diff options
-rw-r--r-- | auth/auth-cass/docker/dinstall.sh | 49 | ||||
-rw-r--r-- | auth/docker/aaf.sh | 3 | ||||
-rw-r--r-- | auth/docker/d.props.init | 5 | ||||
-rw-r--r-- | auth/docker/drun.sh | 13 | ||||
-rw-r--r-- | auth/sample/backup/backup.sh | 3 | ||||
-rw-r--r-- | auth/sample/cass_data/.gitignore | 9 | ||||
-rw-r--r-- | auth/sample/cass_data/ns.dat | 30 | ||||
-rw-r--r-- | auth/sample/cass_data/ns_attrib.dat | 0 | ||||
-rw-r--r-- | auth/sample/cass_data/perm.dat | 143 | ||||
-rw-r--r-- | auth/sample/cass_data/role.dat | 99 | ||||
-rw-r--r-- | auth/sample/cass_data/user_role.dat | 161 | ||||
-rw-r--r-- | auth/sample/data/identities.dat | 48 | ||||
-rw-r--r-- | cadi/servlet-sample/pom.xml | 36 | ||||
-rw-r--r-- | cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java | 108 |
14 files changed, 539 insertions, 168 deletions
diff --git a/auth/auth-cass/docker/dinstall.sh b/auth/auth-cass/docker/dinstall.sh index d6fcb9f9..6d7f949e 100644 --- a/auth/auth-cass/docker/dinstall.sh +++ b/auth/auth-cass/docker/dinstall.sh @@ -43,7 +43,6 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then echo "Creating /opt/app/cass_init dir on aaf_cass" $DOCKER exec aaf_cass mkdir -p /opt/app/cass_init echo "cp the following files to /opt/app/cass_init dir on aaf_cass" - ls ../src/main/cql $DOCKER cp "../src/main/cql/." aaf_cass:/opt/app/cass_init echo "The following files are on /opt/app/cass_init dir on aaf_cass" $DOCKER exec aaf_cass ls /opt/app/cass_init @@ -55,8 +54,6 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then echo " cd /opt/app/cass_init" echo " cqlsh -f keyspace.cql" echo " cqlsh -f init.cql" - echo " cqlsh -f osaaf.cql" - echo " cqlsh -f temp_identity.cql" echo "" echo "The following will give you a temporary identity with which to start working, or emergency" echo " cqlsh -f temp_identity.cql" @@ -64,8 +61,50 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/keyspace.cql $DOCKER exec aaf_cass bash /usr/bin/cqlsh -e 'describe keyspaces' $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/init.cql - $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/osaaf.cql - $DOCKER exec aaf_cass bash /usr/bin/cqlsh -f /opt/app/cass_init/temp_identity.cql + cd ../../sample/cass_data + ID_FILE=../data/identities.dat + if [ -e $ID_FILE ]; then + DATE=$(date "+%Y-%m-%d %H:%M:%S.000+0000" -d "+6 months") + echo $DATE + CRED="cred.dat" + # Enter for People + echo "Default Passwords for People" + for ID in $(grep '|a|' $ID_FILE | sed -e "s/|.*//"); do + if [ "$ID" = "aaf" ]; then + DOMAIN="aaf.osaaf.org"; + else + DOMAIN="$ID.onap.org"; + fi + unset FIRST + for D in ${DOMAIN//./ }; do + if [ -z "$FIRST" ]; then + NS="$D" + FIRST="N" + else + NS="$D.$NS" + fi + done + echo "$ID@$DOMAIN|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|$NS|53344|" >> $CRED + done + + for ID in $(grep '|e|' $ID_FILE | sed -e "s/|.*//"); do + echo "$ID@people.osaaf.org|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344|" >> $CRED + done + + mv user_role.dat tmp + sed "s/\(^.*|\)\(.*|\)\(.*|\)\(.*\)/\1${DATE}|\3\4/" tmp > user_role.dat + + for DAT in ns perm role ns_attrib user_role cred; do + $DOCKER container cp $DAT.dat aaf_cass:/tmp/$DAT.dat + $DOCKER exec aaf_cass bash /usr/bin/cqlsh -k authz -e "COPY authz.$DAT FROM '/tmp/$DAT.dat' WITH DELIMITER='|'" + $DOCKER exec -t aaf_cass rm /tmp/$DAT.dat + done + rm $CRED + mv tmp user_role.dat + else + echo DInstall requires access to 'identities.dat' + fi + cd - fi else $DOCKER start aaf_cass diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh index 53b3d60e..c09e7b03 100644 --- a/auth/docker/aaf.sh +++ b/auth/docker/aaf.sh @@ -48,6 +48,9 @@ if [ "$(docker volume ls | grep aaf_config)" = "" ] && [ ${P12_LOAD} = "yes" ]; docker container cp ${AAF_INITIAL_X509_P12} aaf_config_$USER:/opt/app/osaaf/local/org.osaaf.aaf.p12 docker container cp ${AAF_SIGNER_P12} aaf_config_$USER:/opt/app/osaaf/local/org.osaaf.aaf.signer.p12 + if [ -z "$CM_CA_LOCAL" ]; then + CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.signer.p12;${AAF_SIGNER_ALIAS};enc:" + fi set_prop cm_ca.local "${CM_CA_LOCAL}" org.osaaf.aaf.cm.ca.props set_prop cadi_x509_issuers "${CADI_X509_ISSUERS}" org.osaaf.aaf.props diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init index e114e018..0322cd67 100644 --- a/auth/docker/d.props.init +++ b/auth/docker/d.props.init @@ -16,7 +16,7 @@ AAF_ENV=DEV AAF_REGISTER_AS=$HOSTNAME LATITUDE= LONGITUDE= -# + # Initial AAF Certificate (not Generated) CADI_X509_ISSUERS="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" AAF_INITIAL_X509_P12= @@ -24,7 +24,8 @@ AAF_INITIAL_X509_PASSWORD= CADI_X509_ISSUERS= # CA info (leave blank unless functioning as CA) +CM_CA_LOCAL= AAF_SIGNER_P12= AAF_SIGNER_PASSWORD= -CM_CA_LOCAL= +AAF_SIGNER_ALIAS= diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh index 04f5b323..2eb025ea 100644 --- a/auth/docker/drun.sh +++ b/auth/docker/drun.sh @@ -5,8 +5,17 @@ # Only need Cassandra Link Info when initializing the container. if [ ! -e ./cass.props ]; then cp cass.props.init cass.props - echo "Edit appropriate Cassandra Link Info into cass.props" - exit +fi + +CASS_IS_SET="$(grep '<Cass IP>' cass.props)" +if [ -n "$CASS_IS_SET" ]; then + CASS_IP="$(docker container inspect aaf_cass | grep \"IPAddress\": -m 1 | cut -d '"' -f 4)" + if [ -n "$CASS_IP" ]; then + sed -i -e "s/\(^.*:\).*/\1$CASS_IP/" cass.props + else + echo "Set CASSASNDRA IP in cass.props" + exit + fi fi . ./cass.props diff --git a/auth/sample/backup/backup.sh b/auth/sample/backup/backup.sh index 1359d3de..6afdf90c 100644 --- a/auth/sample/backup/backup.sh +++ b/auth/sample/backup/backup.sh @@ -29,4 +29,7 @@ docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh # echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh" docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today +for PRIV in cred x509; do + chmod 600 $BD/today/$PRIV.dat +done date diff --git a/auth/sample/cass_data/.gitignore b/auth/sample/cass_data/.gitignore new file mode 100644 index 00000000..45d5617a --- /dev/null +++ b/auth/sample/cass_data/.gitignore @@ -0,0 +1,9 @@ +cert.dat +cred.dat +history.dat +delegate.dat +approval.dat +future.dat +approved.dat +notify.dat +x509.dat diff --git a/auth/sample/cass_data/ns.dat b/auth/sample/cass_data/ns.dat new file mode 100644 index 00000000..d613450e --- /dev/null +++ b/auth/sample/cass_data/ns.dat @@ -0,0 +1,30 @@ +org.onap.dmaap.mr||org.onap||3
