summaryrefslogtreecommitdiffstats
path: root/cadi/core/src/main
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-07-19 13:29:32 -0500
committerInstrumental <jonathan.gathman@att.com>2018-07-19 13:29:44 -0500
commit32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch)
tree48c02e4be820d87efb777d7be20bad57d517b61c /cadi/core/src/main
parent9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff)
Configuration and Auto-Certificates
Issue-ID: AAF-378 Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/core/src/main')
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java3
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java23
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java4
7 files changed, 36 insertions, 16 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index 1d01a3e8..39631894 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -246,7 +246,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
/**
* The default behavior of a LUR is to not handle something exclusively.
*/
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
index fd73d00b..0beb4856 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
@@ -52,7 +52,7 @@ public interface Lur {
* @param principalName
* @return
*/
- public boolean fish(Principal bait, Permission pond);
+ public boolean fish(Principal bait, Permission ... pond);
/**
* Fish all the Principals out a Pond
@@ -77,7 +77,7 @@ public interface Lur {
* @param pond
* @return
*/
- public boolean handlesExclusively(Permission pond);
+ public boolean handlesExclusively(Permission ... pond);
/**
* Does the LUR support a particular kind of Principal
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
index 4067f160..04743b85 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
@@ -662,6 +662,9 @@ public class Symm {
* @throws IOException
*/
public void enpass(final String password, final OutputStream os) throws IOException {
+ if(password==null) {
+ throw new IOException("Invalid password passed");
+ }
final ByteArrayOutputStream baos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(baos);
byte[] bytes = password.getBytes();
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 42c38896..efe5503b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -134,12 +134,21 @@ public class Config {
public static final String OAUTH_CLIENT_SECRET="client_secret";
public static final String AAF_ENV = "aaf_env";
- public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
public static final String AAF_ROOT_NS = "aaf_root_ns";
public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
public static final String AAF_ROOT_COMPANY = "aaf_root_company";
public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
+ public static final String AAF_DEFAULT_VERSION = "2.1";
+ public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
+ public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
+ public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
+ public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
+ public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
+ public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
+
public static final String AAF_REGISTER_AS = "aaf_register_as";
public static final String AAF_APPID = "aaf_id";
public static final String AAF_APPPASS = "aaf_password";
@@ -174,7 +183,6 @@ public class Config {
public static final String AAF_COMPONENT = "aaf_component";
public static final String AAF_CERT_IDS = "aaf_cert_ids";
public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
- public static final String AAF_DEFAULT_VERSION = "2.0";
public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
index 2813dca8..b442c7d9 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
@@ -60,7 +60,7 @@ public final class EpiLur implements Lur {
if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
}
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
if(pond==null) {
return false;
}
@@ -99,7 +99,7 @@ public final class EpiLur implements Lur {
}
// Never needed... Only EpiLur uses...
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index 0f9adb94..e177a22f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -94,14 +94,16 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
}
// @Override
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
if (pond == null) {
return false;
}
- if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
- User<LocalPermission> user = getUser(bait);
- if (user != null) {
- return user.contains((LocalPermission)pond);
+ for(Permission p : pond) {
+ if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions
+ User<LocalPermission> user = getUser(bait);
+ if (user != null) {
+ return user.contains((LocalPermission)p);
+ }
}
}
return false;
@@ -128,8 +130,15 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
return principal.getName().endsWith(supportedRealm);
}
- public boolean handlesExclusively(Permission pond) {
- return supportingGroups.contains(pond.getKey());
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ boolean rv = false;
+ for (Permission p : pond) {
+ if(rv=supportingGroups.contains(p.getKey())) {
+ break;
+ }
+ }
+ return rv;
}
/* (non-Javadoc)
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
index 1e44726a..b314f20e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
@@ -44,7 +44,7 @@ public class NullLur implements Lur {
return false;
}};
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
// Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own
// System.err.println("CADI's LUR has not been configured, but is still being called. Access is being denied");
return false;
@@ -56,7 +56,7 @@ public class NullLur implements Lur {
public void destroy() {
}
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}