summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-cass/docker/dinstall.sh1
-rw-r--r--auth/auth-cass/src/main/cql/osaaf.cql4
-rw-r--r--auth/auth-cass/src/main/cql/temp_identity.cql2
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java2
-rw-r--r--auth/docker/README.txt21
-rw-r--r--auth/docker/agent.sh4
-rw-r--r--auth/docker/d.props.init7
-rw-r--r--auth/sample/bin/agent.sh52
-rw-r--r--auth/sample/data/identities.dat2
-rw-r--r--auth/sample/data/sample.identities.dat36
-rw-r--r--auth/sample/local/.gitignore0
-rw-r--r--auth/sample/local/aaf.props5
-rw-r--r--auth/sample/local/initialConfig.props2
-rw-r--r--auth/sample/local/org.osaaf.aaf.cm.ca.props4
-rw-r--r--auth/sample/logs/clean1
-rw-r--r--auth/sample/logs/taillog1
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java181
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java3
19 files changed, 198 insertions, 132 deletions
diff --git a/auth/auth-cass/docker/dinstall.sh b/auth/auth-cass/docker/dinstall.sh
index bdbadf68..d6fcb9f9 100644
--- a/auth/auth-cass/docker/dinstall.sh
+++ b/auth/auth-cass/docker/dinstall.sh
@@ -56,6 +56,7 @@ if [ "`$DOCKER ps -a | grep aaf_cass`" == "" ]; then
echo " cqlsh -f keyspace.cql"
echo " cqlsh -f init.cql"
echo " cqlsh -f osaaf.cql"
+ echo " cqlsh -f temp_identity.cql"
echo ""
echo "The following will give you a temporary identity with which to start working, or emergency"
echo " cqlsh -f temp_identity.cql"
diff --git a/auth/auth-cass/src/main/cql/osaaf.cql b/auth/auth-cass/src/main/cql/osaaf.cql
index 40e79f10..b3d895b9 100644
--- a/auth/auth-cass/src/main/cql/osaaf.cql
+++ b/auth/auth-cass/src/main/cql/osaaf.cql
@@ -51,10 +51,10 @@ INSERT INTO role(ns, name, perms, description)
// OSAAF Root
INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('osaaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin') using TTL 14400;
+ VALUES ('aaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin') using TTL 14400;
INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('osaaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin') using TTL 14400;
+ VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin') using TTL 14400;
// ONAP Specific Entities
diff --git a/auth/auth-cass/src/main/cql/temp_identity.cql b/auth/auth-cass/src/main/cql/temp_identity.cql
index b7415beb..3032372b 100644
--- a/auth/auth-cass/src/main/cql/temp_identity.cql
+++ b/auth/auth-cass/src/main/cql/temp_identity.cql
@@ -1,5 +1,5 @@
USE authz;
// Create Root pass
INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('osaaf@aaf.osaaf.org','org.osaaf.aaf',1,0xdd82c1882969461de74b46427961ea2c,'2099-12-31') using TTL 14400;
+ VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf',1,0xdd82c1882969461de74b46427961ea2c,'2099-12-31') using TTL 14400;
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
index 695d80f7..1ddf022c 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
@@ -63,7 +63,7 @@ public class DirectRegistrar implements Registrant<AuthzEnv> {
locate.patch = split.length>2?Integer.parseInt(split[2]):0;
locate.minor = split.length>1?Integer.parseInt(split[1]):0;
locate.major = split.length>0?Integer.parseInt(split[0]):0;
- locate.hostname = access.getProperty(Config.CADI_REGISTRATION_HOSTNAME, null);
+ locate.hostname = access.getProperty(Config.AAF_REGISTER_AS, null);
if(locate.hostname==null) {
locate.hostname = access.getProperty(Config.HOSTNAME, null);
}
diff --git a/auth/docker/README.txt b/auth/docker/README.txt
index 32ed3489..3eb554b1 100644
--- a/auth/docker/README.txt
+++ b/auth/docker/README.txt
@@ -1,24 +1,33 @@
+#
+# Edit the following in <your ONAP authz dir>/auth/sample/local
+#
+aaf.props
+org.osaaf.aaf.cm.ca.props (leave out Password)
+
+# cd to main docker dir
+cd ../../docker
+
# Start the container in bash mode, so it stays up
sh agent.sh bash
-
# in another shell, find out your Container name
docker container ls | grep aaf_agent
+# CD to directory with CA info in it.
