diff options
author | ChrisC <christophe.closset@intl.att.com> | 2020-05-04 13:10:58 +0200 |
---|---|---|
committer | John Franey <john.franey@att.com> | 2020-05-07 18:38:52 +0000 |
commit | 382436b7845b651c9c00489353469ff6f8417c74 (patch) | |
tree | e4d302d9f9944a15869d14e374d15f0e30f5f4bd /auth | |
parent | f146d1bbc6a2b072e5fc1cdc358bf9534b90fd51 (diff) |
AAF default config update and fixes
Update AAF default conf to :
- fix typo in default identity file
- add default email addresses to all pre defined users, as this was creating issues for some clients when trying to decode certs (missing Sponsor email for RFC822Name in generated certificates see JIRA : PORTAL-893).
- updated portal roles: portal does sync roles with AAF but was using another identity (aaf_admin), this has been changed in portal to use its X509 artifacts when doing REST queries to AAF, hence adding more roles to portal user to support its functions.
Issue-ID: PORTAL-875
Issue-ID: PORTAL-893
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: I5afa2769a4ec33c1ea2f4da2f5b6e0b4938ea88f
(cherry picked from commit c5b27ed436484b2a60bde7558aee459366f722d7)
Diffstat (limited to 'auth')
-rw-r--r-- | auth/auth-cass/docker/Dockerfile.cass | 2 | ||||
-rw-r--r-- | auth/sample/cass_data/user_role.dat | 49 | ||||
-rw-r--r-- | auth/sample/data/sample.identities.dat | 86 |
3 files changed, 93 insertions, 44 deletions
diff --git a/auth/auth-cass/docker/Dockerfile.cass b/auth/auth-cass/docker/Dockerfile.cass index 2d60da2e..ea639579 100644 --- a/auth/auth-cass/docker/Dockerfile.cass +++ b/auth/auth-cass/docker/Dockerfile.cass @@ -30,7 +30,7 @@ COPY cass_init/*.sh /opt/app/aaf/cass_init/ COPY cass_init/*.props /opt/app/aaf/cass_init/ COPY aaf-auth-batch-*-full.jar /opt/app/aaf/cass_init/ COPY cass_data/*.dat /opt/app/aaf/cass_init/dats/ -COPY sample.identities.dat /opt/app/aaf/cass_init/data/identites.dat +COPY sample.identities.dat /opt/app/aaf/cass_init/data/identities.dat RUN mkdir -p /opt/app/aaf/status &&\ chmod 777 /opt/app/aaf/status && \ diff --git a/auth/sample/cass_data/user_role.dat b/auth/sample/cass_data/user_role.dat index ebe817ac..69adbc7e 100644 --- a/auth/sample/cass_data/user_role.dat +++ b/auth/sample/cass_data/user_role.dat @@ -323,3 +323,52 @@ dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-09-05 12:09:20.0 dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|seeCerts dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +portal@portal.onap.org|org.onap.aaf-sms.admin|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|admin +portal@portal.onap.org|org.onap.aai.admin|2020-09-05 12:09:20.000+0000|org.onap.aai|admin +portal@portal.onap.org|org.onap.appc.admin|2020-09-05 12:09:20.000+0000|org.onap.appc|admin +portal@portal.onap.org|org.onap.appc.apidoc|2020-09-05 12:09:20.000+0000|org.onap.appc|apidoc +portal@portal.onap.org|org.onap.appc.restconf|2020-09-05 12:09:20.000+0000|org.onap.appc|restconf +portal@portal.onap.org|org.onap.cds.admin|2020-09-05 12:09:20.000+0000|org.onap.cds|admin +portal@portal.onap.org|org.onap.clamp.admin|2020-09-05 12:09:20.000+0000|org.onap.clamp|admin +portal@portal.onap.org|org.onap.dcae.admin|2020-09-05 12:09:20.000+0000|org.onap.dcae|admin +portal@portal.onap.org|org.onap.dmaap-bc-mm-prov.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-mm-prov|admin +portal@portal.onap.org|org.onap.dmaap-bc-topic-mgr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|admin +portal@portal.onap.org|org.onap.dmaap-bc.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|admin +portal@portal.onap.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +portal@portal.onap.org|org.onap.dmaap-bc.api.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|admin +portal@portal.onap.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin +portal@portal.onap.org|org.onap.dmaap-mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|admin +portal@portal.onap.org|org.onap.dmaap-mr.sunil.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.sunil|admin +portal@portal.onap.org|org.onap.dmaap-mr.test.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.test|admin +portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner +portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner +portal@portal.onap.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner +portal@portal.onap.org|org.onap.dmaap.mr.PNF_READY.