From 54668628a12b389d40853c58330977a70bd4795d Mon Sep 17 00:00:00 2001 From: Jimmy Forsyth Date: Mon, 5 Aug 2019 12:01:16 -0400 Subject: Disable non-workflow mS in helm charts Issue-ID: AAI-2558 Signed-off-by: Jimmy Forsyth Change-Id: I06b4049b2e5c0bae734b4619abd6298a99ae2a11 --- .../resources/rproxy/config/auth/client-cert.p12 | Bin 0 -> 4291 bytes .../resources/rproxy/config/auth/org.onap.aai.p12 | Bin 0 -> 4158 bytes .../resources/rproxy/config/auth/tomcat_keystore | Bin 0 -> 4943 bytes .../rproxy/config/auth/uri-authorization.json | 99 +++++++++++++++++++++ 4 files changed, 99 insertions(+) create mode 100644 components/aai-resources/resources/rproxy/config/auth/client-cert.p12 create mode 100644 components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 create mode 100644 components/aai-resources/resources/rproxy/config/auth/tomcat_keystore create mode 100644 components/aai-resources/resources/rproxy/config/auth/uri-authorization.json (limited to 'components/aai-resources/resources/rproxy/config/auth') diff --git a/components/aai-resources/resources/rproxy/config/auth/client-cert.p12 b/components/aai-resources/resources/rproxy/config/auth/client-cert.p12 new file mode 100644 index 0000000..071d407 Binary files /dev/null and b/components/aai-resources/resources/rproxy/config/auth/client-cert.p12 differ diff --git a/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 b/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 new file mode 100644 index 0000000..023e2ea Binary files /dev/null and b/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 differ diff --git a/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore b/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore new file mode 100644 index 0000000..6ad5f51 Binary files /dev/null and b/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore differ diff --git a/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json b/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json new file mode 100644 index 0000000..e23c03d --- /dev/null +++ b/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json @@ -0,0 +1,99 @@ +[ + { + "uri": "\/not\/allowed\/at\/all$", + "permissions": [ + "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt" + ] + }, + { + "uri": "\/one\/auth\/required$", + "permissions": [ + "test.auth.access.aSimpleSingleAuth" + ] + }, + { + "uri": "\/multi\/auth\/required$", + "permissions": [ + "test.auth.access.aMultipleAuth1", + "test.auth.access.aMultipleAuth2", + "test.auth.access.aMultipleAuth3" + ] + }, + { + "uri": "\/one\/[^\/]+\/required$", + "permissions": [ + "test.auth.access.aSimpleSingleAuth" + ] + }, + { + "uri": "\/services\/getAAFRequest$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/admin\/getAAFRequest$", + "permissions": [ + "test.auth.access|admin|GET,PUT,POST" + ] + }, + { + "uri": "\/service\/aai\/webapp\/index.html$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/services\/aai\/webapp\/index.html$", + "permissions": [ + "test.auth.access|services|GET,PUT" + ] + }, + { + "uri": "\/$", + "permissions": [ + "\\|services\\|GET", + "test\\.auth\\.access\\|services\\|GET,PUT" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$", + "permissions": [ + "test\\.auth\\.access\\|rest\\|read" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*", + "permissions": [ + "test.auth.access|clouds|read", + "test.auth.access|tenants|read" + ] + }, + { + "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$", + "permissions": [ + "test.auth.access|clouds|read", + "test.auth.access|tenants|read", + "test.auth.access|vservers|read" + ] + }, + { + "uri": "\/backend$", + "permissions": [ + "test\\.auth\\.access\\|services\\|GET,PUT", + "\\|services\\|GET" + ] + }, + { + "uri": "\/aai\/.*", + "permissions": [ + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] + }, + { + "uri": "\/aai\/util\/echo", + "permissions": [ + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] + } +] -- cgit 1.2.3-korg