+# (example)
+cd /opt/app/osaaf/CA/intermediate_7
+
# copy keystore for this AAF Env
-docker container cp -L org.osaaf.aaf.p12 <Your Container>:/opt/app/osaaf/local
+docker container cp -L org.osaaf.aaf.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local
# (in Agent Window)
agent encrypt cadi_keystore_password
# If you intend to use Certman to sign certs, it is a "local" CA
# copy Signing Keystore into container
-docker container cp -L org.osaaf.aaf.signer.p12 <Your Container>:/opt/app/osaaf/local
+docker container cp -L org.osaaf.aaf.signer.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local
# (in Agent Window)
agent encrypt cm_ca.local
-# Add in Cassandra Password
-agent encrypt cassandra.clusters.password
-
# Check to make sure all passwords are set
grep "enc:" *.props
diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh
index f734c629..8636cdd1 100644
--- a/auth/docker/agent.sh
+++ b/auth/docker/agent.sh
@@ -7,6 +7,10 @@ docker run \
--mount 'type=volume,src=aaf_config,dst='$CONF_ROOT_DIR',volume-driver=local' \
--add-host="$HOSTNAME:$HOST_IP" \
--add-host="aaf.osaaf.org:$HOST_IP" \
+ --env AAF_ENV=${AAF_ENV} \
+ --env AAF_REGISTER_AS=${AAF_REGISTER_AS} \
+ --env LATITUDE=${LATITUDE} \
+ --env LONGITUDE=${LONGITUDE} \
--name aaf_agent_$USER \
${ORG}/${PROJECT}/aaf_config:${VERSION} \
/bin/bash "$@"
diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init
index d65c11bb..8691591c 100644
--- a/auth/docker/d.props.init
+++ b/auth/docker/d.props.init
@@ -8,5 +8,10 @@ CONF_ROOT_DIR=/opt/app/osaaf
# Local Env info
HOSTNAME=
HOST_IP=
-CASS_HOST=
+CASS_HOST=<cass FQDN>:<cass IP>
+# AAF Machine info
+aaf_env=DEV
+aaf_register_as=$HOSTNAME
+cadi_latitude=
+cadi_longitude=
diff --git a/auth/sample/bin/agent.sh b/auth/sample/bin/agent.sh
index 5d34a8a9..15c3714d 100644
--- a/auth/sample/bin/agent.sh
+++ b/auth/sample/bin/agent.sh
@@ -16,11 +16,21 @@ if [ ! -e /opt/app/osaaf/local/org.osaaf.aaf.props ]; then
for D in public etc logs; do
rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
done
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config osaaf@aaf.osaaf.org \
+
+ TMP=$(mktemp)
+ echo aaf_env=${AAF_ENV} >> ${TMP}
+ echo cadi_latitude=${LATITUDE} >> ${TMP}
+ echo cadi_longitude=${LONGITUDE} >> ${TMP}
+ echo aaf_register_as=${AAF_REGISTER_AS} >> ${TMP}
+ echo aaf_locate_url=https://${AAF_REGISTER_AS}:8095 >> ${TMP}
+
+ $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
cadi_etc_dir=/opt/app/osaaf/local \
- cadi_prop_files=/opt/app/aaf_config/local/initialConfig.props:/opt/app/aaf_config/local/aaf.props \
- cadi_latitude=38.4329 \
- cadi_longitude=-90.43248
+ cadi_prop_files=/opt/app/aaf_config/local/initialConfig.props:/opt/app/aaf_config/local/aaf.props:${TMP}
+ rm ${TMP}
+ # Default Password for Default Cass
+ CASS_PASS=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "cassandra" /opt/app/osaaf/local/org.osaaf.aaf.keyfile)
+ sed -i.backup -e "s/\\(cassandra.clusters.password=enc:\\)/\\1$CASS_PASS/" /opt/app/osaaf/local/org.osaaf.aaf.cassandra.props
fi
# Now run a command
@@ -69,12 +79,30 @@ if [ ! "$CMD" = "" ]; then
cd /opt/app/osaaf/local || exit
/bin/bash "$@"
;;
+ setProp)
+ cd /opt/app/osaaf/local || exit
+ FILES=$(grep -l "$1" ./*.props)
+ if [ "$FILES" = "" ]; then
+ FILES="$3"
+ ADD=Y
+ fi
+ for F in $FILES; do
+ echo "Changing $1 in $F"
+ if [ "$ADD" = "Y" ]; then
+ echo $2 >> $F
+ else
+ sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
+ fi
+ cat $F
+ done
+ ;;
encrypt)
cd /opt/app/osaaf/local || exit
+ echo $1
FILES=$(grep -l "$1" ./*.props)
- if [ "$FILES" = "" ]; then
- FILES=/opt/app/osaaf/local/org.osaaf.aaf.cred.props
- echo "$1=enc:" >>FILES
+ if [ "$FILES" = "" ]; then
+ FILES=/opt/app/osaaf/local/org.osaaf.aaf.cred.props
+ ADD=Y
fi
for F in $FILES; do
echo "Changing $1 in $F"
@@ -89,10 +117,17 @@ if [ ! "$CMD" = "" ]; then
ORIG_PW="$2"
fi
PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/org.osaaf.aaf.keyfile)
- sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
+ if [ "$ADD" = "Y" ]; then
+ echo "$1=enc:$PWD" >> $F
+ else
+ sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
+ fi
cat $F
done
;;
+ taillog)
+ sh /opt/app/osaaf/logs/taillog
+ ;;
--help | -?)
