diff options
author | amshegokar <AS00500801@techmahindra.com> | 2018-09-11 20:20:27 +0530 |
---|---|---|
committer | amshegokar <AS00500801@techmahindra.com> | 2018-09-11 20:20:27 +0530 |
commit | f67bc2db9676c54192a019852594a29f33816534 (patch) | |
tree | 2d69c0e8997c691d774ae9b97a3460b0cc29392e | |
parent | 1b2bb4255e73f7b2f98035724aa243b825b8162d (diff) |
Security vulnerabilities identified in CLM scan
Mapper: security vulnerabilities identified in CLM scan
Change-Id: I2b977e99e4ad6d1aae24e0d441da6002c28ab0ac
Issue-ID: DCAEGEN2-769
Signed-off-by: amshegokar <AS00500801@techmahindra.com>
-rw-r--r-- | UniversalVesAdapter/.classpath | 11 | ||||
-rw-r--r-- | UniversalVesAdapter/.project | 11 | ||||
-rw-r--r-- | UniversalVesAdapter/.settings/org.eclipse.jdt.core.prefs | 1 | ||||
-rw-r--r-- | UniversalVesAdapter/pom.xml | 14 | ||||
-rw-r--r-- | UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java | 35 | ||||
-rw-r--r-- | UniversalVesAdapter/src/main/resources/application.properties | 12 | ||||
-rw-r--r-- | pom.xml | 2 | ||||
-rw-r--r-- | snmpmapper/pom.xml | 22 | ||||
-rw-r--r-- | snmpmapper/src/main/resources/application.properties | 9 |
9 files changed, 94 insertions, 23 deletions
diff --git a/UniversalVesAdapter/.classpath b/UniversalVesAdapter/.classpath index 6d7587a..c77b3a1 100644 --- a/UniversalVesAdapter/.classpath +++ b/UniversalVesAdapter/.classpath @@ -27,5 +27,16 @@ <attribute name="maven.pomderived" value="true"/> </attributes> </classpathentry> + <classpathentry kind="src" output="target/classes" path="src/gen/java"> + <attributes> + <attribute name="optional" value="true"/> + <attribute name="maven.pomderived" value="true"/> + </attributes> + </classpathentry> + <classpathentry kind="src" path=".apt_generated"> + <attributes> + <attribute name="optional" value="true"/> + </attributes> + </classpathentry> <classpathentry kind="output" path="target/classes"/> </classpath> diff --git a/UniversalVesAdapter/.project b/UniversalVesAdapter/.project index 473a65c..1123cab 100644 --- a/UniversalVesAdapter/.project +++ b/UniversalVesAdapter/.project @@ -21,12 +21,23 @@ </arguments> </buildCommand> <buildCommand> + <name>net.sf.eclipsecs.core.CheckstyleBuilder</name> + <arguments> + </arguments> + </buildCommand> + <buildCommand> + <name>org.springframework.ide.eclipse.boot.validation.springbootbuilder</name> + <arguments> + </arguments> + </buildCommand> + <buildCommand> <name>org.eclipse.m2e.core.maven2Builder</name> <arguments> </arguments> </buildCommand> </buildSpec> <natures> + <nature>net.sf.eclipsecs.core.CheckstyleNature</nature> <nature>org.springframework.ide.eclipse.core.springnature</nature> <nature>org.eclipse.jdt.core.javanature</nature> <nature>org.eclipse.m2e.core.maven2Nature</nature> diff --git a/UniversalVesAdapter/.settings/org.eclipse.jdt.core.prefs b/UniversalVesAdapter/.settings/org.eclipse.jdt.core.prefs index 714351a..78b2bfc 100644 --- a/UniversalVesAdapter/.settings/org.eclipse.jdt.core.prefs +++ b/UniversalVesAdapter/.settings/org.eclipse.jdt.core.prefs @@ -2,4 +2,5 @@ eclipse.preferences.version=1 org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8 org.eclipse.jdt.core.compiler.compliance=1.8 org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning +org.eclipse.jdt.core.compiler.processAnnotations=enabled org.eclipse.jdt.core.compiler.source=1.8 diff --git a/UniversalVesAdapter/pom.xml b/UniversalVesAdapter/pom.xml index cd5e489..1342ec3 100644 --- a/UniversalVesAdapter/pom.xml +++ b/UniversalVesAdapter/pom.xml @@ -84,7 +84,7 @@ <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> - <version>2.0.3.RELEASE</version> + <version>2.0.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> @@ -95,9 +95,13 @@ <dependency> <groupId>org.springframework.data</groupId> <artifactId>spring-data-commons</artifactId> - <version>2.0.6.RELEASE</version> + <version>2.0.8.RELEASE</version> + </dependency> + <dependency> + <groupId>org.codehaus.groovy</groupId> + <artifactId>groovy-all</artifactId> + <version>2.4.14</version> </dependency> - <dependency> <groupId>com.jayway.jsonpath</groupId> <artifactId>json-path</artifactId> @@ -108,7 +112,7 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.9.5</version> + <version>2.9.6</version> </dependency> @@ -130,7 +134,7 @@ <dependency> <groupId>xerces</groupId> <artifactId>xercesImpl</artifactId> - <version>2.11.0-atlassian-01</version> + <version>2.12.0</version> </dependency> <!