMCWEB_LOG_DEBUG("Setting completion handler");
@@ -406,12 +407,13 @@ class Connection :
   private:
     uint64_t getContentLengthLimit()
     {
-#ifndef BMCWEB_INSECURE_DISABLE_AUTHX
-        if (userSession == nullptr)
+        if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH)
         {
-            return loggedOutPostBodyLimit;
+            if (userSession == nullptr)
+            {
+                return loggedOutPostBodyLimit;
+            }
         }
-#endif
 
         return httpReqBodyLimit;
     }
@@ -515,6 +517,16 @@ class Connection :
                 return;
             }
 
+            if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>)
+            {
+                if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH)
+                {
+                    boost::beast::http::verb method = parser->get().method();
+                    userSession = crow::authentication::authenticate(
+                        ip, res, method, parser->get().base(), mtlsSession);
+                }
+            }
+
             std::string_view expect =
                 parser->get()[boost::beast::http::field::expect];
             if (bmcweb::asciiIEquals(expect, "100-continue"))
@@ -524,15 +536,6 @@ class Connection :
                 return;
             }
 
-            if constexpr (!std::is_same_v<Adaptor, boost::beast::test::stream>)
-            {
-#ifndef BMCWEB_INSECURE_DISABLE_AUTHX
-                boost::beast::http::verb method = parser->get().method();
-                userSession = crow::authentication::authenticate(
-                    ip, res, method, parser->get().base(), mtlsSession);
-#endif // BMCWEB_INSECURE_DISABLE_AUTHX
-            }
-
             if (!handleContentLengthError())
             {
                 return;