aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/org/onap/dcae/ApplicationException.java7
-rw-r--r--src/main/java/org/onap/dcae/ApplicationSettings.java47
-rw-r--r--src/main/java/org/onap/dcae/VesApplication.java90
-rw-r--r--src/main/java/org/onap/dcae/common/SSLContextCreator.java14
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/AuthMethod.java26
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/AuthMethodType.java37
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/BasicAuth.java48
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/CertAuth.java49
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java50
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/NoAuth.java62
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/SslContextCreator.java116
-rw-r--r--src/main/java/org/onap/dcae/controller/ConfigLoader.java41
-rw-r--r--src/main/java/org/onap/dcae/controller/PreAppStartupConfigUpdater.java49
-rw-r--r--src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java37
-rw-r--r--src/main/java/org/onap/dcae/restapi/ServletConfig.java85
-rw-r--r--src/main/scripts/appController.sh23
-rw-r--r--src/main/scripts/configurationPoller.sh46
-rw-r--r--src/main/scripts/docker-entry.sh3
-rw-r--r--src/test/java/org/onap/dcae/ApplicationSettingsTest.java33
-rw-r--r--src/test/java/org/onap/dcae/TLSTest.java16
-rw-r--r--src/test/java/org/onap/dcae/controller/ConfigLoaderIntegrationE2ETest.java10
-rw-r--r--src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java17
-rw-r--r--src/test/resources/controller-config_dmaap_ip.json5
-rw-r--r--src/test/resources/controller-config_singleline_ip.json129
-rw-r--r--src/test/resources/test_collector_ip_op.properties5
-rw-r--r--src/test/resources/testcollector.properties5
26 files changed, 723 insertions, 327 deletions
diff --git a/src/main/java/org/onap/dcae/ApplicationException.java b/src/main/java/org/onap/dcae/ApplicationException.java
index 2079d867..5b0e2dfe 100644
--- a/src/main/java/org/onap/dcae/ApplicationException.java
+++ b/src/main/java/org/onap/dcae/ApplicationException.java
@@ -21,7 +21,6 @@
package org.onap.dcae;
-import java.io.IOException;
import org.apache.commons.configuration.ConfigurationException;
public class ApplicationException extends RuntimeException {
@@ -34,7 +33,11 @@ public class ApplicationException extends RuntimeException {
super(message,ex);
}
- public ApplicationException(IOException ex) {
+ public ApplicationException(Exception ex) {
super(ex);
}
+
+ public ApplicationException(String message) {
+ super(message);
+ }
}
diff --git a/src/main/java/org/onap/dcae/ApplicationSettings.java b/src/main/java/org/onap/dcae/ApplicationSettings.java
index 7d52c5e8..c4f2c063 100644
--- a/src/main/java/org/onap/dcae/ApplicationSettings.java
+++ b/src/main/java/org/onap/dcae/ApplicationSettings.java
@@ -43,6 +43,7 @@ import javax.annotation.Nullable;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.configuration.PropertiesConfiguration;
import org.json.JSONObject;
+import org.onap.dcae.common.configuration.AuthMethodType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -69,11 +70,21 @@ public class ApplicationSettings {
Map<String, String> parsedArgs = argsParser.apply(args);
configurationFileLocation = findOutConfigurationFileLocation(parsedArgs);
loadPropertiesFromFile();
- parsedArgs.filterKeys(k -> !"c".equals(k)).forEach(this::updateProperty);
+ parsedArgs.filterKeys(k -> !"c".equals(k)).forEach(this::addOrUpdate);
loadedJsonSchemas = loadJsonSchemas();
}
- private void loadPropertiesFromFile() {
+
+ public void reloadProperties() {
+ try {
+ properties.load(configurationFileLocation);
+ properties.refresh();
+ } catch (ConfigurationException ex) {
+ log.error("Cannot load properties cause:", ex);
+ throw new ApplicationException(ex);
+ }
+ }
+ public void loadPropertiesFromFile() {
try {
properties.load(configurationFileLocation);
} catch (ConfigurationException ex) {
@@ -109,10 +120,6 @@ public class ApplicationSettings {
return properties.getInt("collector.schema.checkflag", -1) > 0;
}
- public boolean authorizationEnabled() {
- return properties.getInt("header.authflag", 0) > 0;
- }
-
public JsonSchema jsonSchema(String version) {
return loadedJsonSchemas.get(version)
.orElse(loadedJsonSchemas.get(FALLBACK_VES_VERSION))
@@ -165,14 +172,6 @@ public class ApplicationSettings {
return prependWithUserDirOnRelative(properties.getString("collector.keystore.file.location", "etc/keystore"));
}
- public boolean clientTlsAuthenticationEnabled() {
- return httpsEnabled() && properties.getInt("collector.service.secure.clientauth", 0) > 0;
- }
-
- public String keystoreAlias() {
- return properties.getString("collector.keystore.alias", "tomcat");
- }
-
public String truststorePasswordFileLocation() {
return prependWithUserDirOnRelative(properties.getString("collector.truststore.passwordfile", "etc/trustpasswordfile"));
}
@@ -189,6 +188,10 @@ public class ApplicationSettings {
return prependWithUserDirOnRelative(properties.getString("collector.dmaapfile", "etc/DmaapConfig.json"));
}
+ public String authMethod(){
+ return properties.getString("auth.method", AuthMethodType.NO_AUTH.value());
+ }
+
public Map<String, String[]> dMaaPStreamsMapping() {
String streamIdsProperty = properties.getString("collector.dmaap.streamid", null);
if (streamIdsProperty == null) {
@@ -198,6 +201,14 @@ public class ApplicationSettings {
}
}
+ public void addOrUpdate(String key, String value) {
+ if (properties.containsKey(key)) {
+ properties.setProperty(key, value);
+ } else {
+ properties.addProperty(key, value);
+ }
+ }
+
private JSONObject jsonSchema() {
return new JSONObject(properties.getString("collector.schema.file",
format("{\"%s\":\"etc/CommonEventFormat_28.4.1.json\"}", FALLBACK_VES_VERSION)));
@@ -214,14 +225,6 @@ public class ApplicationSettings {
return HashMap.ofAll(domainToStreamIdsMapping);
}
- private void updateProperty(String key, String value) {
- if (properties.containsKey(key)) {
- properties.setProperty(key, value);
- } else {
- properties.addProperty(key, value);
- }
- }
-
private String prependWithUserDirOnRelative(String filePath) {
if (!Paths.get(filePath).isAbsolute()) {
filePath = Paths.get(appInvocationDir, filePath).toString();
diff --git a/src/main/java/org/onap/dcae/VesApplication.java b/src/main/java/org/onap/dcae/VesApplication.java
index 2dcd8fa8..d658b4aa 100644
--- a/src/main/java/org/onap/dcae/VesApplication.java
+++ b/src/main/java/org/onap/dcae/VesApplication.java
@@ -25,6 +25,7 @@ import java.nio.file.Paths;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.ScheduledThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import org.json.JSONObject;
@@ -41,6 +42,7 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.gson.GsonAutoConfiguration;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
+import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Lazy;
@@ -54,47 +56,77 @@ public class VesApplication {
private static final int MAX_THREADS = 20;
