diff options
author | Fiachra Corcoran <fiachra.corcoran@est.tech> | 2019-10-14 15:55:19 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-10-14 15:55:19 +0000 |
commit | 9df67948f715f9cddd51287cd3e91f7cbcf1912b (patch) | |
tree | 1427c3e63920249235f9df73b6cc31fe77c078b7 | |
parent | 027de6cd99fbfc703a1eed04a187e2271b4a5c57 (diff) | |
parent | 1ccd9c36ba12849148f9eb73e8ff2ffe4ade5870 (diff) |
Merge "Update AAF loading procedure"
61 files changed, 978 insertions, 550 deletions
diff --git a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.jks Binary files differdeleted file mode 100644 index 2320dc9f..00000000 --- a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.jks +++ /dev/null diff --git a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile deleted file mode 100644 index 0d187ccf..00000000 --- a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -6-tNRI8kimOFIXwcTbENGrkJzim1NFAcA4iRrbWVSteGmgX0-RzgwYEy4wnNju7jlOUfRVKqJSYL -0qcHP1Z9AbX_K5zqJ2CATFO_0tlvNbocvoh6IecTlvL6V00hlVzP1JjCedUN0cO13TSnc4_NpWWj -nVZ9EaFQTmFL0NiYj-TPqRolhnQCIMDruBI6ImOIrnWxIcOEpH_6zmivzHhzRVbKVRNFEDq_F5J9 -fp2P3PXrYWU7rglKQtWcJpo3kMyC65zoPNVc-gMr4pfnpTTqzim5vVQyv-9w0QSwzvpKaydWPkm8 -E-kTotAQJ7r843U67U16-JTVb4n-7NummoNwshHo60BUb2xZd418VnIURD79QWt1zzOVFIs5f_LB -pebds0dtdL_cPGzuY23Z4SBWU2LTihziJDzYCIo-6PIL5-XeWqkwBrLRcy9-JffHYbaNVCf9g0Ml -cbnteUjuET-ea2-M-d1PwOIIr_ziU3UpMClQJ1GRZEuy4Aco9qJgMUqoJVJfEI_4CdLNVMTRwg1- -T81PoIf0nN_cje8pQlu3LX_B0oozdJd5yfGqsM021jsXPs0uJ5KuLPHP8NvY_uDqaqANXRUEG2ke -d57X6nF2CXcXXFKO0cf8-L35UrzbYgaZt5XsPP_sDl4WkKqJxKjREvrzjE4DXHfwrGqCMg7E767O -y9-uPF5SpfgUer8jtQcFlREAl050CwMzv90TBb2UqM3Ydi6qq80miKBqXVbKMgqdBs7qIVxXLm43 -TR-krMmMnimWBI6SVxEFREXnzHePItLazefHwZTqn7_0Tu_WPqZltLIKo_waKV57nrnH3EJtd7lu -GI5vIp46XQ6k-5LHOkfibKmImEKl19pFUvJehEjgVE6C3_2RnEmpG3T779_KJZKEy1sMqrud2QPX -2rZPnfEJEaEkYW8jibKwZtNQ0HpRarg1sc0p4mrl6dGGqLbdPBSsxLdAkm9gLRKkMPsS_gtfjjWZ -oPmUydEHu2fhUOjqsADpa76QSlPsun2-aL1CEiUAwzow9e68gxmnMQz02rc_cXElhskH2dDPod2w -h2c6PfVkji5rvk-nDFJQ0MwMbpl1ctSI4_gZU4j_OD6nSh4RbXgC4wwzfqAGe_A-9UNq2bkmC1BA -CDzjZXZRtZTCjgyaAH9yt6bsGTNxCfqD_OiRv7rQrO0yy-o4kGTidlW9Xwk_THgVn9-hF76JiDc- -bw9DxTzJwQxHxrg7JNicFbpXP071rdaXRrXWxUQ7X7ZRWrZuCJ87qhOqfd3iE2VylI3vwEaqrDGD -AULLczDd50X594-_pN8bCW_Nya5vjvRWNZmv1Uh0_YtbmotCj4Fz9vlTs5bIbfnyUp5sCk7jZZrv -RGGFTU3mwa7jq-0uzY-jYdosDyU2PXMI0WZsSiSF08g_K7y0nnoSEa9kPtOWPTcotEXsTeZ5cgpj -Bufi_U1SoW-kKG5-eyNDbputpvEFy00zrcSj3U8A6m2YkCxRQ7m_s9wnISiwVdVKuSCQ08MvyOrs -10a3HHPB7T1BDA6sPVpDrGBjq7piVDQZvEgA9CGIrcyHrRR8_96DGKbMboUaY9vNG2NBJc7zcBRw -AHs6cc-LKxB1mMUPNJZHxDNQOCk_nnbzGSG2AWppZHEmTpmB0tg0ZM03aqDrGgOK07xREZSZaAMY -TmVNJSgEIOA2mEDoP2qOHdT5eQmn7xK34HSWJBKR6l1N30K626oomF70DVgqRSqkSZ0rhDBZzNzy -VlZ4hG_ZZCJOcm_AUShWOsS6JJ11s23uJKkZQeaTZCWc0KVqhtWbKTE8CVyRzm1XcyRONdJVnvXN -P4ANxGMzsaRZDC31gJYbSirZoTobLQ5OZxgNaNY9cBsEuK6r3sznPORG98d9y33x4Xa5HUedrHju -HxAAADMCZwK0ITdWPPsk9lsag-tNor16nfLXj20y2JdLaZfx2PnluQjCitwskuZhTcWmHRZ0Ry7t -ZxfxCSh5IOnAowFu1G2t0RiooKh4v26wOLTCzFiV0ZSmw1VSflkabxsIY9K2rh4-24QwQaAt
\ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.trust.jks Binary files differdeleted file mode 100644 index 808c1b92..00000000 --- a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.trust.jks +++ /dev/null diff --git a/datarouter-docker-compose/src/main/resources/node_data/node.properties b/datarouter-docker-compose/src/main/resources/node_data/node.properties index c692b906..ddd4ebc8 100644 --- a/datarouter-docker-compose/src/main/resources/node_data/node.properties +++ b/datarouter-docker-compose/src/main/resources/node_data/node.properties @@ -57,26 +57,11 @@ SpoolDir = /opt/app/datartr/spool RedirectionFile = etc/redirections.dat # # The type of keystore for https -KeyStoreType = jks -# -# The path to the keystore for https -KeyStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https TrustStoreType = jks # -# The path to the truststore for https -TrustStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& -# # The path to the file used to trigger an orderly shutdown QuiesceFile = etc/SHUTDOWN # @@ -95,9 +80,8 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-onap-test.osaaf.org:8095 -# # AAF CADI enabled flag CadiEnabled = false - +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props
\ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.jks Binary files differdeleted file mode 100644 index 17027970..00000000 --- a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.jks +++ /dev/null diff --git a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile deleted file mode 100644 index 59f161f9..00000000 --- a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -XzAbZ4lSt3j0vgqonk1lGgt_2IvBzet-MDbt7nlxdj5vrQbUBET9eqIfjRBMlen0E815nYm6nRBi -RR2fUKzqO8JIn2s19e3fmYrp9wTbIkY9GXOzsnuSeyRxVxxW-82VrAD-gSBmqUEJvPjqjVWinadL -LVy1h9lE35EErQkBpK_GmqVp2RajjXv8N_5LcKkkc4vYJQ8WclOHwN_BnQpNS1NLBWJVXSPeVwjM -zIkQ10Q6GGEGCurBPLef9UiXD73oVnQsVyZY3E87X7RbDfCiVbfmHN1hyVkR3DX6gDfrfjTnqkqE -Hv7kw43qXx9-aRCHrqnmaGYBTscU5JgxTNpqe5hvxLJHnDwLTtHDx-vES0PljekcofQVT5pWJvRK -ltZtPQwuGlapONa_rDuMq3sSDx8gXKE01rjK0bNDurIPvFzyef0RoDYIc3m4M-KdsBMlnE7oyBAz -OXCPt42HLJX55F9boRIWwSy-8o3AsPXwQTwEKoD7ZUL4pZ2Zf45npfQLlhhs5x_ERcPTrOXrF7Uu -40HxQnMbwO_Ofz7CrlKe78UImSJbsQp0heyBbr6irHrMq6_E1DqbjWafs_a4kKNbtfN4fHHvxkA0 -9J_plrqVOoBqFaeUc9MJt_6WBYq2vDFbHSvBf9QZKnaVZ3aKU2MzV2Y5xjw7V6rgDQHwmXXeAmfV --Z3JT5ocQhyG4SqyKhSrzh4nGOMt51yy68hPPHMrYnpW8VF99qTLqSmQfLAeNqog413Efj75oQDW -JLw1BR56ABvCPdcR5wZruo2Egwak1UyiRL0Mjd8txrjc4uojiiqddqalEQrORvn4BgP0OKQOOdUx -dArQ4HqjBGwvurQUM0XjBvyqki1h1pxhSNeuyOY3mofVB2NNi-ZvSHHUpwqIgQ4kVLombpsKw2W9 -AW-3h4cLYl3LgP_LRH5mS8Mo_BEKZqivM9v9YYVZCgB2Djqyn3MQXpcFSxaB1AK9wG4TmMneFP7W -_dHqJnx26njAtff1y2ud8cmW_UGgzMb33QGIjIrYo3AVX8_G8iEQ-838fDpGE7BdqLSam-BMoeo3 -WPht7-O8gx7utuYx1ceCetunKRmh3Tfga_0srBNDWMyzuiPvbLX3oUJO_F5p5734Qwm5CeqCAaJv -sU_yfzTgUPqS6jC9cuKi54h3HrzV-k7DcSdGrpsAgzYZdHwi7XFfAzFOhkpBeNUNzDCX8B7yTHjU -dKdGDezdgs7lMWbJwnSNFDyTwbZdk4XTnSrtdhmOZp4oVizEQgha0Un0ISKQ519kajTFj1rZV6ue -h8SzN4QXOw6BHYB5rsy8YEvWbkfyneQ74HeyeWRRq3p4UdBTTUn2JbGM0neErRrxnYvmKIdFlSsU -NlEgNf7dh_kqdWUBkXfud32ftazttjmiO4zkqBupsJTlxj9Tjam9aZqNhunPNI9znf4luKAiRa3v -26giSwRUX8mjlK5FvBNUbLeFM-G3Pk2jQej13q1lZ3PZMesLjUwvvMIdlu9qmDx_TCYSy72-6O2A -qmPlUeYCKgI8eVaZV79aM6YtomaopHiPCcyJGWl114Ke4j8H3-Lg3EkjfVROwQw_fKn2z4Eci7io -LetFQnibRw2ow-Z0F-Db3kuEuRTgmb6U0pMUO3njou6Sq7oa_gaND0XYHy6MKGu1uJ9aKVLZ9uy4 -m9KRxZvq71LRJkD84y9bMv14lxzUsosuzbXV7Q_uz8kceWSq_1BLXQXam9j5rxN6SKEk_Rn0jgnX -h4A4e7q6loMXUq4nPSVII9K6pHAqfi1sDLhVZ239XcLBwKY9R5f0jgYy76AI1dN-_oEMdXJf_L6w -KuRJ4jy0XSfyV_QvS6at77san2UIOkdY_tuI03Ps3fTzSaztsy5yX22t-6TnkFSoYxGkuMw9R-Rn -ZwJIanS3v_wQbgNdUB6JIlE_9kkHYCokheldHkKndV8eEc6Z6bgasNWKB3PreI1m6UrfZI3agd-n -zhsQppGFk8j7Tkq4S_9SP1OFVCgCT3-mU0UhPhDhCFPM1bladfj8RptCbPKO66evW1c_ooU2
\ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties b/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties index 46a1f55a..07060a84 100755 --- a/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties +++ b/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties @@ -27,12 +27,7 @@ org.onap.dmaap.datarouter.provserver.http.port = 8080 org.onap.dmaap.datarouter.provserver.https.port = 8443 org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool @@ -63,7 +58,4 @@ org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.fe org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe - -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095
