summaryrefslogtreecommitdiffstats
path: root/authz-service/src
diff options
context:
space:
mode:
Diffstat (limited to 'authz-service/src')
-rw-r--r--authz-service/src/main/config/authAPI.props24
-rw-r--r--authz-service/src/main/config/log4j.properties9
-rw-r--r--authz-service/src/main/resources/docker-compose/aafcli.sh9
-rw-r--r--authz-service/src/main/resources/docker-compose/docker-compose.yml4
-rw-r--r--authz-service/src/main/resources/docker-compose/runaafcli.sh9
-rw-r--r--authz-service/src/main/resources/docker-compose/startupaaf.sh10
-rw-r--r--authz-service/src/main/resources/docker/Dockerfile4
-rw-r--r--authz-service/src/main/resources/docker/authAPI.props82
-rw-r--r--authz-service/src/main/resources/docker/com.osaaf.common.props4
-rw-r--r--authz-service/src/main/resources/docker/startup.sh19
-rw-r--r--authz-service/src/main/resources/etc/authAPI.props30
-rw-r--r--authz-service/src/main/resources/etc/com.osaaf.common.props4
12 files changed, 45 insertions, 163 deletions
diff --git a/authz-service/src/main/config/authAPI.props b/authz-service/src/main/config/authAPI.props
deleted file mode 100644
index 6bc78699..00000000
--- a/authz-service/src/main/config/authAPI.props
+++ /dev/null
@@ -1,24 +0,0 @@
-##
-## AUTHZ API (authz-service) Properties
-##
-
-hostname=_HOSTNAME_
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=_AFT_LATITUDE_
-AFT_LONGITUDE=_AFT_LONGITUDE_
-AFT_ENVIRONMENT=_AFT_ENVIRONMENT_
-DEPLOYED_VERSION=_ARTIFACT_VERSION_
-
-## Pull in common/security properties
-
-cadi_prop_files=_COMMON_DIR_/com.att.aaf.common.props;_COMMON_DIR_/com.att.aaf.props
-
-##DME2 related parameters
-
-DMEServiceName=service=com.att.authz.AuthorizationService/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-AFT_DME2_PORT_RANGE=_AUTHZ_SERVICE_PORT_RANGE_
-
-
-CACHE_HIGH_COUNT=20000
-CACHE_CLEAN_INTERVAL=60000 \ No newline at end of file
diff --git a/authz-service/src/main/config/log4j.properties b/authz-service/src/main/config/log4j.properties
index 75507e7a..b4fa1166 100644
--- a/authz-service/src/main/config/log4j.properties
+++ b/authz-service/src/main/config/log4j.properties
@@ -88,3 +88,12 @@ log4j.logger.audit=INFO,AUDIT
log4j.logger.trace=TRACE,TRACE
+log4j.appender.SVR=org.apache.log4j.RollingFileAppender
+log4j.appender.SVR.File=${user.home}/.aaf/authz-cmd.log
+log4j.appender.SVR.MaxFileSize=10000KB
+log4j.appender.SVR.MaxBackupIndex=1
+log4j.appender.SVR.layout=org.apache.log4j.PatternLayout
+log4j.appender.SVR.layout.ConversionPattern=%d %p [%c] %m %n
+
+# General Apache libraries
+log4j.rootLogger=WARN,SVR
diff --git a/authz-service/src/main/resources/docker-compose/aafcli.sh b/authz-service/src/main/resources/docker-compose/aafcli.sh
deleted file mode 100644
index 89e9a4ea..00000000
--- a/authz-service/src/main/resources/docker-compose/aafcli.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-DIR=`pwd`
-DME2REG=$DIR/../dme2reg
-CLASSPATH=etc:target/authz-cmd-2.0.15-jar-with-dependencies.jar
-
-java -cp $CLASSPATH \
- -Dcadi_prop_files=../authz-service/src/main/sample/authAPI.props \
- -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG \
- com.att.cmd.AAFcli $*
-