+org.onap.dmaap-mr||org.onap||3
+org.openecomp.dmaapBC|DMaap NS|org.openecomp|3|3
+org.onap.portal.test||org.onap.portal||3
+org.onap.dmaap-bc||org.onap||3
+org.osaaf.people||org.osaaf||3
+org.onap.dcae||org.onap||3
+org.onap.so||org.onap||3
+org.onap.dmaap.bc||org.onap||3
+org.onap.policy||org.onap||3
+org.osaaf|OSAAF Namespace|org|2|2
+org.onap.sdc||org.onap||3
+org.onap.dmaap-bc.api||org.onap.dmaap-bc||3
+org.onap.sdnc||org.onap||3
+org.onap.clamptest|Onap clamp test NS|org.onap|2|2
+org|Root Namespace|.|1|1
+org.onap.portal|ONAP Portal|org.onap.portal|3|3
+org.onap.clampdemo|Onap clamp demo NS|org.onap|2|2
+org.onap.appc||org.onap||3
+org.onap.dmaapbc||org.onap||3
+org.onap.oof||org.onap||3
+org.openecomp|Open EComp NS|org|2|2
+org.onap.aai||org.onap||3
+org.onap.dmaap-dr||org.onap||3
+org.onap.clamp||org.onap||3
+org.onap.vid||org.onap||3
+org.onap|ONAP|org|2|2
+org.openecomp.dcae|DCAE Namespace Org|org.openecomp|3|3
+org.onap.aaf-sms||org.onap||3
+org.osaaf.aaf|Application Authorization Framework|org.osaaf|3|3
diff --git a/auth/sample/cass_data/ns_attrib.dat b/auth/sample/cass_data/ns_attrib.dat new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/auth/sample/cass_data/ns_attrib.dat diff --git a/auth/sample/cass_data/perm.dat b/auth/sample/cass_data/perm.dat new file mode 100644 index 00000000..3e461f7c --- /dev/null +++ b/auth/sample/cass_data/perm.dat @@ -0,0 +1,143 @@ +org.osaaf.people|access|*|*|AAF Namespace Write Access|"{'org.osaaf.people|admin'}"
+org.osaaf.people|access|*|read|AAF Namespace Read Access|"{'org.osaaf.people|owner'}"
+org.onap.dcae|access|*|*|AAF Namespace Write Access|"{'org.onap.dcae|admin'}"
+org.onap.dcae|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|owner'}"
+org.onap.dcae|certman|local|request,ignoreIPs,showpass||"{'org.onap.dcae|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.so|access|*|*|AAF Namespace Write Access|"{'org.onap.so|admin', 'org.onap.so|app'}"
+org.onap.so|access|*|read|AAF Namespace Read Access|"{'org.onap.so|owner'}"
+org.onap.so|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap.mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr|admin'}"
+org.onap.dmaap.mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr|owner', 'org.onap.dmaap.mr|service'}"
+org.onap.dmaap.mr|topic|*|view||"{'org.onap.dmaap.mr|view'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub||"{'org.onap.dmaap.mr|mrtesttopic.pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub||"{'org.onap.dmaap.mr|mrtesttopic.sub'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|destroy'}"
+org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin'}"
+org.onap.appc|access|*|read|AAF Namespace Read Access|"{'org.onap.appc|owner'}"
+org.onap.appc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.appc|odl|odl-api|*|Appc ODL API Access|"{'org.onap.appc.odl', 'org.onap.appc|admin'}"
+org.onap.dmaap-mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr|admin'}"
+org.onap.dmaap-mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr|owner'}"
+org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.openecomp.dmaapBC|access|*|*|DMaap Write Access|{'org.openecomp.dmaapBC.admin'}
+org.openecomp.dmaapBC|access|*|read|DMaap Read Access|{'org.openecomp.dmaapBC.owner'}
+org.onap.dmaapbc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaapbc|admin'}"
+org.onap.dmaapbc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaapbc|owner'}"
+org.onap.oof|access|*|*|AAF Namespace Write Access|"{'org.onap.oof|admin'}"
+org.onap.oof|access|*|read|AAF Namespace Read Access|"{'org.onap.oof|owner'}"
+org.onap.oof|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.openecomp|access|*|*|OpenEcomp Write Access|{'org.openecomp.admin'}
+org.openecomp|access|*|read|OpenEcomp Read Access|{'org.openecomp.owner'}
+org.onap.aai|access|*|*|AAF Namespace Write Access|"{'org.onap.aai|admin'}"
+org.onap.aai|access|*|read|AAF Namespace Read Access|"{'org.onap.aai|member', 'org.onap.aai|owner'}"
+org.onap.aai|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aai|resources|*|delete||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|get||"{'org.onap.aai|resources_all', 'org.onap.aai|resources_readonly'}"
+org.onap.aai|resources|*|patch||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|post||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|put||"{'org.onap.aai|resources_all'}"
+org.onap.aai|traversal|*|advanced||"{'org.onap.aai|traversal_advanced'}"
+org.onap.aai|traversal|*|basic||"{'org.onap.aai|traversal_basic'}"
+org.onap.dmaap-dr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-dr|admin'}"
+org.onap.dmaap-dr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-dr|owner'}"
+org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-dr|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.clamp|access|*|*|AAF Namespace Write Access|"{'org.onap.clamp|admin', 'org.onap.clamp|service'}"
+org.onap.clamp|access|*|read|Onap Clamp Read Access|{'org.onap.clamp.owner'}
+org.onap.clamp|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.clamp|clds.cl|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.cl|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl.event|dev|*|Onap Clamp Dev Write Access|{'org.onap.clamp.clds.designer.dev'}
+org.onap.clamp|clds.cl.manage|dev|*|Onap Clamp Dev Manage Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.filter.vf|dev|*|Onap Clamp Filter All Dev Access|"{'org.onap.clamp.clds.vf_filter_all.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.template|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.tosca|dev|*||"{'org.onap.clamp|service'}"
+org.onap.policy|access|*|*|AAF Namespace Write Access|"{'org.onap.policy|admin'}"
+org.onap.policy|access|*|read|AAF Namespace Read Access|"{'org.onap.policy|owner'}"
+org.onap.policy|certman|local|request,ignoreIPs,showpass||"{'org.onap.policy|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.vid|access|*|*|AAF Namespace Write Access|"{'org.onap.vid|admin', 'org.onap.vid|service'}"
+org.onap.vid|access|*|read|AAF Namespace Read Access|"{'org.onap.vid|owner'}"
+org.onap.vid|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
+org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
+org.osaaf|access|*|*|OSAAF Write Access|{'org.osaaf.admin'}
+org.osaaf|access|*|read,appove|OSAAF Read Access|{'org.osaaf.owner'}
+org.onap.sdc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdc|admin', 'org.onap.sdc|app'}"
+org.onap.sdc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdc|owner'}"
+org.onap.sdc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.portal.test|aaaa|*|write||
+org.onap.portal.test|access|*|*|AAF Namespace Write Access|"{'org.onap.portal.test|admin'}"
+org.onap.portal.test|access|*|read|AAF Namespace Read Access|"{'org.onap.portal.test|owner'}"
+org.onap.portal.test|access1|*|read||
+org.onap.portal.test|myaccess|*|read||
+org.onap.portal.test|user1.access|*|read||
+org.onap.portal.test|user1.myaccess|*|read||
+org.onap.dmaap-bc.api|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc.api|admin', 'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc.api|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc.api|owner', 'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc.api|bridge|onapdemo|GET||"{'org.onap.dmaap-bc.api|Metrics'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|GET||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|topics|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|topics|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc|owner'}"
+org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-bc|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.clamptest|access|*|*|Onap Write Access|{'org.onap.clamptest.admin'}
+org.onap.clamptest|access|*|read|Onap Read Access|{'org.onap.clamptest.owner'}
+org.onap.sdnc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc|admin'}"
+org.onap.sdnc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc|owner'}"
+org.onap.sdnc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aaf-sms|access|*|*|AAF Namespace Write Access|"{'org.onap.aaf-sms|admin'}"
+org.onap.aaf-sms|access|*|read|AAF Namespace Read Access|"{'org.onap.aaf-sms|owner'}"
+org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.osaaf.aaf|access|*|*|AAF Write Access|{'org.osaaf.aaf.admin'}
+org.osaaf.aaf|access|*|read,approve|AAF Read Access|{'org.osaaf.aaf.owner'}
+org.onap.clampdemo|access|*|*|ClampDemo Write Access|{'org.onap.clampdemo.admin'}
+org.onap.clampdemo|access|*|read|ClampDemo Read Access|{'org.onap.clampdemo.owner'}
+org|access|*|*|Org Write Access|{'org.admin'}
+org|access|*|read|Org Read Access|{'org.owner'}
+org|access|*|read,approve|Org Read Access|{'org.owner'}
+org.onap.portal|access|*|*|Portal Write Access|"{'org.onap.portal.admin', 'org.onap.portal|app'}"
+org.onap.portal|access|*|read|Portal Read Access|{'org.onap.portal.designer', 'org.onap.portal.governor', 'org.onap.portal.ops', 'org.onap.portal.owner', 'org.onap.portal.tester'}
+org.onap.portal|certman|local|org.onap.clamp.cred.props||
+org.onap.dmaap.bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.bc|admin', 'org.onap.dmaap.bc|service'}"
+org.onap.dmaap.bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.bc|owner'}"
diff --git a/auth/sample/cass_data/role.dat b/auth/sample/cass_data/role.dat new file mode 100644 index 00000000..36911bb0 --- /dev/null +++ b/auth/sample/cass_data/role.dat @@ -0,0 +1,99 @@ +org.onap.dmaap.mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr|access|*|*'}"
+org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
+org.onap.dmaap.mr|mrtesttopic.pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub'}"
+org.onap.dmaap.mr|mrtesttopic.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub'}"
+org.onap.dmaap.mr|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap.mr|service||"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap.mr|view||"{'org.onap.dmaap.mr|topic|*|view'}"
+org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
+org.onap.appc|odl|Onap APPC ODL Admins|"{'org.onap.appc.odl|odl-api*|*'}"
+org.onap.appc|owner|AAF Namespace Owners|"{'org.onap.appc|access|*|read'}"
+org.openecomp.dmaapBC|admin|AAF Admins|"{'org.openecomp.dmaapBC.access|*|*', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub', 'org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create'}"
+org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
+org.onap.dmaap-mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr|access|*|*'}"
+org.onap.dmaap-mr|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr|access|*|read'}"
+org.osaaf.people|admin|AAF Namespace Administrators|"{'org.osaaf.people|access|*|*'}"
+org.osaaf.people|owner|AAF Namespace Owners|"{'org.osaaf.people|access|*|read'}"
+org.onap.dcae|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*'}"
+org.onap.dcae|owner|AAF Namespace Owners|"{'org.onap.dcae|access|*|read'}"
+org.onap.dcae|seeCerts||"{'org.onap.dcae|certman|local|request,ignoreIPs,showpass'}"
+org.onap.so|admin|AAF Namespace Administrators|"{'org.onap.so|access|*|*'}"
+org.onap.so|app||"{'org.onap.so|access|*|*'}"
+org.onap.so|owner|AAF Namespace Owners|"{'org.onap.so|access|*|read'}"
+org.onap.dmaapbc|admin|AAF Namespace Administrators|"{'org.onap.dmaapbc|access|*|*'}"
+org.onap.dmaapbc|owner|AAF Namespace Owners|"{'org.onap.dmaapbc|access|*|read'}"
+org.onap.oof|admin|AAF Namespace Administrators|"{'org.onap.oof|access|*|*'}"
+org.onap.oof|owner|AAF Namespace Owners|"{'org.onap.oof|access|*|read'}"
+org.onap.oof|service||"{'org.onap.oof|access|*|*'}"
+org.onap.policy|admin|AAF Namespace Administrators|"{'org.onap.policy|access|*|*'}"
+org.onap.policy|owner|AAF Namespace Owners|"{'org.onap.policy|access|*|read'}"
+org.onap.policy|seeCerts||"{'org.onap.policy|certman|local|request,ignoreIPs,showpass'}"
+org.openecomp|admin|OpenEcomp Admins|"{'org.openecomp.access|*|*'}"
+org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
+org.onap.portal.test|admin|AAF Namespace Administrators|"{'org.onap.portal.test|access|*|*'}"
+org.onap.portal.test|oof-homing||
+org.onap.portal.test|owner|AAF Namespace Owners|"{'org.onap.portal.test|access|*|read'}"
+org.onap.portal.test|user1||
+org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
+org.osaaf|owner|OSAAF Owners|"{'org.osaaf.access|*|read,approve'}"
+org.onap.aai|admin|AAF Namespace Administrators|"{'org.onap.aai|access|*|*'}"
+org.onap.aai|member||"{'org.onap.aai|access|*|read'}"
+org.onap.aai|owner|AAF Namespace Owners|"{'org.onap.aai|access|*|read'}"
+org.onap.aai|resources_all||"{'org.onap.aai|resources|*|delete', 'org.onap.aai|resources|*|get', 'org.onap.aai|resources|*|patch', 'org.onap.aai|resources|*|post', 'org.onap.aai|resources|*|put'}"
+org.onap.aai|resources_readonly||"{'org.onap.aai|resources|*|get'}"
+org.onap.aai|traversal_advanced||"{'org.onap.aai|traversal|*|advanced'}"
+org.onap.aai|traversal_basic||"{'org.onap.aai|traversal|*|basic'}"
+org.onap.sdc|admin|AAF Namespace Administrators|"{'org.onap.sdc|access|*|*'}"
+org.onap.sdc|app||"{'org.onap.sdc|access|*|*'}"
+org.onap.sdc|owner|AAF Namespace Owners|"{'org.onap.sdc|access|*|read'}"
+org.onap.dmaap-dr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-dr|access|*|*'}"
+org.onap.dmaap-dr|owner|AAF Namespace Owners|"{'org.onap.dmaap-dr|access|*|read'}"
+org.onap.dmaap-dr|seeCerts||"{'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass'}"
+org.onap.clamp|admin|AAF Namespace Administrators|"{'org.onap.clamp|access|*|*'}"
+org.onap.clamp|clds.admin.dev|Onap clamp Admin Dev|"{'org.onap.clamp.clds.template|dev|update', 'org.onap.clamp|clds.cl|dev|read', 'org.onap.clamp|clds.cl|dev|update', 'org.onap.clamp|clds.template|dev|read', 'org.onap.clamp|clds.template|dev|update'}"
+org.onap.clamp|clds.designer.dev|Onap clamp Designer Dev|"{'org.onap.clamp.clds.template|dev|update'}"
+org.onap.clamp|clds.vf_filter_all.dev|Onap clamp Filter All Dev|"{'org.onap.clamp.clds.filter.vf|dev|*'}"
+org.onap.clamp|owner|AAF Namespace Owners|
+org.onap.clamp|service||"{'org.onap.clamp|access|*|*', 'org.onap.clamp|clds.cl.manage|dev|*', 'org.onap.clamp|clds.cl|dev|*', 'org.onap.clamp|clds.filter.vf|dev|*', 'org.onap.clamp|clds.template|dev|*', 'org.onap.clamp|clds.tosca|dev|*'}"
+org.onap.dmaap-bc.api|Controller||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT', 'org.onap.dmaap-bc.api|dmaap|boot|DELETE', 'org.onap.dmaap-bc.api|dmaap|boot|GET', 'org.onap.dmaap-bc.api|dmaap|boot|POST', 'org.onap.dmaap-bc.api|dmaap|boot|PUT', 'org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|POST', 'org.onap.dmaap-bc.api|dmaap|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|Inventory||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Metrics||"{'org.onap.dmaap-bc.api|bridge|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Orchestrator||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|PortalUser||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*'}"
+org.onap.dmaap-bc.api|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc.api|access|*|read'}"
+org.onap.dmaap-bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*', 'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-bc|access|*|*'}"
+org.onap.dmaap-bc|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc|access|*|read'}"
+org.onap.dmaap-bc|seeCerts||"{'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass'}"
+org.onap.vid|admin|AAF Namespace Administrators|"{'org.onap.vid|access|*|*'}"
+org.onap.vid|owner|AAF Namespace Owners|"{'org.onap.vid|access|*|read'}"
+org.onap.vid|service||"{'org.onap.vid|access|*|*'}"
+org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
+org.onap|owner|onap Owners|"{'org.onap.access|*|read'}"
+org.onap.sdnc|admin|AAF Namespace Administrators|"{'org.onap.sdnc|access|*|*'}"
+org.onap.sdnc|owner|AAF Namespace Owners|"{'org.onap.sdnc|access|*|read'}"
+org.onap.sdnc|service||"{'org.onap.sdnc|access|*|*'}"
+org.onap.clamptest|admin|Onap Clamp Test Admins|"{'org.onap.clamptest.access|*|*'}"
+org.onap.clamptest|owner|onap clamp Test Owners|"{'org.onap.clamptest.access|*|read'}"
+org|admin|Org Admins|"{'org.access|*|*'}"
+org|owner|Org Owners|"{'org.access|*|read,approve'}"
+org.onap.portal|admin|Portal Admins|"{'org.onap.portal.access|*|*'}"
+org.onap.portal|app||"{'org.onap.portal|access|*|*'}"
+org.onap.portal|designer|Portal Designer|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|governor|Portal Governor|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|ops|Portal Operations|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|owner|Portal Owner|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|tester|Portal Tester|"{'org.onap.portal.access|*|read'}"
+org.onap.clampdemo|admin|Onap Clamp Test Admins|"{'org.onap.clampdemo.access|*|*'}"
+org.onap.clampdemo|owner|onap clamp Test Owners|"{'org.onap.clampdemo.access|*|read'}"
+org.onap.dmaap.bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.dmaap.bc|owner|AAF Namespace Owners|"{'org.onap.dmaap.bc|access|*|read'}"
+org.onap.dmaap.bc|service||"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.aaf-sms|admin|AAF Namespace Administrators|"{'org.onap.aaf-sms|access|*|*'}"
+org.onap.aaf-sms|owner|AAF Namespace Owners|"{'org.onap.aaf-sms|access|*|read'}"
+org.onap.aaf-sms|service||"{'org.onap.aaf-sms|access|*|read'}"
+org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
+org.osaaf.aaf|service||
diff --git a/auth/sample/cass_data/user_role.dat b/auth/sample/cass_data/user_role.dat new file mode 100644 index 00000000..276cdc82 --- /dev/null +++ b/auth/sample/cass_data/user_role.dat @@ -0,0 +1,161 @@ +appc@appc.onap.org|org.onap.appc.admin|2018-12-06 20:01:35.380+0000|org.onap.appc|admin
+jonathan@people.osaaf.org|org.admin|2018-10-14 00:43:06.769+0000|org|admin
+jonathan@people.osaaf.org|org.onap.owner|2018-10-14 00:42:22.279+0000|org.onap|owner
+jonathan@people.osaaf.org|org.onap.portal.admin|2018-10-30 20:33:01.287+0000|org.onap.portal|admin
+jonathan@people.osaaf.org|org.openecomp.owner|2018-10-14 00:42:14.387+0000|org.openecomp|owner
+jonathan@people.osaaf.org|org.osaaf.aaf.admin|2018-10-14 00:43:24.384+0000|org.osaaf.aaf|admin
+jonathan@people.osaaf.org|org.osaaf.owner|2018-10-14 00:42:07.535+0000|org.osaaf|owner
+jonathan@people.osaaf.org|org.osaaf.people.admin|2018-10-30 21:18:26.583+0000|org.osaaf.people|admin
+jonathan@people.osaaf.org|org.osaaf.people.owner|2018-10-30 21:18:26.583+0000|org.osaaf.people|owner
+jonathan@people.osaaf.org|org.owner|2018-10-14 00:41:36.791+0000|org|owner
+dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:41:33.710+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:00:02.098+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2019-02-17 17:41:42.031+0000|org.onap.dmaap-dr|seeCerts
+vid@vid.onap.org|org.onap.vid.service|2019-02-15 16:23:22.621+0000|org.onap.vid|service
+sdc@sdc.onap.org|org.onap.aai.resources_all|2019-03-14 18:40:55.439+0000|org.onap.aai|resources_all
+sdc@sdc.onap.org|org.onap.sdc.app|2019-03-14 17:31:09.581+0000|org.onap.sdc|app
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2018-12-05 15:59:50.847+0000|org.onap.dmaap.mr|admin
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.create|2019-03-12 19:31:56.341+0000|org.onap.dmaap.mr|create
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.destroy|2019-03-12 19:36:25.501+0000|org.onap.dmaap.mr|destroy
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-12 19:37:10.089+0000|org.onap.dmaap.mr|mrtesttopic.pub
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-12 19:37:02.593+0000|org.onap.dmaap.mr|mrtesttopic.sub
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.service|2018-10-24 19:10:39.834+0000|org.onap.dmaap.mr|service
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2019-03-12 18:49:31.735+0000|org.onap.dmaap.mr|view
+djtimoney@people.osaaf.org|org.onap.sdnc.admin|2019-02-15 19:00:45.146+0000|org.onap.sdnc|admin
+djtimoney@people.osaaf.org|org.onap.sdnc.owner|2019-02-15 19:00:51.995+0000|org.onap.sdnc|owner
+jm0007@people.osaaf.org|org.onap.portal.tester|2018-10-31 00:00:00.000+0000|org.onap.portal|tester
+saratp@people.osaaf.org|org.onap.oof.admin|2018-10-25 12:32:10.860+0000|org.onap.oof|admin
+saratp@people.osaaf.org|org.onap.oof.owner|2018-10-25 12:32:10.860+0000|org.onap.oof|owner
+shi@portal.onap.org|org.onap.portal.admin|2018-08-31 00:00:00.000+0000|org.onap.portal|admin
+appc123@appc.onap.org|org.onap.appc.admin|2018-08-31 00:00:00.000+0000|org.onap.appc|admin
+appc123@appc.onap.org|org.onap.appc.odl|2018-08-31 00:00:00.000+0000|org.onap.appc|odl
+clamp@clamp.osaaf.org|org.onap.clamp.service|2019-01-19 16:04:25.475+0000|org.onap.clamp|service
+op0001@people.osaaf.org|org.onap.portal.ops|2018-10-31 00:00:00.000+0000|org.onap.portal|ops
+aaronh@people.osaaf.org|org.onap.appc.admin|2018-12-06 21:23:26.569+0000|org.onap.appc|admin
+aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2019-01-18 20:02:28.637+0000|org.onap.aaf-sms|admin
+aaf_admin@people.osaaf.org|org.onap.aai.admin|2019-01-18 20:02:38.090+0000|org.onap.aai|admin
+aaf_admin@people.osaaf.org|org.onap.appc.admin|2019-01-18 20:02:44.874+0000|org.onap.appc|admin
+aaf_admin@people.osaaf.org|org.onap.clamp.admin|2019-01-18 20:01:27.855+0000|org.onap.clamp|admin
+aaf_admin@people.osaaf.org|org.onap.dcae.admin|2019-01-18 20:02:51.905+0000|org.onap.dcae|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2019-01-18 20:03:00.950+0000|org.onap.dmaap-bc|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2019-02-16 21:44:19.671+0000|org.onap.dmaap-bc.api|Controller
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2019-02-16 20:35:47.061+0000|org.onap.dmaap-bc.api|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.owner|2019-02-16 20:35:47.061+0000|org.onap.dmaap-bc.api|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2019-02-17 10:50:01.436+0000|org.onap.dmaap-dr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2019-01-18 20:03:10.921+0000|org.onap.dmaap-mr|admin
+aaf_admin@people.osaaf.org|org.onap.oof.admin|2019-01-18 20:03:19.273+0000|org.onap.oof|admin
+aaf_admin@people.osaaf.org|org.onap.policy.admin|2019-02-13 19:45:18.174+0000|org.onap.policy|admin
+aaf_admin@people.osaaf.org|org.onap.portal.admin|2019-02-20 18:37:55.465+0000|org.onap.portal|admin
+aaf_admin@people.osaaf.org|org.onap.sdc.admin|2019-03-14 17:26:40.787+0000|org.onap.sdc|admin
+aaf_admin@people.osaaf.org|org.onap.sdc.owner|2019-03-14 17:26:40.787+0000|org.onap.sdc|owner
+aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2019-01-18 20:03:25.173+0000|org.onap.sdnc|admin
+aaf_admin@people.osaaf.org|org.onap.so.admin|2019-03-14 17:26:08.685+0000|org.onap.so|admin
+aaf_admin@people.osaaf.org|org.onap.so.owner|2019-03-14 17:26:08.685+0000|org.onap.so|owner
+aaf_admin@people.osaaf.org|org.onap.vid.admin|2019-02-15 15:10:50.313+0000|org.onap.vid|admin
+aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|admin
+aaf_admin@people.osaaf.org|org.osaaf.people.admin|2019-01-18 18:58:25.577+0000|org.osaaf.people|admin
+aaf_admin@people.osaaf.org|org.osaaf.people.owner|2019-01-18 18:58:25.577+0000|org.osaaf.people|owner
+dglfromatt@people.osaaf.org|org.onap.dmaap.bc.admin|2018-11-09 01:26:06.470+0000|org.onap.dmaap.bc|admin
+dglfromatt@people.osaaf.org|org.onap.dmaap.bc.owner|2018-11-09 01:26:12.626+0000|org.onap.dmaap.bc|owner
+dglfromatt@people.osaaf.org|org.onap.dmaapbc.admin|2018-10-20 18:22:18.270+0000|org.onap.dmaapbc|admin
+dglfromatt@people.osaaf.org|org.onap.dmaapbc.owner|2018-10-20 18:22:18.270+0000|org.onap.dmaapbc|owner
+m99751@dmaapBC.openecomp.org|org.openecomp.dmaapBC.admin|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|admin
+m99751@dmaapBC.openecomp.org|org.openecomp.dmaapBC.owner|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|owner
+clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|owner
+clamp@clampdemo.onap.org|org.onap.clampdemo.service|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|admin
+m99501@dmaapBC.openecomp.org|org.openecomp.dmaapBC.owner|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|owner
+m99501@dmaapBC.openecomp.org|org.openecomp.dmaapBC.service|2018-08-31 00:00:00.000+0000|org.openecomp.dmaapBC|admin
+mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2019-01-18 19:11:11.056+0000|org.onap.aaf-sms|admin
+mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2019-01-18 19:11:11.056+0000|org.onap.aaf-sms|owner
+mmanager@people.osaaf.org|org.onap.aai.admin|2019-01-18 19:12:02.376+0000|org.onap.aai|admin
+mmanager@people.osaaf.org|org.onap.aai.owner|2019-01-18 19:12:02.376+0000|org.onap.aai|owner
+mmanager@people.osaaf.org|org.onap.appc.admin|2019-01-18 19:12:08.205+0000|org.onap.appc|admin
+mmanager@people.osaaf.org|org.onap.appc.owner|2019-01-18 19:12:08.205+0000|org.onap.appc|owner
+mmanager@people.osaaf.org|org.onap.clamp.admin|2019-01-18 19:11:48.308+0000|org.onap.clamp|admin
+mmanager@people.osaaf.org|org.onap.clamp.owner|2019-01-18 19:11:48.308+0000|org.onap.clamp|owner
+mmanager@people.osaaf.org|org.onap.dcae.admin|2019-01-18 19:12:17.183+0000|org.onap.dcae|admin
+mmanager@people.osaaf.org|org.onap.dcae.owner|2019-01-18 19:12:17.183+0000|org.onap.dcae|owner
+mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2019-01-18 19:13:14.377+0000|org.onap.dmaap-bc|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2019-01-18 19:13:14.377+0000|org.onap.dmaap-bc|owner
+mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2019-02-17 10:50:01.436+0000|org.onap.dmaap-dr|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2019-01-18 19:13:20.031+0000|org.onap.dmaap-mr|admin
+mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2019-01-18 19:13:20.031+0000|org.onap.dmaap-mr|owner
+mmanager@people.osaaf.org|org.onap.oof.admin|2019-01-18 19:13:25.467+0000|org.onap.oof|admin
+mmanager@people.osaaf.org|org.onap.oof.owner|2019-01-18 19:13:25.467+0000|org.onap.oof|owner
+mmanager@people.osaaf.org|org.onap.policy.admin|2019-02-13 19:45:18.174+0000|org.onap.policy|admin
+mmanager@people.osaaf.org|org.onap.policy.owner|2019-02-13 19:45:18.174+0000|org.onap.policy|owner
+mmanager@people.osaaf.org|org.onap.portal.admin|2019-02-20 18:37:44.285+0000|org.onap.portal|admin
+mmanager@people.osaaf.org|org.onap.portal.owner|2019-02-20 18:37:38.317+0000|org.onap.portal|owner
+mmanager@people.osaaf.org|org.onap.sdc.admin|2019-03-14 17:26:40.787+0000|org.onap.sdc|admin
+mmanager@people.osaaf.org|org.onap.sdc.owner|2019-03-14 17:26:40.787+0000|org.onap.sdc|owner
+mmanager@people.osaaf.org|org.onap.sdnc.admin|2019-01-18 19:13:32.203+0000|org.onap.sdnc|admin
+mmanager@people.osaaf.org|org.onap.sdnc.owner|2019-01-18 19:13:32.203+0000|org.onap.sdnc|owner
+mmanager@people.osaaf.org|org.onap.so.admin|2019-03-14 17:26:08.685+0000|org.onap.so|admin
+mmanager@people.osaaf.org|org.onap.so.owner|2019-03-14 17:26:08.685+0000|org.onap.so|owner
+mmanager@people.osaaf.org|org.onap.vid.admin|2019-02-15 15:49:59.019+0000|org.onap.vid|admin
+mmanager@people.osaaf.org|org.onap.vid.owner|2019-02-15 15:11:39.751+0000|org.onap.vid|owner
+cs0008@people.osaaf.org|org.onap.portal.designer|2018-10-31 00:00:00.000+0000|org.onap.portal|designer
+gv0001@people.osaaf.org|org.onap.portal.governor|2018-10-31 00:00:00.000+0000|org.onap.portal|governor
+xuegao@people.osaaf.org|org.onap.clamp.admin|2018-10-23 15:50:48.247+0000|org.onap.clamp|admin
+xuegao@people.osaaf.org|org.onap.clamp.clds.admin.dev|2018-10-23 15:51:40.394+0000|org.onap.clamp|clds.admin.dev
+xuegao@people.osaaf.org|org.onap.clamp.owner|2018-10-18 14:20:42.671+0000|org.onap.clamp|owner
+aai@aai.onap.org|org.onap.aai.admin|2018-12-05 12:53:12.506+0000|org.onap.aai|admin
+demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2019-03-13 15:42:58.918+0000|org.onap.dmaap.mr|view
+onap-sdnc@sdnc.onap.org|org.onap.sdnc.service|2018-11-09 01:40:36.805+0000|org.onap.sdnc|service
+dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2018-11-09 01:46:01.277+0000|org.onap.dmaap.bc|service
+jh0003@people.osaaf.org|org.onap.portal.admin|2018-10-31 00:00:00.000+0000|org.onap.portal|admin
+oof@oof.onap.org|org.onap.oof.service|2018-10-25 12:32:37.101+0000|org.onap.oof|service
+osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2019-01-19 01:17:50.525+0000|org.osaaf.aaf|admin
+demo@people.osaaf.org|org.onap.aai.member|2019-02-27 16:13:12.499+0000|org.onap.aai|member
+demo@people.osaaf.org|org.onap.aai.resources_all|2019-02-28 18:42:44.496+0000|org.onap.aai|resources_all
+demo@people.osaaf.org|org.onap.aai.traversal_advanced|2019-03-05 15:10:31.811+0000|org.onap.aai|traversal_advanced
+demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2019-02-16 21:56:30.350+0000|org.onap.dmaap-bc.api|Controller
+demo@people.osaaf.org|org.onap.dmaap.mr.create|2019-03-13 18:08:37.114+0000|org.onap.dmaap.mr|create
+demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2019-03-13 18:09:23.757+0000|org.onap.dmaap.mr|destroy
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-13 18:10:15.955+0000|org.onap.dmaap.mr|mrtesttopic.pub
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-13 18:09:47.647+0000|org.onap.dmaap.mr|mrtesttopic.sub
+demo@people.osaaf.org|org.onap.dmaap.mr.view|2019-03-13 18:05:55.587+0000|org.onap.dmaap.mr|view
+demo@people.osaaf.org|org.onap.portal.admin|2018-10-31 00:00:00.000+0000|org.onap.portal|admin
+demo@people.osaaf.org|org.onap.portal.test.admin|2019-02-07 15:02:00.509+0000|org.onap.portal.test|admin
+demo@people.osaaf.org|org.onap.portal.test.owner|2019-02-07 15:02:00.509+0000|org.onap.portal.test|owner
+demo@people.osaaf.org|org.onap.portal.test.user1|2019-02-07 15:15:06.360+0000|org.onap.portal.test|user1
+portal@portal.onap.org|org.onap.portal.app|2019-03-12 17:48:48.086+0000|org.onap.portal|app
+clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.admin.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.designer.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2018-08-31 00:00:00.000+0000|org.onap.clamp|clds.vf_filter_all.dev
+clamp@clamp.onap.org|org.onap.clamp.service|2019-01-19 16:05:29.023+0000|org.onap.clamp|service
+clamp@clamp.onap.org|org.onap.clampdemo.owner|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|owner
+clamp@clamp.onap.org|org.onap.clampdemo.service|2018-08-31 00:00:00.000+0000|org.onap.clampdemo|admin
+clamp@clamp.onap.org|org.onap.clamptest.owner|2018-08-31 00:00:00.000+0000|org.onap.clamptest|owner
+clamp@clamp.onap.org|org.onap.clamptest.service|2018-08-31 00:00:00.000+0000|org.onap.clamptest|admin
+clamp@clamptest.onap.org|org.onap.clamptest.owner|2018-08-31 00:00:00.000+0000|org.onap.clamptest|owner
+clamp@clamptest.onap.org|org.onap.clamptest.service|2018-08-31 00:00:00.000+0000|org.onap.clamptest|admin
+policy@policy.onap.org|org.onap.policy.seeCerts|2019-02-15 14:44:47.491+0000|org.onap.policy|seeCerts
+deployer@people.osaaf.org|org.osaaf.aaf.deploy|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|deploy
+portal_admin@people.osaaf.org|org.onap.portal.admin|2019-03-12 21:27:10.597+0000|org.onap.portal|admin
+sunilu@people.osaaf.org|org.onap.dmaap.mr.admin|2018-10-24 18:21:05.870+0000|org.onap.dmaap.mr|admin
+sunilu@people.osaaf.org|org.onap.dmaap.mr.create|2019-03-12 19:34:47.197+0000|org.onap.dmaap.mr|create
+sunilu@people.osaaf.org|org.onap.dmaap.mr.destroy|2019-03-12 19:35:04.204+0000|org.onap.dmaap.mr|destroy
+sunilu@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2019-03-12 19:36:01.605+0000|org.onap.dmaap.mr|mrtesttopic.pub
+sunilu@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2019-03-12 19:35:37.633+0000|org.onap.dmaap.mr|mrtesttopic.sub
+sunilu@people.osaaf.org|org.onap.dmaap.mr.owner|2018-10-24 18:21:05.870+0000|org.onap.dmaap.mr|owner
+sunilu@people.osaaf.org|org.onap.dmaap.mr.view|2019-03-12 19:33:55.136+0000|org.onap.dmaap.mr|view
+ryan@appc.onap.org|org.onap.appc.admin|2018-08-31 00:00:00.000+0000|org.onap.appc|admin
+ryan@appc.onap.org|org.onap.appc.odl|2018-08-31 00:00:00.000+0000|org.onap.appc|odl
+so@so.onap.org|org.onap.so.app|2019-03-14 17:31:26.590+0000|org.onap.so|app
+ryany@people.osaaf.org|org.onap.appc.admin|2018-12-06 20:00:59.991+0000|org.onap.appc|admin
+ryany@people.osaaf.org|org.onap.appc.owner|2018-12-06 20:00:51.151+0000|org.onap.appc|owner
+aaf@aaf.osaaf.org|org.admin|2018-10-31 00:00:00.000+0000|org|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2018-10-31 00:00:00.000+0000|org.osaaf.aaf|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.service|2019-01-17 10:39:33.473+0000|org.osaaf.aaf|service
+aaf@aaf.osaaf.org|org.osaaf.people.admin|2019-03-12 17:38:10.720+0000|org.osaaf.people|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2019-02-03 20:01:23.825+0000|org.onap.dmaap-bc|seeCerts
+kirank@people.osaaf.org|org.onap.aaf-sms.admin|2018-10-25 11:06:30.380+0000|org.onap.aaf-sms|admin
+kirank@people.osaaf.org|org.onap.aaf-sms.owner|2018-10-25 11:06:30.380+0000|org.onap.aaf-sms|owner
+dcae@dcae.onap.org|org.onap.dcae.seeCerts|2019-02-07 18:17:35.485+0000|org.onap.dcae|seeCerts
+aaf-authz@aaf.osaaf.org|org.osaaf.aaf.service|2018-11-01 19:58:35.364+0000|org.osaaf.aaf|service
+richardt@people.osaaf.org|org.onap.sdnc.admin|2018-11-09 01:18:12.468+0000|org.onap.sdnc|admin
+richardt@people.osaaf.org|org.onap.sdnc.owner|2018-11-09 01:18:12.468+0000|org.onap.sdnc|owner
+jimmy@people.osaaf.org|org.onap.aai.admin|2018-12-05 12:51:20.953+0000|org.onap.aai|admin
+jimmy@people.osaaf.org|org.onap.aai.owner|2018-12-05 12:51:20.953+0000|org.onap.aai|owner
+aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2018-10-25 11:07:56.161+0000|org.onap.aaf-sms|service
diff --git a/auth/sample/data/identities.dat b/auth/sample/data/identities.dat index 7bf14d5b..cf3d6710 100644 --- a/auth/sample/data/identities.dat +++ b/auth/sample/data/identities.dat @@ -18,22 +18,29 @@ # 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID) # -iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e| -mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna -bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager -mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager -ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager -iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager -osaaf|ID of AAF|osaaf|AAF Application|||a|bdevl +iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@people.osaaf.com|e| +mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@people.osaaf.com|e|iowna +bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.developer@people.osaaf.com|e|mmanager +mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@people.osaaf.com|e|mmanager +ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@people.osaaf.com|c|mmanager +iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager + # ONAP default Users +demo|PORTAL DEMO|PORTAL|DEMO|||e|aaf_admin +jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|aaf_admin +cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|aaf_admin +jm0007|PORTAL TESTER|PORTAL|TESTER|||e|aaf_admin +op0001|PORTAL OPS|PORTAL|OPS|||e|aaf_admin +gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|aaf_admin + +# AAF Defined Users aaf_admin|AAF Administrator|Mr AAF|AAF Admin|||e|mmanager deploy|Deployer|Deployer|Depoyer|||e|aaf_admin -demo|PORTAL DEMO|PORTAL|DEMO|||e|aaf -jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|aaf -cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|aaf -jm0007|PORTAL TESTER|PORTAL|TESTER|||e|aaf -op0001|PORTAL OPS|PORTAL|OPS|||e|aaf -gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|aaf + +# Requested Users +djtimoney|Dan Timoney|Dan|Timoney|||e|mmanager +portal_admin|Portal Admin|Portal|Admin|||e|mmanager + # ONAP App IDs aaf|AAF Application|AAF|Application|||a|aaf_admin aaf-sms|AAF SMS Application|AAF SMS|Application|||a|aaf_admin @@ -41,7 +48,18 @@ clamp|ONAP CLAMP Application|CLAMP|Application|||a|aaf_admin aai|ONAP AAI Application|AAI|ONAP Application|||a|aaf_admin appc|ONAP APPC Application|APPC|ONAP Application|||a|aaf_admin dcae|ONAP DCAE Application|CLAMP|ONAP Application|||a|aaf_admin -dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|aaf_admin -dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|aaf_admin oof|ONAP OOF Application|OOF|ONAP Application|||a|aaf_admin +so|ONAP SO Application|SO|ONAP Application|||a|aaf_admin +sdc|ONAP SDC Application|SDC|ONAP Application|||a|aaf_admin sdnc|ONAP SDNC Application|SDNC|ONAP Application|||a|aaf_admin +vid|ONAP VID Application|VID|ONAP Application|||a|aaf_admin +policy|ONAP Policy Application|POLICY|ONAP Application|||a|aaf_admin +portal|ONAP Portal Application|PORTAL|ONAP Application|||a|aaf_admin + +# DMAAP Identities +dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|aaf_admin +dmaap_bc_topic_mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|||a|aaf_admin +dmaap_bc_mm_prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|||a|aaf_admin +dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|aaf_admin +dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|||a|aaf_admin +dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|||a|aaf_admin diff --git a/cadi/servlet-sample/pom.xml b/cadi/servlet-sample/pom.xml index 5711d440..0da47f29 100644 --- a/cadi/servlet-sample/pom.xml +++ b/cadi/servlet-sample/pom.xml @@ -10,11 +10,6 @@ <name>CADI Servlet Sample (Test Only)</name> <artifactId>aaf-cadi-servlet-sample</artifactId> <packaging>jar</packaging> - <properties> - <!-- Jetty Version set by oParent --> - <tomcat.version>8.5.23</tomcat.version> - </properties> - <dependencies> <!-- needs to be first to avoid jar signer implications for servlet api --> <dependency> @@ -24,37 +19,6 @@ </dependency> <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-jasper</artifactId> - <version>${tomcat.version}</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-core</artifactId> - <version>${tomcat.version}</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat.embed</groupId> - <artifactId>tomcat-embed-jasper</artifactId> - <version>${tomcat.version}</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>tomcat-jasper</artifactId> - <version>${tomcat.version}</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>tomcat-jasper-el</artifactId> - <version>${tomcat.version}</version> - </dependency> - <dependency> - <groupId>org.apache.tomcat</groupId> - <artifactId>tomcat-jsp-api</artifactId> - <version>${tomcat.version}</version> - </dependency> - - <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-cadi-aaf</artifactId> <version>${project.version}</version> diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java deleted file mode 100644 index e82dddd2..00000000 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java +++ /dev/null @@ -1,108 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.sample.cadi.tomcate; - -import java.io.File; -import java.io.IOException; -import java.net.URISyntaxException; - -import org.apache.catalina.Service; -import org.apache.catalina.connector.Connector; -import org.apache.catalina.startup.Tomcat; -import org.apache.log4j.chainsaw.Main; -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.Access.Level; -import org.onap.aaf.cadi.PropAccess; - -/** - * @author JonathanGathman - * - */ -public class TomcatEmbedded { - - public static void main(String[] args) throws Exception { - System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true"); - Tomcat tomcat = new Tomcat(); - - Service service = tomcat.getService(); - service.addConnector(getSslConnector(new PropAccess(args), 8081)); - - tomcat.addWebapp("/caditest", getRootFolder().getAbsolutePath()); - - tomcat.start(); - tomcat.getServer().await(); - - } - - private static Connector getSslConnector(PropAccess access, int port) throws IOException { - Connector connector = new Connector(); - connector.setPort(port); - connector.setSecure(true); - connector.setScheme("https"); - setAttr(connector,access,"keyAlias","cadi_alias"); - setAttr(connector,access,"keystoreFile","cadi_keystore"); - connector.setAttribute("keystoreType", "PKCS12"); - setAttr(connector,access,"keystorePass","cadi_keystore_password"); - setAttr(connector,access,"truststoreFile","cadi_truststore"); - connector.setAttribute("truststoreType", "JKS"); - setAttr(connector,access,"truststorePass","cadi_truststore_password"); - connector.setAttribute("clientAuth", "want"); - connector.setAttribute("protocol", "HTTP/1.1"); - connector.setAttribute("sslProtocol", "TLS"); - connector.setAttribute("maxThreads", "200"); - connector.setAttribute("protocol", "org.apache.coyote.http11.Http11AprProtocol"); - connector.setAttribute("SSLEnabled", true); - return connector; - } - - private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException { - String value = access.getProperty(atag, null); - if (value==null) { - access.log(Level.ERROR, atag, "is null"); - } else { - if (value.startsWith("enc:")) { - access.log(Level.INIT,atag,"=enc:************"); - value = access.decrypt(value, false); - } else { - access.log(Level.INIT,atag,"=",value); - } - connector.setAttribute(ctag, value); - } - } - - private static File getRootFolder() { - try { - File root; - String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/"); - int lastIndexOf = runningJarPath.lastIndexOf("/target/"); - if (lastIndexOf < 0) { - root = new File(""); - } else { - root = new File(runningJarPath.substring(0, lastIndexOf)); - } - System.out.println("application resolved root folder: " + root.getAbsolutePath()); - return root; - } catch (URISyntaxException ex) { - throw new RuntimeException(ex); - } - } -} |