diff options
author | Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-03-05 11:31:48 +0100 |
---|---|---|
committer | Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-03-15 20:06:59 +0100 |
commit | 0f2c2039cd9d9b26482fc7488ae1bdf99f2544f5 (patch) | |
tree | 77bf8a43c44e5bb5ad991324f806b990f67edcee /etc | |
parent | 4b8692b6fed457a9d194557abe681832fad4f576 (diff) |
Collector authentication enhancement
Collector authentication enhancement
Change-Id: I03a05cb83dd8c498fb218e82e9b3958348fbb4ac
Issue-ID: DCAEGEN2-1101
Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
Diffstat (limited to 'etc')
-rwxr-xr-x | etc/collector.properties | 39 |
1 files changed, 16 insertions, 23 deletions
diff --git a/etc/collector.properties b/etc/collector.properties index f0aac3b5..36c79b51 100755 --- a/etc/collector.properties +++ b/etc/collector.properties @@ -11,19 +11,30 @@ ## Normally:
##
## - 8080 is http service
-## - https is disabled by default (-1)
+## - https is disabled by default
##
## - At this time, the server always binds to 0.0.0.0
##
-## The default port when header.authflag is disabled (0)
+##
collector.service.port=8080
-## The secure port is required if header.authflag is set to 1 (true)
## Authentication is only supported via secure port
## When enabled - require valid keystore defined
collector.service.secure.port=8443
-collector.service.secure.clientauth=0
+# auth.method flags:
+#
+# noAuth - default option - no security (http)
+# certOnly - auth by certificate (https)
+# basicAuth - auth by basic auth username and password (https)
+# certBasicAuth - auth by certificate and basic auth username / password (https)
+auth.method=noAuth
+
+## Combination of userid,hashPassword encoded pwd list to be supported
+## userid and pwd comma separated; pipe delimitation between each pair
+## Password is generated by crypt-password library using BCrypt algorithm stored in dcaegen2/sdk package
+## or https://nexus.onap.org/#nexus-search;quick~crypt-password
+header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6
## The keystore must be setup per installation when secure port is configured
collector.keystore.file.location=etc/keystore
@@ -33,7 +44,6 @@ collector.keystore.passwordfile=etc/passwordfile collector.truststore.file.location=etc/truststore
collector.truststore.passwordfile=etc/trustpasswordfile
-###############################################################################
## Processing
##
## If there's a problem that prevents the collector from processing alarms,
@@ -53,27 +63,10 @@ collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./e collector.dmaap.streamid=fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration
collector.dmaapfile=./etc/DmaapConfig.json
-## authflag control authentication by the collector
-## If enabled (1) - then authlist has to be defined
-## When authflag is enabled, only secure port will be supported
-## To disable enter 0
-header.authflag=0
-
-## Combination of userid,hashPassword encoded pwd list to be supported
-## userid and pwd comma separated; pipe delimitation between each pair
-header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6
-
## Event transformation Flag - when set expects configurable transformation
## defined under ./etc/eventTransform.json
## Enabled by default; to disable set to 0
event.transform.flag=1
# Describes at what frequency (measured in minutes) should application try to fetch config from CBS
-collector.dynamic.config.update.frequency=5
-
-###############################################################################
-##
-## Tomcat control
-##
-#tomcat.maxthreads=(tomcat default, which is usually 200)
-
+collector.dynamic.config.update.frequency=5
\ No newline at end of file |