diff --git a/authz-service/src/main/resources/docker-compose/docker-compose.yml b/authz-service/src/main/resources/docker-compose/docker-compose.yml
index fce6824d..f79d368f 100644
--- a/authz-service/src/main/resources/docker-compose/docker-compose.yml
+++ b/authz-service/src/main/resources/docker-compose/docker-compose.yml
@@ -23,7 +23,7 @@
version: '2'
services:
aaf_container:
- image: attos/aaf
+ image: onap/aaf/authz-service
ports:
- "8101:8101"
@@ -33,7 +33,7 @@ services:
# - ./authAPI.props:/opt/app/aaf/authz-service/2.0.15/etc/authAPI.props
- ./wait_for_host_port.sh:/tmp/wait_for_host_port.sh
- ./data2:/data
- - ./runaafcli.sh:/opt/app/aaf/authz-service/2.0.15/runaafcli.sh
+ # - ./runaafcli.sh:/opt/app/aaf/authz-service/2.0.15/runaafcli.sh
# - ./com.osaaf.common.props:/opt/app/aaf/authz-service/2.0.15/etc/com.osaaf.common.props
# - ./cadi-core-1.3.0.jar:/opt/app/aaf/authz-service/2.0.15/lib/cadi-core-1.3.0.jar
# - ./cadi-aaf-1.3.0.jar:/opt/app/aaf/authz-service/2.0.15/lib/cadi-aaf-1.3.0.jar
diff --git a/authz-service/src/main/resources/docker-compose/runaafcli.sh b/authz-service/src/main/resources/docker-compose/runaafcli.sh
deleted file mode 100644
index a4ce5182..00000000
--- a/authz-service/src/main/resources/docker-compose/runaafcli.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-
-DIR=`pwd`
-#DME2REG=$DIR/../dme2reg
-DME2REG=/opt/dme2reg
-#CLASSPATH=etc:target/authz-cmd-2.0.15-jar-with-dependencies.jar
-CLASSPATH=/opt/app/aaf/authz-service/2.0.15/etc:/opt/app/aaf/authz-service/2.0.15/lib/authz-cmd-2.0.15-jar-with-dependencies.jar
-#java -cp $CLASSPATH -Dcadi_prop_files=../authz-service/src/main/sample/authAPI.props -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG com.att.cmd.AAFcli $*
-java -cp $CLASSPATH -Dcadi_prop_files=/opt/app/aaf/authz-service/2.0.15/etc/authAPI.props -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG com.att.cmd.AAFcli $*
diff --git a/authz-service/src/main/resources/docker-compose/startupaaf.sh b/authz-service/src/main/resources/docker-compose/startupaaf.sh
index bc1f0b29..b45bba5e 100644
--- a/authz-service/src/main/resources/docker-compose/startupaaf.sh
+++ b/authz-service/src/main/resources/docker-compose/startupaaf.sh
@@ -1,9 +1,9 @@
# lji: this startup file shadows the existing extry point startup.sh file of the container
# because we need to pass in the cassandra cluster location
-LIB=/opt/app/aaf/authz-service/2.0.15/lib
+LIB=/opt/app/aaf/authz-service/lib
-ETC=/opt/app/aaf/authz-service/2.0.15/etc
+ETC=/opt/app/aaf/authz-service/etc
DME2REG=/opt/dme2reg
echo "this is LIB" $LIB
@@ -15,7 +15,7 @@ for FILE in `find $LIB -name *.jar`; do
CLASSPATH=$CLASSPATH:$FILE
done
-FILEPATHS="/opt/app/aaf/common/com.osaaf.common.props /opt/app/aaf/authz-service/2.0.15/etc/com.osaaf.common.props"
+FILEPATHS="/opt/app/aaf/authz-service/etc/com.osaaf.common.props /opt/app/aaf/authz-service/etc/com.osaaf.common.props"
for FILEPATH in $FILEPATHS:
do
if [ -e ${FILEPATH} ]; then
@@ -26,7 +26,9 @@ do
done
-java -classpath $CLASSPATH -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG com.att.authz.service.AuthAPI
+java -classpath $CLASSPATH -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG org.onap.aaf.authz.service.AuthAPI