public static LinkedBlockingQueue<JSONObject> fProcessingInputQueue;
private static ApplicationSettings properties;
+ private static ConfigurableApplicationContext context;
+ private static ConfigLoader configLoader;
+ private static EventProcessor eventProcessor;
+ private static ScheduledThreadPoolExecutor scheduledThreadPoolExecutor;
+ private static SpringApplication app;
+ private static EventPublisher eventPublisher;
+ private static ScheduledFuture<?> scheduleFeatures;
+ private static ExecutorService executor;
public static void main(String[] args) {
- SpringApplication app = new SpringApplication(VesApplication.class);
+ app = new SpringApplication(VesApplication.class);
+ properties = new ApplicationSettings(args, CLIUtils::processCmdLine);
+ scheduledThreadPoolExecutor = new ScheduledThreadPoolExecutor(1);
+ init();
+ app.setAddCommandLineProperties(true);
+ context = app.run();
+ configLoader.updateConfig();
- properties = new ApplicationSettings(args, CLIUtils::processCmdLine);
+ }
+
+ public static void restartApplication() {
+ Thread thread = new Thread(() -> {
+ context.close();
+ properties.reloadProperties();
+ scheduleFeatures.cancel(true);
+ init();
+ context = SpringApplication.run(VesApplication.class);
+ });
+ thread.setDaemon(false);
+ thread.start();
+ }
+
+ private static void init() {
+ fProcessingInputQueue = new LinkedBlockingQueue<>(properties.maximumAllowedQueuedEvents());
+ createConfigLoader();
+ createSchedulePoolExecutor();
+ createExecutors();
+ }
- fProcessingInputQueue = new LinkedBlockingQueue<>(properties.maximumAllowedQueuedEvents());
+ private static void createExecutors() {
+ eventPublisher = EventPublisher.createPublisher(oplog, getDmapConfig());
+ eventProcessor = new EventProcessor(new EventSender(eventPublisher, properties));
- EventPublisher publisher = EventPublisher.createPublisher(oplog,
- DMaaPConfigurationParser
- .parseToDomainMapping(Paths.get(properties.dMaaPConfigurationFileLocation()))
- .get());
- spawnDynamicConfigUpdateThread(publisher, properties);
- EventProcessor ep = new EventProcessor(
- new EventSender(EventPublisher.createPublisher(oplog, getDmapConfig()), properties));
+ executor = Executors.newFixedThreadPool(MAX_THREADS);
+ for (int i = 0; i < MAX_THREADS; ++i) {
+ executor.execute(eventProcessor);
+ }
+ }
- ExecutorService executor = Executors.newFixedThreadPool(MAX_THREADS);
- for (int i = 0; i < MAX_THREADS; ++i) {
- executor.execute(ep);
- }
+ private static void createSchedulePoolExecutor() {
+ scheduleFeatures = scheduledThreadPoolExecutor.scheduleAtFixedRate(configLoader::updateConfig,
+ properties.configurationUpdateFrequency(),
+ properties.configurationUpdateFrequency(),
+ TimeUnit.MINUTES);
+ }
- app.setAddCommandLineProperties(true);
- app.run();
+ private static void createConfigLoader() {
+ configLoader = ConfigLoader.create(getEventPublisher()::reconfigure,
+ Paths.get(properties.dMaaPConfigurationFileLocation()),
+ properties.configurationFileLocation());
}
- private static void spawnDynamicConfigUpdateThread(EventPublisher eventPublisher, ApplicationSettings properties) {
- ScheduledThreadPoolExecutor scheduledThreadPoolExecutor = new ScheduledThreadPoolExecutor(1);
- ConfigLoader configLoader = ConfigLoader
- .create(eventPublisher::reconfigure,
- Paths.get(properties.dMaaPConfigurationFileLocation()),
- properties.configurationFileLocation());
- scheduledThreadPoolExecutor
- .scheduleAtFixedRate(configLoader::updateConfig,
- properties.configurationUpdateFrequency(),
- properties.configurationUpdateFrequency(),
- TimeUnit.MINUTES);
+
+ private static EventPublisher getEventPublisher() {
+ return EventPublisher.createPublisher(oplog, DMaaPConfigurationParser
+ .parseToDomainMapping(Paths.get(properties.dMaaPConfigurationFileLocation())).get());
}
private static Map<String, PublisherConfig> getDmapConfig() {
- return DMaaPConfigurationParser.
- parseToDomainMapping(Paths.get(properties.dMaaPConfigurationFileLocation())).get();
+ return DMaaPConfigurationParser
+ .parseToDomainMapping(Paths.get(properties.dMaaPConfigurationFileLocation())).get();
}
@Bean
diff --git a/src/main/java/org/onap/dcae/common/SSLContextCreator.java b/src/main/java/org/onap/dcae/common/SSLContextCreator.java
index a76c7cbe..898e5d55 100644
--- a/src/main/java/org/onap/dcae/common/SSLContextCreator.java
+++ b/src/main/java/org/onap/dcae/common/SSLContextCreator.java
@@ -20,9 +20,9 @@
package org.onap.dcae.common;
-import org.springframework.boot.web.server.Ssl;
-
import java.nio.file.Path;
+import org.springframework.boot.web.server.Ssl;
+import org.springframework.boot.web.server.Ssl.ClientAuth;
public class SSLContextCreator {
private final String keyStorePassword;
@@ -32,6 +32,7 @@ public class SSLContextCreator {
private Path trustStoreFile;
private String trustStorePassword;
private boolean hasTlsClientAuthentication = false;
+ private ClientAuth clientAuth;
public static SSLContextCreator create(final Path keyStoreFile, final String certAlias, final String password) {
return new SSLContextCreator(keyStoreFile, certAlias, password);
@@ -43,8 +44,9 @@ public class SSLContextCreator {
this.keyStorePassword = password;
}
- public SSLContextCreator withTlsClientAuthentication(final Path trustStoreFile, final String password) {
- hasTlsClientAuthentication = true;
+ public SSLContextCreator withTlsClientAuthentication(final Path trustStoreFile, final String password, final ClientAuth clientAuth) {
+ this.clientAuth = clientAuth;
+ this.hasTlsClientAuthentication = true;
this.trustStoreFile = trustStoreFile;
this.trustStorePassword = password;
@@ -53,7 +55,6 @@ public class SSLContextCreator {
private void configureKeyStore(final Ssl ssl) {
final String keyStore = keyStoreFile.toAbsolutePath().toString();
-
ssl.setKeyStore(keyStore);
ssl.setKeyPassword(keyStorePassword);
ssl.setKeyAlias(certAlias);
@@ -64,7 +65,7 @@ public class SSLContextCreator {
ssl.setTrustStore(trustStore);
ssl.setTrustStorePassword(trustStorePassword);
- ssl.setClientAuth(Ssl.ClientAuth.NEED);
+ ssl.setClientAuth(clientAuth);
}
public Ssl build() {
@@ -76,7 +77,6 @@ public class SSLContextCreator {
if (hasTlsClientAuthentication) {
configureTrustStore(ssl);
}
-
return ssl;
}
} \ No newline at end of file
diff --git a/src/main/java/org/onap/dcae/common/configuration/AuthMethod.java b/src/main/java/org/onap/dcae/common/configuration/AuthMethod.java
new file mode 100644
index 00000000..21614856
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/AuthMethod.java
@@ -0,0 +1,26 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+public interface AuthMethod {
+ void configure();
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/AuthMethodType.java b/src/main/java/org/onap/dcae/common/configuration/AuthMethodType.java
new file mode 100644
index 00000000..7eb1b414
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/AuthMethodType.java
@@ -0,0 +1,37 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+public enum AuthMethodType {