\ No newline at end of file +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks Binary files differdeleted file mode 100644 index 2320dc9f..00000000 --- a/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks +++ /dev/null diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-node/aaf_certs/org.onap.dmaap-dr.keyfile deleted file mode 100644 index 0d187ccf..00000000 --- a/datarouter-node/aaf_certs/org.onap.dmaap-dr.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -6-tNRI8kimOFIXwcTbENGrkJzim1NFAcA4iRrbWVSteGmgX0-RzgwYEy4wnNju7jlOUfRVKqJSYL -0qcHP1Z9AbX_K5zqJ2CATFO_0tlvNbocvoh6IecTlvL6V00hlVzP1JjCedUN0cO13TSnc4_NpWWj -nVZ9EaFQTmFL0NiYj-TPqRolhnQCIMDruBI6ImOIrnWxIcOEpH_6zmivzHhzRVbKVRNFEDq_F5J9 -fp2P3PXrYWU7rglKQtWcJpo3kMyC65zoPNVc-gMr4pfnpTTqzim5vVQyv-9w0QSwzvpKaydWPkm8 -E-kTotAQJ7r843U67U16-JTVb4n-7NummoNwshHo60BUb2xZd418VnIURD79QWt1zzOVFIs5f_LB -pebds0dtdL_cPGzuY23Z4SBWU2LTihziJDzYCIo-6PIL5-XeWqkwBrLRcy9-JffHYbaNVCf9g0Ml -cbnteUjuET-ea2-M-d1PwOIIr_ziU3UpMClQJ1GRZEuy4Aco9qJgMUqoJVJfEI_4CdLNVMTRwg1- -T81PoIf0nN_cje8pQlu3LX_B0oozdJd5yfGqsM021jsXPs0uJ5KuLPHP8NvY_uDqaqANXRUEG2ke -d57X6nF2CXcXXFKO0cf8-L35UrzbYgaZt5XsPP_sDl4WkKqJxKjREvrzjE4DXHfwrGqCMg7E767O -y9-uPF5SpfgUer8jtQcFlREAl050CwMzv90TBb2UqM3Ydi6qq80miKBqXVbKMgqdBs7qIVxXLm43 -TR-krMmMnimWBI6SVxEFREXnzHePItLazefHwZTqn7_0Tu_WPqZltLIKo_waKV57nrnH3EJtd7lu -GI5vIp46XQ6k-5LHOkfibKmImEKl19pFUvJehEjgVE6C3_2RnEmpG3T779_KJZKEy1sMqrud2QPX -2rZPnfEJEaEkYW8jibKwZtNQ0HpRarg1sc0p4mrl6dGGqLbdPBSsxLdAkm9gLRKkMPsS_gtfjjWZ -oPmUydEHu2fhUOjqsADpa76QSlPsun2-aL1CEiUAwzow9e68gxmnMQz02rc_cXElhskH2dDPod2w -h2c6PfVkji5rvk-nDFJQ0MwMbpl1ctSI4_gZU4j_OD6nSh4RbXgC4wwzfqAGe_A-9UNq2bkmC1BA -CDzjZXZRtZTCjgyaAH9yt6bsGTNxCfqD_OiRv7rQrO0yy-o4kGTidlW9Xwk_THgVn9-hF76JiDc- -bw9DxTzJwQxHxrg7JNicFbpXP071rdaXRrXWxUQ7X7ZRWrZuCJ87qhOqfd3iE2VylI3vwEaqrDGD -AULLczDd50X594-_pN8bCW_Nya5vjvRWNZmv1Uh0_YtbmotCj4Fz9vlTs5bIbfnyUp5sCk7jZZrv -RGGFTU3mwa7jq-0uzY-jYdosDyU2PXMI0WZsSiSF08g_K7y0nnoSEa9kPtOWPTcotEXsTeZ5cgpj -Bufi_U1SoW-kKG5-eyNDbputpvEFy00zrcSj3U8A6m2YkCxRQ7m_s9wnISiwVdVKuSCQ08MvyOrs -10a3HHPB7T1BDA6sPVpDrGBjq7piVDQZvEgA9CGIrcyHrRR8_96DGKbMboUaY9vNG2NBJc7zcBRw -AHs6cc-LKxB1mMUPNJZHxDNQOCk_nnbzGSG2AWppZHEmTpmB0tg0ZM03aqDrGgOK07xREZSZaAMY -TmVNJSgEIOA2mEDoP2qOHdT5eQmn7xK34HSWJBKR6l1N30K626oomF70DVgqRSqkSZ0rhDBZzNzy -VlZ4hG_ZZCJOcm_AUShWOsS6JJ11s23uJKkZQeaTZCWc0KVqhtWbKTE8CVyRzm1XcyRONdJVnvXN -P4ANxGMzsaRZDC31gJYbSirZoTobLQ5OZxgNaNY9cBsEuK6r3sznPORG98d9y33x4Xa5HUedrHju -HxAAADMCZwK0ITdWPPsk9lsag-tNor16nfLXj20y2JdLaZfx2PnluQjCitwskuZhTcWmHRZ0Ry7t -ZxfxCSh5IOnAowFu1G2t0RiooKh4v26wOLTCzFiV0ZSmw1VSflkabxsIY9K2rh4-24QwQaAt
\ No newline at end of file diff --git a/datarouter-node/pom.xml b/datarouter-node/pom.xml index 6ebfd967..af605b0b 100755 --- a/datarouter-node/pom.xml +++ b/datarouter-node/pom.xml @@ -42,8 +42,8 @@ </properties> <dependencies> <dependency> - <groupId>org.hamcrest</groupId> - <artifactId>hamcrest-library</artifactId> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> </dependency> <dependency> <groupId>org.slf4j</groupId> @@ -58,10 +58,6 @@ <artifactId>commons-io</artifactId> </dependency> <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> - <dependency> <groupId>org.json</groupId> <artifactId>json</artifactId> </dependency> @@ -78,10 +74,6 @@ <artifactId>logback-core</artifactId> </dependency> <dependency> - <groupId>com.intellij</groupId> - <artifactId>annotations</artifactId> - </dependency> - <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> </dependency> @@ -106,37 +98,54 @@ <artifactId>aaf-cadi-core</artifactId> </dependency> <dependency> + <groupId>com.intellij</groupId> + <artifactId>annotations</artifactId> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-library</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> <groupId>org.sonatype.http-testing-harness</groupId> <artifactId>junit-runner</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-module-junit4</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-api-mockito</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-api-support</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-core</artifactId> - </dependency> - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-lang3</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.awaitility</groupId> <artifactId>awaitility</artifactId> <version>3.1.6</version> + <scope>test</scope> </dependency> </dependencies> <profiles> @@ -205,7 +214,7 @@ <directory>src/main/resources</directory> <filtering>true</filtering> <includes> - <include>**/EelfMessages.properties</include> + <include>**/logback.xml</include> </includes> </resource> </resources> @@ -260,7 +269,7 @@ <directory>${basedir}/src/main/resources/docker</directory> <filtering>true</filtering> <includes> - <include>**/*</include> + <include>Dockerfile</include> </includes> </resource> </resources> @@ -287,7 +296,7 @@ </configuration> </execution> <execution> - <id>copy-resources-2</id> + <id>copy-resources-etc</id> <phase>validate</phase> <goals> <goal>copy-resources</goal> @@ -301,61 +310,32 @@ <include>misc/**</include> <include>**/**</include> </includes> + <excludes> + <exclude>aaf/**</exclude> + <exclude>docker/**</exclude> + </excludes> </resource> </resources> </configuration> </execution> <execution> - <id>copy-resources-3</id> + <id>copy-aaf-props</id> <phase>validate</phase> <goals> <goal>copy-resources</goal> </goals> <configuration> - <outputDirectory>${basedir}/target/docker-stage/opt/app/datartr</outputDirectory> + <outputDirectory>${basedir}/target/docker-stage/opt/app/osaaf/local</outputDirectory> <resources> <resource> - <directory>${basedir}/data</directory> + <directory>${basedir}/src/main/resources/aaf</directory> <includes> - <include>misc/**</include> <include>**/**</include> </includes> </resource> </resources> </configuration> </execution> - <execution> - <id>copy-resources-4</id> - <phase>validate</phase> - <goals> - <goal>copy-resources</goal> - </goals> - <configuration> - <outputDirectory>${basedir}/target/docker-stage/opt/app/datartr/aaf_certs</outputDirectory> - <resources> - <resource> - <directory>${basedir}/aaf_certs</directory> - <includes> - <include>misc/**</include> - <include>**/**</include> - </includes> - </resource> - </resources> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>package</phase> - <configuration> - <outputDirectory>${project.build.directory}/docker-stage/opt/app/datartr/lib</outputDirectory> - </configuration> - </execution> </executions> </plugin> <plugin> diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java index 245dbccd..9cdaeecd 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java @@ -35,7 +35,7 @@ import org.onap.aaf.cadi.filter.CadiFilter; public class DRNodeCadiFilter extends CadiFilter { - private static EELFLogger logger = EELFManager.getInstance().getLogger(NodeServlet.class); + private static EELFLogger logger = EELFManager.getInstance().getLogger(DRNodeCadiFilter.class); DRNodeCadiFilter(boolean init, PropAccess access) throws ServletException { super(init, access); diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/Delivery.