summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2018-11-12Add javax ws to OSGI bundleSai Gandham1-0/+2
javax.xml.ws webservics budle is missing in old shiro bundle. Now WS added to bundle. Issue-ID: AAF-618 Change-Id: Ia6ca04c1ba8d63122fd5ea325651052ec31f363d Signed-off-by: Sai Gandham <sg481n@att.com>
2018-11-12Add instantiation Log MessageInstrumental2-2/+5
Issue-ID: AAF-618 Change-Id: I7b9630056ee3aa8246ef0a90ac01d53a6853f79d Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-12Missed Version in POMInstrumental1-1/+1
Issue-ID: AAF-626 Change-Id: I89bc29be1655cad48bbb9e93ac88a9b2a5aae76d Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-12Put MapBath code in ShiroInstrumental3-28/+63
Issue-ID: AAF-618 Change-Id: Ibbee25744a479d40ed438f926d0d3785a76fc5d1 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-12Merge "Update FProxy to separate truststore and keystore"Jonathan Gathman9-68/+102
2018-11-09Update FProxy to separate truststore and keystoreMichael Arrastia9-68/+102
* Create default truststore, fproxy_truststore. * Require TRUST_STORE_PASSWORD system parameter on application start. * Harden parameter checks in FProxyApplication PostConstruct. * Rationalise properties in RestTemplateConfig. * Update unit tests to handle trust store. * Correct spring dependency in pom. Change-Id: I0254e5d27ff76bbd7a44b961169d7fe47761d3f9 Issue-ID: AAF-614 Signed-off-by: Michael Arrastia <MArrasti@amdocs.com>
2018-11-09Use AAF cadi 2.1.7Instrumental1-1/+1
Issue-ID: AAF-620 Change-Id: I1cc1c58f4da676d33781b26da4aab3fb65869a12 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-07Remove SNAPSHOTInstrumental1-1/+1
Did SNAPSHOT to help APPC test. Have to move back to non-SNAPSHOT for build. Issue-ID: AAF-613 Change-Id: I34c5b4bf1c02ee9de51137a283705ce5e240a350 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-07Fix/Renable sidecar buildsInstrumental37-184/+204
Issue-ID: AAF-613 Change-Id: Ic13411eebbf3c1c9b6d8492aff1b37db37a965e4 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-07All to 2.1.7-SNAPSHOTInstrumental1-1/+1
Issue-ID: AAF-613 Change-Id: I9d3cd657e39eff0246c9f3b343dd44bcccd90452 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-07Pom OParent, other hierarchyInstrumental11-59/+90
Issue-ID: AAF-613 Change-Id: I14531b546aebb9e5326ddc67eb3ec4eb9e17dac1 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-11-06update license in cadi repoSai Gandham10-195/+180
Issue-ID: AAF-611 Change-Id: I0a273cdfc61798f77b22a58e2190cb5333eab730 Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-29Route Incoming TCP Traffic Via the Reverse ProxyIanB1-0/+2
By default any container is accessible from any pod inside a Kubernetes cluster. It is therefore possible to send requests directly to the primary microservice even if sidecar security is enabled. An additional netfilter rule will redirect any incoming TCP requests to the Reverse Proxy. The Reverse Proxy service listens on the hard coded port (10692) Issue-ID: AAF-591 Change-Id: I9afccadb08add4312cef770221702942d811cbdd Signed-off-by: IanB <IanB@amdocs.com>
2018-10-29Merge "Make 2-way TLS optional and fix cert errors"Jonathan Gathman2-6/+14
2018-10-26Make 2-way TLS optional and fix cert errorsRavi Geda2-6/+14
Change-Id: Ia7f94f8903039a7b55946c9cab4f026fe3558f1c Issue-ID: AAF-586 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-10-23Documentation corrected markups.Stanislav Chlebec3-60/+75
Change-Id: I99ead3648f0175f188e280c76868da7c117d9a28 Signed-off-by: Stanislav Chlebec <stanislav.chlebec@pantheon.tech> Issue-ID: AAF-582
2018-10-19modify cadi aaf version in rproxySai Gandham1-1/+1
Issue-ID: AAF-576 Change-Id: I758608684f469610693c9682d10eb2746a89d970 Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-17Exempt Cassandra traffic from fproxyRavi Geda1-0/+4