case "$1" in
"")
@@ -100,6 +135,7 @@ if [ ! "$CMD" = "" ]; then
echo " ls - Lists all files in Configuration"
echo " cat <file.props>> - Shows the contents (Prop files only)"
echo " validate - Runs a test using Configuration"
+ echo " setProp <tag> [<value>] - set value on 'tag' (if no value, it will be queried from config)"
echo " encrypt <tag> [<pass>] - set passwords on Configuration (if no pass, it will be queried)"
echo " bash - run bash in Container"
echo " Note: the following aliases are preset"
diff --git a/auth/sample/data/identities.dat b/auth/sample/data/identities.dat
index 358829ef..b5c6ce5a 100644
--- a/auth/sample/data/identities.dat
+++ b/auth/sample/data/identities.dat
@@ -24,7 +24,7 @@ bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|
mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+osaaf|ID of AAF|osaaf|AAF Application|||a|bdevl
# ONAP default Users
demo|PORTAL DEMO|PORTAL|DEMO|||e|mmanager
jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|mmanager
diff --git a/auth/sample/data/sample.identities.dat b/auth/sample/data/sample.identities.dat
index 358829ef..13e94b13 100644
--- a/auth/sample/data/sample.identities.dat
+++ b/auth/sample/data/sample.identities.dat
@@ -18,19 +18,29 @@
# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
#
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@people.osaaf.com|e|
+mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@people.osaaf.com|e|iowna
+bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.developer@people.osaaf.com|e|mmanager
+mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@people.osaaf.com|e|mmanager
+ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@people.osaaf.com|c|mmanager
+iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager
# ONAP default Users
-demo|PORTAL DEMO|PORTAL|DEMO|||e|mmanager
-jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|mmanager
-cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|mmanager
-jm0007|PORTAL TESTER|PORTAL|TESTER|||e|mmanager
-op0001|PORTAL OPS|PORTAL|OPS|||e|mmanager
-gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|mmanager
+demo|PORTAL DEMO|PORTAL|DEMO|||e|aaf
+jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|aaf
+cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|aaf
+jm0007|PORTAL TESTER|PORTAL|TESTER|||e|aaf
+op0001|PORTAL OPS|PORTAL|OPS|||e|aaf
+gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|aaf
+# ONAP App IDs
+aaf|AAF Application|AAF|Application|||a|bdevl
+aaf-sms|AAF SMS Application|AAF SMS|Application|||a|aaf
+clamp|ONAP CLAMP Application|CLAMP|Application|||a|aaf
+aai|ONAP AAI Application|AAI|ONAP Application|||a|aaf
+appc|ONAP APPC Application|APPC|ONAP Application|||a|aaf
+dcae|ONAP DCAE Application|CLAMP|ONAP Application|||a|aaf
+dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|aaf
+dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|aaf
+oof|ONAP OOF Application|OOF|ONAP Application|||a|aaf
+sdnc|ONAP SDNC Application|SDNC|ONAP Application|||a|aaf
diff --git a/auth/sample/local/.gitignore b/auth/sample/local/.gitignore
deleted file mode 100644
index e69de29b..00000000
--- a/auth/sample/local/.gitignore
+++ /dev/null
diff --git a/auth/sample/local/aaf.props b/auth/sample/local/aaf.props
index 8237c4e9..c9fb8f98 100644
--- a/auth/sample/local/aaf.props
+++ b/auth/sample/local/aaf.props
@@ -11,12 +11,11 @@ aaf_default_realm=people.osaaf.org
# Initial Passwords and such
aaf_password=startup
-cadi_alias=osaaf@aaf.osaaf.org
+cadi_alias=aaf@aaf.osaaf.org
cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
-cadi_keystore_password=kumquat
cadi_truststore=/opt/app/osaaf/public/truststoreONAPall.jks
cadi_truststore_password=changeit
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US
# Other
aaf_data_dir=/opt/app/osaaf/data
-cadi_registration_hostname=meriadoc.mithril.sbc.com