# keet it running so we can check fs
while sleep 2; do echo thinking; done
+
+
diff --git a/authz-service/src/main/resources/docker/Dockerfile b/authz-service/src/main/resources/docker/Dockerfile
index 6894ed8a..ae670f75 100644
--- a/authz-service/src/main/resources/docker/Dockerfile
+++ b/authz-service/src/main/resources/docker/Dockerfile
@@ -1,9 +1,9 @@
FROM openjdk:8-jdk
ADD opt /opt/
-ADD authz-service-1.0.0-SNAPSHOT.jar /opt/app/aaf/authz-service/1.0.0-SNAPSHOT/lib/authz-service-1.0.0-SNAPSHOT.jar
+ADD authz-service-1.0.1-SNAPSHOT.jar /opt/app/aaf/authz-service/lib/authz-service-1.0.1-SNAPSHOT.jar
ADD startup.sh /startup.sh
RUN chmod 777 /startup.sh
-RUN chmod -R 777 /opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc
+RUN chmod -R 777 /opt/app/aaf/authz-service/etc
ENTRYPOINT ./startup.sh
diff --git a/authz-service/src/main/resources/docker/authAPI.props b/authz-service/src/main/resources/docker/authAPI.props
index f8c1b400..d1acfb07 100644
--- a/authz-service/src/main/resources/docker/authAPI.props
+++ b/authz-service/src/main/resources/docker/authAPI.props
@@ -15,94 +15,18 @@ DEPLOYED_VERSION=2.0.SAMPLE
DMEServiceName=service=org.onap.aaf.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE
#DME2 can limit Port Ranges with the following:
-#AFT_DME2_PORT_RANGE=8101-8029,8100
+AFT_DME2_PORT_RANGE=8101-8101,8100
#DME2 picks any unused port in +1024 range
#AFT_DME2_PORT=0
AFT_DME2_ALLOW_PORT_CACHING=false
-aaf_root_ns=org.openecomp
-
-# Point to "Common" files, used between all the AAF Services. ...
-
-# DEVELOPER ONLY SETTING!!!!! DO NOT USE on ANY BOX other than your Developer box, and it
-# would be better if you got a Cert for that, and remove this! There is nothing stupider than
-# an unsecured Security Service.
-cadi_trust_all_x509=true
-
-# Public (i.e. Verisign) Key stores.
-# AFT_DME2_KEYSTORE=
-# AFT_DME2_KEYSTORE_PASSWORD=
-# AFT_DME2_KEY_PASSWORD=
-# cadi_truststore=
-# cadi_truststore_password=
-
-# Standard for this App/Machine
-aaf_env=DEV
-aaf_data_dir=../data
-cadi_loglevel=WARN
-aaf_id=<osaaf's Application Identity>
-aaf_password=enc:31-LFPNtP9Yl1DZKAz1rx8N8YfYVY8VKnnDr
-
-aaf_conn_timeout=6000
-aaf_timeout=10000
-aaf_user_expires=600000
-aaf_clean_interval=45000
-aaf_refresh_trigger_count=3
-aaf_high_count=30000
-
-# Basic Auth
-aaf_default_realm=openecomp.org
-#aaf_domain_support=.org
-basic_realm=openecomp.org
-basic_warn=false
-aaf_root_ns=org.openecomp
-localhost_deny=false
-# Cassandra
-# IP:Cass DataCenter:Latitude:Longitude,IP....
-cassandra.clusters=127.0.0.1
-cassandra.clusters.port=9042
-cassandra.clusters.user=authz
-cassandra.clusters.password=authz
-## Exceptions from Cassandra which require resetting the Cassandra Connections
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Consistency Settings
-cassandra.writeConsistency.ns=LOCAL_QUORUM
-cassandra.writeConsistency.perm=LOCAL_QUORUM
-cassandra.writeConsistency.role=LOCAL_QUORUM
-cassandra.writeConsistency.user_role=LOCAL_QUORUM
-cassandra.writeConsistency.cred=LOCAL_QUORUM
-cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-## Supported Plugin Organizational Units
-Organization.com.osaaf=org.onap.aaf.osaaf.defOrg.DefaultOrg
-
-## Email Server settings for Def Organization.