The connection to cassandra is not http/https. Hence bypassing it from going through the forward proxy. Change-Id: Ic4f65222fca5f3698d6ed806333b265d0e392314 Issue-ID: AAF-572 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-10-17Merge "Make 2-way TLS optional"Jonathan Gathman1-1/+1
2018-10-15Make 2-way TLS optionalRavi Geda1-1/+1
Change-Id: I180e584b78dbe32d4c00b05672c2f6aa182ce4b1 Issue-ID: AAF-562 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-10-12Add to configuration information for rproxyIanB1-13/+38
Added more information on how to configure URIs & needed permissions for the ReverseProxyAuthorization filter, the authorization enforcement point. Added the necessary steps to use an alternative authorization provider. Issue-ID: AAI-1604 Change-Id: Ia16dd2687b0032a0bd75641c1523307e90ceeb32 Signed-off-by: IanB <IanB@amdocs.com>
2018-10-10Merge "Enhance fproxy unit tests"Jonathan Gathman1-1/+5
2018-10-10Correct the forward proxy portRavi Geda1-4/+1
Change-Id: I1531731713729dec57590f014dfe0c947ef55d37 Issue-ID: AAF-553 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-10-09Enhance fproxy unit testsLee, Tian (tl5884)1-1/+5
Ensure that the fproxy unit tests are specifically testing the propagation of the X-TransactionId header in downstream requests. Change-Id: I5e2da81eacaaf2f30e08b2cb95a12049fd5da6ff Issue-ID: AAF-529 Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
2018-10-07Update cadi sidecar versionSai Gandham4-10/+10
Adding relative path to oparent Issue-ID: AAF-537 Change-Id: I6601b919c3e96bb7987aa316e460077a6de4e0bd Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-05Remove pom property preventing fproxy deployLee, Tian (tl5884)1-1/+0
rproxy sonar job is failing because fproxy artifact is not being deployed. Change-Id: I32d1b52e9420f76c0c1e27e0c87a2ecb5996e864 Issue-ID: AAF-528 Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
2018-10-04Update oparent version in aaf cadiSai Gandham2-2/+2
Issue-ID: AAF-537 Change-Id: Ifc517cc153b0e1cb0b3b990e347349b148ba883d Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-04change cadi shiro versionSai Gandham1-2/+2
Issue-ID: AAF-537 Change-Id: I76cd87edad7acdb43ab48552cf68bc3df598ccf2 Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-04change cadi actual version from SNAPSHOTSai Gandham1-1/+1
Issue-ID: AAF-537 Change-Id: I9722b1d3541077f8900017b7293801fac343fbae Signed-off-by: Sai Gandham <sg481n@att.com>
2018-10-01Fix NexusIQ security vulnerabilitiesLee, Tian (tl5884)8-29/+26
Remove Spring Boot Jackson dependencies and replace with Gson implementation. Fix potential source of NullPointerException. Change-Id: I3a715a023223b596e8a0979f0e0d381511fca32d Issue-ID: AAF-529 Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
2018-10-01Fix aaf-cadi-master-release-version-java-daily jobLee, Tian (tl5884)1-17/+19
Job is failing because aaf-cadi-aaf version 2.1.2 cannot be found in the release repository. Change-Id: I1f339401e514c93b5311d9c995832b12a5983631 Issue-ID: AAF-528 Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
2018-09-27Fix version.properties line endingsRavi Geda3-61/+35
The docker jobs are failing when reading the version.properties. Also. remove unused version.properties under sub modules Change-Id: If2940ac3a158e8c0bfba7fcb34ca241838a34597 Issue-ID: AAI-1689 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-09-26Fix failing jenkins jobsRavi Geda4-33/+10
The docker java daily job is hanging when it tries to build the image. Add rproxy and tproxy-config as submodules to sidecar. Align the groupid of sidecar pom. Change-Id: Idb24459b9eae43dbbef39b4a14b6167762fa126f Issue-ID: AAI-1676 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-09-25Merge "Initial drop of rProxy code"Jonathan Gathman37-0/+2321
2018-09-25Merge "Initial drop of tproxy-config init container"Jonathan Gathman5-0/+187
