summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-cass/docker/dinstall.sh49
-rw-r--r--auth/docker/aaf.sh3
-rw-r--r--auth/docker/d.props.init5
-rw-r--r--auth/docker/drun.sh13
-rw-r--r--auth/sample/backup/backup.sh3
-rw-r--r--auth/sample/cass_data/.gitignore9
-rw-r--r--auth/sample/cass_data/ns.dat30
-rw-r--r--auth/sample/cass_data/ns_attrib.dat0
-rw-r--r--auth/sample/cass_data/perm.dat143
-rw-r--r--auth/sample/cass_data/role.dat99
-rw-r--r--auth/sample/cass_data/user_role.dat161
-rw-r--r--auth/sample/data/identities.dat48
-rw-r--r--cadi/servlet-sample/pom.xml36
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java108
14 files changed, 539 insertions, 168 deletions
diff --git a/auth/auth-cass/docker/dinstall.sh b/auth/auth-cass/docker/dinstall.sh
index d6fcb9f9..6d7f949e 100644
--- a/auth/auth-cass/docker/dinstall.sh
+++ b/auth/auth-cass/docker/dinstall.sh
@@ -43,7 +43,6 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then
echo "Creating /opt/app/cass_init dir on aaf_cass"
$DOCKER exec aaf_cass mkdir -p /opt/app/cass_init
echo "cp the following files to /opt/app/cass_init dir on aaf_cass"
- ls ../src/main/cql
$DOCKER cp "../src/main/cql/." aaf_cass:/opt/app/cass_init
echo "The following files are on /opt/app/cass_init dir on aaf_cass"
$DOCKER exec aaf_cass ls /opt/app/cass_init
@@ -55,8 +54,6 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then
echo " cd /opt/app/cass_init"
echo " cqlsh -f keyspace.cql"
echo " cqlsh -f init.cql"
- echo " cqlsh -f osaaf.cql"
- echo " cqlsh -f temp_identity.cql"
echo ""
echo "The following will give you a temporary identity with which to start working, or emergency"
echo " cqlsh -f temp_identity.cql"
@@ -64,8 +61,50 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then
$DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/keyspace.cql
$DOCKER exec aaf_cass bash /usr/bin/cqlsh -e 'describe keyspaces'
$DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/init.cql
- $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/osaaf.cql
- $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/temp_identity.cql
+ cd ../../sample/cass_data
+ ID_FILE=../data/identities.dat
+ if [ -e $ID_FILE ]; then
+ DATE=$(date "+%Y-%m-%d %H:%M:%S.000+0000" -d "+6 months")
+ echo $DATE
+ CRED="cred.dat"
+ # Enter for People
+ echo "Default Passwords for People"
+ for ID in $(grep '|a|' $ID_FILE | sed -e "s/|.*//"); do
+ if [ "$ID" = "aaf" ]; then
+ DOMAIN="aaf.osaaf.org";
+ else
+ DOMAIN="$ID.onap.org";
+ fi
+ unset FIRST
+ for D in ${DOMAIN//./ }; do
+ if [ -z "$FIRST" ]; then
+ NS="$D"
+ FIRST="N"
+ else
+ NS="$D.$NS"
+ fi
+ done
+ echo "$ID@$DOMAIN|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|$NS|53344|" >> $CRED
+ done
+
+ for ID in $(grep '|e|' $ID_FILE | sed -e "s/|.*//"); do
+ echo "$ID@people.osaaf.org|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344|" >> $CRED
+ done
+
+ mv user_role.dat tmp
+ sed "s/\(^.*|\)\(.*|\)\(.*|\)\(.*\)/\1${DATE}|\3\4/" tmp > user_role.dat
+
+ for DAT in ns perm role ns_attrib user_role cred; do
+ $DOCKER container cp $DAT.dat aaf_cass:/tmp/$DAT.dat
+ $DOCKER exec aaf_cass bash /usr/bin/cqlsh -k authz -e "COPY authz.$DAT FROM '/tmp/$DAT.dat' WITH DELIMITER='|'"
+ $DOCKER exec -t aaf_cass rm /tmp/$DAT.dat
+ done
+ rm $CRED
+ mv tmp user_role.dat
+ else
+ echo DInstall requires access to 'identities.dat'
+ fi
+ cd -
fi
else
$DOCKER start aaf_cass
diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh
index 53b3d60e..c09e7b03 100644
--- a/auth/docker/aaf.sh
+++ b/auth/docker/aaf.sh
@@ -48,6 +48,9 @@ if [ "$(docker volume ls | grep aaf_config)" = "" ] && [ ${P12_LOAD} = "yes" ];
docker container cp ${AAF_INITIAL_X509_P12} aaf_config_$USER:/opt/app/osaaf/local/org.osaaf.aaf.p12
docker container cp ${AAF_SIGNER_P12} aaf_config_$USER:/opt/app/osaaf/local/org.osaaf.aaf.signer.p12
+ if [ -z "$CM_CA_LOCAL" ]; then
+ CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.signer.p12;${AAF_SIGNER_ALIAS};enc:"