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/Delivery.java index 46750812..83d5186a 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/Delivery.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/Delivery.java @@ -168,7 +168,9 @@ public class Delivery { } } try { - Files.delete(sxf.toPath()); // won't if anything still in it + if (sxf.list().length == 0) { + Files.delete(sxf.toPath()); // won't if anything still in it + } } catch (IOException e) { logger.error("Failed to delete file: " + sxf.getPath(), e); } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java new file mode 100644 index 00000000..542dfd08 --- /dev/null +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java @@ -0,0 +1,58 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.dmaap.datarouter.node; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import org.onap.aaf.cadi.PropAccess; + +class NodeAafPropsUtils { + + private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeAafPropsUtils.class); + private PropAccess propAccess; + + NodeAafPropsUtils(File propsFile) throws IOException { + propAccess = new PropAccess(); + try { + propAccess.load(new FileInputStream(propsFile.getPath())); + } catch (IOException e) { + eelfLogger.error("Failed to load props file: " + propsFile + "\n" + e.getMessage(), e); + throw e; + } + } + + String getDecryptedPass(String password) { + String decryptedPass = ""; + try { + decryptedPass = getPropAccess().decrypt(getPropAccess().getProperty(password), false); + } catch (IOException e) { + eelfLogger.error("Failed to decrypt " + password + " : " + e.getMessage(), e); + } + return decryptedPass; + } + + PropAccess getPropAccess() { + return propAccess; + } +} diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java index 0283f5cb..aeddc729 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java @@ -105,6 +105,7 @@ public class NodeConfigManager implements DeliveryQueueHelper { private String aafAction; private String aafURL; private boolean cadiEnabled; + private NodeAafPropsUtils nodeAafPropsUtils; /** @@ -124,6 +125,14 @@ public class NodeConfigManager implements DeliveryQueueHelper { "/opt/app/datartr/etc/node.properties")); } provurl = drNodeProperties.getProperty("ProvisioningURL", "https://dmaap-dr-prov:8443/internal/prov"); + String aafPropsFilePath = drNodeProperties + .getProperty("AAFPropsFilePath", "/opt/app/osaaf/local/org.onap.dmaap-dr.props"); + try { + nodeAafPropsUtils = new NodeAafPropsUtils(new File(aafPropsFilePath)); + } catch (IOException e) { + eelfLogger.error("NODE0314 Failed to load AAF props. Exiting", e); + exit(1); + } /* * START - AAF changes: TDP EPIC US# 307413 * Pull AAF settings from node.properties @@ -131,8 +140,8 @@ public class NodeConfigManager implements DeliveryQueueHelper { aafType = drNodeProperties.getProperty("AAFType", "org.onap.dmaap-dr.feed"); aafInstance = drNodeProperties.getProperty("AAFInstance", "legacy"); aafAction = drNodeProperties.getProperty("AAFAction", "publish"); - aafURL = drNodeProperties.getProperty("AafUrl", "https://aaf-onap-test.osaaf.org:8095"); cadiEnabled = Boolean.parseBoolean(drNodeProperties.getProperty("CadiEnabled", "false")); + aafURL = nodeAafPropsUtils.getPropAccess().getProperty("aaf_locate_url", "https://aaf-locate:8095"); /* * END - AAF changes: TDP EPIC US# 307413 * Pull AAF settings from node.properties @@ -168,13 +177,13 @@ public class NodeConfigManager implements DeliveryQueueHelper { eventlogprefix = logdir + "/events"; eventlogsuffix = ".log"; redirfile = drNodeProperties.getProperty("RedirectionFile", "etc/redirections.dat"); - kstype = drNodeProperties.getProperty("KeyStoreType", "jks"); - ksfile = drNodeProperties.getProperty("KeyStoreFile", "etc/keystore"); - kspass = drNodeProperties.getProperty("KeyStorePassword", CHANGE_ME); - kpass = drNodeProperties.getProperty("KeyPassword", CHANGE_ME); + kstype = drNodeProperties.getProperty("KeyStoreType", "PKCS12"); + ksfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_keystore"); + kspass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); + kpass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); tstype = drNodeProperties.getProperty("TrustStoreType", "jks"); - tsfile = drNodeProperties.getProperty("TrustStoreFile"); - tspass = drNodeProperties.getProperty("TrustStorePassword", CHANGE_ME); + tsfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_truststore"); + tspass = nodeAafPropsUtils.getDecryptedPass("cadi_truststore_password"); if (tsfile != null && tsfile.length() > 0) { System.setProperty("javax.net.ssl.trustStoreType", tstype); System.setProperty("javax.net.ssl.trustStore", tsfile); @@ -802,6 +811,10 @@ public class NodeConfigManager implements DeliveryQueueHelper { return cadiEnabled; } + public NodeAafPropsUtils getNodeAafPropsUtils() { + return nodeAafPropsUtils; + } + /** * Builds the permissions string to be verified. * diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java index fcc3f897..56086301 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java @@ -25,12 +25,8 @@ package org.onap.dmaap.datarouter.node; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; -import java.io.IOException; -import java.io.InputStream; import java.util.EnumSet; -import java.util.Properties; import javax.servlet.DispatcherType; -import javax.servlet.ServletException; import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.HttpConfiguration; @@ -43,7 +39,6 @@ import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; -import org.onap.aaf.cadi.PropAccess; /** * The main starting point for the Data Router node. @@ -144,7 +139,8 @@ public class NodeMain { //CADI Filter activation check if (nodeConfigManager.getCadiEnabled()) { - enableCadi(servletContextHandler); + servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, + nodeConfigManager.getNodeAafPropsUtils().getPropAccess())), "/*", EnumSet.of(DispatcherType.REQUEST)); } server.setHandler(servletContextHandler); @@ -163,24 +159,6 @@ public class NodeMain { nodeMainLogger.debug("NODE00007 Node Server joined - " + server.getState()); } - private static void enableCadi(ServletContextHandler servletContextHandler) throws ServletException { - Properties cadiProperties = new Properties(); - try { - Inner obj = new NodeMain().new Inner(); - InputStream in = obj.getCadiProps(); - cadiProperties.load(in); - } catch (IOException e1) { - nodeMainLogger - .error("NODE00005 Exception in NodeMain.Main() loading CADI properties " + e1.getMessage(), e1); - } - cadiProperties.setProperty("aaf_locate_url", nodeConfigManager.getAafURL()); - nodeMainLogger.debug("NODE00005 aaf_url set to - " + cadiProperties.getProperty("aaf_url")); - - PropAccess access = new PropAccess(cadiProperties); - servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, access)), "/*", EnumSet - .of(DispatcherType.REQUEST)); - } - private static class WaitForConfig implements Runnable { private NodeConfigManager localNodeConfigManager; @@ -200,26 +178,12 @@ public class NodeMain { try { wait(); } catch (Exception exception) { - nodeMainLogger - .error("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(), - exception); + nodeMainLogger.error("NodeMain: waitForConfig exception. Exception Message:- " + + exception.toString(), exception); } } localNodeConfigManager.deregisterConfigTask(this); nodeMainLogger.debug("NODE0004 Node Configuration Data Received"); } } - - class Inner { - - InputStream getCadiProps() { - InputStream in = null; - try { - in = getClass().getClassLoader().getResourceAsStream("drNodeCadi.properties"); - } catch (Exception e) { - nodeMainLogger.error("Exception in Inner.getCadiProps() method ", e); - } - return in; - } - } } diff --git a/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.cred.props b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..173d2fd1 --- /dev/null +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:25:19.002+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=enc:wQM4uZbepQQWfJd9uhcfPZJc7TAOnfTnj5xv9uCRteQOTuc7mSXAWjg9heC7lXod +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_key_password=enc:YhS5u9Fqt-ssUs-1wWrv7xkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr.p12 +cadi_keystore_password=enc:NwhywpJzc4rlcpwkPRs4GWkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_keystore_password_jks=enc:McsNbnuHb5tgoa_UMgdTdHqWEG4bt6VcPsc_NTzS277aDcrNRutDSBDYyyLD5no2 +cadi_keystore_password_p12=enc:NwhywpJzc4rlcpwkPRs4GWkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_truststore=/opt/app/osaaf/local/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=enc:xWbQBg4WdbHbQgvKGrol0ns16g9jgFYteR3nQkwTl65BtvtWf_ZKhSVP8w_Z0VHU +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.keyfile b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.keyfile new file mode 100644 index 00000000..cbed0407 --- /dev/null +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +hPUFfq-4kxkPy1LmRi50b_bhcRn9BKecnkq0u-Uec6JnRIsMgqUiEYJMbxGCGEZquBLszBBPj2Ux +udBAZ5FPIp5IkQFX6NpXJTCqPW9lb4k6KVhRSqSocascKnbYdZxrdThqOaw26kDiw04NFzA7jwxF +G9m2IVWF9AaKx7jQAqaoy4SSK5g1OaI4fGqWQn4HW3HuVJ7cc52JUmrcIGIV-I_6pR0ZAPezHxGn +5k-0rErQEZBHfj0S1M74Lx-eOa7gRlj0b3O8Zq-yfOllRLBZiMLuTmWlVz4ikbmL_eNC2RmjuEyy +v-wFva0Y4dqXEVEj9FoBUAQy7vE-I6VxGRffQRAi4Mnz0v4ISkHPmiOJsYmIzjT2bWyLKloJENfQ +LhV180qF-7UrjWGI2DhlVV_r4AY32-KLU7HLECpKRSjeqhWva_nZAj7ELGvBBTftGDu3HKts_MqU +hb14f5482rHZGPDYv3dCsere31ShIF6WF_YNhO494RgdSMugvWDZwxQYngNjGTgxS8hKezD5erp_ +BoqMuI3xotgaKZluV8yrxsc-M-0F97hJGxn7k1y37jKQugGUNDEwsX5MiHFd9OYY5jY9Pdr2tEXk +PqEmZQXBeCXJOku7KQFwEl4nqkw-52JJS1PAks4v_dlkrJIL95q6zAQOrgSgc597_-0x90k22Zd8 +FowwHQ42R-bo9oRyO0Qbypzd1Ftzu7kCalYH35qcLyAiIOO9NYAwSi5tYldzHgUhVq4wb1aoomeP +HISpNJfT2rK-AGMZw3d3nXWK1b3ztkF-74nD2s-WuTLeomBni1eMiLED850GyRD4uB4j4zF_4dZF +OmT6iShH7RR-gTolGZSAG7sBbwNs3lks9usVWI0qSulQvHBs14QvOY7EmO4SMRueUMo6ZIaOJIkB +uxNzoM_yQ2mMb24AZm_tT1xqMbGf76oYcx8Mu4zcXFkoe-4xDA1D-HXiPtyOzj6K0ByR86aytY2J +SI8mltJwtPx_t5t1fb0nFMQYCM5DzODKXgd-QhEJ8Q64uw6kSFFkv09ZCP0fvWy5Q7AEOAw_Y1YJ +lYyG7Bzu4E8PAQrihKhyYnFsp7WmMak_DGB2oskfHjffsb9Yh4FSM9EyB8x40ryQ6c8SAoP9LmYh +87-NvfQfuinLlHl7BcqCWmA7jwHo44r_L8guXWQ0wSRdCnfphc4_FthK2VQrURzFXTPnb3UvNE4I +U93lmmbwSlCoBjI2SwJAQvBpztlmbaFxgDA2Tbk6Mh6_cKiza2EcXCJzVXghFIqXtPQpAXPwHBZv +NrmKRamZBlMSkWPzPuIbfH6XYqCw3bodTEktzJZYzABFVkyIZ4JtstvoDGxaQDy6Ob2POLhuq0YY +ZW9eVhfvGWNyBK5sWSzEuCrd-nPN-XuDZjt8kWN4GTmokXnV_j20GDHyqwczikrCnlfReA1u2-O8 +VXmHvKMSHI3ckLdGP8QIOWoC4FfFi0QG62McYZO83ZA2wjRZVnS3bAz04uhLryqafm-aJ7tg1XBg +BNTIuJSrWA1WIU-UngRV0TheiNIGtmhBeNdZfWg5MHXaVzSYj0w6A7A7Kwf4cXt2dJosX_8fCLzY +2Q8XA8NjG9_gkE7hwav8UdmUAw86HQW6mTpjOIdSsQ0NauwNbREq4tec-9kuzZGkW4JwlJsxl_xn +yOP1eMHDoV_Xmiz8UxTiWjHHeh3AQcV7G6J0uyjcRTHESAR-jxptepD_iZr-cptrUb43H_spNtSY +dGZ3OvZIl2W-sFbO78ioCaLqYA0Uq35vwMIUpdjFIYb9vUA4JFTXNk3J5oCYX3vibIpACqYODFQ3 +CSqWg_Xg0Eci7VshNXZ9S69hX2KZFnf-qpnvOnRvrOCPJ2HqnZ8RaAkRygT5Nk0VRgLT8BM_1ao5 +MNCgoVw3C_tJlq66i7ve3TY2jamg6_jPxcb_7aKnbTWvKaP0p3dqlnrj3Irc35SD1k_cq1Nh8CYP +Fd06LzCFxS4Ws_ueZ9GJpREYnh6rleFVj-qI6F73rfHiGhFta-4Q_XJeZuplJkrRbHmo5GRb
\ No newline at end of file diff --git a/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.location.props b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.location.props new file mode 100644 index 00000000..3bb069c6 --- /dev/null +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.location.props @@ -0,0 +1,8 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:24:02.091+0000 +# @copyright 2019, AT&T +############################################################ +cadi_latitude=0.00 +cadi_longitude=0.00 diff --git a/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.p12 b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.p12 Binary files differnew file mode 100644 index 00000000..b5c30479 --- /dev/null +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.p12 diff --git a/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.props b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.props new file mode 100644 index 00000000..c379da51 --- /dev/null +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.props @@ -0,0 +1,21 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:24:02.090+0000 +# @copyright 2019, AT&T +############################################################ +aaf_env=DEV +aaf_id=dmaap-dr-node@dmaap-dr.onap.org +aaf_locate_url=https://aaf-locate:8095 +aaf_locator_container=oom +aaf_locator_container_ns=onap +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1 +aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1 +aaf_url_fs=https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1 +aaf_url_gui=https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1 +aaf_url_hello=https://aaf-locate:8095/locate/onap.org.osaaf.aaf.hello:2.1 +aaf_url_oauth=https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1 +cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap-dr.location.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props +cadi_protocols=TLSv1.1,TLSv1.2
\ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.trust.jks Binary files differindex 2fe06cd2..c837fa05 100644 --- a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.trust.jks +++ b/datarouter-node/src/main/resources/aaf/org.onap.dmaap-dr.trust.jks diff --git a/datarouter-node/src/main/resources/docker/Dockerfile b/datarouter-node/src/main/resources/docker/Dockerfile index 01880bbb..c6f6c61f 100644 --- a/datarouter-node/src/main/resources/docker/Dockerfile +++ b/datarouter-node/src/main/resources/docker/Dockerfile @@ -34,7 +34,7 @@ RUN chmod 0700 startup.sh ENTRYPOINT ["sh", "startup.sh"] RUN addgroup -S -g 1001 onap \ - && adduser -S -u 1000 datarouter -G onap \ - && chown -R datarouter:onap /opt/ /var/ + && adduser -S -u 1000 dradmin -G onap \ + && chown -R dradmin:onap /opt/ /var/ -USER datarouter
\ No newline at end of file +USER dradmin