+
+ NO_AUTH("noAuth"),CERT_ONLY("certOnly"),CERT_BASIC_AUTH("certBasicAuth"),BASIC_AUTH("basicAuth");
+
+ private final String value;
+
+ AuthMethodType(String value) {
+ this.value = value;
+ }
+
+ public String value() {
+ return value;
+ }
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/BasicAuth.java b/src/main/java/org/onap/dcae/common/configuration/BasicAuth.java
new file mode 100644
index 00000000..c3730512
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/BasicAuth.java
@@ -0,0 +1,48 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.onap.dcae.ApplicationSettings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+
+public class BasicAuth implements AuthMethod {
+
+ private static final Logger log = LoggerFactory.getLogger(BasicAuth.class);
+ private final ConfigurableServletWebServerFactory container;
+ private final ApplicationSettings properties;
+
+ public BasicAuth(ConfigurableServletWebServerFactory container, ApplicationSettings properties) {
+ this.container = container;
+ this.properties = properties;
+ }
+
+ @Override
+ public void configure() {
+ SslContextCreator sslContextCreator = new SslContextCreator(properties);
+ container.setPort(properties.httpsPort());
+ container.setSsl(sslContextCreator.simpleHttpsContext());
+ log.info(String.format("Application work in %s mode on %s port.",
+ properties.authMethod(), properties.httpsPort()));
+ }
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/CertAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java
new file mode 100644
index 00000000..3c4fb62c
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java
@@ -0,0 +1,49 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.onap.dcae.ApplicationSettings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.server.Ssl.ClientAuth;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+
+public class CertAuth implements AuthMethod {
+
+ private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
+ private final ConfigurableServletWebServerFactory container;
+ private final ApplicationSettings properties;
+
+ public CertAuth(ConfigurableServletWebServerFactory container, ApplicationSettings properties) {
+ this.container = container;
+ this.properties = properties;
+ }
+
+ @Override
+ public void configure() {
+ SslContextCreator sslContextCreator = new SslContextCreator(properties);
+ container.setSsl(sslContextCreator.httpsContextWithTlsAuthentication(ClientAuth.NEED));
+ container.setPort(properties.httpsPort());
+ log.info(String.format("Application work in %s mode on %s port.",
+ properties.authMethod(), properties.httpsPort()));
+ }
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
new file mode 100644
index 00000000..f756b47d
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
@@ -0,0 +1,50 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.onap.dcae.ApplicationSettings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.server.Ssl.ClientAuth;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+
+public class CertBasicAuth implements AuthMethod{
+
+ private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
+ private final ConfigurableServletWebServerFactory container;
+ private final ApplicationSettings properties;
+
+ public CertBasicAuth(ConfigurableServletWebServerFactory container, ApplicationSettings properties) {
+ this.container = container;
+ this.properties = properties;
+ }
+
+ @Override
+ public void configure() {
+ SslContextCreator sslContextCreator = new SslContextCreator(properties);
+ container.setPort(properties.httpsPort());
+ container.setSsl(sslContextCreator.httpsContextWithTlsAuthentication(ClientAuth.WANT));
+ log.info(String.format("Application work in %s mode on %s port.",
+ properties.authMethod(), properties.httpsPort()));
+ }
+}
+
diff --git a/src/main/java/org/onap/dcae/common/configuration/NoAuth.java b/src/main/java/org/onap/dcae/common/configuration/NoAuth.java
new file mode 100644
index 00000000..a64749c0
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/NoAuth.java
@@ -0,0 +1,62 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.onap.dcae.ApplicationSettings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+
+public class NoAuth implements AuthMethod {
+
+ private static final Logger log = LoggerFactory.getLogger(NoAuth.class);
+
+ private final ConfigurableServletWebServerFactory container;
+ private final ApplicationSettings properties;
+
+ public NoAuth(ConfigurableServletWebServerFactory container, ApplicationSettings properties) {
+ this.container = container;
+ this.properties = properties;
+ }
+
+ @Override
+ public void configure() {
+ if (validateAuthMethod()){
+ container.setPort(properties.httpsPort());
+ logContainerConfiguration(properties.httpsPort());
+ }
+ else {
+ container.setPort(properties.httpPort());
+ logContainerConfiguration(properties.httpPort());
+ }
+ }
+
+ private boolean validateAuthMethod() {
+ return properties.authMethod().equalsIgnoreCase(AuthMethodType.BASIC_AUTH.value())
+ || properties.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())
+ || properties.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value());
+ }
+
+ private void logContainerConfiguration(int port) {
+ log.info(String.format("Application work in %s mode on %s port.", properties.authMethod(), port));
+ }
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/SslContextCreator.java b/src/main/java/org/onap/dcae/common/configuration/SslContextCreator.java
new file mode 100644
index 00000000..f0e470be
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/SslContextCreator.java
@@ -0,0 +1,116 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 Nokia. All rights reserved.s
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import static java.nio.file.Files.readAllBytes;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import org.onap.dcae.ApplicationException;
+import org.onap.dcae.ApplicationSettings;
+import org.onap.dcae.common.SSLContextCreator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.server.Ssl;
+import org.springframework.boot.web.server.Ssl.ClientAuth;
+
+public class SslContextCreator {
+
+ private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
+ private final ApplicationSettings properties;
+
+ public SslContextCreator(ApplicationSettings properties) {
+ this.properties = properties;
+ }
+
+ public Ssl httpsContextWithTlsAuthentication(ClientAuth clientAuth) {
+ final SSLContextCreator sslContextCreator = simpleHttpsContextBuilder();
+
+ log.info("Enabling TLS client authorization");
+
+ final Path trustStore = toAbsolutePath(properties.truststoreFileLocation());
+ log.info("Using trustStore path: " + trustStore);
+
+ final Path trustPasswordFileLocation = toAbsolutePath(properties.truststorePasswordFileLocation());
+ final String trustStorePassword = getKeyStorePassword(trustPasswordFileLocation);
+ log.info("Using trustStore password from: " + trustPasswordFileLocation);
+