+ fi
set_prop cm_ca.local "${CM_CA_LOCAL}" org.osaaf.aaf.cm.ca.props
set_prop cadi_x509_issuers "${CADI_X509_ISSUERS}" org.osaaf.aaf.props
diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init
index e114e018..0322cd67 100644
--- a/auth/docker/d.props.init
+++ b/auth/docker/d.props.init
@@ -16,7 +16,7 @@ AAF_ENV=DEV
AAF_REGISTER_AS=$HOSTNAME
LATITUDE=
LONGITUDE=
-#
+
# Initial AAF Certificate (not Generated)
CADI_X509_ISSUERS="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
AAF_INITIAL_X509_P12=
@@ -24,7 +24,8 @@ AAF_INITIAL_X509_PASSWORD=
CADI_X509_ISSUERS=
# CA info (leave blank unless functioning as CA)
+CM_CA_LOCAL=
AAF_SIGNER_P12=
AAF_SIGNER_PASSWORD=
-CM_CA_LOCAL=
+AAF_SIGNER_ALIAS=
diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh
index 04f5b323..2eb025ea 100644
--- a/auth/docker/drun.sh
+++ b/auth/docker/drun.sh
@@ -5,8 +5,17 @@
# Only need Cassandra Link Info when initializing the container.
if [ ! -e ./cass.props ]; then
cp cass.props.init cass.props
- echo "Edit appropriate Cassandra Link Info into cass.props"
- exit
+fi
+
+CASS_IS_SET="$(grep '<Cass IP>' cass.props)"
+if [ -n "$CASS_IS_SET" ]; then
+ CASS_IP="$(docker container inspect aaf_cass | grep \"IPAddress\": -m 1 | cut -d '"' -f 4)"
+ if [ -n "$CASS_IP" ]; then
+ sed -i -e "s/\(^.*:\).*/\1$CASS_IP/" cass.props
+ else
+ echo "Set CASSASNDRA IP in cass.props"
+ exit
+ fi
fi
. ./cass.props
diff --git a/auth/sample/backup/backup.sh b/auth/sample/backup/backup.sh
index 1359d3de..6afdf90c 100644
--- a/auth/sample/backup/backup.sh
+++ b/auth/sample/backup/backup.sh
@@ -29,4 +29,7 @@ docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
+for PRIV in cred x509; do
+ chmod 600 $BD/today/$PRIV.dat
+done
date
diff --git a/auth/sample/cass_data/.gitignore b/auth/sample/cass_data/.gitignore
new file mode 100644
index 00000000..45d5617a
--- /dev/null
+++ b/auth/sample/cass_data/.gitignore
@@ -0,0 +1,9 @@
+cert.dat
+cred.dat
+history.dat
+delegate.dat
+approval.dat
+future.dat
+approved.dat
+notify.dat
+x509.dat
diff --git a/auth/sample/cass_data/ns.dat b/auth/sample/cass_data/ns.dat
new file mode 100644
index 00000000..d613450e
--- /dev/null
+++ b/auth/sample/cass_data/ns.dat
@@ -0,0 +1,30 @@
+org.onap.dmaap.mr||org.onap||3
+org.onap.dmaap-mr||org.onap||3
+org.openecomp.dmaapBC|DMaap NS|org.openecomp|3|3
+org.onap.portal.test||org.onap.portal||3
+org.onap.dmaap-bc||org.onap||3
+org.osaaf.people||org.osaaf||3
+org.onap.dcae||org.onap||3
+org.onap.so||org.onap||3
+org.onap.dmaap.bc||org.onap||3
+org.onap.policy||org.onap||3
+org.osaaf|OSAAF Namespace|org|2|2
+org.onap.sdc||org.onap||3
+org.onap.dmaap-bc.api||org.onap.dmaap-bc||3
+org.onap.sdnc||org.onap||3
+org.onap.clamptest|Onap clamp test NS|org.onap|2|2
+org|Root Namespace|.|1|1
+org.onap.portal|ONAP Portal|org.onap.portal|3|3
+org.onap.clampdemo|Onap clamp demo NS|org.onap|2|2
+org.onap.appc||org.onap||3
+org.onap.dmaapbc||org.onap||3
+org.onap.oof||org.onap||3
+org.openecomp|Open EComp NS|org|2|2
+org.onap.aai||org.onap||3
+org.onap.dmaap-dr||org.onap||3
+org.onap.clamp||org.onap||3
+org.onap.vid||org.onap||3
+org.onap|ONAP|org|2|2
+org.openecomp.dcae|DCAE Namespace Org|org.openecomp|3|3
+org.onap.aaf-sms||org.onap||3
+org.osaaf.aaf|Application Authorization Framework|org.osaaf|3|3
diff --git a/auth/sample/cass_data/ns_attrib.dat b/auth/sample/cass_data/ns_attrib.dat
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/auth/sample/cass_data/ns_attrib.dat
diff --git a/auth/sample/cass_data/perm.dat b/auth/sample/cass_data/perm.dat
new file mode 100644
index 00000000..3e461f7c
--- /dev/null
+++ b/auth/sample/cass_data/perm.dat
@@ -0,0 +1,143 @@
+org.osaaf.people|access|*|*|AAF Namespace Write Access|"{'org.osaaf.people|admin'}"
+org.osaaf.people|access|*|read|AAF Namespace Read Access|"{'org.osaaf.people|owner'}"
+org.onap.dcae|access|*|*|AAF Namespace Write Access|"{'org.onap.dcae|admin'}"
+org.onap.dcae|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|owner'}"
+org.onap.dcae|certman|local|request,ignoreIPs,showpass||"{'org.onap.dcae|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.so|access|*|*|AAF Namespace Write Access|"{'org.onap.so|admin', 'org.onap.so|app'}"
+org.onap.so|access|*|read|AAF Namespace Read Access|"{'org.onap.so|owner'}"
+org.onap.so|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap.mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr|admin'}"
+org.onap.dmaap.mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr|owner', 'org.onap.dmaap.mr|service'}"
+org.onap.dmaap.mr|topic|*|view||"{'org.onap.dmaap.mr|view'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub||"{'org.onap.dmaap.mr|mrtesttopic.pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub||"{'org.onap.dmaap.mr|mrtesttopic.sub'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|destroy'}"
+org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin'}"
+org.onap.appc|access|*|read|AAF Namespace Read Access|"{'org.onap.appc|owner'}"
+org.onap.appc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.appc|odl|odl-api|*|Appc ODL API Access|"{'org.onap.appc.odl', 'org.onap.appc|admin'}"
+org.onap.dmaap-mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr|admin'}"
+org.onap.dmaap-mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr|owner'}"
+org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.openecomp.dmaapBC|access|*|*|DMaap Write Access|{'org.openecomp.dmaapBC.admin'}
+org.openecomp.dmaapBC|access|*|read|DMaap Read Access|{'org.openecomp.dmaapBC.owner'}
+org.onap.dmaapbc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaapbc|admin'}"
+org.onap.dmaapbc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaapbc|owner'}"
+org.onap.oof|access|*|*|AAF Namespace Write Access|"{'org.onap.oof|admin'}"
+org.onap.oof|access|*|read|AAF Namespace Read Access|"{'org.onap.oof|owner'}"
+org.onap.oof|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.openecomp|access|*|*|OpenEcomp Write Access|{'org.openecomp.admin'}
+org.openecomp|access|*|read|OpenEcomp Read Access|{'org.openecomp.owner'}
+org.onap.aai|access|*|*|AAF Namespace Write Access|"{'org.onap.aai|admin'}"