\ No newline at end of file diff --git a/datarouter-node/src/main/resources/docker/startup.sh b/datarouter-node/src/main/resources/docker/startup.sh index c4a655fb..8843b221 100644 --- a/datarouter-node/src/main/resources/docker/startup.sh +++ b/datarouter-node/src/main/resources/docker/startup.sh @@ -16,4 +16,5 @@ java -classpath $CLASSPATH org.onap.dmaap.datarouter.node.NodeMain runner_file="$LIB/datarouter-node-jar-with-dependencies.jar" echo "Starting using" $runner_file -java -Dcom.att.eelf.logging.file=/opt/app/datartr/etc/logback.xml -Dcom.att.eelf.logging.path=/root -Dorg.onap.dmaap.datarouter.node.properties=/opt/app/datartr/etc/node.properties -jar $runner_file
\ No newline at end of file +java -Dcom.att.eelf.logging.file=/opt/app/datartr/etc/logback.xml -Dcom.att.eelf.logging.path=/root \ +-Dorg.onap.dmaap.datarouter.node.properties=/opt/app/datartr/etc/node.properties -jar $runner_file
\ No newline at end of file diff --git a/datarouter-node/src/main/resources/drNodeCadi.properties b/datarouter-node/src/main/resources/drNodeCadi.properties deleted file mode 100644 index 8dfcab1c..00000000 --- a/datarouter-node/src/main/resources/drNodeCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL -cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g - -aaf_env=DEV -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=DEBUG
\ No newline at end of file diff --git a/datarouter-node/src/main/resources/node.properties b/datarouter-node/src/main/resources/node.properties index 7c076359..1d7a5d42 100644 --- a/datarouter-node/src/main/resources/node.properties +++ b/datarouter-node/src/main/resources/node.properties @@ -57,26 +57,11 @@ SpoolDir = /opt/app/datartr/spool RedirectionFile = etc/redirections.dat # # The type of keystore for https -KeyStoreType = jks -# -# The path to the keystore for https -KeyStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https TrustStoreType = jks # -# The path to the truststore for https -TrustStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& -# # The path to the file used to trigger an orderly shutdown QuiesceFile = etc/SHUTDOWN # @@ -95,9 +80,8 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-onap-test.osaaf.org:8095 -# # AAF CADI enabled flag CadiEnabled = false - +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtilsTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtilsTest.java new file mode 100644 index 00000000..aa5368b5 --- /dev/null +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtilsTest.java @@ -0,0 +1,39 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.dmaap.datarouter.node; + +import java.io.File; +import java.io.IOException; +import org.junit.Assert; +import org.junit.Test; + +public class NodeAafPropsUtilsTest { + + @Test + public void Veirfy_Aaf_Pass_Decryp_Successful() { + NodeAafPropsUtils nodeAafPropsUtils = null; + try { + nodeAafPropsUtils = new NodeAafPropsUtils(new File("src/test/resources/aaf/org.onap.dmaap-dr.props")); + } catch (IOException e) { + e.printStackTrace(); + } + Assert.assertEquals("tVac2#@Stx%tIOE^x[c&2fgZ", nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password")); + } +} diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java index 87c2bdf6..578053aa 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java @@ -35,7 +35,7 @@ import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; @RunWith(PowerMockRunner.class) -@PowerMockIgnore({"javax.net.ssl.*", "javax.security.auth.x500.X500Principal"}) +@PowerMockIgnore({"javax.net.ssl.*", "javax.security.auth.x500.X500Principal", "javax.crypto.*"}) @PrepareForTest({InetAddress.class, URL.class}) public class NodeConfigManagerTest { @@ -57,7 +57,7 @@ public class NodeConfigManagerTest { Assert.assertEquals("legacy", nodeConfigManager.getAafInstance()); Assert.assertEquals("src/test/resources/spool/f", nodeConfigManager.getSpoolDir()); Assert.assertEquals("src/test/resources/spool", nodeConfigManager.getSpoolBase()); - Assert.assertEquals("jks", nodeConfigManager.getKSType()); + Assert.assertEquals("PKCS12", nodeConfigManager.getKSType()); Assert.assertEquals(8080, nodeConfigManager.getHttpPort()); Assert.assertEquals(8443, nodeConfigManager.getHttpsPort()); Assert.assertEquals(443, nodeConfigManager.getExtHttpsPort()); @@ -70,7 +70,7 @@ public class NodeConfigManagerTest { Assert.assertEquals(new String[] {"TLSv1.1", "TLSv1.2"}, nodeConfigManager.getEnabledprotocols()); Assert.assertEquals("org.onap.dmaap-dr.feed", nodeConfigManager.getAafType()); Assert.assertEquals("publish", nodeConfigManager.getAafAction()); - Assert.assertEquals("https://aaf-onap-test.osaaf.org:8095", nodeConfigManager.getAafURL()); + Assert.assertEquals("https://aaf-locate:8095", nodeConfigManager.getAafURL()); Assert.assertFalse(nodeConfigManager.getCadiEnabled()); Assert.assertFalse(nodeConfigManager.isShutdown()); Assert.assertFalse(nodeConfigManager.isConfigured()); diff --git a/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.cred.props b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..3f081b5d --- /dev/null +++ b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:25:19.002+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=enc:wQM4uZbepQQWfJd9uhcfPZJc7TAOnfTnj5xv9uCRteQOTuc7mSXAWjg9heC7lXod +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_key_password=enc:YhS5u9Fqt-ssUs-1wWrv7xkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_keyfile=src/test/resources/aaf/org.onap.dmaap-dr.keyfile +cadi_keystore=src/test/resources/aaf/org.onap.dmaap-dr.p12 +cadi_keystore_password=enc:NwhywpJzc4rlcpwkPRs4GWkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_keystore_password_jks=enc:McsNbnuHb5tgoa_UMgdTdHqWEG4bt6VcPsc_NTzS277aDcrNRutDSBDYyyLD5no2 +cadi_keystore_password_p12=enc:NwhywpJzc4rlcpwkPRs4GWkOliMQDb8d7kmKKK2QwtwQu4Q7i_psLw0baQ-NY3mF +cadi_truststore=/opt/app/osaaf/local/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=enc:xWbQBg4WdbHbQgvKGrol0ns16g9jgFYteR3nQkwTl65BtvtWf_ZKhSVP8w_Z0VHU +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.keyfile b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.keyfile new file mode 100644 index 00000000..cbed0407 --- /dev/null +++ b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +hPUFfq-4kxkPy1LmRi50b_bhcRn9BKecnkq0u-Uec6JnRIsMgqUiEYJMbxGCGEZquBLszBBPj2Ux +udBAZ5FPIp5IkQFX6NpXJTCqPW9lb4k6KVhRSqSocascKnbYdZxrdThqOaw26kDiw04NFzA7jwxF +G9m2IVWF9AaKx7jQAqaoy4SSK5g1OaI4fGqWQn4HW3HuVJ7cc52JUmrcIGIV-I_6pR0ZAPezHxGn +5k-0rErQEZBHfj0S1M74Lx-eOa7gRlj0b3O8Zq-yfOllRLBZiMLuTmWlVz4ikbmL_eNC2RmjuEyy +v-wFva0Y4dqXEVEj9FoBUAQy7vE-I6VxGRffQRAi4Mnz0v4ISkHPmiOJsYmIzjT2bWyLKloJENfQ +LhV180qF-7UrjWGI2DhlVV_r4AY32-KLU7HLECpKRSjeqhWva_nZAj7ELGvBBTftGDu3HKts_MqU +hb14f5482rHZGPDYv3dCsere31ShIF6WF_YNhO494RgdSMugvWDZwxQYngNjGTgxS8hKezD5erp_ +BoqMuI3xotgaKZluV8yrxsc-M-0F97hJGxn7k1y37jKQugGUNDEwsX5MiHFd9OYY5jY9Pdr2tEXk +PqEmZQXBeCXJOku7KQFwEl4nqkw-52JJS1PAks4v_dlkrJIL95q6zAQOrgSgc597_-0x90k22Zd8 +FowwHQ42R-bo9oRyO0Qbypzd1Ftzu7kCalYH35qcLyAiIOO9NYAwSi5tYldzHgUhVq4wb1aoomeP +HISpNJfT2rK-AGMZw3d3nXWK1b3ztkF-74nD2s-WuTLeomBni1eMiLED850GyRD4uB4j4zF_4dZF +OmT6iShH7RR-gTolGZSAG7sBbwNs3lks9usVWI0qSulQvHBs14QvOY7EmO4SMRueUMo6ZIaOJIkB +uxNzoM_yQ2mMb24AZm_tT1xqMbGf76oYcx8Mu4zcXFkoe-4xDA1D-HXiPtyOzj6K0ByR86aytY2J +SI8mltJwtPx_t5t1fb0nFMQYCM5DzODKXgd-QhEJ8Q64uw6kSFFkv09ZCP0fvWy5Q7AEOAw_Y1YJ +lYyG7Bzu4E8PAQrihKhyYnFsp7WmMak_DGB2oskfHjffsb9Yh4FSM9EyB8x40ryQ6c8SAoP9LmYh +87-NvfQfuinLlHl7BcqCWmA7jwHo44r_L8guXWQ0wSRdCnfphc4_FthK2VQrURzFXTPnb3UvNE4I +U93lmmbwSlCoBjI2SwJAQvBpztlmbaFxgDA2Tbk6Mh6_cKiza2EcXCJzVXghFIqXtPQpAXPwHBZv +NrmKRamZBlMSkWPzPuIbfH6XYqCw3bodTEktzJZYzABFVkyIZ4JtstvoDGxaQDy6Ob2POLhuq0YY +ZW9eVhfvGWNyBK5sWSzEuCrd-nPN-XuDZjt8kWN4GTmokXnV_j20GDHyqwczikrCnlfReA1u2-O8 +VXmHvKMSHI3ckLdGP8QIOWoC4FfFi0QG62McYZO83ZA2wjRZVnS3bAz04uhLryqafm-aJ7tg1XBg +BNTIuJSrWA1WIU-UngRV0TheiNIGtmhBeNdZfWg5MHXaVzSYj0w6A7A7Kwf4cXt2dJosX_8fCLzY +2Q8XA8NjG9_gkE7hwav8UdmUAw86HQW6mTpjOIdSsQ0NauwNbREq4tec-9kuzZGkW4JwlJsxl_xn +yOP1eMHDoV_Xmiz8UxTiWjHHeh3AQcV7G6J0uyjcRTHESAR-jxptepD_iZr-cptrUb43H_spNtSY +dGZ3OvZIl2W-sFbO78ioCaLqYA0Uq35vwMIUpdjFIYb9vUA4JFTXNk3J5oCYX3vibIpACqYODFQ3 +CSqWg_Xg0Eci7VshNXZ9S69hX2KZFnf-qpnvOnRvrOCPJ2HqnZ8RaAkRygT5Nk0VRgLT8BM_1ao5 +MNCgoVw3C_tJlq66i7ve3TY2jamg6_jPxcb_7aKnbTWvKaP0p3dqlnrj3Irc35SD1k_cq1Nh8CYP +Fd06LzCFxS4Ws_ueZ9GJpREYnh6rleFVj-qI6F73rfHiGhFta-4Q_XJeZuplJkrRbHmo5GRb
