diff options
author | gaurav <gaurav.agrawal@huawei.com> | 2018-09-11 14:59:59 +0530 |
---|---|---|
committer | gaurav <gaurav.agrawal@huawei.com> | 2018-09-11 14:59:59 +0530 |
commit | 72e46e2c1d7ab69503a26a545ed7ef1a49f2fb43 (patch) | |
tree | fac7e3952ca15ae7ea3eb33bb8073330d9c4a19c | |
parent | c8a20b7cdc2b563e1ea86a9e25f4ac0e748995f9 (diff) |
Fixed security issue of Restconf Client
Removed the spring dependencies as they are not required.
Change-Id: I4a95a26d5a615897527dbe543d938459c1651081
Issue-ID: CCSDK-444
Signed-off-by: Gaurav Agrawal <gaurav.agrawal@huawei.com>
5 files changed, 127 insertions, 259 deletions
diff --git a/restconf-client/features/src/main/resources/features.xml b/restconf-client/features/src/main/resources/features.xml deleted file mode 100644 index c07cddffb..000000000 --- a/restconf-client/features/src/main/resources/features.xml +++ /dev/null @@ -1,38 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - * ============LICENSE_START======================================================= - * ONAP - CCSDK - * ================================================================================ - * Copyright (C) 2018 Huawei Technologies Co., Ltd. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - --> - - -<features name="sdnc-restconf-client-${project.version}" - xmlns="http://karaf.apache.org/xmlns/features/v1.2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://karaf.apache.org/xmlns/features/v1.2.0 http://karaf.apache.org/xmlns/features/v1.2.0"> - - <repository>mvn:org.opendaylight.mdsal/features-mdsal/${odl.mdsal.features.version}/xml/features</repository> - - <feature name='sdnc-restconf-client' description="sdnc-restconf-client" - version='${project.version}'> - <feature>sdnc-sli</feature> - <feature>spring</feature> - <feature>spring-dm</feature> - <bundle>mvn:org.onap.ccsdk.sli.plugins/properties-node-provider/0.3.0-SNAPSHOT</bundle> - <bundle>mvn:org.onap.ccsdk.sli.plugins/restconf-client-provider/0.3.0-SNAPSHOT</bundle> - </feature> - -</features> diff --git a/restconf-client/installer/pom.xml b/restconf-client/installer/pom.xml index ee632d434..b28cefde9 100755 --- a/restconf-client/installer/pom.xml +++ b/restconf-client/installer/pom.xml @@ -1,148 +1,142 @@ <?xml version="1.0" encoding="UTF-8"?> -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.onap.ccsdk.parent</groupId> - <artifactId>odlparent-lite</artifactId> - <version>1.1.0-SNAPSHOT</version> - </parent> + <parent> + <groupId>org.onap.ccsdk.parent</groupId> + <artifactId>odlparent-lite</artifactId> + <version>1.1.0-SNAPSHOT</version> + </parent> - <groupId>org.onap.ccsdk.sli.plugins</groupId> - <artifactId>restconf-client-installer</artifactId> - <version>0.3.0-SNAPSHOT</version> - <packaging>pom</packaging> + <groupId>org.onap.ccsdk.sli.plugins</groupId> + <artifactId>restconf-client-installer</artifactId> + <version>0.3.0-SNAPSHOT</version> + <packaging>pom</packaging> - <name>ccsdk-sli-plugins :: restconf-client :: ${project.artifactId}</name> + <name>ccsdk-sli-plugins :: restconf-client :: ${project.artifactId}</name> - <properties> - <application.name>ccsdk-restconf-client</application.name> - <features.boot>${application.name}</features.boot> - <features.repositories>mvn:org.onap.ccsdk.sli.plugins/${features.boot}/${project.version}/xml/features</features.repositories> - <include.transitive.dependencies>false</include.transitive.dependencies> - </properties> + <properties> + <application.name>ccsdk-restconf-client</application.name> + <features.boot>${application.name}</features.boot> + <features.repositories>mvn:org.onap.ccsdk.sli.plugins/${features.boot}/${project.version}/xml/features + </features.repositories> + <include.transitive.dependencies>false</include.transitive.dependencies> + </properties> - <dependencies> + <dependencies> - <dependency> - <groupId>org.onap.ccsdk.sli.plugins</groupId> - <artifactId>${application.name}</artifactId> - <version>${project.version}</version> - <type>xml</type> - <classifier>features</classifier> - <exclusions> - <exclusion> - <groupId>*</groupId> - <artifactId>*</artifactId> - </exclusion> - </exclusions> - </dependency> - - <dependency> - <groupId>org.onap.ccsdk.sli.plugins</groupId> - <artifactId>restconf-client-provider</artifactId> - <version>${project.version}</version> - </dependency> <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-beans</artifactId> + <groupId>org.onap.ccsdk.sli.plugins</groupId> + <artifactId>${application.name}</artifactId> + <version>${project.version}</version> + <type>xml</type> + <classifier>features</classifier> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> </dependency> + <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-context</artifactId> + <groupId>org.onap.ccsdk.sli.plugins</groupId> + <artifactId>restconf-client-provider</artifactId> + <version>${project.version}</version> </dependency> - </dependencies> + </dependencies> - <build> - <plugins> - <plugin> - <artifactId>maven-assembly-plugin</artifactId> - <version>2.6</version> - <executions> - <execution> - <id>maven-repo-zip</id> - <goals> - <goal>single</goal> - </goals> - <phase>package</phase> - <configuration> - <attach>true</attach> - <finalName>stage/${application.name}-${project.version}</finalName> - <descriptors> - <descriptor>src/assembly/assemble_mvnrepo_zip.xml</descriptor> - </descriptors> - <appendAssemblyId>true</appendAssemblyId> - </configuration> - </execution> - <execution> - <id>installer-zip</id> - <goals> - <goal>single</goal> - </goals> - <phase>package</phase> - <configuration> - <attach>true</attach> - <finalName>${application.name}-${project.version}-installer</finalName> - <descriptors> - <descriptor>src/assembly/assemble_installer_zip.xml</descriptor> - </descriptors> - <appendAssemblyId>false</appendAssemblyId> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <goals> - <goal>copy-dependencies</goal> - </goals> - <phase>prepare-package</phase> - <configuration> - <transitive>false</transitive> - <outputDirectory>${project.build.directory}/assembly/system</outputDirectory> - <overWriteReleases>false</overWriteReleases> - <overWriteSnapshots>true</overWriteSnapshots> - <overWriteIfNewer>true</overWriteIfNewer> - <useRepositoryLayout>true</useRepositoryLayout> - <addParentPoms>false</addParentPoms> - <copyPom>false</copyPom> - <excludeGroupIds>org.onap.ccsdk.sli.core</excludeGroupIds> - <scope>provided</scope> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <artifactId>maven-resources-plugin</artifactId> - <version>2.6</version> - <executions> - <execution> - <id>copy-version</id> - <goals> - <goal>copy-resources</goal> - </goals><!-- here the phase you need --> - <phase>validate</phase> - <configuration> - <outputDirectory>${basedir}/target/stage</outputDirectory> - <resources> - <resource> - <directory>src/main/resources/scripts</directory> - <includes> - <include>install-feature.sh</include> - </includes> - <filtering>true</filtering> - </resource> - </resources> - </configuration> - </execution> + <build> + <plugins> + <plugin> + <artifactId>maven-assembly-plugin</artifactId> + <version>2.6</version> + <executions> + <execution> + <id>maven-repo-zip</id> + <goals> + <goal>single</goal> + </goals> + <phase>package</phase> + <configuration> + <attach>true</attach> + <finalName>stage/${application.name}-${project.version}</finalName> + <descriptors> + <descriptor>src/assembly/assemble_mvnrepo_zip.xml</descriptor> + </descriptors> + <appendAssemblyId>true</appendAssemblyId> + </configuration> + </execution> + <execution> + <id>installer-zip</id> + <goals> + <goal>single</goal> + </goals> + <phase>package</phase> + <configuration> + <attach>true</attach> + <finalName>${application.name}-${project.version}-installer</finalName> + <descriptors> + <descriptor>src/assembly/assemble_installer_zip.xml</descriptor> + </descriptors> + <appendAssemblyId>false</appendAssemblyId> + </configuration> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-dependency-plugin</artifactId> + <executions> + <execution> + <id>copy-dependencies</id> + <goals> + <goal>copy-dependencies</goal> + </goals> + <phase>prepare-package</phase> + <configuration> + <transitive>false</transitive> + <outputDirectory>${project.build.directory}/assembly/system</outputDirectory> + <overWriteReleases>false</overWriteReleases> + <overWriteSnapshots>true</overWriteSnapshots> + <overWriteIfNewer>true</overWriteIfNewer> + <useRepositoryLayout>true</useRepositoryLayout> + <addParentPoms>false</addParentPoms> + <copyPom>false</copyPom> + <excludeGroupIds>org.onap.ccsdk.sli.core</excludeGroupIds> + <scope>provided</scope> + </configuration> + </execution> + </executions> + </plugin> + <plugin> + <artifactId>maven-resources-plugin</artifactId> + <version>2.6</version> + <executions> + <execution> + <id>copy-version</id> + <goals> + <goal>copy-resources</goal> + </goals><!