+org.onap.aai|access|*|read|AAF Namespace Read Access|"{'org.onap.aai|member', 'org.onap.aai|owner'}"
+org.onap.aai|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aai|resources|*|delete||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|get||"{'org.onap.aai|resources_all', 'org.onap.aai|resources_readonly'}"
+org.onap.aai|resources|*|patch||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|post||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|put||"{'org.onap.aai|resources_all'}"
+org.onap.aai|traversal|*|advanced||"{'org.onap.aai|traversal_advanced'}"
+org.onap.aai|traversal|*|basic||"{'org.onap.aai|traversal_basic'}"
+org.onap.dmaap-dr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-dr|admin'}"
+org.onap.dmaap-dr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-dr|owner'}"
+org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-dr|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.clamp|access|*|*|AAF Namespace Write Access|"{'org.onap.clamp|admin', 'org.onap.clamp|service'}"
+org.onap.clamp|access|*|read|Onap Clamp Read Access|{'org.onap.clamp.owner'}
+org.onap.clamp|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.clamp|clds.cl|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.cl|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl.event|dev|*|Onap Clamp Dev Write Access|{'org.onap.clamp.clds.designer.dev'}
+org.onap.clamp|clds.cl.manage|dev|*|Onap Clamp Dev Manage Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.filter.vf|dev|*|Onap Clamp Filter All Dev Access|"{'org.onap.clamp.clds.vf_filter_all.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.template|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.tosca|dev|*||"{'org.onap.clamp|service'}"
+org.onap.policy|access|*|*|AAF Namespace Write Access|"{'org.onap.policy|admin'}"
+org.onap.policy|access|*|read|AAF Namespace Read Access|"{'org.onap.policy|owner'}"
+org.onap.policy|certman|local|request,ignoreIPs,showpass||"{'org.onap.policy|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.vid|access|*|*|AAF Namespace Write Access|"{'org.onap.vid|admin', 'org.onap.vid|service'}"
+org.onap.vid|access|*|read|AAF Namespace Read Access|"{'org.onap.vid|owner'}"
+org.onap.vid|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
+org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
+org.osaaf|access|*|*|OSAAF Write Access|{'org.osaaf.admin'}
+org.osaaf|access|*|read,appove|OSAAF Read Access|{'org.osaaf.owner'}
+org.onap.sdc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdc|admin', 'org.onap.sdc|app'}"
+org.onap.sdc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdc|owner'}"
+org.onap.sdc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.portal.test|aaaa|*|write||
+org.onap.portal.test|access|*|*|AAF Namespace Write Access|"{'org.onap.portal.test|admin'}"
+org.onap.portal.test|access|*|read|AAF Namespace Read Access|"{'org.onap.portal.test|owner'}"
+org.onap.portal.test|access1|*|read||
+org.onap.portal.test|myaccess|*|read||
+org.onap.portal.test|user1.access|*|read||
+org.onap.portal.test|user1.myaccess|*|read||
+org.onap.dmaap-bc.api|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc.api|admin', 'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc.api|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc.api|owner', 'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc.api|bridge|onapdemo|GET||"{'org.onap.dmaap-bc.api|Metrics'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|GET||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|topics|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|topics|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc|owner'}"
+org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-bc|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.clamptest|access|*|*|Onap Write Access|{'org.onap.clamptest.admin'}
+org.onap.clamptest|access|*|read|Onap Read Access|{'org.onap.clamptest.owner'}
+org.onap.sdnc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc|admin'}"
+org.onap.sdnc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc|owner'}"
+org.onap.sdnc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aaf-sms|access|*|*|AAF Namespace Write Access|"{'org.onap.aaf-sms|admin'}"
+org.onap.aaf-sms|access|*|read|AAF Namespace Read Access|"{'org.onap.aaf-sms|owner'}"
+org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.osaaf.aaf|access|*|*|AAF Write Access|{'org.osaaf.aaf.admin'}
+org.osaaf.aaf|access|*|read,approve|AAF Read Access|{'org.osaaf.aaf.owner'}
+org.onap.clampdemo|access|*|*|ClampDemo Write Access|{'org.onap.clampdemo.admin'}
+org.onap.clampdemo|access|*|read|ClampDemo Read Access|{'org.onap.clampdemo.owner'}
+org|access|*|*|Org Write Access|{'org.admin'}
+org|access|*|read|Org Read Access|{'org.owner'}
+org|access|*|read,approve|Org Read Access|{'org.owner'}
+org.onap.portal|access|*|*|Portal Write Access|"{'org.onap.portal.admin', 'org.onap.portal|app'}"
+org.onap.portal|access|*|read|Portal Read Access|{'org.onap.portal.designer', 'org.onap.portal.governor', 'org.onap.portal.ops', 'org.onap.portal.owner', 'org.onap.portal.tester'}
+org.onap.portal|certman|local|org.onap.clamp.cred.props||
+org.onap.dmaap.bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.bc|admin', 'org.onap.dmaap.bc|service'}"
+org.onap.dmaap.bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.bc|owner'}"
diff --git a/auth/sample/cass_data/role.dat b/auth/sample/cass_data/role.dat
new file mode 100644
index 00000000..36911bb0
--- /dev/null
+++ b/auth/sample/cass_data/role.dat
@@ -0,0 +1,99 @@
+org.onap.dmaap.mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr|access|*|*'}"
+org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
+org.onap.dmaap.mr|mrtesttopic.pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub'}"
+org.onap.dmaap.mr|mrtesttopic.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub'}"
+org.onap.dmaap.mr|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap.mr|service||"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap.mr|view||"{'org.onap.dmaap.mr|topic|*|view'}"
+org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