-- https://mvnrepository.com/artifact/com.thoughtworks.xstream/xstream --> diff --git a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java index f92511e..ca1bcc9 100644 --- a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java +++ b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java @@ -79,11 +79,40 @@ public class VESAdapterInitializer implements CommandLineRunner, Ordered { } else { - - LOGGER.info(">>>Static configuration to be used"); - + final String url = "http://localhost:8085/start"; + final String USER_AGENT = "Mozilla/5.0"; + + try { + URL obj = new URL(url); + HttpURLConnection httpURLConnection = (HttpURLConnection) obj.openConnection(); + + // optional default is GET + httpURLConnection.setRequestMethod("GET"); + + // add request header + httpURLConnection.setRequestProperty("User-Agent", USER_AGENT); + int responseCode = httpURLConnection.getResponseCode(); + LOGGER.info("Sending 'GET' request to URL : " + url); + LOGGER.info("Response Code : " + responseCode); + BufferedReader in = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream())); + String inputLine; + StringBuffer response = new StringBuffer(); + + while ((inputLine = in.readLine()) != null) { + response.append(inputLine); + } + in.close(); + + // print result + LOGGER.info("The result is :" + response.toString()); + + } catch (Exception e) { + LOGGER.error("Error occured due to :" + e.getMessage()); + e.printStackTrace(); + } + } } diff --git a/UniversalVesAdapter/src/main/resources/application.properties b/UniversalVesAdapter/src/main/resources/application.properties index c2dec51..c940da4 100644 --- a/UniversalVesAdapter/src/main/resources/application.properties +++ b/UniversalVesAdapter/src/main/resources/application.properties @@ -8,11 +8,11 @@ mapperConfig.file=../UniversalVesAdapter/src/main/resources/MapperConfig.json dmaap.mr_props=DMaapMR.properties #DEV Machine DB Details -spring.datasource.url=jdbc:postgresql://10.49.16.19:5432/dummy -spring.datasource.username=postgres -spring.datasource.password=root +#spring.datasource.url=jdbc:postgresql://10.49.16.19:5432/dummy +#spring.datasource.username=postgres +#spring.datasource.password=root #Lab Details -#spring.datasource.url=jdbc:postgresql://10.53.172.129:5432/dummy -#spring.datasource.username=ngpuser -#spring.datasource.password=root
\ No newline at end of file +spring.datasource.url=jdbc:postgresql://10.53.172.129:5432/dummy +spring.datasource.username=ngpuser +spring.datasource.password=root
\ No newline at end of file @@ -67,7 +67,7 @@ <json.path.version>2.2.0</json.path.version> <quartz.version>2.2.0</quartz.version> - <httpclient.version>4.5.2</httpclient.version> + <httpclient.version>4.5.6</httpclient.version> <commons.lang3.version>3.5</commons.lang3.version> <docker.maven.version>1.0.0</docker.maven.version> diff --git a/snmpmapper/pom.xml b/snmpmapper/pom.xml index 4306ae3..0180e6a 100644 --- a/snmpmapper/pom.xml +++ b/snmpmapper/pom.xml @@ -25,20 +25,20 @@ <dependencies> <dependency> - <groupId>org.springframework.webflow</groupId> - <artifactId>spring-webflow</artifactId> - <version>2.5.0.RELEASE</version> -</dependency> + <groupId>org.springframework.webflow</groupId> + <artifactId>spring-webflow</artifactId> + <version>2.5.0.RELEASE</version> + </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> - <version>2.0.3.RELEASE</version> + <version>2.0.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> - <version>2.0.3.RELEASE</version> + <version>2.0.4.RELEASE</version> </dependency> <dependency> @@ -53,6 +53,16 @@ <version>2.0.3.RELEASE</version> </dependency> <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + <version>5.0.5.RELEASE</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-expression</artifactId> + <version>5.0.9.RELEASE</version> + </dependency> + <dependency> <groupId>org.postgresql</groupId> <artifactId>postgresql</artifactId> <scope>runtime</scope> diff --git a/snmpmapper/src/main/resources/application.properties b/snmpmapper/src/main/resources/application.properties index cf4f33c..2121542 100644 --- a/snmpmapper/src/main/resources/application.properties +++ b/snmpmapper/src/main/resources/application.properties @@ -1,7 +1,12 @@ server.port=9090 -spring.datasource.url=jdbc:postgresql://10.49.16.19:5432/dummy -spring.datasource.username=postgres +#spring.datasource.url=jdbc:postgresql://10.49.16.19:5432/dummy +#spring.datasource.username=postgres +#spring.datasource.password=root + +spring.datasource.url=jdbc:postgresql://10.53.172.129:5432/dummy +spring.datasource.username=ngpuser spring.datasource.password=root + spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false spring.servlet.multipart.enabled=true |