-#Sender's email ID needs to be mentioned
-com.osaaf.mailFromUserId=mailid@bogus.com
-com.osaaf.supportEmail=support@bogus.com
-com.osaaf.mailHost=smtp.bogus.com
-
-# Standard AAF DME2 Props
-AFT_DME2_REMOVE_PERSISTENT_CACHE_ON_STARTUP=TRUE
-AFT_DME2_DISABLE_PERSISTENT_CACHE=TRUE
-AFT_DME2_DISABLE_PERSISTENT_CACHE_LOAD=TRUE
-
-## SSL OPTIONAL ONLY IN DEVELOPMENT PC/Local... WHATEVER YOU DO, don't use this on any box than your local PC
-AFT_DME2_SSL_ENABLE=false
-# for when you turn on SSL... Only TLSv1.1+ is secure as of 2016
-AFT_DME2_SSL_WANT_CLIENT_AUTH=TRUE
-AFT_DME2_SSL_INCLUDE_PROTOCOLS=TLSv1.1,TLSv1.2
-AFT_DME2_SSL_VALIDATE_CERTS=FALSE
-AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=false
+# Point to "Common" files, used between all the AAF Services. ...
-## Extra CA Trusts, for Certifiate Manager to build truststore with external CAs
-cm_trust_cas=VerisignG3_CA.cer;VerisignG4_CA.cer;VerisignG5_CA.cer
#cadi_prop_files=com.osaaf.common.props;com.osaaf.props
-cadi_prop_files=opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.common.props;opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.props
+cadi_prop_files=opt/app/aaf/authz-service/etc/com.osaaf.common.props:opt/app/aaf/authz-service/etc/com.osaaf.props
CACHE_HIGH_COUNT=40000
CACHE_CLEAN_INTERVAL=60000
diff --git a/authz-service/src/main/resources/docker/com.osaaf.common.props b/authz-service/src/main/resources/docker/com.osaaf.common.props