+ return sslContextCreator.withTlsClientAuthentication(trustStore, trustStorePassword, clientAuth).build();
+ }
+
+ public Ssl simpleHttpsContext(){
+ return simpleHttpsContextBuilder().build();
+ }
+
+ private SSLContextCreator simpleHttpsContextBuilder() {
+ log.info("Enabling SSL");
+
+ final Path keyStorePath = toAbsolutePath(properties.keystoreFileLocation());
+ log.info("Using keyStore path: " + keyStorePath);
+
+ final Path keyStorePasswordLocation = toAbsolutePath(properties.keystorePasswordFileLocation());
+ final String keyStorePassword = getKeyStorePassword(keyStorePasswordLocation);
+ log.info("Using keyStore password from: " + keyStorePasswordLocation);
+ return SSLContextCreator.create(keyStorePath, getKeyStoreAlias(keyStorePath, keyStorePassword), keyStorePassword);
+ }
+
+ private String getKeyStoreAlias(Path keyStorePath, String keyStorePassword) {
+ KeyStore keyStore = getKeyStore();
+ try(InputStream keyStoreData = new FileInputStream(keyStorePath.toString())){
+ keyStore.load(keyStoreData, keyStorePassword.toCharArray());
+ String alias = keyStore.aliases().nextElement();
+ log.info("Actual key store alias is: " + alias);
+ return alias;
+ } catch (IOException | GeneralSecurityException ex) {
+ log.error("Cannot load Key Store alias cause: " + ex);
+ throw new ApplicationException(ex);
+ }
+ }
+
+ private KeyStore getKeyStore() {
+ try {
+ return KeyStore.getInstance(KeyStore.getDefaultType());
+ } catch (KeyStoreException ex) {
+ log.error("Cannot create Key Store instance cause: " + ex);
+ throw new ApplicationException(ex);
+ }
+ }
+
+ private Path toAbsolutePath(final String path) {
+ return Paths.get(path).toAbsolutePath();
+ }
+
+ private String getKeyStorePassword(final Path location) {
+ try {
+ return new String(readAllBytes(location));
+ } catch (IOException e) {
+ log.error("Could not read keystore password from: '" + location + "'.", e);
+ throw new ApplicationException(e);
+ }
+ }
+}
diff --git a/src/main/java/org/onap/dcae/controller/ConfigLoader.java b/src/main/java/org/onap/dcae/controller/ConfigLoader.java
index e11c2b8a..dbf52823 100644
--- a/src/main/java/org/onap/dcae/controller/ConfigLoader.java
+++ b/src/main/java/org/onap/dcae/controller/ConfigLoader.java
@@ -33,6 +33,7 @@ import io.vavr.control.Try;
import java.nio.file.Path;
import java.util.function.Consumer;
import org.json.JSONObject;
+import org.onap.dcae.VesApplication;
import org.onap.dcae.common.publishing.PublisherConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -45,19 +46,21 @@ public class ConfigLoader {
private final ConfigFilesFacade configFilesFacade;
private final Function1<EnvProps, Try<JSONObject>> configurationSource;
private final Function0<Map<String, String>> envVariablesSupplier;
+ private boolean toRestart = false;
ConfigLoader(Consumer<Map<String, PublisherConfig>> eventPublisherReconfigurer,
- ConfigFilesFacade configFilesFacade,
- Function1<EnvProps, Try<JSONObject>> configurationSource,
- Function0<Map<String, String>> envVariablesSupplier) {
+ ConfigFilesFacade configFilesFacade,
+ Function1<EnvProps, Try<JSONObject>> configurationSource,
+ Function0<Map<String, String>> envVariablesSupplier) {
this.eventPublisherReconfigurer = eventPublisherReconfigurer;
this.configFilesFacade = configFilesFacade;
this.configurationSource = configurationSource;
this.envVariablesSupplier = envVariablesSupplier;
}
- public static ConfigLoader create(Consumer<Map<String, PublisherConfig>> eventPublisherReconfigurer,
- Path dMaaPConfigFile, Path propertiesConfigFile) {
+ public static ConfigLoader create(
+ Consumer<Map<String, PublisherConfig>> eventPublisherReconfigurer,
+ Path dMaaPConfigFile, Path propertiesConfigFile) {
return new ConfigLoader(eventPublisherReconfigurer,
new ConfigFilesFacade(dMaaPConfigFile, propertiesConfigFile),
ConfigSource::getAppConfig,
@@ -67,20 +70,27 @@ public class ConfigLoader {
public void updateConfig() {
log.info("Trying to dynamically update config from Config Binding Service");
readEnvProps(envVariablesSupplier.get())
- .onEmpty(() -> log.warn(SKIP_MSG))
- .forEach(this::updateConfig);
+ .onEmpty(() -> log.warn(SKIP_MSG)).forEach(this::updateConfig);
}
private void updateConfig(EnvProps props) {
configurationSource.apply(props)
.onFailure(logSkip())
.onSuccess(newConf -> {
- updateConfigurationProperties(newConf);
- updateDMaaPProperties(newConf);
+ updateConfigurationProperties(newConf);
+ updateDMaaPProperties(newConf);
+ reloadApplication();
}
);
}
+ private void reloadApplication() {
+ if(toRestart){
+ log.info("New app config - Application will be restarted");
+ VesApplication.restartApplication();
+ }
+ }
+
private void updateDMaaPProperties(JSONObject newConf) {
configFilesFacade.readDMaaPConfiguration()
.onFailure(logSkip())
@@ -98,9 +108,13 @@ public class ConfigLoader {
private void compareAndOverwritePropertiesConfig(JSONObject newConf, Map<String, String> oldProps) {
Map<String, String> newProperties = getProperties(newConf);
- if (!oldProps.equals(newProperties)) {
+ Map<String, String> result = oldProps.filterKeys((s) -> newProperties.keySet().contains(s));
+ if (!result.equals(newProperties)) {
configFilesFacade.writeProperties(newProperties)
- .onSuccess(__ -> log.info("New properties configuration written to file"))
+ .onSuccess(__ -> {
+ toRestart= true;
+ log.info("New properties configuration written to file");
+ })
.onFailure(logSkip());
} else {
log.info("Collector properties from CBS are the same as currently used ones. " + SKIP_MSG);
@@ -115,7 +129,10 @@ public class ConfigLoader {
.onSuccess(parsedConfig ->
configFilesFacade.writeDMaaPConfiguration(newDMaaPConf)
.onFailure(logSkip())
- .onSuccess(__ -> log.info("New dMaaP configuration written to file")));
+ .onSuccess(__ -> {
+ toRestart= true;
+ log.info("New dMaaP configuration written to file");
+ }));
} else {
log.info("DMaaP config from CBS is the same as currently used one. " + SKIP_MSG);
}
diff --git a/src/main/java/org/onap/dcae/controller/PreAppStartupConfigUpdater.java b/src/main/java/org/onap/dcae/controller/PreAppStartupConfigUpdater.java
deleted file mode 100644
index be569119..00000000
--- a/src/main/java/org/onap/dcae/controller/PreAppStartupConfigUpdater.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * org.onap.dcaegen2.collectors.ves
- * ================================================================================
- * Copyright (C) 2018 Nokia. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.onap.dcae.controller;
-
-import io.vavr.collection.Map;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.function.Consumer;
-import org.onap.dcae.common.publishing.PublisherConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * On the first application launch, the configuration update thread that application spawns, has no chance to run yet
- * and prepare initial application configuration. In this case, it needs to be fetched from outside of the application,
- * so this is run from the .sh script.