+org.onap.appc|odl|Onap APPC ODL Admins|"{'org.onap.appc.odl|odl-api*|*'}"
+org.onap.appc|owner|AAF Namespace Owners|"{'org.onap.appc|access|*|read'}"
+org.openecomp.dmaapBC|admin|AAF Admins|"{'org.openecomp.dmaapBC.access|*|*', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub', 'org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create'}"
+org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
+org.onap.dmaap-mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr|access|*|*'}"
+org.onap.dmaap-mr|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr|access|*|read'}"
+org.osaaf.people|admin|AAF Namespace Administrators|"{'org.osaaf.people|access|*|*'}"
+org.osaaf.people|owner|AAF Namespace Owners|"{'org.osaaf.people|access|*|read'}"
+org.onap.dcae|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*'}"
+org.onap.dcae|owner|AAF Namespace Owners|"{'org.onap.dcae|access|*|read'}"
+org.onap.dcae|seeCerts||"{'org.onap.dcae|certman|local|request,ignoreIPs,showpass'}"
+org.onap.so|admin|AAF Namespace Administrators|"{'org.onap.so|access|*|*'}"
+org.onap.so|app||"{'org.onap.so|access|*|*'}"
+org.onap.so|owner|AAF Namespace Owners|"{'org.onap.so|access|*|read'}"
+org.onap.dmaapbc|admin|AAF Namespace Administrators|"{'org.onap.dmaapbc|access|*|*'}"
+org.onap.dmaapbc|owner|AAF Namespace Owners|"{'org.onap.dmaapbc|access|*|read'}"
+org.onap.oof|admin|AAF Namespace Administrators|"{'org.onap.oof|access|*|*'}"
+org.onap.oof|owner|AAF Namespace Owners|"{'org.onap.oof|access|*|read'}"
+org.onap.oof|service||"{'org.onap.oof|access|*|*'}"
+org.onap.policy|admin|AAF Namespace Administrators|"{'org.onap.policy|access|*|*'}"
+org.onap.policy|owner|AAF Namespace Owners|"{'org.onap.policy|access|*|read'}"
+org.onap.policy|seeCerts||"{'org.onap.policy|certman|local|request,ignoreIPs,showpass'}"
+org.openecomp|admin|OpenEcomp Admins|"{'org.openecomp.access|*|*'}"
+org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
+org.onap.portal.test|admin|AAF Namespace Administrators|"{'org.onap.portal.test|access|*|*'}"
+org.onap.portal.test|oof-homing||
+org.onap.portal.test|owner|AAF Namespace Owners|"{'org.onap.portal.test|access|*|read'}"
+org.onap.portal.test|user1||
+org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
+org.osaaf|owner|OSAAF Owners|"{'org.osaaf.access|*|read,approve'}"
+org.onap.aai|admin|AAF Namespace Administrators|"{'org.onap.aai|access|*|*'}"
+org.onap.aai|member||"{'org.onap.aai|access|*|read'}"
+org.onap.aai|owner|AAF Namespace Owners|"{'org.onap.aai|access|*|read'}"
+org.onap.aai|resources_all||"{'org.onap.aai|resources|*|delete', 'org.onap.aai|resources|*|get', 'org.onap.aai|resources|*|patch', 'org.onap.aai|resources|*|post', 'org.onap.aai|resources|*|put'}"
+org.onap.aai|resources_readonly||"{'org.onap.aai|resources|*|get'}"
+org.onap.aai|traversal_advanced||"{'org.onap.aai|traversal|*|advanced'}"
+org.onap.aai|traversal_basic||"{'org.onap.aai|traversal|*|basic'}"
+org.onap.sdc|admin|AAF Namespace Administrators|"{'org.onap.sdc|access|*|*'}"
+org.onap.sdc|app||"{'org.onap.sdc|access|*|*'}"
+org.onap.sdc|owner|AAF Namespace Owners|"{'org.onap.sdc|access|*|read'}"
+org.onap.dmaap-dr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-dr|access|*|*'}"
+org.onap.dmaap-dr|owner|AAF Namespace Owners|"{'org.onap.dmaap-dr|access|*|read'}"
+org.onap.dmaap-dr|seeCerts||"{'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass'}"
+org.onap.clamp|admin|AAF Namespace Administrators|"{'org.onap.clamp|access|*|*'}"
+org.onap.clamp|clds.admin.dev|Onap clamp Admin Dev|"{'org.onap.clamp.clds.template|dev|update', 'org.onap.clamp|clds.cl|dev|read', 'org.onap.clamp|clds.cl|dev|update', 'org.onap.clamp|clds.template|dev|read', 'org.onap.clamp|clds.template|dev|update'}"
+org.onap.clamp|clds.designer.dev|Onap clamp Designer Dev|"{'org.onap.clamp.clds.template|dev|update'}"
+org.onap.clamp|clds.vf_filter_all.dev|Onap clamp Filter All Dev|"{'org.onap.clamp.clds.filter.vf|dev|*'}"
+org.onap.clamp|owner|AAF Namespace Owners|
+org.onap.clamp|service||"{'org.onap.clamp|access|*|*', 'org.onap.clamp|clds.cl.manage|dev|*', 'org.onap.clamp|clds.cl|dev|*', 'org.onap.clamp|clds.filter.vf|dev|*', 'org.onap.clamp|clds.template|dev|*', 'org.onap.clamp|clds.tosca|dev|*'}"
+org.onap.dmaap-bc.api|Controller||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT', 'org.onap.dmaap-bc.api|dmaap|boot|DELETE', 'org.onap.dmaap-bc.api|dmaap|boot|GET', 'org.onap.dmaap-bc.api|dmaap|boot|POST', 'org.onap.dmaap-bc.api|dmaap|boot|PUT', 'org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|POST', 'org.onap.dmaap-bc.api|dmaap|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|Inventory||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Metrics||"{'org.onap.dmaap-bc.api|bridge|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Orchestrator||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|PortalUser||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*'}"
+org.onap.dmaap-bc.api|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc.api|access|*|read'}"
+org.onap.dmaap-bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*', 'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-bc|access|*|*'}"
+org.onap.dmaap-bc|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc|access|*|read'}"
+org.onap.dmaap-bc|seeCerts||"{'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass'}"
+org.onap.vid|admin|AAF Namespace Administrators|"{'org.onap.vid|access|*|*'}"
+org.onap.vid|owner|AAF Namespace Owners|"{'org.onap.vid|access|*|read'}"
+org.onap.vid|service||"{'org.onap.vid|access|*|*'}"
+org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
+org.onap|owner|onap Owners|"{'org.onap.access|*|read'}"
+org.onap.sdnc|admin|AAF Namespace Administrators|"{'org.onap.sdnc|access|*|*'}"
+org.onap.sdnc|owner|AAF Namespace Owners|"{'org.onap.sdnc|access|*|read'}"
+org.onap.sdnc|service||"{'org.onap.sdnc|access|*|*'}"
+org.onap.clamptest|admin|Onap Clamp Test Admins|"{'org.onap.clamptest.access|*|*'}"
+org.onap.clamptest|owner|onap clamp Test Owners|"{'org.onap.clamptest.access|*|read'}"
