diff options
author | Julien Fontaine <julien.fontaine@bell.ca> | 2020-04-13 16:42:36 -0400 |
---|---|---|
committer | Julien Fontaine <julien.fontaine@bell.ca> | 2020-04-21 13:57:31 -0400 |
commit | 8a2eb4ae98beb70eac4e5fa4bb2e786c6a9513d2 (patch) | |
tree | d953dcfa97e409332553d58759beb34ae3efa7a7 /ms/blueprintsprocessor/application/src/main | |
parent | 6e7cbbbc4668c9d37d44bab6625ab7275043eb72 (diff) |
Secure Kafka Authentication
Implementation of kafka secure authentication :
- SSL
- SASL(SCRAM) & SSL
Issue-ID: CCSDK-2313
Change-Id: I4b2fc7abab7478e360ebf461608a620d75708f54
Signed-off-by: Julien Fontaine <julien.fontaine@bell.ca>
Diffstat (limited to 'ms/blueprintsprocessor/application/src/main')
-rwxr-xr-x | ms/blueprintsprocessor/application/src/main/resources/application-dev.properties | 12 | ||||
-rwxr-xr-x | ms/blueprintsprocessor/application/src/main/resources/application.properties | 43 |
2 files changed, 41 insertions, 14 deletions
diff --git a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties index ad38883f7..bf5e23bc9 100755 --- a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties +++ b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties @@ -131,19 +131,31 @@ blueprintsprocessor.messageconsumer.self-service-api.groupId=receiver-id blueprintsprocessor.messageconsumer.self-service-api.topic=receiver.t blueprintsprocessor.messageconsumer.self-service-api.clientId=request-receiver-client-id blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 +#### Security settings +#### SSL +#blueprintsprocessor.messageconsumer.self-service-api.truststore=/path/to/truststore.jks +#blueprintsprocessor.messageconsumer.self-service-api.truststorePassword=truststorePassword +#blueprintsprocessor.messageconsumer.self-service-api.keystore=/path/to/keystore.jks +#blueprintsprocessor.messageconsumer.self-service-api.keystorePassword=keystorePassword +#### SCRAM +#blueprintsprocessor.messageconsumer.self-service-api.scramUsername=test-user +#blueprintsprocessor.messageconsumer.self-service-api.scramPassword=testUserPassword # Kafka audit service Configurations +## Audit request blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false blueprintsprocessor.messageproducer.self-service-api.audit.request.type=kafka-basic-auth blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers=127.0.0.1:9092 blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId=audit-request-producer-client-id blueprintsprocessor.messageproducer.self-service-api.audit.request.topic=audit-request-producer.t +## Audit response blueprintsprocessor.messageproducer.self-service-api.audit.response.type=kafka-basic-auth blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers=127.0.0.1:9092 blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId=audit-response-producer-client-id blueprintsprocessor.messageproducer.self-service-api.audit.response.topic=audit-response-producer.t + # Message prioritization kakfa properties, Enable if Prioritization service is needed # Deploy message-prioritization function along with blueprintsprocessor application. #blueprintsprocessor.messageconsumer.prioritize-input.type=kafka-streams-basic-auth diff --git a/ms/blueprintsprocessor/application/src/main/resources/application.properties b/ms/blueprintsprocessor/application/src/main/resources/application.properties index 74549b0ae..6fb737edc 100755 --- a/ms/blueprintsprocessor/application/src/main/resources/application.properties +++ b/ms/blueprintsprocessor/application/src/main/resources/application.properties @@ -103,20 +103,35 @@ blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-tr blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json -# Kafka-message-lib Configuration -blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false -blueprintsprocessor.messageconsumer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers=127.0.0.1:9092 -blueprintsprocessor.messageconsumer.self-service-api.topic=receiver.t -blueprintsprocessor.messageconsumer.self-service-api.groupId=receiver-id -blueprintsprocessor.messageconsumer.self-service-api.clientId=default-client-id -blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 - -blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=127.0.0.1:9092 -blueprintsprocessor.messageproducer.self-service-api.clientId=default-client-id -blueprintsprocessor.messageproducer.self-service-api.topic=producer.t - +# Kafka audit service Configurations +## Audit request +blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false +blueprintsprocessor.messageproducer.self-service-api.audit.request.type=kafka-basic-auth +blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers=127.0.0.1:9092 +blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId=audit-request-producer-client-id +blueprintsprocessor.messageproducer.self-service-api.audit.request.topic=audit-request-producer.t +#### Security settings +#### SSL +#blueprintsprocessor.messageproducer.self-service-api.audit.request.truststore=/path/to/truststore.jks +#blueprintsprocessor.messageproducer.self-service-api.audit.request.truststorePassword=truststorePassword +#blueprintsprocessor.messageproducer.self-service-api.audit.request.keystore=/path/to/keystore.jks +#blueprintsprocessor.messageproducer.self-service-api.audit.request.keystorePassword=keystorePassword +#### SCRAM +#blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername=test-user +#blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=testUserPassword + +## Audit response +blueprintsprocessor.messageproducer.self-service-api.audit.response.type=kafka-basic-auth +blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers=127.0.0.1:9092 +blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId=audit-response-producer-client-id +blueprintsprocessor.messageproducer.self-service-api.audit.response.topic=audit-response-producer.t + +# Message prioritization kakfa properties, Enable if Prioritization service is needed +# Deploy message-prioritization function along with blueprintsprocessor application. +#blueprintsprocessor.messageconsumer.prioritize-input.type=kafka-streams-basic-auth +#blueprintsprocessor.messageconsumer.prioritize-input.bootstrapServers=127.0.0.1:9092 +#blueprintsprocessor.messageconsumer.prioritize-input.applicationId=cds-controller +#blueprintsprocessor.messageconsumer.prioritize-input.topic=prioritize-input-topic blueprintprocessor.remoteScriptCommand.enabled=true |