diff options
author | Tomasz Wrobel <tomasz.wrobel@nokia.com> | 2022-05-13 09:01:26 +0200 |
---|---|---|
committer | Tomasz Wrobel <tomasz.wrobel@nokia.com> | 2022-07-06 06:09:50 +0200 |
commit | 5da97dc829f00e8549ccf5617b434aa911578d8b (patch) | |
tree | fb0a293b051a7f2e46ea736356cd6edf98a9371d /datafile-app-server | |
parent | 7fdc015b330cf36d4a272af7e9ce31f60248bfd6 (diff) |
Make TLS connection optional1.8.0
Issue-ID: DCAEGEN2-3039
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: Id637ba17c655407009a4f40f6c93f518b99e45ff
Diffstat (limited to 'datafile-app-server')
11 files changed, 331 insertions, 21 deletions
diff --git a/datafile-app-server/pom.xml b/datafile-app-server/pom.xml index c8a0e648..14620ed1 100644 --- a/datafile-app-server/pom.xml +++ b/datafile-app-server/pom.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- ~ ============LICENSE_START======================================================= - ~ Copyright (C) 2018-2022 NOKIA Intellectual Property. All rights reserved. + ~ Copyright (C) 2018-2022 Nokia. All rights reserved. ~ Copyright (C) 2018-2021 Nordix Foundation. All rights reserved. ~ Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. ~ Copyright (c) 2021 Samsung Electronics. All rights reserved. @@ -27,7 +27,7 @@ <parent> <groupId>org.onap.dcaegen2.collectors</groupId> <artifactId>datafile</artifactId> - <version>1.7.1-SNAPSHOT</version> + <version>1.8.0-SNAPSHOT</version> </parent> <groupId>org.onap.dcaegen2.collectors.datafile</groupId> @@ -149,6 +149,12 @@ <scope>test</scope> </dependency> <dependency> + <groupId>org.junit.vintage</groupId> + <artifactId>junit-vintage-engine</artifactId> + <version>5.7.0</version> + <scope>test</scope> + </dependency> + <dependency> <groupId>org.testng</groupId> <artifactId>testng</artifactId> <scope>test</scope> diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfig.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfig.java index f11a85a0..0691d721 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfig.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfig.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018, 2020-2021 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. - * All rights reserved. + * Copyright (C) 2018, 2020-2022 Nokia. All rights reserved. + * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -234,6 +234,10 @@ public class AppConfig { this.certificateConfiguration = certificateConfig; this.sftpConfiguration = sftpConfig; + if (!certificateConfig.enableCertAuth()) { + logger.debug("External TLS certificate disabled, skipping setup HTTPS client"); + return; + } HttpsClientConnectionManagerUtil.setupOrUpdate(certificateConfig.keyCert(), certificateConfig.keyPasswordPath(), certificateConfig.trustedCa(), certificateConfig.trustedCaPasswordPath(), certificateConfig.httpsHostnameVerify()); diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CertificateConfig.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CertificateConfig.java index 78be36d3..668fcc77 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CertificateConfig.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CertificateConfig.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2018-2021 NOKIA Intellectual Property, 2019 Nordix Foundation. All rights reserved. + * Copyright (C) 2018-2022 Nokia. All rights reserved. + * Copyright (C) 2019 Nordix Foundation. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,4 +51,7 @@ public abstract class CertificateConfig implements Serializable { @Value.Parameter public abstract Boolean httpsHostnameVerify(); + + @Value.Parameter + public abstract Boolean enableCertAuth(); } diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java index 025166c2..db811fac 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2018, 2020-2021 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. - * All rights reserved. + * Copyright (C) 2018, 2020-2022 Nokia. All rights reserved. + * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,6 +48,8 @@ import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeys; import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeysStore; import org.onap.dcaegen2.services.sdk.security.ssl.Passwords; import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * Parses the cloud configuration. @@ -74,6 +76,8 @@ public class CloudConfigParser { private static final int EXPECTED_NUMBER_OF_SOURCE_TOPICS = 1; private static final int FIRST_SOURCE_INDEX = 0; + private static final Logger logger = LoggerFactory.getLogger(CloudConfigParser.class); + private final Properties systemEnvironment; private final JsonObject jsonObject; @@ -103,10 +107,10 @@ public class CloudConfigParser { .publishUrl(getAsString(feedConfig, "publish_url")) // .password(getAsString(feedConfig, "password")) // .userName(getAsString(feedConfig, "username")) // - .trustStorePath(getAsString(jsonObject, DMAAP_SECURITY_TRUST_STORE_PATH)) // - .trustStorePasswordPath(getAsString(jsonObject, DMAAP_SECURITY_TRUST_STORE_PASS_PATH)) // - .keyStorePath(getAsString(jsonObject, DMAAP_SECURITY_KEY_STORE_PATH)) // - .keyStorePasswordPath(getAsString(jsonObject, DMAAP_SECURITY_KEY_STORE_PASS_PATH)) // + .trustStorePath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_TRUST_STORE_PATH,"")) // + .trustStorePasswordPath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_TRUST_STORE_PASS_PATH, "")) // + .keyStorePath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_KEY_STORE_PATH,"")) // + .keyStorePasswordPath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_KEY_STORE_PASS_PATH,"")) // .enableDmaapCertAuth(get(jsonObject, DMAAP_SECURITY_ENABLE_DMAAP_CERT_AUTH).getAsBoolean()) // .changeIdentifier(changeIdentifier) // .logUrl(getAsString(feedConfig, "log_url")) // @@ -189,12 +193,38 @@ public class CloudConfigParser { * @throws DatafileTaskException if a member of the configuration is missing. */ public @NotNull CertificateConfig getCertificateConfig() throws DatafileTaskException { + boolean enableCertAuth = getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.enableCertAuth", + Boolean.TRUE); + + String keyCert = ""; + String keyPasswordPath = ""; + String trustedCa = ""; + String trustedCaPasswordPath = ""; + boolean httpsHostnameVerify = true; + + if (enableCertAuth) { + logger.debug("TlS enabled, attempt to read certificates property"); + try { + keyCert = getAsString(jsonObject, "dmaap.certificateConfig.keyCert"); + keyPasswordPath = getAsString(jsonObject, "dmaap.certificateConfig.keyPasswordPath"); + trustedCa = getAsString(jsonObject, "dmaap.certificateConfig.trustedCa"); + trustedCaPasswordPath = getAsString(jsonObject, "dmaap.certificateConfig.trustedCaPasswordPath"); + httpsHostnameVerify = getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.httpsHostnameVerify", + Boolean.TRUE); + } catch (DatafileTaskException e) { + throw new DatafileTaskException( + "Wrong configuration. External certificate enabled but configs are missing: " + + e.getMessage()); + } + } + return new ImmutableCertificateConfig.Builder() // - .keyCert(getAsString(jsonObject, "dmaap.certificateConfig.keyCert")) - .keyPasswordPath(getAsString(jsonObject, "dmaap.certificateConfig.keyPasswordPath")) - .trustedCa(getAsString(jsonObject, "dmaap.certificateConfig.trustedCa")) - .trustedCaPasswordPath(getAsString(jsonObject, "dmaap.certificateConfig.trustedCaPasswordPath")) // - .httpsHostnameVerify(getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.httpsHostnameVerify", Boolean.TRUE)) + .keyCert(keyCert) + .keyPasswordPath(keyPasswordPath) + .trustedCa(trustedCa) + .trustedCaPasswordPath(trustedCaPasswordPath) // + .httpsHostnameVerify(httpsHostnameVerify) + .enableCertAuth(enableCertAuth) .build(); } @@ -219,6 +249,15 @@ public class CloudConfigParser { return get(obj, memberName).getAsString(); } + private static String getAsOptionalStringOrDefault(JsonObject obj, String memberName, String def) { + try { + return get(obj, memberName).getAsString(); + } catch (DatafileTaskException e) { + return def; + } + } + + private static @NotNull Boolean getAsBoolean(JsonObject obj, String memberName) throws DatafileTaskException { return get(obj, memberName).getAsBoolean(); } diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java index 70380437..0df57a2c 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START====================================================================== * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. - * Copyright (C) 2020-2021 Nokia. All rights reserved. + * Copyright (C) 2020-2022 Nokia. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -175,8 +175,11 @@ public class FileCollector { new SftpClientSettings(datafileAppConfig.getSftpConfiguration())); } - protected FtpesClient createFtpesClient(FileData fileData) { + protected FtpesClient createFtpesClient(FileData fileData) throws DatafileTaskException { CertificateConfig config = datafileAppConfig.getCertificateConfiguration(); + if (!config.enableCertAuth()) { + throw new DatafileTaskException("FTPES error: TLS connection is disabled"); + } return new FtpesClient(fileData.fileServerData(), Paths.get(config.keyCert()), config.keyPasswordPath(), Paths.get(config.trustedCa()), config.trustedCaPasswordPath()); } @@ -186,6 +189,9 @@ public class FileCollector { } protected FileCollectClient createHttpsClient(FileData fileData) throws DatafileTaskException { + if (!datafileAppConfig.getCertificateConfiguration().enableCertAuth()) { + throw new DatafileTaskException("HTTPS error: TLS connection is disabled"); + } return new DfcHttpsClient(fileData.fileServerData(), HttpsClientConnectionManagerUtil.instance()); } } diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java index 839a9a18..3c940297 100644 --- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java +++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018, 2020-2021 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. - * All rights reserved. + * Copyright (C) 2018, 2020-2022 Nokia. All rights reserved. + * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -91,6 +91,7 @@ class AppConfigTest { .trustedCa("/src/test/resources/cert.jks") // .trustedCaPasswordPath("/src/test/resources/cert.jks.pass") // .httpsHostnameVerify(true) + .enableCertAuth(true) .build(); private AppConfig appConfigUnderTest; @@ -129,6 +130,19 @@ class AppConfigTest { } @Test + void shouldInitializeApplicationWithoutCertificates() throws IOException { + // When + doReturn(getCorrectConfigWithoutTLS()).when(appConfigUnderTest).createInputStream(any()); + appConfigUnderTest.initialize(); + + // Then + verify(appConfigUnderTest, times(1)).loadConfigurationFromFile(); + + CertificateConfig certificateConfig = appConfigUnderTest.getCertificateConfiguration(); + assertThat(certificateConfig).isNotNull(); + } + + @Test void whenTheConfigurationFits_twoProducers() throws IOException, DatafileTaskException { // When doReturn(getCorrectJsonTwoProducers()).when(appConfigUnderTest).createInputStream(any()); @@ -293,6 +307,12 @@ class AppConfigTest { return new ByteArrayInputStream((string.getBytes(StandardCharsets.UTF_8))); } + private static InputStream getCorrectConfigWithoutTLS() throws IOException { + URL url = CloudConfigParser.class.getClassLoader().getResource("datafile_test_config_no_tls.json"); + String string = Resources.toString(url, Charsets.UTF_8); + return new ByteArrayInputStream((string.getBytes(StandardCharsets.UTF_8))); + } + private static InputStream getCorrectJsonTwoProducers() throws IOException { URL url = CloudConfigParser.class.getClassLoader().getResource("datafile_endpoints_test_2producers.json"); String string = Resources.toString(url, Charsets.UTF_8); diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java new file mode 100644 index 00000000..e7ef7d79 --- /dev/null +++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java @@ -0,0 +1,78 @@ +/*- + * ============LICENSE_START====================================================================== + * Copyright (C) 2022 Nokia. All rights reserved. + * =============================================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * ============LICENSE_END======================================================================== + */ + +package org.onap.dcaegen2.collectors.datafile.configuration; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import org.junit.jupiter.api.Test; +import org.onap.dcaegen2.collectors.datafile.exceptions.DatafileTaskException; + +class CloudConfigParserTest { + + public static final String CONFIG_TLS_JSON = "src/test/resources/datafile_test_config_tls.json"; + public static final String CONFIG_NO_TLS_JSON = "src/test/resources/datafile_test_config_no_tls.json"; + public static final String INCORRECT_CERT_CONFIG_JSON = "src/test/resources/datafile_test_config_incorrect_cert_config.json"; + public static final String EXPECTED_EXCEPTION_MESSAGE = "Wrong configuration. External certificate enabled but configs are missing: Could not find member: dmaap.certificateConfig.keyCert"; + + @Test + public void shouldCorrectReadCertificateConfigWithTLS () throws IOException, DatafileTaskException { + + CloudConfigParser parser = getCloudConfigParser(CONFIG_TLS_JSON); + CertificateConfig certificateConfig = parser.getCertificateConfig(); + + assertEquals(true, certificateConfig.enableCertAuth()); + assertEquals("/src/test/resources/dfc.jks", certificateConfig.keyCert()); + assertEquals("/src/test/resources/dfc.jks.pass", certificateConfig.keyPasswordPath()); + assertEquals("/src/test/resources/cert.jks", certificateConfig.trustedCa()); + assertEquals("/src/test/resources/cert.jks.pass", certificateConfig.trustedCaPasswordPath()); + assertEquals(true, certificateConfig.httpsHostnameVerify()); + } + + @Test + public void shouldCorrectReadCertificateConfigWithoutTLS () throws IOException, DatafileTaskException { + CloudConfigParser parser = getCloudConfigParser(CONFIG_NO_TLS_JSON); + CertificateConfig certificateConfig = parser.getCertificateConfig(); + + assertEquals(false, certificateConfig.enableCertAuth()); + assertEquals("", certificateConfig.keyCert()); + assertEquals("", certificateConfig.keyPasswordPath()); + assertEquals("", certificateConfig.trustedCa()); + assertEquals("", certificateConfig.trustedCaPasswordPath()); + } + + @Test + public void shouldThrowExceptionWhenCertAuthIsEnabledButPathsPropertyIsMissing () throws IOException { + CloudConfigParser parser = getCloudConfigParser(INCORRECT_CERT_CONFIG_JSON); + + DatafileTaskException exception = assertThrows(DatafileTaskException.class, parser::getCertificateConfig); + assertTrue(exception.getMessage().contains(EXPECTED_EXCEPTION_MESSAGE)); + } + + private CloudConfigParser getCloudConfigParser(String configPath) throws IOException { + String jsonStr = Files.readString(Path.of(configPath)); + JsonObject jsonObject = JsonParser.parseString(jsonStr).getAsJsonObject(); + + return new CloudConfigParser(jsonObject,null); + } +} diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollectorTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollectorTest.java index ceb8a989..917055cf 100644 --- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollectorTest.java +++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollectorTest.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START====================================================================== * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. - * Copyright (C) 2020 Nokia. All rights reserved. + * Copyright (C) 2020-2022 Nokia. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -18,6 +18,7 @@ package org.onap.dcaegen2.collectors.datafile.tasks; import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.doThrow; @@ -197,6 +198,8 @@ public class FileCollectorTest { assertEquals(0, counters.getNoOfFailedHttpAttempts(),"failedHttpAttempts should have been 0"); } + + @Test public void whenSftpFile_returnCorrectResponse() throws Exception { FileCollector collectorUndetTest = spy(new FileCollector(appConfigMock, counters)); @@ -291,6 +294,38 @@ public class FileCollectorTest { } @Test + public void whenTlsDisabled_ThrowExceptionForHttpsFile() { + when(appConfigMock.getCertificateConfiguration().enableCertAuth()).thenReturn(false); + FileCollector collectorUndetTest = spy(new FileCollector(appConfigMock, counters)); + FileData fileData = createFileData(HTTPS_LOCATION, Scheme.HTTPS); + + StepVerifier.create(collectorUndetTest.collectFile(fileData, 3, Duration.ofSeconds(0), contextMap)) + .expectErrorMessage("Retries exhausted: 3/3") + .verify(); + + StepVerifier.create(collectorUndetTest.collectFile(fileData, 3, Duration.ofSeconds(0), contextMap)) + .consumeErrorWith(throwable -> + assertEquals("HTTPS error: TLS connection is disabled", throwable.getCause().getMessage())) + .verify(); + } + + @Test + public void whenTlsDisabled_ThrowExceptionForFtpesFile() { + when(appConfigMock.getCertificateConfiguration().enableCertAuth()).thenReturn(false); + FileCollector collectorUndetTest = spy(new FileCollector(appConfigMock, counters)); + FileData fileData = createFileData(FTPES_LOCATION, Scheme.FTPES); + + StepVerifier.create(collectorUndetTest.collectFile(fileData, 3, Duration.ofSeconds(0), contextMap)) + .expectErrorMessage("Retries exhausted: 3/3") + .verify(); + + StepVerifier.create(collectorUndetTest.collectFile(fileData, 3, Duration.ofSeconds(0), contextMap)) + .consumeErrorWith(throwable -> + assertEquals("FTPES error: TLS connection is disabled", throwable.getCause().getMessage())) + .verify(); + } + + @Test public void whenFtpesFileAlwaysFail_retryAndFail() throws Exception { FileCollector collectorUndetTest = spy(new FileCollector(appConfigMock, counters)); doReturn(ftpesClientMock).when(collectorUndetTest).createFtpesClient(any()); diff --git a/datafile-app-server/src/test/resources/datafile_test_config_incorrect_cert_config.json b/datafile-app-server/src/test/resources/datafile_test_config_incorrect_cert_config.json new file mode 100644 index 00000000..a282c5c7 --- /dev/null +++ b/datafile-app-server/src/test/resources/datafile_test_config_incorrect_cert_config.json @@ -0,0 +1,41 @@ +{ + "config": { + "dmaap.certificateConfig.enableCertAuth": true, + "dmaap.certificateConfig.keyCert.missing": "/src/test/resources/dfc.jks", + "dmaap.certificateConfig.keyPasswordPath": "/src/test/resources/dfc.jks.pass", + "dmaap.certificateConfig.trustedCa": "/src/test/resources/cert.