summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/docker/Dockerfile.client2
-rw-r--r--auth/docker/Dockerfile.config2
-rw-r--r--auth/docker/aaf.sh12
-rwxr-xr-xauth/docker/dbuild.sh4
-rwxr-xr-xauth/sample/bin/client.sh98
-rw-r--r--auth/sample/bin/service.sh56
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java4
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java9
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java24
9 files changed, 122 insertions, 89 deletions
diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client
index 3e61173d..c28ec24c 100644
--- a/auth/docker/Dockerfile.client
+++ b/auth/docker/Dockerfile.client
@@ -7,7 +7,7 @@ LABEL version=${AAF_VERSION}
COPY logs /opt/app/aaf_config/logs
COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh
-COPY bin/aaf-cadi*full.jar /opt/app/aaf_config/bin/
+COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/
COPY cert/*trust*.b64 /opt/app/aaf_config/cert/
diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config
index b2f2becf..bc1eafca 100644
--- a/auth/docker/Dockerfile.config
+++ b/auth/docker/Dockerfile.config
@@ -13,7 +13,7 @@ COPY public /opt/app/aaf_config/public
COPY CA /opt/app/aaf_config/CA
COPY logs /opt/app/aaf_config/logs
COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh
-COPY bin/aaf-cadi-aaf-${VERSION}-full.jar /opt/app/aaf_config/bin/
+COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
ENTRYPOINT ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"]
CMD []
diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh
index 29391597..f9cf1bc3 100644
--- a/auth/docker/aaf.sh
+++ b/auth/docker/aaf.sh
@@ -26,18 +26,6 @@ function run_it() {
/bin/bash $PARAMS
}
-function set_prop() {
- $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2" "$3"
-}
-
-function encrypt_it() {
- $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP encrypt "$1" "$2"
-}
-
-function set_it() {
- $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2"
-}
-
PARAMS="$@"
if [ "$PARAMS" != "" ]; then
run_it -it --rm
diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh
index 80427cef..a170493d 100755
--- a/auth/docker/dbuild.sh
+++ b/auth/docker/dbuild.sh
@@ -20,7 +20,7 @@ cd -
# Create the AAF Config (Security) Images
cd ..
-cp ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin
+cp auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin
cp -Rf ../conf/CA sample
# AAF Config image (for AAF itself)
@@ -37,7 +37,7 @@ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/$
$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest
# Clean up
-rm sample/Dockerfile sample/bin/aaf-cadi-aaf-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar
+rm sample/Dockerfile sample/bin/aaf-auth-cmd-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar
rm -Rf sample/CA
cd -
diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
index a7095268..363e2b43 100755
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# This script is run when starting aaf_config Container.
+# This script is run when starting client Container.
# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
#
JAVA=/usr/bin/java
@@ -21,6 +21,11 @@ LOCAL="$OSAAF/local"
DOT_AAF="$HOME/.aaf"
SSO="$DOT_AAF/sso.props"
+JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
+JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
+JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
+JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
+
# Check for local dir
if [ ! -d $LOCAL ]; then
mkdir -p $LOCAL
@@ -30,23 +35,24 @@ if [ ! -d $LOCAL ]; then
fi
# Setup Bash, first time only
-if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
- echo "alias cadi='$OSAAF/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases
echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases
chmod a+x $OSAAF/bin/agent.sh
. $HOME/.bash_aliases
fi
# Setup SSO info for Deploy ID
function sso_encrypt() {
- $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile
+ $JAVA_CADI digest ${1} $DOT_AAF/keyfile
}
# Create Deployer Info, located at /root/.aaf
if [ ! -e "$DOT_AAF/keyfile" ]; then
mkdir -p $DOT_AAF
- $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile
+ $JAVA_CADI keygen $DOT_AAF/keyfile
chmod 400 $DOT_AAF/keyfile
echo cadi_latitude=${LATITUDE} > ${SSO}
echo cadi_longitude=${LONGITUDE} >> ${SSO}
@@ -64,30 +70,39 @@ fi
# Only initialize once, automatically...
if [ ! -e $LOCAL/${NS}.props ]; then
- # setup Configs
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
+ echo "#### Create Configuration files "
+ $JAVA_AGENT config $APP_FQI \
aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
cadi_etc_dir=$LOCAL
cat $LOCAL/$NS.props
- # Read Certificate info (by deployer)
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar read ${APP_FQI} ${APP_FQDN} \
- cadi_prop_files=${SSO} \
- cadi_etc_dir=$LOCAL
-
- # Place Certificates (by deployer)
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN} \
+ echo
+ echo "#### Certificate Authorization Artifact"
+ TMP=$(mktemp)
+ $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
cadi_prop_files=${SSO} \
- cadi_etc_dir=$LOCAL
-
- # Validate
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \
- cadi_prop_files=$LOCAL/${NS}.props
+ cadi_etc_dir=$LOCAL > $TMP
+ cat $TMP
+ echo
+ if [ -n "$(grep 'Namespace:' $TMP)" ]; then
+ echo "#### Place Certificates (by deployer)"
+ $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
+ cadi_prop_files=${SSO} \
+ cadi_etc_dir=$LOCAL
+
+ echo "#### Validate Configuration and Certificate with live call"
+ $JAVA_AGENT_SELF validate
+ else
+ echo "#### Certificate Authorization Artifact must be valid to continue"
+ fi
+ rm $TMP
fi
# Now run a command
CMD=$2
-if [ ! "$CMD" = "" ]; then
+if [ -z "$CMD" ]; then
+ $JAVA_AGENT
+else
shift
shift
case "$CMD" in
@@ -117,20 +132,16 @@ if [ ! "$CMD" = "" ]; then
;;
showpass)
echo "## Show Passwords"
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
+ $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN}
;;
check)
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
+ $JAVA_AGENT check ${APP_FQI} ${APP_FQDN}
;;
validate)
echo "## validate requested"
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props
+ $JAVA_AGENT_SELF validate
;;
bash)
- #if [ ! -e $HOME/bash_aliases ]; then
- # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases
- # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases
- #fi
shift
cd $LOCAL || exit
/bin/bash "$@"
@@ -138,15 +149,20 @@ if [ ! "$CMD" = "" ]; then
setProp)
cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
- if [ "$FILES" = "" ]; then
- FILES="$3"
+ if [ -z "$FILES" ]; then
+ if [ -z "$3" ]; then
+ FILES=${NS}.props
+ else
+ FILES="$3"
+ fi
ADD=Y
fi
for F in $FILES; do
- echo "Changing $1 in $F"
if [ "$ADD" = "Y" ]; then
- echo $2 >> $F
+ echo "Changing $1 to $F"
+ echo "$1=$2" >> $F
else
+ echo "Changing $1 in $F"
sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
fi
cat $F
@@ -172,7 +188,7 @@ if [ ! "$CMD" = "" ]; then
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
+ PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
@@ -202,20 +218,26 @@ if [ ! "$CMD" = "" ]; then
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA_CADI
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA_AGENT
+ ;;
+ aafcli)
+ echo "--- aafcli Tool Comands ---"
+ $JAVA_AAFCLI
;;
- sample)
- echo "--- run Sample Servlet App ---"
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
esac
echo ""
;;
+ ### Possible Dublin
+ # sample)
+ # echo "--- run Sample Servlet App ---"
+ # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+ # ;;
*)
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA_AGENT "$CMD" "$@"
;;
esac
fi
diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh
index b810f0c5..9880e8a6 100644
--- a/auth/sample/bin/service.sh
+++ b/auth/sample/bin/service.sh
@@ -3,11 +3,17 @@
# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
#
JAVA=/usr/bin/java
-LOCAL=/opt/app/osaaf/local
-DATA=/opt/app/osaaf/data
-PUBLIC=/opt/app/osaaf/public
+
+OSAAF=/opt/app/osaaf
+LOCAL=$OSAAF/local
+DATA=$OSAAF/data
+PUBLIC=$OSAAF/public
CONFIG=/opt/app/aaf_config
+JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
+JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.cadi.configure.Agent"
+JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
+
# If doesn't exist... still create
mkdir -p /opt/app/osaaf
@@ -15,9 +21,10 @@ mkdir -p /opt/app/osaaf
FILE=
# Setup Bash, first time only
-if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
- echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep cadi $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases
echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases
chmod a+x $CONFIG/bin/agent.sh
. $HOME/.bash_aliases
fi
@@ -95,7 +102,8 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
cat $TMP
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
+ $JAVA_AGENT config \
+ aaf@aaf.osaaf.org \
cadi_etc_dir=$LOCAL \
cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP}
rm ${TMP}
@@ -103,7 +111,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
# Cassandra Config stuff
# Default is expect a Cassandra on same Node
CASS_HOST=${CASS_HOST:="aaf_cass"}
- CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile)
+ CASS_PASS=$($JAVA_CADI digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile)
CASS_NAME=${CASS_HOST/:*/}
sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \
-e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \
@@ -113,7 +121,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
if [ -n "$CM_CA_LOCAL" ]; then
if [ -n "$CM_CA_PASS" ]; then
- CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile)
+ CM_CA_LOCAL=$CM_CA_LOCAL$($JAVA_CADI digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile)
fi
# Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex
FILE=$LOCAL/org.osaaf.aaf.cm.ca.props
@@ -127,7 +135,9 @@ fi
# Now run a command
CMD=$2
-if [ ! "$CMD" = "" ]; then
+if [ -z "$CMD" ]; then
+ $JAVA_AGENT
+else
shift
shift
case "$CMD" in
@@ -158,7 +168,7 @@ if [ ! "$CMD" = "" ]; then
;;
validate)
echo "## validate requested"
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props
+ $JAVA_AAFCLI perm list user aaf@aaf.osaaf.org
;;
onap)
echo Initializing ONAP configurations.