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_READY|owner +portal@portal.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner +portal@portal.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +portal@portal.onap.org|org.onap.dmaap.mr.dgl_ready.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl_ready|owner +portal@portal.onap.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner +portal@portal.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mrtesttopic.sub +portal@portal.onap.org|org.onap.dmaap.mr.test1|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|test1 +portal@portal.onap.org|org.onap.dmaap.mr.topic-000.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-000|owner +portal@portal.onap.org|org.onap.dmaap.mr.topic-001.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-001|owner +portal@portal.onap.org|org.onap.dmaap.mr.topic-002.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-002|owner +portal@portal.onap.org|org.onap.holmes.admin|2020-09-05 12:09:20.000+0000|org.onap.holmes|admin +portal@portal.onap.org|org.onap.music.admin|2020-09-05 12:09:20.000+0000|org.onap.music|admin +portal@portal.onap.org|org.onap.music.owner|2020-09-05 12:09:20.000+0000|org.onap.music|owner +portal@portal.onap.org|org.onap.nbi.admin|2020-09-05 12:09:20.000+0000|org.onap.nbi|admin +portal@portal.onap.org|org.onap.ngi.admin|2020-09-05 12:09:20.000+0000|org.onap.ngi|admin +portal@portal.onap.org|org.onap.oof.admin|2020-09-05 12:09:20.000+0000|org.onap.oof|admin +portal@portal.onap.org|org.onap.policy.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|admin +portal@portal.onap.org|org.onap.pomba.admin|2020-09-05 12:09:20.000+0000|org.onap.pomba|admin +portal@portal.onap.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +portal@portal.onap.org|org.onap.sdc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdc|admin +portal@portal.onap.org|org.onap.sdnc-cds.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|admin +portal@portal.onap.org|org.onap.sdnc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc|admin +portal@portal.onap.org|org.onap.so.admin|2020-09-05 12:09:20.000+0000|org.onap.so|admin +portal@portal.onap.org|org.onap.vfc.admin|2020-09-05 12:09:20.000+0000|org.onap.vfc|admin +portal@portal.onap.org|org.onap.vid.admin|2020-09-05 12:09:20.000+0000|org.onap.vid|admin +portal@portal.onap.org|org.onap.vid1.admin|2020-09-05 12:09:20.000+0000|org.onap.vid1|admin +portal@portal.onap.org|org.onap.vid2.admin|2020-09-05 12:09:20.000+0000|org.onap.vid2|admin +portal@portal.onap.org|org.osaaf.aaf.admin|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|admin +portal@portal.onap.org|org.osaaf.people.admin|2020-09-05 12:09:20.000+0000|org.osaaf.people|admin
\ No newline at end of file diff --git a/auth/sample/data/sample.identities.dat b/auth/sample/data/sample.identities.dat index 8ca0ae1c..05308059 100644 --- a/auth/sample/data/sample.identities.dat +++ b/auth/sample/data/sample.identities.dat @@ -26,55 +26,55 @@ ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contract iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager # Portal Identities -portal|ONAP Portal Application|PORTAL|ONAP Application|||a|aaf_admin -shi|ONAP SHI Portal Identity|shi|Portal Application|||a|aaf_admin -demo|PORTAL DEMO|demo|PORTAL|DEMO|||e|aaf_admin -jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|||e|aaf_admin -cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|||e|aaf_admin -jm0007|PORTAL TESTER|jm|PORTAL TESTER|||e|aaf_admin -op0001|PORTAL OPS|op|PORTAL OPS|||e|aaf_admin -gv0001|GV PORTAL|gv|PORTAL|||e|aaf_admin -pm0001|PM PORTAL|pm|PORTAL|||e|aaf_admin -gs0001|GS PORTAL|gs|PORTAL|||e|aaf_admin -ps0001|PS PORTAL|ps|PORTAL|||e|aaf_admin +portal|ONAP Portal Application|PORTAL|ONAP Application|314-123-1234|portal@people.osaaf.com|a|aaf_admin +shi|ONAP SHI Portal Identity|shi|Portal Application|314-123-1234|shi@people.osaaf.com|a|aaf_admin +demo|PORTAL DEMO|demo|PORTAL|DEMO|314-123-1234|demo@people.osaaf.com|e|aaf_admin +jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|314-123-1234|jh0003@people.osaaf.com|e|aaf_admin +cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|314-123-1234|cs0008@people.osaaf.com|e|aaf_admin +jm0007|PORTAL TESTER|jm|PORTAL TESTER|314-123-1234|jm0007@people.osaaf.com|e|aaf_admin +op0001|PORTAL OPS|op|PORTAL OPS|314-123-1234|op0001@people.osaaf.com|e|aaf_admin +gv0001|GV PORTAL|gv|PORTAL|314-123-1234|gv0001@people.osaaf.com|e|aaf_admin +pm0001|PM PORTAL|pm|PORTAL|314-123-1234|pm0001@people.osaaf.com|e|aaf_admin +gs0001|GS PORTAL|gs|PORTAL|314-123-1234|gs0001@people.osaaf.com|e|aaf_admin +ps0001|PS PORTAL|ps|PORTAL|314-123-1234|ps0001@people.osaaf.com|e|aaf_admin # AAF Defined Users -aaf_admin|AAF Administrator|Mr AAF|AAF Admin|||e|mmanager -deployer|Deployer|Deployer|Depoyer|||e|aaf_admin +aaf_admin|AAF Administrator|Mr AAF|AAF Admin|314-123-1234|aaf_admin@people.osaaf.com|e|mmanager +deployer|Deployer|Deployer|Depoyer|314-123-1234|deployer@people.osaaf.com|e|aaf_admin # Requested Users -portal_admin|Portal Admin|Portal|Admin|||e|mmanager +portal_admin|Portal Admin|Portal|Admin|314-123-1234|portal_admin@people.osaaf.com|e|mmanager # ONAP App IDs -aaf|AAF Application|AAF|Application|||a|aaf_admin -aaf-sms|AAF SMS Application|AAF SMS|Application|||a|aaf_admin -clamp|ONAP CLAMP Application|CLAMP|Application|||a|mmanager -aai|ONAP AAI Application|AAI|ONAP Application|||a|mmanager -appc|ONAP APPC Application|APPC|ONAP Application|||a|mmanager -dcae|ONAP DCAE Application|CLAMP|ONAP Application|||a|mmanager -oof|ONAP OOF Application|OOF|ONAP Application|||a|mmanager -so|ONAP SO Application|SO|ONAP Application|||a|mmanager -sdc|ONAP SDC Application|SDC|ONAP Application|||a|mmanager -sdnc|ONAP SDNC Application|SDNC|ONAP Application|||a|mmanager -sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|||a|mmanager -vfc|ONAP VFC Application|VNC|ONAP Application|||a|mmanager -policy|ONAP Policy Application|POLICY|ONAP Application|||a|mmanager -pomba|ONAP Pomba Application|POMBA|ONAP Application|||a|mmanager -holmes|ONAP Holmes Application|HOLMES|ONAP Application|||a|mmanager -nbi|ONAP NBI Application|NBI|ONAP Application|||a|mmanager -music|ONAP MUSIC Application|MUSIC|ONAP Application|||a|mmanager +aaf|AAF Application|AAF|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin +aaf-sms|AAF SMS Application|AAF SMS|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin +clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dcae|ONAP DCAE Application|CLAMP|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +oof|ONAP OOF Application|OOF|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +so|ONAP SO Application|SO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdc|ONAP SDC Application|SDC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdnc|ONAP SDNC Application|SDNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vfc|ONAP VFC Application|VNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +policy|ONAP Policy Application|POLICY|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +pomba|ONAP Pomba Application|POMBA|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +holmes|ONAP Holmes Application|HOLMES|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +nbi|ONAP NBI Application|NBI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +music|ONAP MUSIC Application|MUSIC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager # VID Identities -vid|ONAP VID Application|VID|ONAP Application|||a|mmanager -vid1|ONAP VID Application 1|VID 1|ONAP Application|||a|mmanager -vid2|ONAP VID Application 2|VID 2|ONAP Application|||a|mmanager +vid|ONAP VID Application|VID|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vid1|ONAP VID Application 1|VID 1|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vid2|ONAP VID Application 2|VID 2|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager # DMAAP Identities -dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|mmanager -dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|||a|mmanager -dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|||a|mmanager -dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|||a|mmanager -dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|||a|mmanager -dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|||a|mmanager -dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager +dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager #deprecate these in El Alto -dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager -#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager +dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager |