summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/.gitignore2
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/data/ecomp.cql83
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/data/ecomp.txt302
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/docker-compose.yml57
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/startupaaf.sh34
-rw-r--r--auth/auth-service/src/main/resources/docker-compose/sysctl.conf3
-rw-r--r--cadi/oauth-enduser/pom.xml9
-rw-r--r--cadi/shiro/pom.xml9
8 files changed, 474 insertions, 25 deletions
diff --git a/auth/auth-service/src/main/resources/docker-compose/.gitignore b/auth/auth-service/src/main/resources/docker-compose/.gitignore
deleted file mode 100644
index fc7349f7..00000000
--- a/auth/auth-service/src/main/resources/docker-compose/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/docker-compose.yml
-/startupaaf.sh
diff --git a/auth/auth-service/src/main/resources/docker-compose/data/ecomp.cql b/auth/auth-service/src/main/resources/docker-compose/data/ecomp.cql
index 6fddf650..c4798398 100644
--- a/auth/auth-service/src/main/resources/docker-compose/data/ecomp.cql
+++ b/auth/auth-service/src/main/resources/docker-compose/data/ecomp.cql
@@ -5,6 +5,21 @@ INSERT INTO cred (id,ns,type,cred,expires)
VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('ryan@appc.onap.org','org.onap.appc',1,0x9fb680a2292b51d5dc40335cabfa1a9a,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('sai@onap.org','org.onap.appc',1,0x9fb680a2292b51d5dc40335cabfa1a9a,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('shi@portal.onap.org','org.onap.portal',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('admin@portal.onap.org','org.onap.portal',1,0x37c77980eee6a7d47050d199f7191ba9,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('clamp@clamp.onap.org','org.onap.clamp',1,0xe18977785f423b7c3e5d1f283fce4e2e,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
INSERT INTO cred (id,ns,type,cred,expires)
@@ -21,10 +36,10 @@ INSERT INTO role(ns, name, perms, description)
INSERT INTO role(ns, name, perms, description)
VALUES('com','owner',{'com.access|*|read'},'Com Owners');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('com','access','*','read',{'com.owner'},'Com Read Access');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('com','access','*','*',{'com.admin'},'Com Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
@@ -49,10 +64,10 @@ INSERT INTO role(ns, name, perms, description)
INSERT INTO role(ns, name, perms, description)
VALUES('org','owner',{'org.access|*|read'},'Com Owners');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org','access','*','read',{'org.owner'},'Com Read Access');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org','access','*','*',{'org.admin'},'Com Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
@@ -73,10 +88,10 @@ INSERT INTO role(ns, name, perms,description)
INSERT INTO role(ns, name, perms,description)
VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners');
-INSERT INTO perm(ns, type, instance, action, roles,description)
+INSERT INTO perm(ns, type, instance, action, roles,description)
VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access');
-INSERT INTO perm(ns, type, instance, action, roles,description)
+INSERT INTO perm(ns, type, instance, action, roles,description)
VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
@@ -96,17 +111,17 @@ INSERT INTO role(ns, name, perms, description)
INSERT INTO role(ns, name, perms, description)
VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin');
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner');
-
+
// Create org.openecomp
INSERT INTO ns (name,scope,description,parent,type)
@@ -118,52 +133,74 @@ INSERT INTO role(ns, name, perms, description)
INSERT INTO role(ns, name, perms, description)
VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin');
-// Create org.openecomp.dmaapBC
+
+
+// Create org.onap
INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3);
+ VALUES('org.onap',2,'Open ONAP NS','com.att',2);
-//INSERT INTO role(ns, name, perms, description)
-// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap','admin',{'org.onap.access|*|*'},'onap Admins');
-INSERT INTO role(ns, name, perms, description)
-VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap','owner',{'org.onap.access|*|read'},'onap Owners');
-//INSERT INTO role(ns, name, perms, description)
-//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap','access','*','read',{'org.onap.owner'},'onap Read Access');
-//INSERT INTO role(ns, name, perms, description)
-//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap','access','*','*',{'org.onap.admin'},'onap Write Access');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.onap.admin','2020-12-31','org.onap','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.onap.owner','2020-12-31','org.onap','admin');
+
+
+// Create org.openecomp.dmaapBC
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3);
+
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
INSERT INTO role(ns, name, perms, description)
VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access');
-INSERT INTO perm(ns, type, instance, action, roles, description)
+INSERT INTO perm(ns, type, instance, action, roles, description)
VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access');
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
+
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
+
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
diff --git a/auth/auth-service/src/main/resources/docker-compose/data/ecomp.txt b/auth/auth-service/src/main/resources/docker-compose/data/ecomp.txt
new file mode 100644
index 00000000..bf1bc3c1
--- /dev/null
+++ b/auth/auth-service/src/main/resources/docker-compose/data/ecomp.txt
@@ -0,0 +1,302 @@
+USE authz;
+
+// Create Root pass
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('ryan@appc.onap.org','org.onap.appc',1,0x9fb680a2292b51d5dc40335cabfa1a9a,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('sai@onap.org','org.onap.appc',1,0x9fb680a2292b51d5dc40335cabfa1a9a,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('shi@portal.onap.org','org.onap.portal',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('admin@portal.onap.org','org.onap.portal',1,0x37c77980eee6a7d47050d199f7191ba9,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
+
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
+
+
+// Create 'com' root NS
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('com',1,'Root Namespace',null,1);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('com','admin',{'com.access|*|*'},'Com Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('com','owner',{'com.access|*|read'},'Com Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('com','access','*','read',{'com.owner'},'Com Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('com','access','*','*',{'com.admin'},'Com Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin');
+
+// Create org root NS
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org',1,'Root Namespace Org',null,1);
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3);
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','admin',{'org.access|*|*'},'Com Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','owner',{'org.access|*|read'},'Com Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','read',{'org.owner'},'Com Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','*',{'org.admin'},'Com Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin');
+
+
+// Create com.att
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('com.att',2,'AT&T Namespace','com',2);
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins');
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin');
+
+// Create com.att.aaf
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner');
+
+
+// Create org.openecomp
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.openecomp',2,'Open EComp NS','com.att',2);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin');
+
+
+
+
+// Create org.onap
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.onap',2,'Onap NS','com.att',2);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap','admin',{'org.onap.access|*|*'},'Onap Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap','owner',{'org.onap.access|*|read'},'onap Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap','access','*','read',{'org.onap.owner'},'Onap Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap','access','*','*',{'org.onap.admin'},'Onap Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.onap.admin','2020-12-31','org.onap','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('sai@onap.org','org.onap.admin','2020-12-31','org.onap','admin');
+
+
+
+// Create org.onap.appc
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.onap.appc',2,'Onap NS','com.att',2);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.appc','admin',{'org.onap.appc.access|*|*'},'OnapAPPC Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.appc','owner',{'org.onap.appc.access|*|read'},'onap APPC Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.appc','access','*','read',{'org.onap.appc.owner'},'Onap Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.appc','access','*','*',{'org.onap.appc.admin'},'Onap Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.onap.appc.admin','2020-12-31','org.onap.appc','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('sai@onap.org','org.onap.appc.admin','2020-12-31','org.onap.appc','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('ryan@appc.onap.org','org.onap.appc.admin','2020-12-31','org.onap.appc','admin');
+
+
+
+// Create org.onap.portal
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.onap.portal',2,'Onap NS','com.att',2);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Onap Portal Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'onap Portal Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','read',{'org.onap.portal.owner'},'Onap Portal Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Onap Portal Write Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','System_Administrator',{'org.onap.portal.access|*|*'},
+ '{\"id\":\"1\",\"name\":\"System Administrator\",\"active\":\"true\",\"priority\":\"1\",\"appId\":\"NULL\",\"appRoleId\":\"NULL\"},'System Administrator');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','Standard_User',{'org.onap.portal.access|*|*'},
+ '{\"id\":\"16\",\"name\":\"Standard User\",\"active\":\"true\",\"priority\":\"5\",\"appId\":\"NULL\",\"appRoleId\":\"NULL\"},'Standard User');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','Restricted_App_Role',{'org.onap.portal.access|*|*'},
+ '{\"id\":\"900\",\"name\":\"Restricted App Role\",\"active\":\"true\",\"priority\":\"1\",\"appId\":\"NULL\",\"appRoleId\":\"NULL\"},'Restricted App Role');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','Portal_Notification_Admin',{'org.onap.portal.access|*|*'},
+ '{\"id\":\"950\",\"name\":\"Portal Notification Admin\",\"active\":\"true\",\"priority\":\"1\",\"appId\":\"NULL\",\"appRoleId\":\"NULL\"},'Portal Notification Admin');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','Account_Administrator',{'org.onap.portal.access|*|*'},
+ '{\"id\":\"999\",\"name\":\"Account Administrator\",\"active\":\"true\",\"priority\":\"1\",\"appId\":\"NULL\",\"appRoleId\":\"NULL\"},'Account Administrator');
+
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.onap.portal.admin','2020-12-31','org.onap.portal','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('shi@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','admin');
+
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','System_Administrator');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','Standard_User');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','Restricted_App_Role');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','Portal_Notification_Admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('admin@portal.onap.org','org.onap.portal.admin','2020-12-31','org.onap.portal','Account_Administrator');
+
+
+
+
+
+
+// Create org.openecomp.dmaapBC
+
+INSERT INTO ns (name,scope,description,parent,type)
+ VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3);
+
+//INSERT INTO role(ns, name, perms, description)
+// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins');
+
+INSERT INTO role(ns, name, perms, description)
+VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
+
+//INSERT INTO role(ns, name, perms, description)
+//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins');
+
+//INSERT INTO role(ns, name, perms, description)
+//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
+
+
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
diff --git a/auth/auth-service/src/main/resources/docker-compose/docker-compose.yml b/auth/auth-service/src/main/resources/docker-compose/docker-compose.yml
new file mode 100644
index 00000000..501bb308
--- /dev/null
+++ b/auth/auth-service/src/main/resources/docker-compose/docker-compose.yml
@@ -0,0 +1,57 @@
+#-------------------------------------------------------------------------------
+# ============LICENSE_START====================================================
+# * org.onap.aaf
+# * ===========================================================================
+# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# * ===========================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# * ============LICENSE_END====================================================
+# *
+# *
+#-------------------------------------------------------------------------------
+version: '2'
+services:
+ aaf_container:
+ image: onap/aaf/authz-service:1.0.1-SNAPSHOT
+ ports:
+ - "8101:8101"
+
+ links:
+ - cassandra_container
+ volumes:
+ # - ./authAPI.props:/opt/app/aaf/authz-service/2.0.15/etc/authAPI.props
+ - ./wait_for_host_port.sh:/tmp/wait_for_host_port.sh
+ - ./data2:/data
+ # - ./runaafcli.sh:/opt/app/aaf/authz-service/2.0.15/runaafcli.sh
+ # - ./com.osaaf.common.props:/opt/app/aaf/authz-service/2.0.15/etc/com.osaaf.common.props
+ # - ./cadi-core-1.3.0.jar:/opt/app/aaf/authz-service/2.0.15/lib/cadi-core-1.3.0.jar
+ # - ./cadi-aaf-1.3.0.jar:/opt/app/aaf/authz-service/2.0.15/lib/cadi-aaf-1.3.0.jar
+ # - ./cadi-client-1.3.0.jar:/opt/app/aaf/authz-service/2.0.15/lib/cadi-client-1.3.0.jar
+ # - ./authz-service-2.0.15.jar:/opt/app/aaf/authz-service/2.0.15/lib/authz-service-2.0.15.jar
+ # - ./dme2-3.1.200.jar:/opt/app/aaf/authz-service/2.0.15/lib/dme2-3.1.200.jar
+ entrypoint: ["bash", "-c", "/tmp/wait_for_host_port.sh cassandra_container 9042; sleep 20; /bin/sh -c ./startup.sh"]
+ environment:
+ - CASSANDRA_CLUSTER=cassandra_container
+
+
+ cassandra_container:
+ image: cassandra:2.1.16
+ ports:
+ - "7000:7000"
+ - "7001:7001"
+ - "9042:9042"
+ - "9160:9160"
+ volumes:
+ - ./data:/data
+ - ./wait_for_host_port.sh:/tmp/wait_for_host_port.sh
+ entrypoint: ["bash", "-c", "(/tmp/wait_for_host_port.sh localhost 9042 cqlsh --file /data/init.cql -u cassandra -p cassandra localhost; cqlsh --file /data/ecomp.cql -u cassandra -p cassandra localhost) & (/docker-entrypoint.sh cassandra -f)"]
diff --git a/auth/auth-service/src/main/resources/docker-compose/startupaaf.sh b/auth/auth-service/src/main/resources/docker-compose/startupaaf.sh
new file mode 100644
index 00000000..b45bba5e
--- /dev/null
+++ b/auth/auth-service/src/main/resources/docker-compose/startupaaf.sh
@@ -0,0 +1,34 @@
+# lji: this startup file shadows the existing extry point startup.sh file of the container
+# because we need to pass in the cassandra cluster location
+
+LIB=/opt/app/aaf/authz-service/lib
+
+ETC=/opt/app/aaf/authz-service/etc
+DME2REG=/opt/dme2reg
+
+echo "this is LIB" $LIB
+echo "this is ETC" $ETC
+echo "this is DME2REG" $DME2REG
+
+CLASSPATH=$ETC
+for FILE in `find $LIB -name *.jar`; do
+ CLASSPATH=$CLASSPATH:$FILE
+done
+
+FILEPATHS="/opt/app/aaf/authz-service/etc/com.osaaf.common.props /opt/app/aaf/authz-service/etc/com.osaaf.common.props"
+for FILEPATH in $FILEPATHS:
+do
+ if [ -e ${FILEPATH} ]; then
+ if [ -z `grep "cassandra.clusters=$CASSANDRA_CLUSTER" $FILEPATH` ]; then
+ echo "cassandra.clusters=$CASSANDRA_CLUSTER" >> $FILEPATH;
+ fi
+ fi
+done
+
+
+java -classpath $CLASSPATH -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG org.onap.aaf.authz.service.AuthAPI
+
+# keet it running so we can check fs
+while sleep 2; do echo thinking; done
+
+
diff --git a/auth/auth-service/src/main/resources/docker-compose/sysctl.conf b/auth/auth-service/src/main/resources/docker-compose/sysctl.conf
new file mode 100644
index 00000000..c36fd688
--- /dev/null
+++ b/auth/auth-service/src/main/resources/docker-compose/sysctl.conf
@@ -0,0 +1,3 @@
+net.ipv6.conf.all.disable_ipv6=1
+net.ipv6.conf.default.disable_ipv6=1
+net.ipv6.conf.lol.disable_ipv6=1
diff --git a/cadi/oauth-enduser/pom.xml b/cadi/oauth-enduser/pom.xml
index df841a18..b89b3fe7 100644
--- a/cadi/oauth-enduser/pom.xml
+++ b/cadi/oauth-enduser/pom.xml
@@ -184,6 +184,15 @@
</execution>
</executions>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-deploy-plugin</artifactId>
+ <version>2.8.1</version>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+
+ </plugin>
</plugins>
</pluginManagement>
</build>
diff --git a/cadi/shiro/pom.xml b/cadi/shiro/pom.xml
index 5dc86b2e..69f2c740 100644
--- a/cadi/shiro/pom.xml
+++ b/cadi/shiro/pom.xml
@@ -161,6 +161,15 @@
</execution>
</executions>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-deploy-plugin</artifactId>
+ <version>2.8.1</version>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+
+ </plugin>
</plugins>
</build>