+org|admin|Org Admins|"{'org.access|*|*'}"
+org|owner|Org Owners|"{'org.access|*|read,approve'}"
+org.onap.portal|admin|Portal Admins|"{'org.onap.portal.access|*|*'}"
+org.onap.portal|app||"{'org.onap.portal|access|*|*'}"
+org.onap.portal|designer|Portal Designer|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|governor|Portal Governor|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|ops|Portal Operations|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|owner|Portal Owner|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|tester|Portal Tester|"{'org.onap.portal.access|*|read'}"
+org.onap.clampdemo|admin|Onap Clamp Test Admins|"{'org.onap.clampdemo.access|*|*'}"
+org.onap.clampdemo|owner|onap clamp Test Owners|"{'org.onap.clampdemo.access|*|read'}"
+org.onap.dmaap.bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.dmaap.bc|owner|AAF Namespace Owners|"{'org.onap.dmaap.bc|access|*|read'}"
+org.onap.dmaap.bc|service||"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.aaf-sms|admin|AAF Namespace Administrators|"{'org.onap.aaf-sms|access|*|*'}"
+org.onap.aaf-sms|owner|AAF Namespace Owners|"{'org.onap.aaf-sms|access|*|read'}"
+org.onap.aaf-sms|service||"{'org.onap.aaf-sms|access|*|read'}"
+org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
+org.osaaf.aaf|service||
diff --git a/auth/sample/cass_data/user_role.dat b/auth/sample/cass_data/user_role.dat
new file mode 100644
index 00000000..276cdc82
--- /dev/null
+++ b/auth/sample/cass_data/user_role.dat
@@ -0,0 +1,161 @@
+appc@appc.onap.org|org.onap.appc.admin|2018-12-06 20:01:35.380+0000|org.onap.appc|admin
+jonathan@people.osaaf.org|org.admin|2018-10-14 00:43:06.769+0000|org|admin
+jonathan@people.osaaf.org|org.onap.owner|2018-10-14 00:42:22.279+0000|org.onap|owner
+jonathan@people.osaaf.org|org.onap.portal.admin|2018-10-30 20:33:01.287+0000|org.onap.portal|admin
+jonathan@people.osaaf.org|org.openecomp.owner|2018-10-14 00:42:14.387+0000|org.openecomp|owner
+jonathan@people.osaaf.org|org.osaaf.aaf.admin|2018-10-14 00:43:24.384+0000|org.osaaf.aaf|admin
+jonathan@people.osaaf.org|org.osaaf.owner|2018-10-14 00:42:07.535+0000|org.osaaf|owner
+jonathan@people.osaaf.org|org.osaaf.people.admin|2018-10-30 21:18:26.583+0000|org.osaaf.people|admin
+jonathan@people.osaaf.org|org.osaaf.people.owner|2018-10-30 21:18:26.583+0000|org.osaaf.people|owner
+jonathan@people.osaaf.org|org.owner|2018-10-14 00:41:36.791+0000|org|owner
+dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:41:33.710+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:00:02.098+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:41:42.031+0000|org.onap.dmaap-dr|seeCerts
+vid@vid.onap.org|org.onap.vid.service|2019-02-15 16:23:22.621+0000|org.onap.vid|service
+sdc@sdc.onap.org|org.onap.aai.resources_all|2019-03-14 18:40:55.439+0000|org.onap.aai|resources_all
+sdc@sdc.onap.org|org.onap.sdc.app|2019-03-14 17:31:09.581+0000|org.onap.sdc|app
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2018-12-05 15:59:50.847+0000|org.onap.dmaap.mr|admin
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.create|2019-03-12 19:31:56.341+0000|org.onap.dmaap.mr|create
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.destroy|2019-03-12 19:36:25.501+0000|org.onap.dmaap.mr|destroy
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-12 19:37:10.089+0000|org.onap.dmaap.mr|mrtesttopic.pub
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-12 19:37:02.593+0000|org.onap.dmaap.mr|mrtesttopic.sub
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.service|2018-10-24 19:10:39.834+0000|org.onap.dmaap.mr|service
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2019-03-12 18:49:31.735+0000|org.onap.dmaap.mr|view
+djtimoney@people.osaaf.org|org.onap.sdnc.admin|2019-02-15 19:00:45.146+0000|org.onap.sdnc|admin
+djtimoney@people.osaaf.org|org.onap.sdnc.owner|2019-02-15 19:00:51.995+0000|org.onap.sdnc|owner
+jm0007@people.osaaf.org|org.onap.portal.tester|2018-10-31 00:00:00.000+0000|org.onap.portal|tester
+saratp@people.osaaf.org|org.onap.oof.admin|2018-10-25 12:32:10.860+0000|org.onap.oof|admin
+saratp@people.osaaf.org|org.onap.oof.owner|2018-10-25 12:32:10.860+0000|org.onap.oof|owner
+shi@portal.onap.org|org.onap.portal.admin|2018-08-31 00:00:00.000+0000|org.onap.portal|admin
+appc123@appc.onap.org|org.onap.appc.admin|2018-08-31 00:00:00.000+0000|org.onap.appc|admin
+appc123@appc.onap.org|org.onap.appc.odl|2018-08-31 00:00:00.000+0000|org.onap.appc|odl
+clamp@clamp.osaaf.org|org.onap.clamp.service|2019-01-19 16:04:25.475+0000|org.onap.clamp|service
+op0001@people.osaaf.org|org.onap.portal.ops|2018-10-31 00:00:00.000+0000|org.onap.portal|ops
+aaronh@people.osaaf.org|org.onap.appc.admin|2018-12-06 21:23:26.569+0000|org.onap.appc|admin
+aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2019-01-18 20:02:28.637+0000|org.onap.aaf-sms|admin
+aaf_admin@people.osaaf.org|org.onap.aai.admin|2019-01-18 20:02:38.090+0000|org.onap.aai|admin
+aaf_admin@people.osaaf.org|org.onap.appc.admin|2019-01-18 20:02:44.874+0000|org.onap.appc|admin
+aaf_admin@people.osaaf.org|org.onap.clamp.admin|2019-01-18 20:01:27.855+0000|org.onap.clamp|admin
+aaf_admin@people.osaaf.org|org.onap.dcae.admin|2019-01-18 20:02:51.905+0000|org.onap.dcae|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2019-01-18 20:03:00.950+0000|org.onap.dmaap-bc|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2019-02-16 21:44:19.671+0000|org.onap.dmaap-bc.api|Controller
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2019-02-16 20:35:47.061+0000|org.onap.dmaap-bc.api|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.owner|2019-02-16 20:35:47.061+0000|org.onap.dmaap-bc.api|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2019-02-17 10:50:01.436+0000|org.onap.dmaap-dr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2019-01-18 20:03:10.921+0000|org.onap.dmaap-mr|admin
+aaf_admin@people.osaaf.org|org.onap.oof.admin|2019-01-18 20:03:19.273+0000|org.onap.oof|admin
+aaf_admin@people.osaaf.org|org.onap.policy.admin|2019-02-13 19:45:18.174+0000|org.onap.policy|admin
+aaf_admin@people.osaaf.org|org.onap.portal.admin|2019-02-20 18:37:55.465+0000|org.onap.portal|admin