index 5bf127ce..e27b594d 100644
--- a/authz-service/src/main/resources/docker/com.osaaf.common.props
+++ b/authz-service/src/main/resources/docker/com.osaaf.common.props
@@ -17,7 +17,7 @@ cadi_trust_all_x509=true
# Standard for this App/Machine
aaf_env=DEV
-aaf_data_dir=../data
+aaf_data_dir=opt/app/aaf/authz-service/etc/data
cadi_loglevel=WARN
aaf_id=<osaaf's Application Identity>
aaf_password=enc:31-LFPNtP9Yl1DZKAz1rx8N8YfYVY8VKnnDr
@@ -56,7 +56,7 @@ cassandra.writeConsistency.cred=LOCAL_QUORUM
cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
## Supported Plugin Organizational Units
-Organization.com.osaaf=org.onap.aaf.osaaf.defOrg.DefaultOrg
+Organization.org=org.onap.aaf.osaaf.defOrg.DefaultOrg
## Email Server settings for Def Organization.
#Sender's email ID needs to be mentioned
diff --git a/authz-service/src/main/resources/docker/startup.sh b/authz-service/src/main/resources/docker/startup.sh
index 7b18f9dc..b45bba5e 100644
--- a/authz-service/src/main/resources/docker/startup.sh
+++ b/authz-service/src/main/resources/docker/startup.sh
@@ -1,7 +1,9 @@
+# lji: this startup file shadows the existing extry point startup.sh file of the container
+# because we need to pass in the cassandra cluster location
-LIB=/opt/app/aaf/authz-service/1.0.0-SNAPSHOT/lib
+LIB=/opt/app/aaf/authz-service/lib
-ETC=/opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc
+ETC=/opt/app/aaf/authz-service/etc
DME2REG=/opt/dme2reg
echo "this is LIB" $LIB
@@ -12,10 +14,21 @@ CLASSPATH=$ETC
for FILE in `find $LIB -name *.jar`; do
CLASSPATH=$CLASSPATH:$FILE
done
-java -classpath $CLASSPATH -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG org.onap.aaf.authz.service.AuthAPI
+FILEPATHS="/opt/app/aaf/authz-service/etc/com.osaaf.common.props /opt/app/aaf/authz-service/etc/com.osaaf.common.props"
+for FILEPATH in $FILEPATHS:
+do
+ if [ -e ${FILEPATH} ]; then
+ if [ -z `grep "cassandra.clusters=$CASSANDRA_CLUSTER" $FILEPATH` ]; then
+ echo "cassandra.clusters=$CASSANDRA_CLUSTER" >> $FILEPATH;
+ fi
+ fi
+done
+java -classpath $CLASSPATH -DDME2_EP_REGISTRY_CLASS=DME2FS -DAFT_DME2_EP_REGISTRY_FS_DIR=$DME2REG org.onap.aaf.authz.service.AuthAPI
+# keet it running so we can check fs
+while sleep 2; do echo thinking; done
diff --git a/authz-service/src/main/resources/etc/authAPI.props b/authz-service/src/main/resources/etc/authAPI.props
index f0dbc8be..d1acfb07 100644
--- a/authz-service/src/main/resources/etc/authAPI.props
+++ b/authz-service/src/main/resources/etc/authAPI.props
@@ -15,42 +15,18 @@ DEPLOYED_VERSION=2.0.SAMPLE
DMEServiceName=service=org.onap.aaf.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE
#DME2 can limit Port Ranges with the following:
-#AFT_DME2_PORT_RANGE=8101-8029,8100
+AFT_DME2_PORT_RANGE=8101-8101,8100
#DME2 picks any unused port in +1024 range
#AFT_DME2_PORT=0
AFT_DME2_ALLOW_PORT_CACHING=false
-aaf_root_ns=org.openecomp
-
-# Point to "Common" files, used between all the AAF Services. ...
-
-
-# Cassandra
-# IP:Cass DataCenter:Latitude:Longitude,IP....
-cassandra.clusters=127.0.0.1
-cassandra.clusters.port=9042
-cassandra.clusters.user=authz
-cassandra.clusters.password=authz
-## Exceptions from Cassandra which require resetting the Cassandra Connections
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Consistency Settings
-cassandra.writeConsistency.ns=LOCAL_QUORUM
-cassandra.writeConsistency.perm=LOCAL_QUORUM
-cassandra.writeConsistency.role=LOCAL_QUORUM
-cassandra.writeConsistency.user_role=LOCAL_QUORUM
-cassandra.writeConsistency.cred=LOCAL_QUORUM
-cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-## Supported Plugin Organizational Units
-Organization.com.osaaf=org.onap.aaf.osaaf.defOrg.DefaultOrg
-
+# Point to "Common" files, used between all the AAF Services. ...
#cadi_prop_files=com.osaaf.common.props;com.osaaf.props
-cadi_prop_files=opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.common.props;opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.props
+cadi_prop_files=opt/app/aaf/authz-service/etc/com.osaaf.common.props:opt/app/aaf/authz-service/etc/com.osaaf.props
CACHE_HIGH_COUNT=40000
CACHE_CLEAN_INTERVAL=60000
diff --git a/authz-service/src/main/resources/etc/com.osaaf.common.props b/authz-service/src/main/resources/etc/com.osaaf.common.props
index 5bf127ce..e27b594d 100644
--- a/authz-service/src/main/resources/etc/com.osaaf.common.props
+++ b/authz-service/src/main/resources/etc/com.osaaf.common.props
@@ -17,7 +17,7 @@ cadi_trust_all_x509=true
# Standard for this App/Machine
aaf_env=DEV
-aaf_data_dir=../data
+aaf_data_dir=opt/app/aaf/authz-service/etc/data
cadi_loglevel=WARN
aaf_id=<osaaf's Application Identity>
aaf_password=enc:31-LFPNtP9Yl1DZKAz1rx8N8YfYVY8VKnnDr
@@ -56,7 +56,7 @@ cassandra.writeConsistency.cred=LOCAL_QUORUM
cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
## Supported Plugin Organizational Units
-Organization.com.osaaf=org.onap.aaf.osaaf.defOrg.DefaultOrg
+Organization.org=org.onap.aaf.osaaf.defOrg.DefaultOrg
## Email Server settings for Def Organization.
#Sender's email ID needs to be mentioned