diff --git a/auth/sample/local/initialConfig.props b/auth/sample/local/initialConfig.props
index f9ad077a..13704244 100644
--- a/auth/sample/local/initialConfig.props
+++ b/auth/sample/local/initialConfig.props
@@ -1,10 +1,8 @@
-aaf_env=DEV
aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
cadi_protocols=TLSv1.1,TLSv1.2
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US
cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
diff --git a/auth/sample/local/org.osaaf.aaf.cm.ca.props b/auth/sample/local/org.osaaf.aaf.cm.ca.props
index 92d55f92..5c692f4b 100644
--- a/auth/sample/local/org.osaaf.aaf.cm.ca.props
+++ b/auth/sample/local/org.osaaf.aaf.cm.ca.props
@@ -1,10 +1,10 @@
##
## org.osaaf.cm.ca.props
-## Properties to access Certifiate Authority
+## Properties to access Certificate Authority
##
#Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/aaf_intermediate_1.p12;aaf_intermediate_1;enc:
+cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.signer.p12;aaf_intermediate_7;enc:
cm_ca.local.idDomains=org.osaaf
cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
cm_ca.local.perm_type=org.osaaf.aaf.ca
diff --git a/auth/sample/logs/clean b/auth/sample/logs/clean
index e92e1bd3..7d5152b9 100644
--- a/auth/sample/logs/clean
+++ b/auth/sample/logs/clean
@@ -1,3 +1,4 @@
+cd /opt/app/osaaf/logs
for D in `find . -type d`; do
if [ "$D" != "./" ]; then
rm -f $D/*.log
diff --git a/auth/sample/logs/taillog b/auth/sample/logs/taillog
index b4482d09..2b3de6e5 100644
--- a/auth/sample/logs/taillog
+++ b/auth/sample/logs/taillog
@@ -1 +1,2 @@
+cd /opt/app/osaaf/logs
tail -f `find . -name *service*.log -ctime 0`
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
index a86649db..7f1b0cf6 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
@@ -35,14 +35,17 @@ import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayDeque;
+import java.util.Arrays;
import java.util.Date;
import java.util.Deque;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
+import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Properties;
+import java.util.TreeMap;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.CmdLine;
@@ -754,7 +757,7 @@ public class Agent {
psProps.print("# Configuration File generated on ");
psProps.println(new Date().toString());
psProps.println(HASHES);
- for(String tag : new String[] {Config.CADI_LATITUDE,Config.CADI_LONGITUDE}) {
+ for(String tag : LOC_TAGS) {
psProps.print(tag);
psProps.print('=');
psProps.println(getProperty(pa, trans, false, tag, "%s: ",tag));
@@ -788,19 +791,14 @@ public class Agent {
if(!fkf.exists()) {
CmdLine.main(new String[] {"keygen",fkf.toString()});
}
- psCredProps.print("cadi_keyfile=");
- psCredProps.println(fkf.getCanonicalPath());
-
- psCredProps.print(Config.AAF_APPID);
- psCredProps.print('=');
- psCredProps.println(fqi);
-
Symm filesymm = Symm.obtain(fkf);
- psCredProps.print(Config.AAF_APPPASS);
- psCredProps.print("=enc:");
- String ps = pa.decrypt(pa.getProperty(Config.AAF_APPPASS), false);
- ps = filesymm.enpass(ps);
- psCredProps.println(ps);
+ Map<String,String> normal = new TreeMap<>();
+ Map<String,String> creds = new TreeMap<>();
+
+ directedPut(pa, filesymm, normal,creds, Config.CADI_KEYFILE, fkf.getCanonicalPath());
+ directedPut(pa, filesymm, normal,creds, Config.AAF_APPID,fqi);
+ directedPut(pa, filesymm, normal,creds, Config.AAF_APPPASS,null);
+
String cts = pa.getProperty(Config.CADI_TRUSTSTORE);
if(cts!=null) {
@@ -820,7 +818,7 @@ public class Agent {
}
}
if(!origTruststore.exists()) {
- throw new CadiException(cts + "does not exist");
+ throw new CadiException(cts + " does not exist");
}
}
@@ -829,97 +827,73 @@ public class Agent {
if(!newTruststore.exists()) {
Files.copy(origTruststore.toPath(), newTruststore.toPath());
}
- psCredProps.print(Config.CADI_TRUSTSTORE);