\ No newline at end of file diff --git a/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.p12 b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.p12 Binary files differnew file mode 100644 index 00000000..b5c30479 --- /dev/null +++ b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.p12 diff --git a/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.props b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.props new file mode 100644 index 00000000..53c6de05 --- /dev/null +++ b/datarouter-node/src/test/resources/aaf/org.onap.dmaap-dr.props @@ -0,0 +1,21 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:24:02.090+0000 +# @copyright 2019, AT&T +############################################################ +aaf_env=DEV +aaf_id=dmaap-dr-node@dmaap-dr.onap.org +aaf_locate_url=https://aaf-locate:8095 +aaf_locator_container=docker +aaf_locator_container_ns=onap +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1 +aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1 +aaf_url_fs=https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1 +aaf_url_gui=https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1 +aaf_url_hello=https://aaf-locate:8095/locate/onap.org.osaaf.aaf.hello:2.1 +aaf_url_oauth=https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1 +cadi_prop_files=src/test/resources/aaf/org.onap.dmaap-dr.location.props:src/test/resources/aaf/org.onap.dmaap-dr.cred.props +cadi_protocols=TLSv1.1,TLSv1.2 diff --git a/datarouter-node/src/test/resources/logback-test.xml b/datarouter-node/src/test/resources/logback-test.xml new file mode 100644 index 00000000..77c471ec --- /dev/null +++ b/datarouter-node/src/test/resources/logback-test.xml @@ -0,0 +1,225 @@ +<!-- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= +--> +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + + <property name="logDir" value="logs/EELF" /> + <!-- log file names --> + <property name="auditLog" value="audit" /> + <property name="errorLog" value="error" /> + <property name="debugLog" value="debug" /> + <property name="metricsLog" value="metrics" /> + <property name="jettyLog" value="jetty" /> + + <!-- log file names --> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}%n|%msg%n" /> + <property name="logDirectory" value="${logDir}" /> + + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + + <appender name="Audit" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.AuditFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Audit" /> + </appender> + + <!-- ============================================================================ --> + + <appender name="Metrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.MetricsFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Metrics" /> + </appender> + + <!-- ============================================================================ --> + + + <appender name="Debug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.DebugFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Debug" /> + </appender> + + <!-- ============================================================================ --> + + <appender name="Error" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.ErrorFilter"> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Error"/> + </appender> + + <!-- ============================================================================ --> + <appender name="Jetty" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${jettyLog}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.JettyFilter" /> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${jettyLog}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncJettyLog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Jetty" /> + <includeCallerData>true</includeCallerData> + </appender> + + <!-- ============================================================================ --> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncAudit" /> + </logger> + + <logger name="com.att.eelf" additivity="false"> + <appender-ref ref="asyncMetrics" /> + </logger> + + <logger name="com.att.eelf" additivity="false"> + <appender-ref ref="asyncDebug" /> + </logger> + + <logger name="com.att.eelf.error" additivity="false"> + <appender-ref ref="asyncError" /> + </logger> + + <logger name="log4j.logger.org.eclipse.jetty" additivity="false"> + <appender-ref ref="asyncJettyLog"/> + </logger> + + + + + <root level="INFO"> + <appender-ref ref="asyncAudit" /> + <appender-ref ref="asyncMetrics" /> + <appender-ref ref="asyncDebug" /> + <appender-ref ref="asyncError" /> + <appender-ref ref="asyncJettyLog" /> + </root> + +</configuration> diff --git a/datarouter-node/src/test/resources/node_test.properties b/datarouter-node/src/test/resources/node_test.properties index 9e0cd994..9359e8dc 100644 --- a/datarouter-node/src/test/resources/node_test.properties +++ b/datarouter-node/src/test/resources/node_test.properties @@ -57,26 +57,11 @@ SpoolDir = src/test/resources/spool RedirectionFile = src/test/redirections.dat # # The type of keystore for https -KeyStoreType = jks -# -# The path to the keystore for https -KeyStoreFile = aaf_certs/org.onap.dmaap-dr.jks -# -# The password for the https keystore -KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8 -# -# The password for the private key in the https keystore -KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8 +KeyStoreType = PKCS12 # # The type of truststore for https TrustStoreType = jks # -# The path to the truststore for https -TrustStoreFile = aaf_certs/org.onap.dmaap-dr.trust.jks -# -# The password for the https truststore -TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1& -# # The path to the file used to trigger an orderly shutdown QuiesceFile = etc/SHUTDOWN # @@ -95,9 +80,9 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF URL to connect to AAF server -AafUrl = https://aaf-onap-test.osaaf.org:8095 -# # AAF CADI enabled flag CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = src/test/resources/aaf/org.onap.dmaap-dr.props diff --git a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-prov/aaf_certs/org.onap.dmaap-dr.jks Binary files differdeleted file mode 100644 index 17027970..00000000 --- a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.jks +++ /dev/null diff --git