- * Later on, once application is already started it will take care of the configuration update itself
- * @author Pawel Szalapski (pawel.szalapski@nokia.com)
- */
-public class PreAppStartupConfigUpdater {
- private final static Logger log = LoggerFactory.getLogger(PreAppStartupConfigUpdater.class);
-
- private static final Path DEFAULT_CONFIGURATION_FILE_PATH = Paths.get("etc/collector.properties");
- private static final Path DEFAULT_DMAAP_FILE_PATH = Paths.get("etc/DmaapConfig.json");
- private static final Consumer<Map<String, PublisherConfig>> NO_OP_CONSUMER = c -> { };
-
- public static void main(String[] args) {
- log.info("Running initial configuration update, before the application gets started.");
- ConfigLoader.create(NO_OP_CONSUMER, DEFAULT_DMAAP_FILE_PATH, DEFAULT_CONFIGURATION_FILE_PATH)
- .updateConfig();
- }
-}
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
index 3b76ae46..e2ac74c7 100644
--- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
+++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
@@ -25,6 +25,7 @@ import java.util.Base64;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.dcae.ApplicationSettings;
+import org.onap.dcae.common.configuration.AuthMethodType;
import org.onap.dcaegen2.services.sdk.security.CryptPassword;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -34,37 +35,51 @@ final class ApiAuthInterceptor extends HandlerInterceptorAdapter {
private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class);
private final CryptPassword cryptPassword = new CryptPassword();
- private final ApplicationSettings applicationSettings;
+ private final ApplicationSettings settings;
+ private Logger errorLogger;
- private Logger errorLog;
- ApiAuthInterceptor(ApplicationSettings applicationSettings, Logger errorLog) {
- this.applicationSettings = applicationSettings;
- this.errorLog = errorLog;
+ public ApiAuthInterceptor(ApplicationSettings applicationSettings, Logger errorLogger) {
+ this.settings = applicationSettings;
+ this.errorLogger = errorLogger;
}
@Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
- Object handler) throws IOException {
- if (applicationSettings.authorizationEnabled()) {
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+ throws IOException {
+
+ if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value())){
+ if (request.getAttribute("javax.servlet.request.X509Certificate") != null){
+ LOG.info("Request is authorized by certificate ");
+ return true;
+ }
+ }
+
+ if (isBasicAuth()) {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader == null || !isAuthorized(authorizationHeader)) {
- response.setStatus(400);
- errorLog.error("EVENT_RECEIPT_FAILURE: Unauthorized user");
+ response.setStatus(401);
+ errorLogger.error("EVENT_RECEIPT_FAILURE: Unauthorized user");
response.getWriter().write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
return false;
}
+ LOG.info("Request is authorized by basic auth");
}
return true;
}
+ private boolean isBasicAuth() {
+ return settings.authMethod().equalsIgnoreCase(AuthMethodType.BASIC_AUTH.value())
+ || settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value());
+ }
+
private boolean isAuthorized(String authorizationHeader) {
try {
String encodedData = authorizationHeader.split(" ")[1];
String decodedData = new String(Base64.getDecoder().decode(encodedData));
String providedUser = decodedData.split(":")[0].trim();
String providedPassword = decodedData.split(":")[1].trim();
- Option<String> maybeSavedPassword = applicationSettings.validAuthorizationCredentials().get(providedUser);
+ Option<String> maybeSavedPassword = settings.validAuthorizationCredentials().get(providedUser);
boolean userRegistered = maybeSavedPassword.isDefined();
return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get());
} catch (Exception e) {
diff --git a/src/main/java/org/onap/dcae/restapi/ServletConfig.java b/src/main/java/org/onap/dcae/restapi/ServletConfig.java
index 35616ac1..e68ddcdf 100644
--- a/src/main/java/org/onap/dcae/restapi/ServletConfig.java
+++ b/src/main/java/org/onap/dcae/restapi/ServletConfig.java
@@ -21,87 +21,46 @@
package org.onap.dcae.restapi;
+import java.util.HashMap;
+import java.util.Map;
import org.onap.dcae.ApplicationException;
import org.onap.dcae.ApplicationSettings;
-import org.onap.dcae.common.SSLContextCreator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.onap.dcae.common.configuration.AuthMethod;
+import org.onap.dcae.common.configuration.AuthMethodType;
+import org.onap.dcae.common.configuration.BasicAuth;
+import org.onap.dcae.common.configuration.CertAuth;
+import org.onap.dcae.common.configuration.CertBasicAuth;
+import org.onap.dcae.common.configuration.NoAuth;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.web.server.Ssl;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.stereotype.Component;
-import java.io.IOException;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-
-import static java.nio.file.Files.readAllBytes;
-
@Component
public class ServletConfig implements WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> {
- private static final Logger log = LoggerFactory.getLogger(ServletConfig.class);
-
@Autowired
private ApplicationSettings properties;
@Override
public void customize(ConfigurableServletWebServerFactory container) {
- final boolean hasClientTlsAuthentication = properties.clientTlsAuthenticationEnabled();
-
- if (hasClientTlsAuthentication || properties.authorizationEnabled()) {
- container.setSsl(hasClientTlsAuthentication ? httpsContextWithTlsAuthentication() : simpleHttpsContext());
- container.setPort(properties.httpsPort());
- } else {
- container.setPort(properties.httpPort());
- }
- }
-
- private SSLContextCreator simpleHttpsContextBuilder() {
- log.info("Enabling SSL");
-
- final Path keyStore = toAbsolutePath(properties.keystoreFileLocation());
- log.info("Using keyStore path: " + keyStore);
-
- final Path keyStorePasswordLocation = toAbsolutePath(properties.keystorePasswordFileLocation());
- final String keyStorePassword = getKeyStorePassword(keyStorePasswordLocation);
- log.info("Using keyStore password from: " + keyStorePasswordLocation);
-
- final String alias = properties.keystoreAlias();
-
- return SSLContextCreator.create(keyStore, alias, keyStorePassword);
- }
-
- private Ssl simpleHttpsContext() {
- return simpleHttpsContextBuilder().build();
- }
-
- private Ssl httpsContextWithTlsAuthentication() {
- final SSLContextCreator sslContextCreator = simpleHttpsContextBuilder();
-
- log.info("Enabling TLS client authorization");
-
- final Path trustStore = toAbsolutePath(properties.truststoreFileLocation());
- log.info("Using trustStore path: " + trustStore);
-
- final Path trustPasswordFileLocation = toAbsolutePath(properties.truststorePasswordFileLocation());
- final String trustStorePassword = getKeyStorePassword(trustPasswordFileLocation);
- log.info("Using trustStore password from: " + trustPasswordFileLocation);
-
- return sslContextCreator.withTlsClientAuthentication(trustStore, trustStorePassword).build();
+ provideAuthConfigurations(container).getOrDefault(properties.authMethod(),
+ notSupportedOperation()).configure();
}
- private Path toAbsolutePath(final String path) {
- return Paths.get(path).toAbsolutePath();
+ private Map<String, AuthMethod> provideAuthConfigurations(ConfigurableServletWebServerFactory container) {
+ Map<String, AuthMethod> authMethods = new HashMap<>();
+ authMethods.put(AuthMethodType.CERT_ONLY.value(), new CertAuth(container, properties));
+ authMethods.put(AuthMethodType.BASIC_AUTH.value(), new BasicAuth(container, properties));
+ authMethods.put(AuthMethodType.CERT_BASIC_AUTH.value(), new CertBasicAuth(container, properties));
+ authMethods.put(AuthMethodType.NO_AUTH.value(), new NoAuth(container, properties));
+ return authMethods;
}
- private String getKeyStorePassword(final Path location) {
- try {
- return new String(readAllBytes(location));
- } catch (IOException e) {
- log.error("Could not read keystore password from: '" + location + "'.", e);
- throw new ApplicationException(e);
- }
+ private AuthMethod notSupportedOperation() {
+ return () -> {
+ throw new ApplicationException(
+ "Provided auth method not allowed: " + properties.authMethod());
+ };
}
} \ No newline at end of file
diff --git a/src/main/scripts/appController.sh b/src/main/scripts/appController.sh
index d141addf..97556c4c 100644
--- a/src/main/scripts/appController.sh
+++ b/src/main/scripts/appController.sh
@@ -1,5 +1,4 @@
#!/bin/bash
-
###
# ============LICENSE_START=======================================================
# PROJECT
@@ -22,26 +21,6 @@
###
source bin/logger.sh
-updateKeystore() {
- log "Updating keystore configuration"
- aliasParameterName="collector.keystore.alias"
- originalPropertyFile="etc/collector.properties"
- temporaryPropertyFile="etc/collector.properties.tmp"
- keystorePath=`grep collector.keystore.file.location ${originalPropertyFile} | tr -d '[:space:]' | cut -d"=" -f2`
- keystorePasswordFile=`grep collector.keystore.passwordfile ${originalPropertyFile} | tr -d '[:space:]' | cut -d"=" -f2`
- temporaryAlias=`/usr/bin/keytool -list -keystore $keystorePath < $keystorePasswordFile | grep "PrivateKeyEntry" | cut -d"," -f1`
- newAlias=`echo $temporaryAlias | cut -d":" -f2`
- sed "s~$aliasParameterName=.*~$aliasParameterName=$newAlias~g" ${originalPropertyFile} > ${temporaryPropertyFile}
- echo `cat ${temporaryPropertyFile} > ${originalPropertyFile}`
- rm ${temporaryPropertyFile}
- log "Keystore configuration updated"
-}
-
-tryToPollConfiguration() {
- log "Trying to poll configuration from CBS before application starts"
- ${JAVA_HOME}/bin/java -cp "etc:lib/*" org.onap.dcae.controller.PreAppStartupConfigUpdater
-}
-
start() {
log "Starting application"
appPids=`pidof java`
@@ -78,7 +57,7 @@ stop() {
}
case $1 in
- "start") tryToPollConfiguration; updateKeystore; start ;;
+ "start") start ;;
"stop") stop ;;
"restart") stop; start ;;
*) echo "Bad usage. Should be: /bin/bash <this> start/stop"
diff --git a/src/main/scripts/configurationPoller.sh b/src/main/scripts/configurationPoller.sh
deleted file mode 100644
index 59dbf840..00000000
--- a/src/main/scripts/configurationPoller.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/bash
-###
-# ============LICENSE_START=======================================================
-# PROJECT
-# ================================================================================
-# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-###
-source bin/logger.sh
-
-# This scripts job is to continuously run in background and watch for changes in collector.properties
-# and in case it has changed, restart application.