@@ -171,17 +181,21 @@ if [ ! "$CMD" = "" ]; then
setProp)
cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
- if [ "$FILES" = "" ]; then
- FILES="$3"
+ if [ -z "$FILES" ]; then
+ if [ -z "$3" ]; then
+ FILES=org.osaaf.aaf.props
+ else
+ FILES="$3"
+ fi
ADD=Y
fi
for F in $FILES; do
- echo "Changing $1 in $F"
if [ "$ADD" = "Y" ]; then
+ echo "Changing $1 to $F"
echo "$1=$2" >> $F
else
- VALUE=${2//\//\\\/}
- sed -i.backup -e "s/\(${1}=\).*/\1${VALUE}/" $F
+ echo "Changing $1 in $F"
+ sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
fi
cat $F
done
@@ -206,7 +220,7 @@ if [ ! "$CMD" = "" ]; then
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile)
+ PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
@@ -236,17 +250,21 @@ if [ ! "$CMD" = "" ]; then
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA_CADI
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA_AGENT
+ ;;
+ aafcli)
+ echo "--- aafcli Tool Comands ---"
+ $JAVA_AAFCLI
;;
esac
echo ""
;;
*)
- $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA_AGENT "$CMD" "$@" cadi_prop_files=$LOCAL/org.osaaf.aaf.props
;;
esac
fi
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
index f4651eca..3facc930 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
@@ -146,7 +146,7 @@ public class Agent {
public Properties process(String[] args, Properties props) {
if (args.length>1) {
if (!args[0].equals("keypairgen")) {
- props.put("aaf_id", args[1]);
+ props.put(Config.AAF_APPID, args[1]);
}
}
return props;
@@ -758,7 +758,7 @@ public class Agent {
cred.addEnc(Config.AAF_APPPASS, pa, null);
app.add(Config.AAF_LOCATE_URL, pa, null);
- app.add(Config.AAF_APPID, pa, fqi);
+ app.add(Config.AAF_APPID, fqi);
app.add(Config.AAF_URL, pa, Defaults.AAF_URL);
String cts = pa.getProperty(Config.CADI_TRUSTSTORE);
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
index 4525b8da..7256af40 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
@@ -50,7 +50,8 @@ public class PlaceArtifactInKeystore extends ArtifactDir {
@Override
public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- File fks = new File(dir,arti.getNs()+'.'+(kst==Agent.PKCS12?"p12":kst));
+ final String ext = (kst==Agent.PKCS12?"p12":kst);
+ File fks = new File(dir,arti.getNs()+'.'+ext);
try {
KeyStore jks = KeyStore.getInstance(kst);
if (fks.exists()) {
@@ -86,7 +87,11 @@ public class PlaceArtifactInKeystore extends ArtifactDir {
// Set Keystore Password
props.add(Config.CADI_KEYSTORE,fks.getAbsolutePath());
String keystorePass = Symm.randomGen(Agent.PASS_SIZE);
- props.addEnc(Config.CADI_KEYSTORE_PASSWORD,keystorePass);
+ String encP = props.addEnc(Config.CADI_KEYSTORE_PASSWORD,keystorePass);
+ // Since there are now more than one Keystore type, the keystore password property might
+ // be overwritten, making the store useless without key. So we write it specifically
+ // as well.
+ props.add(Config.CADI_KEYSTORE_PASSWORD+'_'+ext,encP);
char[] keystorePassArray = keystorePass.toCharArray();
jks.load(null,keystorePassArray); // load in
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java
index 7feacb89..0f9666ca 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java
@@ -31,7 +31,6 @@ import java.util.TreeMap;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Symm;
-import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.util.Chmod;
import org.onap.aaf.misc.env.util.Chrono;
@@ -93,27 +92,28 @@ public class PropHolder {
return keyfile.getAbsolutePath();
}
- public void add(final String tag, final String value) {
- if(value==null) {
- props.put(tag,"");
- } else {
- props.put(tag, value);
- }
+ public String add(final String tag, final String value) {
+ final String rv = value==null?"":value;
+ props.put(tag, rv);
+ return rv;
}
- public void add(final String tag, Access orig, final String def) {
- add(tag, orig.getProperty(tag, def));
+ public String add(final String tag, Access orig, final String def) {
+ return add(tag, orig.getProperty(tag, def));
}
- public void addEnc(final String tag, final String value) throws IOException {
+ public String addEnc(final String tag, final String value) throws IOException {
+ String rv;
if(value==null) {
- props.put(tag,"");
+ rv = "";
} else {
if(symm==null) { // Lazy Instantiations... on a few PropFiles have Security
symm = ArtifactDir.getSymm(keyfile);
}
- props.put(tag, "enc:"+symm.enpass(value));
+ rv = "enc:"+symm.enpass(value);
}
+ props.put(tag, rv);
+ return rv;
}
public void addEnc(final String tag, Access orig, final String def) throws IOException {