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/src/test/resources/cert.jks.pass", + "dmaap.certificateConfig.httpsHostnameVerify": true, + "dmaap.security.trustStorePath": "src/test/resources/trust.jks", + "dmaap.security.trustStorePasswordPath": "src/test/resources/trust.pass", + "dmaap.security.keyStorePath": "src/test/resources/cert.jks", + "dmaap.security.keyStorePasswordPath": "src/test/resources/jks.pass", + "dmaap.security.enableDmaapCertAuth": "true", + "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12", + "dmaap.dmaapConsumerConfiguration.consumerId": "C12", + "dmaap.dmaapConsumerConfiguration.timeoutMs": 1000, + "sftp.security.strictHostKeyChecking": "false", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "CYE9fl40", + "location": "loc00", + "log_url": "https://localhost:3907/feedlog/1", + "publisher_id": "4.307dw", + "password": "izBJD8nLjawq0HMG", + "publish_url": "https://localhost:3907/publish/1" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://localhost:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + }, + "type": "message_router" + } + } + } +} + diff --git a/datafile-app-server/src/test/resources/datafile_test_config_no_tls.json b/datafile-app-server/src/test/resources/datafile_test_config_no_tls.json new file mode 100644 index 00000000..e51b5cd7 --- /dev/null +++ b/datafile-app-server/src/test/resources/datafile_test_config_no_tls.json @@ -0,0 +1,37 @@ +{ + "config": { + "dmaap.certificateConfig.enableCertAuth": false, + "dmaap.certificateConfig.httpsHostnameVerify": false, + "dmaap.security.trustStorePath": "src/test/resources/trust.jks", + "dmaap.security.trustStorePasswordPath": "src/test/resources/trust.pass", + "dmaap.security.keyStorePath": "src/test/resources/cert.jks", + "dmaap.security.keyStorePasswordPath": "src/test/resources/jks.pass", + "dmaap.security.enableDmaapCertAuth": "true", + "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12", + "dmaap.dmaapConsumerConfiguration.consumerId": "C12", + "dmaap.dmaapConsumerConfiguration.timeoutMs": 1000, + "sftp.security.strictHostKeyChecking": "false", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "CYE9fl40", + "location": "loc00", + "log_url": "https://localhost:3907/feedlog/1", + "publisher_id": "4.307dw", + "password": "izBJD8nLjawq0HMG", + "publish_url": "https://localhost:3907/publish/1" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://localhost:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + }, + "type": "message_router" + } + } + } +} + diff --git a/datafile-app-server/src/test/resources/datafile_test_config_tls.json b/datafile-app-server/src/test/resources/datafile_test_config_tls.json new file mode 100644 index 00000000..54f75816 --- /dev/null +++ b/datafile-app-server/src/test/resources/datafile_test_config_tls.json @@ -0,0 +1,40 @@ +{ + "config": { + "dmaap.certificateConfig.keyCert": "/src/test/resources/dfc.jks", + "dmaap.certificateConfig.keyPasswordPath": "/src/test/resources/dfc.jks.pass", + "dmaap.certificateConfig.trustedCa": "/src/test/resources/cert.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/src/test/resources/cert.jks.pass", + "dmaap.certificateConfig.httpsHostnameVerify": true, + "dmaap.security.trustStorePath": "src/test/resources/trust.jks", + "dmaap.security.trustStorePasswordPath": "src/test/resources/trust.pass", + "dmaap.security.keyStorePath": "src/test/resources/cert.jks", + "dmaap.security.keyStorePasswordPath": "src/test/resources/jks.pass", + "dmaap.security.enableDmaapCertAuth": "true", + "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12", + "dmaap.dmaapConsumerConfiguration.consumerId": "C12", + "dmaap.dmaapConsumerConfiguration.timeoutMs": 1000, + "sftp.security.strictHostKeyChecking": "false", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "CYE9fl40", + "location": "loc00", + "log_url": "https://localhost:3907/feedlog/1", + "publisher_id": "4.307dw", + "password": "izBJD8nLjawq0HMG", + "publish_url": "https://localhost:3907/publish/1" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://localhost:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + }, + "type": "message_router" + } + } + } +} + |