+aaf_admin@people.osaaf.org|org.onap.sdc.admin|2019-03-14 17:26:40.787+0000|org.onap.sdc|admin
+aaf_admin@people.osaaf.org|org.onap.sdc.owner|2019-03-14 17:26:40.787+0000|org.onap.sdc|owner
+aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2019-01-18 20:03:25.173+0000|org.onap.sdnc|admin
+aaf_admin@people.osaaf.org|org.onap.so.admin|2019-03-14 17:26:08.685+0000|org.onap.so|admin
+aaf_admin@people.osaaf.org|org.onap.so.owner|2019-03-14 17:26:08.685+0000|org.onap.so|owner
+aaf_admin@people.osaaf.org|org.onap.vid.admin|2019-02-15 15:10:50.313+0000|org.onap.vid|admin
+aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|admin
+aaf_admin@people.osaaf.org|org.osaaf.people.admin|2019-01-18 18:58:25.577+0000|org.osaaf.people|admin
+aaf_admin@people.osaaf.org|org.osaaf.people.owner|2019-01-18 18:58:25.577+0000|org.osaaf.people|owner
+dglfromatt@people.osaaf.org|org.onap.dmaap.bc.admin|2018-11-09 01:26:06.470+0000|org.onap.dmaap.bc|admin
+dglfromatt@people.osaaf.org|org.onap.dmaap.bc.owner|2018-11-09 01:26:12.626+0000|org.onap.dmaap.bc|owner
+dglfromatt@people.osaaf.org|org.onap.dmaapbc.admin|2018-10-20 18:22:18.270+0000|org.onap.dmaapbc|admin
+dglfromatt@people.osaaf.org|org.onap.dmaapbc.owner|2018-10-20 18:22:18.270+0000|org.onap.dmaapbc|owner
+m99751@dmaapBC.openecomp.org|org.openecomp.dmaapBC.admin|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|admin
+m99751@dmaapBC.openecomp.org|org.openecomp.dmaapBC.owner|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|owner
+clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|owner
+clamp@clampdemo.onap.org|org.onap.clampdemo.service|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|admin
+m99501@dmaapBC.openecomp.org|org.openecomp.dmaapBC.owner|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|owner
+m99501@dmaapBC.openecomp.org|org.openecomp.dmaapBC.service|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|admin
+mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2019-01-18 19:11:11.056+0000|org.onap.aaf-sms|admin
+mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2019-01-18 19:11:11.056+0000|org.onap.aaf-sms|owner
+mmanager@people.osaaf.org|org.onap.aai.admin|2019-01-18 19:12:02.376+0000|org.onap.aai|admin
+mmanager@people.osaaf.org|org.onap.aai.owner|2019-01-18 19:12:02.376+0000|org.onap.aai|owner
+mmanager@people.osaaf.org|org.onap.appc.admin|2019-01-18 19:12:08.205+0000|org.onap.appc|admin
+mmanager@people.osaaf.org|org.onap.appc.owner|2019-01-18 19:12:08.205+0000|org.onap.appc|owner
+mmanager@people.osaaf.org|org.onap.clamp.admin|2019-01-18 19:11:48.308+0000|org.onap.clamp|admin
+mmanager@people.osaaf.org|org.onap.clamp.owner|2019-01-18 19:11:48.308+0000|org.onap.clamp|owner
+mmanager@people.osaaf.org|org.onap.dcae.admin|2019-01-18 19:12:17.183+0000|org.onap.dcae|admin
+mmanager@people.osaaf.org|org.onap.dcae.owner|2019-01-18 19:12:17.183+0000|org.onap.dcae|owner
+mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2019-01-18 19:13:14.377+0000|org.onap.dmaap-bc|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2019-01-18 19:13:14.377+0000|org.onap.dmaap-bc|owner
+mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2019-02-17 10:50:01.436+0000|org.onap.dmaap-dr|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2019-01-18 19:13:20.031+0000|org.onap.dmaap-mr|admin
+mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2019-01-18 19:13:20.031+0000|org.onap.dmaap-mr|owner
+mmanager@people.osaaf.org|org.onap.oof.admin|2019-01-18 19:13:25.467+0000|org.onap.oof|admin
+mmanager@people.osaaf.org|org.onap.oof.owner|2019-01-18 19:13:25.467+0000|org.onap.oof|owner
+mmanager@people.osaaf.org|org.onap.policy.admin|2019-02-13 19:45:18.174+0000|org.onap.policy|admin
+mmanager@people.osaaf.org|org.onap.policy.owner|2019-02-13 19:45:18.174+0000|org.onap.policy|owner
+mmanager@people.osaaf.org|org.onap.portal.admin|2019-02-20 18:37:44.285+0000|org.onap.portal|admin
+mmanager@people.osaaf.org|org.onap.portal.owner|2019-02-20 18:37:38.317+0000|org.onap.portal|owner
+mmanager@people.osaaf.org|org.onap.sdc.admin|2019-03-14 17:26:40.787+0000|org.onap.sdc|admin
+mmanager@people.osaaf.org|org.onap.sdc.owner|2019-03-14 17:26:40.787+0000|org.onap.sdc|owner
+mmanager@people.osaaf.org|org.onap.sdnc.admin|2019-01-18 19:13:32.203+0000|org.onap.sdnc|admin
+mmanager@people.osaaf.org|org.onap.sdnc.owner|2019-01-18 19:13:32.203+0000|org.onap.sdnc|owner
+mmanager@people.osaaf.org|org.onap.so.admin|2019-03-14 17:26:08.685+0000|org.onap.so|admin
+mmanager@people.osaaf.org|org.onap.so.owner|2019-03-14 17:26:08.685+0000|org.onap.so|owner
+mmanager@people.osaaf.org|org.onap.vid.admin|2019-02-15 15:49:59.019+0000|org.onap.vid|admin
+mmanager@people.osaaf.org|org.onap.vid.owner|2019-02-15 15:11:39.751+0000|org.onap.vid|owner
+cs0008@people.osaaf.org|org.onap.portal.designer|2018-10-31 00:00:00.000+0000|org.onap.portal|designer
+gv0001@people.osaaf.org|org.onap.portal.governor|2018-10-31 00:00:00.000+0000|org.onap.portal|governor
+xuegao@people.osaaf.org|org.onap.clamp.admin|2018-10-23 15:50:48.247+0000|org.onap.clamp|admin
+xuegao@people.osaaf.org|org.onap.clamp.clds.admin.dev|2018-10-23 15:51:40.394+0000|org.onap.clamp|clds.admin.dev
+xuegao@people.osaaf.org|org.onap.clamp.owner|2018-10-18 14:20:42.671+0000|org.onap.clamp|owner
+aai@aai.onap.org|org.onap.aai.admin|2018-12-05 12:53:12.506+0000|org.onap.aai|admin
+demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2019-03-13 15:42:58.918+0000|org.onap.dmaap.mr|view
+onap-sdnc@sdnc.onap.org|org.onap.sdnc.service|2018-11-09 01:40:36.805+0000|org.onap.sdnc|service
+dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2018-11-09 01:46:01.277+0000|org.onap.dmaap.bc|service
+jh0003@people.osaaf.org|org.onap.portal.admin|2018-10-31 00:00:00.000+0000|org.onap.portal|admin
+oof@oof.onap.org|org.onap.oof.service|2018-10-25 12:32:37.101+0000|org.onap.oof|service
+osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2019-01-19 01:17:50.525+0000|org.osaaf.aaf|admin
+demo@people.osaaf.org|org.onap.aai.member|2019-02-27 16:13:12.499+0000|org.onap.aai|member
+demo@people.osaaf.org|org.onap.aai.resources_all|2019-02-28 18:42:44.496+0000|org.onap.aai|resources_all
+demo@people.osaaf.org|org.onap.aai.traversal_advanced|2019-03-05 15:10:31.811+0000|org.onap.aai|traversal_advanced
+demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2019-02-16 21:56:30.350+0000|org.onap.dmaap-bc.api|Controller
+demo@people.osaaf.org|org.onap.dmaap.mr.create|2019-03-13 18:08:37.114+0000|org.onap.dmaap.mr|create
+demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2019-03-13 18:09:23.757+0000|org.onap.dmaap.mr|destroy
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-13 18:10:15.955+0000|org.onap.dmaap.mr|mrtesttopic.pub
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-13 18:09:47.647+0000|org.onap.dmaap.mr|mrtesttopic.sub
+demo@people.osaaf.org|org.onap.dmaap.mr.view|2019-03-13 18:05:55.587+0000|org.onap.dmaap.mr|view
+demo@people.osaaf.org|org.onap.portal.admin|2018-10-31 00:00:00.000+0000|org.onap.portal|admin
+demo@people.osaaf.org|org.onap.portal.test.admin|2019-02-07 15:02:00.509+0000|org.onap.portal.test|admin
+demo@people.osaaf.org|org.onap.portal.test.owner|2019-02-07 15:02:00.509+0000|org.onap.portal.test|owner
+demo@people.osaaf.org|org.onap.portal.test.user1|2019-02-07 15:15:06.360+0000|org.onap.portal.test|user1
+portal@portal.onap.org|org.onap.portal.app|2019-03-12 17:48:48.086+0000|org.onap.portal|app
+clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.admin.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.designer.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.vf_filter_all.dev
+clamp@clamp.onap.org|org.onap.clamp.service|2019-01-19 16:05:29.023+0000|org.onap.clamp|service
+clamp@clamp.onap.org|org.onap.clampdemo.owner|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|owner
+clamp@clamp.onap.org|org.onap.clampdemo.service|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|admin
+clamp@clamp.onap.org|org.onap.clamptest.owner|2018-08-31 00:00:00.000+0000|org.onap.clamptest|owner
+clamp@clamp.onap.org|org.onap.clamptest.service|2018-08-31 00:00:00.000+0000|org.onap.clamptest|admin
+clamp@clamptest.onap.org|org.onap.clamptest.owner|2018-08-31 00:00:00.000+0000|org.onap.clamptest|owner
+clamp@clamptest.onap.org|org.onap.clamptest.service|2018-08-31 00:00:00.000+0000|org.onap.clamptest|admin
+policy@policy.onap.org|org.onap.policy.seeCerts|2019-02-15 14:44:47.491+0000|org.onap.policy|seeCerts
+deployer@people.osaaf.org|org.osaaf.aaf.deploy|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|deploy
+portal_admin@people.osaaf.org|org.onap.portal.admin|2019-03-12 21:27:10.597+0000|org.onap.portal|admin
+sunilu@people.osaaf.org|org.onap.dmaap.mr.admin|2018-10-24 18:21:05.870+0000|org.onap.dmaap.mr|admin
+sunilu@people.osaaf.org|org.onap.dmaap.mr.create|2019-03-12 19:34:47.197+0000|org.onap.dmaap.mr|create
+sunilu@people.osaaf.org|org.onap.dmaap.mr.destroy|2019-03-12 19:35:04.204+0000|org.onap.dmaap.mr|destroy
+sunilu@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-12 19:36:01.605+0000|org.onap.dmaap.mr|mrtesttopic.pub
+sunilu@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-12 19:35:37.633+0000|org.onap.dmaap.mr|mrtesttopic.sub
+sunilu@people.osaaf.org|org.onap.dmaap.mr.owner|2018-10-24 18:21:05.870+0000|org.onap.dmaap.mr|owner
+sunilu@people.osaaf.org|org.onap.dmaap.mr.view|2019-03-12 19:33:55.136+0000|org.onap.dmaap.mr|view
+ryan@appc.onap.org|org.onap.appc.admin|2018-08-31 00:00:00.000+0000|org.onap.appc|admin
+ryan@appc.onap.org|org.onap.appc.odl|2018-08-31 00:00:00.000+0000|org.onap.appc|odl
+so@so.onap.org|org.onap.so.app|2019-03-14 17:31:26.590+0000|org.onap.so|app
+ryany@people.osaaf.org|org.onap.appc.admin|2018-12-06 20:00:59.991+0000|org.onap.appc|admin
+ryany@people.osaaf.org|org.onap.appc.owner|2018-12-06 20:00:51.151+0000|org.onap.appc|owner
+aaf@aaf.osaaf.org|org.admin|2018-10-31 00:00:00.000+0000|org|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.service|2019-01-17 10:39:33.473+0000|org.osaaf.aaf|service
+aaf@aaf.osaaf.org|org.osaaf.people.admin|2019-03-12 17:38:10.720+0000|org.osaaf.people|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2019-02-03 20:01:23.825+0000|org.onap.dmaap-bc|seeCerts
+kirank@people.osaaf.org|org.onap.aaf-sms.admin|2018-10-25 11:06:30.380+0000|org.onap.aaf-sms|admin
+kirank@people.osaaf.org|org.onap.aaf-sms.owner|2018-10-25 11:06:30.380+0000|org.onap.aaf-sms|owner
+dcae@dcae.onap.org|org.onap.dcae.seeCerts|2019-02-07 18:17:35.485+0000|org.onap.dcae|seeCerts
+aaf-authz@aaf.osaaf.org|org.osaaf.aaf.service|2018-11-01 19:58:35.364+0000|org.osaaf.aaf|service
+richardt@people.osaaf.org|org.onap.sdnc.admin|2018-11-09 01:18:12.468+0000|org.onap.sdnc|admin
+richardt@people.osaaf.org|org.onap.sdnc.owner|2018-11-09 01:18:12.468+0000|org.onap.sdnc|owner
+jimmy@people.osaaf.org|org.onap.aai.admin|2018-12-05 12:51:20.953+0000|org.onap.aai|admin
+jimmy@people.osaaf.org|org.onap.aai.owner|2018-12-05 12:51:20.953+0000|org.onap.aai|owner
+aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2018-10-25 11:07:56.161+0000|org.onap.aaf-sms|service
diff --git a/auth/sample/data/identities.dat b/auth/sample/data/identities.dat
index 7bf14d5b..cf3d6710 100644
--- a/auth/sample/data/identities.dat
+++ b/auth/sample/data/identities.dat
@@ -18,22 +18,29 @@
# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
#
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|osaaf|AAF Application|||a|bdevl
+iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@people.osaaf.com|e|
+mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@people.osaaf.com|e|iowna
+bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.developer@people.osaaf.com|e|mmanager
+mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@people.osaaf.com|e|mmanager
+ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@people.osaaf.com|c|mmanager
+iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager
+
# ONAP default Users
+demo|PORTAL DEMO|PORTAL|DEMO|||e|aaf_admin
+jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|aaf_admin
+cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|aaf_admin