-# collector.properties (and DmaapConfig.json) is being updated periodically by calling for configuration from CBS and it is
-# done inside the VESCollector application itself.
-# Configuration poller can be run regardless of deployment type.
-# It will always check for changes in collector.properties and in deployment scenario,
-# where dynamic configuration should not be used, necessary environment
-# variables that are needed (consul host, cbs name, app name) will be missing, and java app will
-# not update the configuration files so restart won't be triggered.
-
-# Start after a while, because once the application starts, it might happen that
-# it fetched new configuration. In that case, the application will already be started with newest config, there would
-# be no point in restarting it once again.
-sleep 2m
-
-while true
-do
- sleep 1m
- if [[ $(find etc/collector.properties -mmin -1 -print) ]]; then
- log "Found change in collector.properties, updating keystore and restarting application"
- bin/appController.sh restart
- fi
-done
-
diff --git a/src/main/scripts/docker-entry.sh b/src/main/scripts/docker-entry.sh
index c17dd958..6b300669 100644
--- a/src/main/scripts/docker-entry.sh
+++ b/src/main/scripts/docker-entry.sh
@@ -57,7 +57,4 @@ log "Scheduling application to be started, looping indefinitely to hold the dock
bin/appController.sh stop
bin/appController.sh start &
-log "Enabling configuration polling from CBS"
-bin/configurationPoller.sh &
-
while true; do sleep 1000; done
diff --git a/src/test/java/org/onap/dcae/ApplicationSettingsTest.java b/src/test/java/org/onap/dcae/ApplicationSettingsTest.java
index 0e91bc70..60287aef 100644
--- a/src/test/java/org/onap/dcae/ApplicationSettingsTest.java
+++ b/src/test/java/org/onap/dcae/ApplicationSettingsTest.java
@@ -215,25 +215,6 @@ public class ApplicationSettingsTest {
assertEquals(sanitizePath("etc/keystore"), keystoreFileLocation);
}
-
- @Test
- public void shouldReturnKeystoreAlias() throws IOException {
- // when
- String keystoreAlias = fromTemporaryConfiguration("collector.keystore.alias=alias").keystoreAlias();
-
- // then
- assertEquals("alias", keystoreAlias);
- }
-
- @Test
- public void shouldReturnDefaultKeystoreAlias() throws IOException {
- // when
- String keystoreAlias = fromTemporaryConfiguration().keystoreAlias();
-
- // then
- assertEquals("tomcat", keystoreAlias);
- }
-
@Test
public void shouldReturnDMAAPConfigFileLocation() throws IOException {
// when
@@ -363,22 +344,12 @@ public class ApplicationSettingsTest {
}
@Test
- public void shouldReturnIfAuthorizationIsEnabled() throws IOException {
- // when
- boolean authorizationEnabled = fromTemporaryConfiguration("header.authflag=1")
- .authorizationEnabled();
-
- // then
- assertTrue(authorizationEnabled);
- }
-
- @Test
public void shouldAuthorizationBeDisabledByDefault() throws IOException {
// when
- boolean authorizationEnabled = fromTemporaryConfiguration().authorizationEnabled();
+ boolean authorizationEnabled = fromTemporaryConfiguration().authMethod().contains("noAuth");
// then
- assertFalse(authorizationEnabled);
+ assertTrue(authorizationEnabled);
}
@Test
diff --git a/src/test/java/org/onap/dcae/TLSTest.java b/src/test/java/org/onap/dcae/TLSTest.java
index c73bb53b..b1f90371 100644
--- a/src/test/java/org/onap/dcae/TLSTest.java
+++ b/src/test/java/org/onap/dcae/TLSTest.java
@@ -24,6 +24,7 @@ package org.onap.dcae;
import io.vavr.collection.HashMap;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
+import org.onap.dcae.common.configuration.AuthMethodType;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpStatus;
@@ -86,8 +87,8 @@ public class TLSTest extends TLSTestBase {
class HttpsWithTLSAuthenticationAndBasicAuthTest extends TestClassBase {
@Test
- public void shouldHttpsRequestWithoutBasicAuthFail() {
- assertThrows(Exception.class, this::makeHttpsRequestWithClientCert);
+ public void shouldHttpsRequestWithoutBasicAuthSucceed() {
+ assertEquals(HttpStatus.OK, makeHttpsRequestWithClientCert().getStatusCode());
}
@Test
@@ -100,6 +101,7 @@ public class TLSTest extends TLSTestBase {
static class HttpConfiguration extends TLSTestBase.ConfigurationBase {
@Override
protected void configureSettings(ApplicationSettings settings) {
+ when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value());
}
}
@@ -109,10 +111,9 @@ public class TLSTest extends TLSTestBase {
@Override
protected void configureSettings(ApplicationSettings settings) {
- when(settings.keystoreAlias()).thenReturn(KEYSTORE_ALIAS);
when(settings.keystoreFileLocation()).thenReturn(KEYSTORE.toString());
when(settings.keystorePasswordFileLocation()).thenReturn(KEYSTORE_PASSWORD_FILE.toString());
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
when(settings.validAuthorizationCredentials()).thenReturn(HashMap.of(USERNAME, "$2a$10$51tDgG2VNLde5E173Ay/YO.Fq.aD.LR2Rp8pY3QAKriOSPswvGviy"));
}
}
@@ -121,8 +122,7 @@ public class TLSTest extends TLSTestBase {
@Override
protected void configureSettings(ApplicationSettings settings) {
super.configureSettings(settings);
- when(settings.authorizationEnabled()).thenReturn(false);
- when(settings.clientTlsAuthenticationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.CERT_ONLY.value());
when(settings.truststoreFileLocation()).thenReturn(TRUSTSTORE.toString());
when(settings.truststorePasswordFileLocation()).thenReturn(TRUSTSTORE_PASSWORD_FILE.toString());
}
@@ -132,7 +132,7 @@ public class TLSTest extends TLSTestBase {
@Override
protected void configureSettings(ApplicationSettings settings) {
super.configureSettings(settings);
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.CERT_BASIC_AUTH.value());
}
}
-}
+} \ No newline at end of file
diff --git a/src/test/java/org/onap/dcae/controller/ConfigLoaderIntegrationE2ETest.java b/src/test/java/org/onap/dcae/controller/ConfigLoaderIntegrationE2ETest.java
index b0a984a0..90c8a9c8 100644
--- a/src/test/java/org/onap/dcae/controller/ConfigLoaderIntegrationE2ETest.java
+++ b/src/test/java/org/onap/dcae/controller/ConfigLoaderIntegrationE2ETest.java
@@ -22,11 +22,11 @@ package org.onap.dcae.controller;
import static io.vavr.API.Map;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
+import static org.mockito.Mockito.when;
import static org.onap.dcae.TestingUtilities.createTemporaryFile;
import static org.onap.dcae.TestingUtilities.readFile;
import static org.onap.dcae.TestingUtilities.readJSONFromFile;
@@ -36,10 +36,15 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import org.json.JSONObject;
import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.onap.dcae.ApplicationSettings;
import org.onap.dcae.WiremockBasedTest;
import org.onap.dcae.common.publishing.DMaaPConfigurationParser;
import org.onap.dcae.common.publishing.EventPublisher;
+@RunWith(MockitoJUnitRunner.Silent.class)
public class ConfigLoaderIntegrationE2ETest extends WiremockBasedTest {
@Test