a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-prov/aaf_certs/org.onap.dmaap-dr.keyfile deleted file mode 100644 index 59f161f9..00000000 --- a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.keyfile +++ /dev/null @@ -1,27 +0,0 @@ -XzAbZ4lSt3j0vgqonk1lGgt_2IvBzet-MDbt7nlxdj5vrQbUBET9eqIfjRBMlen0E815nYm6nRBi -RR2fUKzqO8JIn2s19e3fmYrp9wTbIkY9GXOzsnuSeyRxVxxW-82VrAD-gSBmqUEJvPjqjVWinadL -LVy1h9lE35EErQkBpK_GmqVp2RajjXv8N_5LcKkkc4vYJQ8WclOHwN_BnQpNS1NLBWJVXSPeVwjM -zIkQ10Q6GGEGCurBPLef9UiXD73oVnQsVyZY3E87X7RbDfCiVbfmHN1hyVkR3DX6gDfrfjTnqkqE -Hv7kw43qXx9-aRCHrqnmaGYBTscU5JgxTNpqe5hvxLJHnDwLTtHDx-vES0PljekcofQVT5pWJvRK -ltZtPQwuGlapONa_rDuMq3sSDx8gXKE01rjK0bNDurIPvFzyef0RoDYIc3m4M-KdsBMlnE7oyBAz -OXCPt42HLJX55F9boRIWwSy-8o3AsPXwQTwEKoD7ZUL4pZ2Zf45npfQLlhhs5x_ERcPTrOXrF7Uu -40HxQnMbwO_Ofz7CrlKe78UImSJbsQp0heyBbr6irHrMq6_E1DqbjWafs_a4kKNbtfN4fHHvxkA0 -9J_plrqVOoBqFaeUc9MJt_6WBYq2vDFbHSvBf9QZKnaVZ3aKU2MzV2Y5xjw7V6rgDQHwmXXeAmfV --Z3JT5ocQhyG4SqyKhSrzh4nGOMt51yy68hPPHMrYnpW8VF99qTLqSmQfLAeNqog413Efj75oQDW -JLw1BR56ABvCPdcR5wZruo2Egwak1UyiRL0Mjd8txrjc4uojiiqddqalEQrORvn4BgP0OKQOOdUx -dArQ4HqjBGwvurQUM0XjBvyqki1h1pxhSNeuyOY3mofVB2NNi-ZvSHHUpwqIgQ4kVLombpsKw2W9 -AW-3h4cLYl3LgP_LRH5mS8Mo_BEKZqivM9v9YYVZCgB2Djqyn3MQXpcFSxaB1AK9wG4TmMneFP7W -_dHqJnx26njAtff1y2ud8cmW_UGgzMb33QGIjIrYo3AVX8_G8iEQ-838fDpGE7BdqLSam-BMoeo3 -WPht7-O8gx7utuYx1ceCetunKRmh3Tfga_0srBNDWMyzuiPvbLX3oUJO_F5p5734Qwm5CeqCAaJv -sU_yfzTgUPqS6jC9cuKi54h3HrzV-k7DcSdGrpsAgzYZdHwi7XFfAzFOhkpBeNUNzDCX8B7yTHjU -dKdGDezdgs7lMWbJwnSNFDyTwbZdk4XTnSrtdhmOZp4oVizEQgha0Un0ISKQ519kajTFj1rZV6ue -h8SzN4QXOw6BHYB5rsy8YEvWbkfyneQ74HeyeWRRq3p4UdBTTUn2JbGM0neErRrxnYvmKIdFlSsU -NlEgNf7dh_kqdWUBkXfud32ftazttjmiO4zkqBupsJTlxj9Tjam9aZqNhunPNI9znf4luKAiRa3v -26giSwRUX8mjlK5FvBNUbLeFM-G3Pk2jQej13q1lZ3PZMesLjUwvvMIdlu9qmDx_TCYSy72-6O2A -qmPlUeYCKgI8eVaZV79aM6YtomaopHiPCcyJGWl114Ke4j8H3-Lg3EkjfVROwQw_fKn2z4Eci7io -LetFQnibRw2ow-Z0F-Db3kuEuRTgmb6U0pMUO3njou6Sq7oa_gaND0XYHy6MKGu1uJ9aKVLZ9uy4 -m9KRxZvq71LRJkD84y9bMv14lxzUsosuzbXV7Q_uz8kceWSq_1BLXQXam9j5rxN6SKEk_Rn0jgnX -h4A4e7q6loMXUq4nPSVII9K6pHAqfi1sDLhVZ239XcLBwKY9R5f0jgYy76AI1dN-_oEMdXJf_L6w -KuRJ4jy0XSfyV_QvS6at77san2UIOkdY_tuI03Ps3fTzSaztsy5yX22t-6TnkFSoYxGkuMw9R-Rn -ZwJIanS3v_wQbgNdUB6JIlE_9kkHYCokheldHkKndV8eEc6Z6bgasNWKB3PreI1m6UrfZI3agd-n -zhsQppGFk8j7Tkq4S_9SP1OFVCgCT3-mU0UhPhDhCFPM1bladfj8RptCbPKO66evW1c_ooU2
\ No newline at end of file diff --git a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-prov/aaf_certs/org.onap.dmaap-dr.trust.jks Binary files differdeleted file mode 100644 index 2fe06cd2..00000000 --- a/datarouter-prov/aaf_certs/org.onap.dmaap-dr.trust.jks +++ /dev/null diff --git a/datarouter-prov/pom.xml b/datarouter-prov/pom.xml index 92a1bf46..e141595e 100755 --- a/datarouter-prov/pom.xml +++ b/datarouter-prov/pom.xml @@ -45,6 +45,15 @@ </properties> <dependencies> <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> + </dependency> + <dependency> + <groupId>org.mariadb.jdbc</groupId> + <artifactId>mariadb-java-client</artifactId> + <version>2.3.0</version> + </dependency> + <dependency> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-library</artifactId> </dependency> @@ -125,46 +134,50 @@ <artifactId>httpclient</artifactId> </dependency> <dependency> + <groupId>org.dom4j</groupId> + <artifactId>dom4j</artifactId> + <version>2.1.1</version> + </dependency> + <dependency> <groupId>org.sonatype.http-testing-harness</groupId> <artifactId>junit-runner</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-module-junit4</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-api-mockito</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-api-support</artifactId> + <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-core</artifactId> - </dependency> - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-lang3</artifactId> - </dependency> - <dependency> - <groupId>org.mariadb.jdbc</groupId> - <artifactId>mariadb-java-client</artifactId> - <version>2.3.0</version> + <scope>test</scope> </dependency> <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> <version>1.4.197</version> + <scope>test</scope> </dependency> <dependency> <groupId>org.hibernate</groupId> @@ -176,22 +189,18 @@ <artifactId>dom4j</artifactId> </exclusion> </exclusions> + <scope>test</scope> </dependency> <dependency> <groupId>org.hamcrest</groupId> - <artifactId>hamcrest-core</artifactId> - <version>1.3</version> + <artifactId>hamcrest-library</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.hibernate.javax.persistence</groupId> <artifactId>hibernate-jpa-2.1-api</artifactId> <version>1.0.2.Final</version> - </dependency> - <dependency> - <groupId>org.dom4j</groupId> - <artifactId>dom4j</artifactId> - <version>2.1.1</version> + <scope>test</scope> </dependency> </dependencies> <profiles> @@ -254,20 +263,7 @@ <filtering>true</filtering> <includes> <include>**/*.properties</include> - </includes> - </resource> - <resource> - <directory>src/main/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/provserver.properties</include> - </includes> - </resource> - <resource> - <directory>src/main/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/EelfMessages.properties</include> + <include>**/logback.xml</include> </includes> </resource> </resources> @@ -349,7 +345,7 @@ </configuration> </execution> <execution> - <id>copy-resources-2</id> + <id>copy-resources-etc</id> <phase>validate</phase> <goals> <goal>copy-resources</goal> @@ -363,61 +359,32 @@ <include>misc/**</include> <include>**/**</include> </includes> + <excludes> + <exclude>aaf/**</exclude> + <exclude>docker/**</exclude> + </excludes> </resource> </resources> </configuration> </execution> <execution> - <id>copy-resources-3</id> + <id>copy-aaf-props</id> <phase>validate</phase> <goals> <goal>copy-resources</goal> </goals> <configuration> - <outputDirectory>${basedir}/target/docker-stage/opt/app/datartr</outputDirectory> + <outputDirectory>${basedir}/target/docker-stage/opt/app/osaaf/local</outputDirectory> <resources> <resource> - <directory>${basedir}/data</directory> + <directory>${basedir}/src/main/resources/aaf</directory> <includes> - <include>misc/**</include> <include>**/**</include> </includes> </resource> </resources> </configuration> </execution> - <execution> - <id>copy-resources-4</id> - <phase>validate</phase> - <goals> - <goal>copy-resources</goal> - </goals> - <configuration> - <outputDirectory>${basedir}/target/docker-stage/opt/app/datartr/aaf_certs</outputDirectory> - <resources> - <resource> - <directory>${basedir}/aaf_certs</directory> - <includes> - <include>misc/**</include> - <include>**/**</include> - </includes> - </resource> - </resources> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>package</phase> - <configuration> - <outputDirectory>${project.build.directory}/docker-stage/opt/app/datartr/lib</outputDirectory> - </configuration> - </execution> </executions> </plugin> <plugin> diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java index aefe8cdf..3269c843 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java @@ -24,10 +24,12 @@ package org.onap.dmaap.datarouter.provisioning; +import static