+jm0007|PORTAL TESTER|PORTAL|TESTER|||e|aaf_admin
+op0001|PORTAL OPS|PORTAL|OPS|||e|aaf_admin
+gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|aaf_admin
+
+# AAF Defined Users
aaf_admin|AAF Administrator|Mr AAF|AAF Admin|||e|mmanager
deploy|Deployer|Deployer|Depoyer|||e|aaf_admin
-demo|PORTAL DEMO|PORTAL|DEMO|||e|aaf
-jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|aaf
-cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|aaf
-jm0007|PORTAL TESTER|PORTAL|TESTER|||e|aaf
-op0001|PORTAL OPS|PORTAL|OPS|||e|aaf
-gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|aaf
+
+# Requested Users
+djtimoney|Dan Timoney|Dan|Timoney|||e|mmanager
+portal_admin|Portal Admin|Portal|Admin|||e|mmanager
+
# ONAP App IDs
aaf|AAF Application|AAF|Application|||a|aaf_admin
aaf-sms|AAF SMS Application|AAF SMS|Application|||a|aaf_admin
@@ -41,7 +48,18 @@ clamp|ONAP CLAMP Application|CLAMP|Application|||a|aaf_admin
aai|ONAP AAI Application|AAI|ONAP Application|||a|aaf_admin
appc|ONAP APPC Application|APPC|ONAP Application|||a|aaf_admin
dcae|ONAP DCAE Application|CLAMP|ONAP Application|||a|aaf_admin
-dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|aaf_admin
-dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|aaf_admin
oof|ONAP OOF Application|OOF|ONAP Application|||a|aaf_admin
+so|ONAP SO Application|SO|ONAP Application|||a|aaf_admin
+sdc|ONAP SDC Application|SDC|ONAP Application|||a|aaf_admin
sdnc|ONAP SDNC Application|SDNC|ONAP Application|||a|aaf_admin
+vid|ONAP VID Application|VID|ONAP Application|||a|aaf_admin
+policy|ONAP Policy Application|POLICY|ONAP Application|||a|aaf_admin
+portal|ONAP Portal Application|PORTAL|ONAP Application|||a|aaf_admin
+
+# DMAAP Identities
+dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|aaf_admin
+dmaap_bc_topic_mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|||a|aaf_admin
+dmaap_bc_mm_prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|||a|aaf_admin
+dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|aaf_admin
+dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|||a|aaf_admin
+dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|||a|aaf_admin
diff --git a/cadi/servlet-sample/pom.xml b/cadi/servlet-sample/pom.xml
index 5711d440..0da47f29 100644
--- a/cadi/servlet-sample/pom.xml
+++ b/cadi/servlet-sample/pom.xml
@@ -10,11 +10,6 @@
<name>CADI Servlet Sample (Test Only)</name>
<artifactId>aaf-cadi-servlet-sample</artifactId>
<packaging>jar</packaging>
- <properties>
- <!-- Jetty Version set by oParent -->
- <tomcat.version>8.5.23</tomcat.version>
- </properties>
-
<dependencies>
<!-- needs to be first to avoid jar signer implications for servlet api -->
<dependency>
@@ -24,37 +19,6 @@
</dependency>
<dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-core</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat.embed</groupId>
- <artifactId>tomcat-embed-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jasper</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jasper-el</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-jsp-api</artifactId>
- <version>${tomcat.version}</version>
- </dependency>
-
- <dependency>
<groupId>org.onap.aaf.authz</groupId>
<artifactId>aaf-cadi-aaf</artifactId>
<version>${project.version}</version>
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
deleted file mode 100644
index e82dddd2..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.tomcate;
-
-import java.io.File;
-import java.io.IOException;
-import java.net.URISyntaxException;
-
-import org.apache.catalina.Service;
-import org.apache.catalina.connector.Connector;
-import org.apache.catalina.startup.Tomcat;
-import org.apache.log4j.chainsaw.Main;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.PropAccess;
-
-/**
- * @author JonathanGathman
- *
- */
-public class TomcatEmbedded {
-
- public static void main(String[] args) throws Exception {
- System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true");
- Tomcat tomcat = new Tomcat();
-
- Service service = tomcat.getService();
- service.addConnector(getSslConnector(new PropAccess(args), 8081));
-
- tomcat.addWebapp("/caditest", getRootFolder().getAbsolutePath());
-
- tomcat.start();
- tomcat.getServer().await();
-
- }
-
- private static Connector getSslConnector(PropAccess access, int port) throws IOException {
- Connector connector = new Connector();
- connector.setPort(port);
- connector.setSecure(true);
- connector.setScheme("https");
- setAttr(connector,access,"keyAlias","cadi_alias");
- setAttr(connector,access,"keystoreFile","cadi_keystore");
- connector.setAttribute("keystoreType", "PKCS12");
- setAttr(connector,access,"keystorePass","cadi_keystore_password");
- setAttr(connector,access,"truststoreFile","cadi_truststore");
- connector.setAttribute("truststoreType", "JKS");
- setAttr(connector,access,"truststorePass","cadi_truststore_password");
- connector.setAttribute("clientAuth", "want");
- connector.setAttribute("protocol", "HTTP/1.1");
- connector.setAttribute("sslProtocol", "TLS");
- connector.setAttribute("maxThreads", "200");
- connector.setAttribute("protocol", "org.apache.coyote.http11.Http11AprProtocol");
- connector.setAttribute("SSLEnabled", true);
- return connector;
- }
-
- private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException {
- String value = access.getProperty(atag, null);
- if (value==null) {
- access.log(Level.ERROR, atag, "is null");
- } else {
- if (value.startsWith("enc:")) {
- access.log(Level.INIT,atag,"=enc:************");
- value = access.decrypt(value, false);
- } else {
- access.log(Level.INIT,atag,"=",value);
- }
- connector.setAttribute(ctag, value);
- }
- }
-
- private static File getRootFolder() {
- try {
- File root;
- String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/");
- int lastIndexOf = runningJarPath.lastIndexOf("/target/");
- if (lastIndexOf < 0) {
- root = new File("");
- } else {
- root = new File(runningJarPath.substring(0, lastIndexOf));
- }
- System.out.println("application resolved root folder: " + root.getAbsolutePath());
- return root;
- } catch (URISyntaxException ex) {
- throw new RuntimeException(ex);
- }
- }
-}