@@ -54,11 +59,8 @@ public class ConfigLoaderIntegrationE2ETest extends WiremockBasedTest {
EventPublisher eventPublisherMock = mock(EventPublisher.class);
ConfigFilesFacade configFilesFacade = new ConfigFilesFacade(dMaaPConfigFile, collectorPropertiesFile);
-
- // when
ConfigLoader configLoader = new ConfigLoader(eventPublisherMock::reconfigure, configFilesFacade, ConfigSource::getAppConfig, () -> wiremockBasedEnvProps());
configLoader.updateConfig();
-
// then
assertThat(readJSONFromFile(dMaaPConfigSource).toString()).isEqualTo(dMaaPConf.toString());
assertThat(readFile(collectorPropertiesFile).trim()).isEqualTo("collector.port = 8080");
diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
index 569fd969..a295046b 100644
--- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
+++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
@@ -28,6 +28,7 @@ import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;
import org.onap.dcae.ApplicationSettings;
+import org.onap.dcae.common.configuration.AuthMethodType;
import org.slf4j.Logger;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -89,7 +90,7 @@ public class ApiAuthInterceptionTest {
// given
final HttpServletRequest request = createEmptyRequest();
- when(settings.authorizationEnabled()).thenReturn(false);
+ when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value());
// when
final boolean isAuthorized = sut.preHandle(request, response, obj);
@@ -103,7 +104,7 @@ public class ApiAuthInterceptionTest {
// given
final HttpServletRequest request = createEmptyRequest();
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
when(response.getWriter()).thenReturn(writer);
// when
@@ -113,7 +114,7 @@ public class ApiAuthInterceptionTest {
// then
assertFalse(isAuthorized);
- verify(response).setStatus(HttpStatus.BAD_REQUEST.value());
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
}
@@ -122,7 +123,7 @@ public class ApiAuthInterceptionTest {
// given
final HttpServletRequest request = createRequestWithAuthorizationHeader();
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
when(response.getWriter()).thenReturn(writer);
// when
@@ -131,7 +132,7 @@ public class ApiAuthInterceptionTest {
// then
assertFalse(isAuthorized);
- verify(response).setStatus(HttpStatus.BAD_REQUEST.value());
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
}
@@ -139,7 +140,7 @@ public class ApiAuthInterceptionTest {
public void shouldSucceed() throws IOException {
// given
final HttpServletRequest request = createRequestWithAuthorizationHeader();
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.CERT_ONLY.value());
when(settings.validAuthorizationCredentials()).thenReturn(
HashMap.of(USERNAME, "$2a$10$BsZkEynNm/93wbAeeZuxJeu6IHRyQl4XReqDg2BtYOFDhUsz20.3G"));
when(response.getWriter()).thenReturn(writer);
@@ -160,7 +161,7 @@ public class ApiAuthInterceptionTest {
.header(HttpHeaders.AUTHORIZATION, "FooBar")
.buildRequest(null);
- when(settings.authorizationEnabled()).thenReturn(true);
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
when(settings.validAuthorizationCredentials()).thenReturn(CREDENTIALS);
when(response.getWriter()).thenReturn(writer);
@@ -170,7 +171,7 @@ public class ApiAuthInterceptionTest {
// then
assertFalse(isAuthorized);
- verify(response).setStatus(HttpStatus.BAD_REQUEST.value());
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
}
}
diff --git a/src/test/resources/controller-config_dmaap_ip.json b/src/test/resources/controller-config_dmaap_ip.json
index 8979a614..1cc6576b 100644
--- a/src/test/resources/controller-config_dmaap_ip.json
+++ b/src/test/resources/controller-config_dmaap_ip.json
@@ -1,7 +1,6 @@
{
- "header.authflag": 1,
+ "auth.method": "noAuth",
"collector.inputQueue.maxPending": 8096,
- "collector.keystore.alias": "dynamically generated",
"collector.schema.checkflag": 1,
"collector.keystore.file.location": "/opt/app/dcae-certificate/keystore.jks",
"tomcat.maxthreads": "200",
@@ -235,5 +234,5 @@
}
},
"event.transform.flag": 1,
- "header.authlist": "sample1,c2FtcGxlMQ==|userid1,base64encodepwd1|userid2,base64encodepwd2"
+ "header.authlist": "sample1,$2a$10$pgjaxDzSuc6XVFEeqvxQ5u90DKJnM/u7TJTcinAlFJVaavXMWf/Zi|userid1,$2a$10$61gNubgJJl9lh3nvQvY9X.x4e5ETWJJ7ao7ZhJEvmfJigov26Z6uq|userid2,$2a$10$G52y/3uhuhWAMy.bx9Se8uzWinmbJa.dlm1LW6bYPdPkkywLDPLiy"
}
diff --git a/src/test/resources/controller-config_singleline_ip.json b/src/test/resources/controller-config_singleline_ip.json
index 220e3f1b..c3a8d067 100644
--- a/src/test/resources/controller-config_singleline_ip.json
+++ b/src/test/resources/controller-config_singleline_ip.json
@@ -1 +1,128 @@
-{"header.authflag": "1", "collector.schema.file": "{\"v1\": \"./etc/CommonEventFormat_27.2.json\", \"v2\": \"./etc/CommonEventFormat_27.2.json\", \"v3\": \"./etc/CommonEventFormat_27.2.json\", \"v4\": \"./etc/CommonEventFormat_27.2.json\", \"v5\": \"./etc/CommonEventFormat_28.4.json\"}", "collector.keystore.passwordfile": "/opt/app/dcae-certificate/.password", "tomcat.maxthreads": "200", "collector.dmaap.streamid": "fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling", "streams_subscribes": {}, "collector.inputQueue.maxPending": "8096", "collector.keystore.alias": "dynamically generated", "streams_publishes": {"ves-mobileflow": {"type": "message_router", "dmaap_info": {"client_id": "1517590629043", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-MOBILEFLOW-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-measurement": {"type": "message_router", "dmaap_info": {"client_id": "1517590433916", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-ENC-MEASUREMENT-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-voicequality": {"type": "message_router", "dmaap_info": {"client_id": "1517590778397", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-VES-VOICEQUALITY-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-thresholdCrossingAlert": {"type": "message_router", "dmaap_info": {"client_id": "1517590728150", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-TCA-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-fault": {"type": "message_router", "dmaap_info": {"client_id": "1517590384670", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-FAULT-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-heartbeat": {"type": "message_router", "dmaap_info": {"client_id": "1517590530041", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-HEARTBEAT-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-sipsignaling": {"type": "message_router", "dmaap_info": {"client_id": "1517590828736", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-VES-SIPSIGNALING-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-syslog": {"type": "message_router", "dmaap_info": {"client_id": "1517590482019", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-SYSLOG-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-other": {"type": "message_router", "dmaap_info": {"client_id": "1517590581045", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-OTHER-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}, "ves-statechange": {"type": "message_router", "dmaap_info": {"client_id": "1517590677649", "client_role": "com.att.secCollector.member", "location": "rdm5bdcc2", "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-STATECHANGE-OUTPUT-v1"}, "aaf_username": "userid@namespace", "aaf_password": "authpwd"}}, "collector.schema.checkflag": "1", "services_calls": {}, "event.transform.flag": "1", "collector.keystore.file.location": "/opt/app/dcae-certificate/keystore.jks", "header.authlist": "sample1,c2FtcGxlMQ==|userid1,base64encodepwd1|userid2,base64encodepwd2", "collector.service.secure.port": "8443", "collector.service.port": "-1"} \ No newline at end of file