- psCredProps.print("=");
- psCredProps.println(newTruststore.getCanonicalPath());
-
- psCredProps.print(Config.CADI_TRUSTSTORE_PASSWORD);
- psCredProps.print("=enc:");
- ps = pa.decrypt(pa.getProperty(Config.CADI_TRUSTSTORE_PASSWORD), false);
- ps = filesymm.enpass(ps);
- psCredProps.println(ps);
+
+ directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE,newTruststore.getCanonicalPath());
+ directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE_PASSWORD,null);
}
-// String cadi_x509_issuers = pa.getProperty(Config.CADI_X509_ISSUERS);
-// if(cadi_x509_issuers!=null) {
-// psCredProps.print(Config.CADI_X509_ISSUERS);
-// psCredProps.print('=');
-// psCredProps.println(cadi_x509_issuers);
-// }
+ if(aafcon!=null) { // get Properties from Remote AAF
+ final String locator = getProperty(pa,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: ");
-
- try {
- if(aafcon!=null) { // get Properties from Remote AAF
- final String locator = getProperty(pa,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: ");
-
- Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
- .read("/configure/"+fqi+"/aaf", configDF);
- if(acf.get(TIMEOUT)) {
- PrintStream pstemp;
- for(Props props : acf.value.getProps()) {
- if(Config.CADI_X509_ISSUERS.equals(props.getTag())) {
- pstemp=psCredProps;
- } else {
- pstemp = psProps;
- }
- pstemp.print(props.getTag());
- pstemp.print('=');
- pstemp.println(props.getValue());
- }
- ok = true;
- } else if(acf.code()==401){
- trans.error().log("Bad Password sent to AAF");
- } else {
- trans.error().log(errMsg.toMsg(acf));
+ Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
+ .read("/configure/"+fqi+"/aaf", configDF);
+ if(acf.get(TIMEOUT)) {
+ for(Props props : acf.value.getProps()) {
+ directedPut(pa, filesymm, normal,creds, props.getTag(),props.getValue());
}
+ ok = true;
+ } else if(acf.code()==401){
+ trans.error().log("Bad Password sent to AAF");
} else {
- String cpf = pa.getProperty(Config.CADI_PROP_FILES);
- if(cpf!=null){
- for(String f : Split.split(File.pathSeparatorChar, cpf)) {
- System.out.format("Reading %s\n",f);
- FileInputStream fis = new FileInputStream(f);
- try {
- Properties props = new Properties();
- props.load(fis);
- PrintStream pstemp;
- String key,value;
- for(Entry<Object, Object> prop : props.entrySet()) {
- key = prop.getKey().toString();
- if(Config.CADI_X509_ISSUERS.equals(key)) {
- pstemp=psCredProps;
- value = prop.getValue().toString();
- } else if(key.endsWith("_password")){
- if(Config.AAF_APPPASS.equals(key) || Config.CADI_TRUSTSTORE_PASSWORD.equals(key)) {
- continue;
- }
- value = "enc:" + filesymm.enpass(prop.getValue().toString());
- pstemp = psCredProps;
- } else if(Config.CADI_TRUSTSTORE.equals(key)) {
- continue;
- } else {
- value = prop.getValue().toString();
- pstemp = psProps;
- }
- pstemp.print(key);
- pstemp.print('=');
- pstemp.println(value);
- }
- } finally {
- fis.close();
+ trans.error().log(errMsg.toMsg(acf));
+ }
+ } else {
+ String cpf = pa.getProperty(Config.CADI_PROP_FILES);
+ if(cpf!=null){
+ for(String f : Split.split(File.pathSeparatorChar, cpf)) {
+ System.out.format("Reading %s\n",f);
+ FileInputStream fis = new FileInputStream(f);
+ try {
+ Properties props = new Properties();
+ props.load(fis);
+ for(Entry<Object, Object> prop : props.entrySet()) {
+ directedPut(pa, filesymm, normal,creds, prop.getKey().toString(),prop.getValue().toString());
}
+ } finally {
+ fis.close();
}
}
- ok = true;
}
- } finally {
- psProps.close();
+ ok = true;
}
if(ok) {
+ for(Entry<String, String> es : normal.entrySet()) {
+ psProps.print(es.getKey());
+ psProps.print('=');
+ psProps.println(es.getValue());
+ }
+
+ for(Entry<String, String> es : creds.entrySet()) {
+ psCredProps.print(es.getKey());
+ psCredProps.print('=');
+ psCredProps.println(es.getValue());
+ }
+
File newFile = new File(dir,rootFile+".props");