2018-09-24Initial drop of rProxy codeLee, Tian (tl5884)37-0/+2321
The Reverse Proxy sidecar is used to separate the responsibility of authentication and authorization away from the primary microservice. In conjunction with the Forward Proxy sidecar, it is responsible for controlling access to the REST URL endpoints exposed by the primary microservice, and propogating security credentials to downstream microservices. Change-Id: I5d80429e5422d7b3937cde73ac10c2ec00d264e8 Issue-ID: AAI-1604 Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
2018-09-20Initial drop of tproxy-config init containerBlackwell, Ian (ib733q)5-0/+187
The tproxy-config init container sets up a pod's internal network routing such that any traffic outbound from the primary service is routed through the forward proxy. Change-Id: Ieca438fbed07db5fe7bce6162811634237c61b2a Issue-ID: AAI-1664 Signed-off-by: Blackwell, Ian (ib733q) <ib733q@att.com>
2018-09-20Add forward proxy codeRavi Geda25-0/+1361
Add a maven module called sidecar to cadi. Add forward proxy as a maven module to sidecar. Note that though sidecar is a module of cadi it does not inherit from cadi's pom. Change-Id: I617ecb1a66a3cbdd3f03287f28c6527693c6dfc6 Issue-ID: AAI-1603 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-09-07Shiro mixed versionInstrumental1-3/+3
Issue-ID: AAF-420 Change-Id: I1b2015a75f0760a507e7ef46573c5aa3b91d77b5 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-09-07Cadi Build ReleaseInstrumental2-13/+16
Issue-ID: AAF-420 Change-Id: I62029d418c5055281957bee87ab2af5f290bbc76 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-09-07Merge "Use managed guava version"Jonathan Gathman1-3/+3
2018-09-05Clean Sonar project nameGildas Lanilis1-1/+1
Update <name> to match to the repo name. Change-Id: Ia98e50a9f6668910a9bc52b8eed904a30142b620 Issue-ID: CIMAN-202 Signed-off-by: Gildas Lanilis <gildas.lanilis@huawei.com>
2018-08-27Use managed guava versionGary Wu1-3/+3
Use centrally managed guava version specified in oparent. Includes upgrade to oparent 1.2.0. This change was submitted by script and may include additional whitespace or formatting changes. Change-Id: I44a95ff149d7ff86452e4b86e4ca522c306e8499 Issue-ID: INT-619 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
2018-08-20PTLInstrumental1-3/+3
Issue-ID: AAF-419 Change-Id: I312efd03230fc6d1e931be97f77ce94ee60dfe28 Signed-off-by: Instrumental <jonathan.gathman@att.com>
2018-08-08Sonar fixes related to exceptionsMaciej Wejs3-4/+6
Fixes in aaf-cadi-aaf module This one is related to ticket in main repo Change-Id: I1eeaba545d9cc3b3c07ba53ec12500cdb5567742 Issue-ID: AAF-396 Signed-off-by: Maciej Wejs <maciej.wejs@nokia.com>
2018-07-02Moving Shiro modules to cadi repoSai Gandham13-322/+1153
Issue-ID: AAF-380 Change-Id: If1029a16958335277ff38cdbe5662b0a14ea439f Signed-off-by: Sai Gandham <sg481n@att.com>
2018-05-24Add INFO.yaml file2.0.0-ONAPbeijing2.0.0-ONAPJessica Wagantall1-0/+52
Add INFO.yaml to list: - Project description - Properties - PTL information - Meeting information - Committer information Change-Id: I9c2813390d3bbf199652774ddb664957a3c7efa7 Issue-ID: CIMAN-134 Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
2018-03-26Remove Code from cadi, it is now in authzInstrumental246-33243/+0
Issue-ID: AAF-193 Change-Id: Ib7abdb15ba8a7445a3875cf8c6bb48b7d563f424 Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
2018-03-23Add Notice of aaf/cadi source moving to aaf/authzinstrumental1-0/+1
Issue-ID: AAF-191 Change-Id: Ic91bca4f3b46f93a2af7278b9f859ba16c8d53d1 Signed-off-by: instrumental <jcgmisc@stl.gathman.org>
2018-03-15Upgrade to latest oparentAmsterdamGildas Lanilis1-1/+1
Update pom.xml file to latest version release of oparent, 1.1.0 Change-Id: I9b0586c764b27d5a80ebe2bca390671551b11dc6 Issue-ID: INT-443 Signed-off-by: Gildas Lanilis <gildas.lanilis@huawei.com>