+{
+ "auth.method": "noAuth",
+ "collector.schema.file": "{\"v1\": \"./etc/CommonEventFormat_27.2.json\", \"v2\": \"./etc/CommonEventFormat_27.2.json\", \"v3\": \"./etc/CommonEventFormat_27.2.json\", \"v4\": \"./etc/CommonEventFormat_27.2.json\", \"v5\": \"./etc/CommonEventFormat_28.4.json\"}",
+ "collector.keystore.passwordfile": "/opt/app/dcae-certificate/.password",
+ "tomcat.maxthreads": "200",
+ "collector.dmaap.streamid": "fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling",
+ "streams_subscribes": {},
+ "collector.inputQueue.maxPending": "8096",
+ "streams_publishes": {
+ "ves-mobileflow": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590629043",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-MOBILEFLOW-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-measurement": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590433916",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-ENC-MEASUREMENT-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-voicequality": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590778397",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-VES-VOICEQUALITY-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-thresholdCrossingAlert": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590728150",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-TCA-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-fault": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590384670",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-FAULT-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-heartbeat": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590530041",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-HEARTBEAT-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-sipsignaling": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590828736",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-VES-SIPSIGNALING-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-syslog": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590482019",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-SYSLOG-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-other": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590581045",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-OTHER-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ },
+ "ves-statechange": {
+ "type": "message_router",
+ "dmaap_info": {
+ "client_id": "1517590677649",
+ "client_role": "com.att.secCollector.member",
+ "location": "rdm5bdcc2",
+ "topic_url": "https://DMAAPHOST:3905/events/com.att.dcae.dmaap.FTL.24256-SEC-STATECHANGE-OUTPUT-v1"
+ },
+ "aaf_username": "userid@namespace",
+ "aaf_password": "authpwd"
+ }
+ },
+ "collector.schema.checkflag": "1",
+ "services_calls": {},
+ "event.transform.flag": "1",
+ "collector.keystore.file.location": "/opt/app/dcae-certificate/keystore.jks",
+ "header.authlist": "sample1,$2a$10$pgjaxDzSuc6XVFEeqvxQ5u90DKJnM/u7TJTcinAlFJVaavXMWf/Zi|userid1,$2a$10$61gNubgJJl9lh3nvQvY9X.x4e5ETWJJ7ao7ZhJEvmfJigov26Z6uq|userid2,$2a$10$G52y/3uhuhWAMy.bx9Se8uzWinmbJa.dlm1LW6bYPdPkkywLDPLiy",
+ "collector.service.secure.port": "8443",
+ "collector.service.port": "-1"
+} \ No newline at end of file
diff --git a/src/test/resources/test_collector_ip_op.properties b/src/test/resources/test_collector_ip_op.properties
index f29a2ba6..9450067a 100644
--- a/src/test/resources/test_collector_ip_op.properties
+++ b/src/test/resources/test_collector_ip_op.properties
@@ -2,13 +2,12 @@ collector.service.port=-1
collector.service.secure.port=8443
collector.keystore.file.location=/opt/app/dcae-certificate/keystore.jks
collector.keystore.passwordfile=/opt/app/dcae-certificate/.password
-collector.keystore.alias=dynamically generated
collector.schema.checkflag=1
collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.json\"}
collector.dmaap.streamid=fault=ves-fault,ves-fault-secondary|syslog=ves-syslog,ves-syslog-secondary|heartbeat=ves-heartbeat,ves-heartbeat-secondary|measurementsForVfScaling=ves-measurement,ves-measurement-secondary|mobileFlow=ves-mobileflow,ves-mobileflow-secondary|other=ves-other,ves-other-secondary|stateChange=ves-statechange,ves-statechange-secondary|thresholdCrossingAlert=ves-thresholdCrossingAlert,ves-thresholdCrossingAlert-secondary|voiceQuality=ves-voicequality,ves-voicequality-secondary|sipSignaling=ves-sipsignaling,ves-sipsignaling-secondary
collector.dmaapfile=./etc/DmaapConfig.json
-header.authflag=1
-header.authlist=sample1,c2FtcGxlMQ==|userid1,base64encodepwd1|userid2,base64encodepwd2
+auth.method=noAuth
+header.authlist=sample1,$2a$10$pgjaxDzSuc6XVFEeqvxQ5u90DKJnM/u7TJTcinAlFJVaavXMWf/Zi|userid1,$2a$10$61gNubgJJl9lh3nvQvY9X.x4e5ETWJJ7ao7ZhJEvmfJigov26Z6uq|userid2,$2a$10$G52y/3uhuhWAMy.bx9Se8uzWinmbJa.dlm1LW6bYPdPkkywLDPLiy
event.transform.flag=1
collector.inputQueue.maxPending = 8096
streams_subscribes = {}
diff --git a/src/test/resources/testcollector.properties b/src/test/resources/testcollector.properties
index 7de53d61..c3fcca62 100644
--- a/src/test/resources/testcollector.properties
+++ b/src/test/resources/testcollector.properties
@@ -2,13 +2,12 @@ collector.service.port=9999
collector.service.secure.port=8443
collector.keystore.file.location=../etc/keystore
collector.keystore.passwordfile=./etc/passwordfile
-collector.keystore.alias=tomcat
collector.schema.checkflag=1
collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.json\"}
collector.dmaap.streamid=fault=sec_fault|syslog=sec_syslog|heartbeat=sec_heartbeat|measurementsForVfScaling=sec_measurement|mobileFlow=sec_mobileflow|other=sec_other|stateChange=sec_statechange|thresholdCrossingAlert=sec_thresholdCrossingAlert|voiceQuality=ves_voicequality|sipSignaling=ves_sipsignaling
collector.dmaapfile=./etc/DmaapConfig.json
-header.authflag=1
-header.authlist=secureid,IWRjYWVSb2FkbTEyMyEt|sample1,c2FtcGxlMQ==
+auth.method=noAuth
+header.authlist=sample1,$2a$10$pgjaxDzSuc6XVFEeqvxQ5u90DKJnM/u7TJTcinAlFJVaavXMWf/Zi|userid1,$2a$10$61gNubgJJl9lh3nvQvY9X.x4e5ETWJJ7ao7ZhJEvmfJigov26Z6uq|userid2,$2a$10$G52y/3uhuhWAMy.bx9Se8uzWinmbJa.dlm1LW6bYPdPkkywLDPLiy
event.transform.flag=1