-- here the phase you need --> + <phase>validate</phase> + <configuration> + <outputDirectory>${basedir}/target/stage</outputDirectory> + <resources> + <resource> + <directory>src/main/resources/scripts</directory> + <includes> + <include>install-feature.sh</include> + </includes> + <filtering>true</filtering> + </resource> + </resources> + </configuration> + </execution> - </executions> - </plugin> + </executions> + </plugin> - </plugins> - </build> + </plugins> + </build> </project> diff --git a/restconf-client/provider/pom.xml b/restconf-client/provider/pom.xml index 099412642..c063c9bd1 100755 --- a/restconf-client/provider/pom.xml +++ b/restconf-client/provider/pom.xml @@ -23,14 +23,6 @@ <dependencies> <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-beans</artifactId> - </dependency> - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-context</artifactId> - </dependency> - <dependency> <groupId>org.glassfish.jersey.media</groupId> <artifactId>jersey-media-sse</artifactId> <version>${glassfish.version}</version> diff --git a/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-context.xml b/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-context.xml deleted file mode 100644 index f99f4f843..000000000 --- a/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-context.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!-- - * ============LICENSE_START======================================================= - * ONAP - CCSDK - * ================================================================================ - * Copyright (C) 2018 Huawei Technologies Co., Ltd. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - --> - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> - <property name="locations"> - <list> - <value>file:${SDNC_CONFIG_DIR}/ueb.properties</value> - <value>file:${SDNC_CONFIG_DIR}/dme2.properties</value> - </list> - </property> - <property name="ignoreResourceNotFound" value="true" /> - <property name="ignoreUnresolvablePlaceholders" value="true" /> - </bean> - - <!-- context:property-placeholder location="file:${SDNC_CONFIG_DIR}/ueb.properties" /--> - - <bean id="restconfApiCallNode" class="org.onap.ccsdk.sli.plugins.restconfapicall.RestconfApiCallNode"> - <property name="uebServers" value="${servers}" /> - </bean> - - <bean id="restconfDiscoveryNode" class="org.onap.ccsdk.sli.plugins.restconfdiscovery.RestconfDiscoveryNode"> - <property name="restconfApiCallNode" ref="restconfApiCallNode" /> - </bean> - -</beans> diff --git a/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-osgi-context.xml b/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-osgi-context.xml deleted file mode 100644 index 5a9f22bed..000000000 --- a/restconf-client/provider/src/main/resources/META-INF/spring/restconf-client-osgi-context.xml +++ /dev/null @@ -1,32 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - * ============LICENSE_START======================================================= - * ONAP - CCSDK - * ================================================================================ - * Copyright (C) 2018 Huawei Technologies Co., Ltd. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - --> - -<beans:beans xmlns="http://www.springframework.org/schema/osgi" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans" - xsi:schemaLocation="http://www.springframework.org/schema/osgi - http://www.springframework.org/schema/osgi/spring-osgi.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <service ref="restconfApiCallNode" interface="org.onap.ccsdk.sli.plugins.restconfapicall.RestconfApiCallNode" /> - <service ref="restconfDiscoveryNode" interface="org.onap.ccsdk.sli.plugins.restconfdiscovery.RestconfDiscoveryNode" /> - -</beans:beans> |