+ if(newFile.exists()) {
+ File backup = new File(dir,rootFile+".props.backup");
+ newFile.renameTo(backup);
+ System.out.println("Backed up to " + backup.getCanonicalPath());
+ }
fProps.renameTo(newFile);
System.out.println("Created " + newFile.getCanonicalPath());
fProps = newFile;
+ if(fSecureProps.exists()) {
+ File backup = new File(dir,fSecureProps.getName()+".backup");
+ fSecureProps.renameTo(backup);
+ System.out.println("Backed up to " + backup.getCanonicalPath());
+ }
fSecureTempProps.renameTo(fSecureProps);
System.out.println("Created " + fSecureProps.getCanonicalPath());
fProps = newFile;
@@ -937,7 +911,36 @@ public class Agent {
tt.done();
}
}
+
+ private static List<String> CRED_TAGS = Arrays.asList(new String[] {
+ Config.CADI_KEYFILE,
+ Config.AAF_APPID, Config.AAF_APPPASS,
+ Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD, Config.CADI_KEY_PASSWORD,
+ Config.CADI_TRUSTSTORE,Config.CADI_TRUSTSTORE_PASSWORD,
+ Config.CADI_ALIAS, Config.CADI_X509_ISSUERS
+ });
+
+ private static List<String> LOC_TAGS = Arrays.asList(new String[] {Config.CADI_LATITUDE, Config.CADI_LONGITUDE});
+ private static void directedPut(final PropAccess orig, final Symm symm, final Map<String,String> main, final Map<String,String> secured, final String tag, final String value) throws IOException {
+ if(!LOC_TAGS.contains(tag)) { // Location already covered
+ String val = value==null?orig.getProperty(tag):value;
+ if(tag.endsWith("_password")) {
+ if(val.length()>4) {
+ if(val.startsWith("enc:")) {
+ val = orig.decrypt(value, true);
+ }
+ val = "enc:" + symm.enpass(val);
+ }
+ }
+ if(CRED_TAGS.contains(tag)) {
+ secured.put(tag, val);
+ } else {
+ main.put(tag, val);
+ }
+ }
+ }
+
private static void validate(final PropAccess pa) throws LocatorException, CadiException, APIException {
System.out.println("Validating Configuration...");
final AAFCon<?> aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(pa));
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
index bed201aa..b21f8975 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
@@ -87,7 +87,7 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> {
mep.setPort(port);
try {
- String hostnameToRegister = access.getProperty(Config.CADI_REGISTRATION_HOSTNAME, null);
+ String hostnameToRegister = access.getProperty(Config.AAF_REGISTER_AS, null);
if(hostnameToRegister==null) {
hostnameToRegister = access.getProperty(Config.HOSTNAME, null);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index b4e31f2f..42c38896 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -74,14 +74,12 @@ public class Config {
private static final String OAUTH_TOKEN_MGR = OAUTH+".TokenMgr";
private static final String OAUTH_HTTP_TAF = OAUTH+".OAuth2HttpTaf";
private static final String OAUTH_DIRECT_TAF = OAUTH+".OAuthDirectTAF";
-
public static final String UTF_8 = "UTF-8";
// Property Names associated with configurations.
// As of 1.0.2, these have had the dots removed so as to be compatible with JavaBean style
// configurations as well as property list style.
public static final String HOSTNAME = "hostname";
- public static final String CADI_REGISTRATION_HOSTNAME = "cadi_registration_hostname";
public static final String CADI_PROP_FILES = "cadi_prop_files"; // Additional Properties files (separate with ;)
public static final String CADI_LOGLEVEL = "cadi_loglevel";
public static final String CADI_LOGDIR = "cadi_log_dir";
@@ -142,6 +140,7 @@ public class Config {
public static final String AAF_ROOT_COMPANY = "aaf_root_company";
public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
+ public static final String AAF_REGISTER_AS = "aaf_register_as";
public static final String AAF_APPID = "aaf_id";
public static final String AAF_APPPASS = "aaf_password";
public static final String AAF_LUR_CLASS = "aaf_lur_class";