java.lang.System.exit; + import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; +import java.io.File; import java.io.IOException; -import java.io.InputStream; import java.security.Security; import java.util.EnumSet; import java.util.Properties; @@ -51,8 +53,7 @@ import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.util.thread.QueuedThreadPool; -import org.onap.aaf.cadi.PropAccess; - +import org.onap.dmaap.datarouter.provisioning.utils.AafPropsUtils; import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.onap.dmaap.datarouter.provisioning.utils.DRProvCadiFilter; import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader; @@ -90,15 +91,6 @@ import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter; */ public class Main { - /** - * The truststore to use if none is specified. - */ - static final String DEFAULT_TRUSTSTORE = "/opt/java/jdk/jdk180/jre/lib/security/cacerts"; - static final String KEYSTORE_TYPE_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.type"; - static final String KEYSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.path"; - static final String KEYSTORE_PASS_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.password"; - static final String TRUSTSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.path"; - static final String TRUSTSTORE_PASS_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.password"; public static final EELFLogger intlogger = EELFManager.getInstance() .getLogger("org.onap.dmaap.datarouter.provisioning.internal"); @@ -106,18 +98,7 @@ public class Main { * The one and only {@link Server} instance in this JVM. */ private static Server server; - - class Inner { - InputStream getCadiProps() { - InputStream in = null; - try { - in = getClass().getClassLoader().getResourceAsStream("drProvCadi.properties"); - } catch (Exception e) { - intlogger.error("Exception in Main.getCadiProps(): " + e.getMessage(), e); - } - return in; - } - } + static AafPropsUtils aafPropsUtils; /** * Starts the Data Router Provisioning server. @@ -129,10 +110,11 @@ public class Main { Security.setProperty("networkaddress.cache.ttl", "4"); // Check DB is accessible and contains the expected tables if (!checkDatabase()) { - System.exit(1); + intlogger.error("Data Router Provisioning database init failure. Exiting."); + exit(1); } - intlogger.info("PROV0000 **** AT&T Data Router Provisioning Server starting...."); + intlogger.info("PROV0000 **** Data Router Provisioning Server starting...."); Security.setProperty("networkaddress.cache.ttl", "4"); Properties provProperties = (new DB()).getProperties(); @@ -180,6 +162,16 @@ public class Main { httpConfiguration.setSendServerVersion(true); httpConfiguration.setSendDateHeader(false); + try { + AafPropsUtils.init(new File(provProperties.getProperty( + "org.onap.dmaap.datarouter.provserver.aafprops.path", + "/opt/app/osaaf/local/org.onap.dmaap-dr.props"))); + } catch (IOException e) { + intlogger.error("NODE0314 Failed to load AAF props. Exiting", e); + exit(1); + } + aafPropsUtils = AafPropsUtils.getInstance(); + //HTTP Connector HandlerCollection handlerCollection; try (ServerConnector httpServerConnector = @@ -190,19 +182,19 @@ public class Main { // SSL Context SslContextFactory sslContextFactory = new SslContextFactory(); - sslContextFactory.setKeyStoreType(provProperties.getProperty(KEYSTORE_TYPE_PROPERTY, "jks")); - sslContextFactory.setKeyStorePath(provProperties.getProperty(KEYSTORE_PATH_PROPERTY)); - sslContextFactory.setKeyStorePassword(provProperties.getProperty(KEYSTORE_PASS_PROPERTY)); - sslContextFactory.setKeyManagerPassword(provProperties - .getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password")); - - String ts = provProperties.getProperty(TRUSTSTORE_PATH_PROPERTY); - if (ts != null && ts.length() > 0) { - intlogger.info("@@ TS -> " + ts); - sslContextFactory.setTrustStorePath(ts); - sslContextFactory.setTrustStorePassword(provProperties.getProperty(TRUSTSTORE_PASS_PROPERTY)); + sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY); + sslContextFactory.setKeyStorePath(aafPropsUtils.getKeystorePathProperty()); + sslContextFactory.setKeyStorePassword(aafPropsUtils.getKeystorePassProperty()); + sslContextFactory.setKeyManagerPassword(aafPropsUtils.getKeystorePassProperty()); + + String truststorePathProperty = aafPropsUtils.getTruststorePathProperty(); + if (truststorePathProperty != null && truststorePathProperty.length() > 0) { + intlogger.info("@@ TS -> " + truststorePathProperty); + sslContextFactory.setTrustStoreType(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); + sslContextFactory.setTrustStorePath(truststorePathProperty); + sslContextFactory.setTrustStorePassword(aafPropsUtils.getTruststorePassProperty()); } else { - sslContextFactory.setTrustStorePath(DEFAULT_TRUSTSTORE); + sslContextFactory.setTrustStorePath(AafPropsUtils.DEFAULT_TRUSTSTORE); sslContextFactory.setTrustStorePassword("changeit"); } @@ -263,23 +255,9 @@ public class Main { //CADI Filter activation check if (Boolean.parseBoolean(provProperties.getProperty( "org.onap.dmaap.datarouter.provserver.cadi.enabled", "false"))) { - //Get cadi properties - Properties cadiProperties = null; - try { - intlogger.info("PROV0001 Prov - Loading CADI properties"); - cadiProperties = new Properties(); - Inner obj = new Main().new Inner(); - InputStream in = obj.getCadiProps(); - cadiProperties.load(in); - } catch (IOException ioe) { - intlogger.error("PROV0001 Exception loading CADI properties: " + ioe.getMessage(), ioe); - } - cadiProperties.setProperty("aaf_locate_url", provProperties.getProperty("org.onap.dmaap.datarouter.provserver.cadi.aaf.url", "https://aaf-onap-test.osaaf.org:8095")); - intlogger.info("PROV0001 aaf_url set to - " + cadiProperties.getProperty("aaf_url")); - - PropAccess access = new PropAccess(cadiProperties); - servletContextHandler.addFilter(new FilterHolder(new DRProvCadiFilter(true, access)), + servletContextHandler.addFilter(new FilterHolder(new DRProvCadiFilter(true, aafPropsUtils.getPropAccess())), "/*", EnumSet.of(DispatcherType.REQUEST)); + intlogger.info("PROV0001 AAF CADI Auth enabled for "); } ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection(); @@ -306,7 +284,8 @@ public class Main { server.start(); intlogger.info("Prov Server started-" + server.getState()); } catch (Exception e) { - intlogger.info("Jetty failed to start. Reporting will we unavailable: " + e.getMessage(), e); + intlogger.error("Jetty failed to start. Exiting: " + e.getMessage(), e); + exit(1); } server.join(); intlogger.info("PROV0001 **** AT&T Data Router Provisioning Server halted."); @@ -325,7 +304,7 @@ public class Main { try { server.stop(); Thread.sleep(5000L); - System.exit(0); + exit(0); } catch (Exception e) { intlogger.error("Exception in Main.shutdown(): " + e.getMessage(), e); } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java index c9075b0c..72d55a4c 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java @@ -53,6 +53,7 @@ import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.entity.BasicHttpEntity; import org.apache.http.impl.client.AbstractHttpClient; import org.apache.http.impl.client.DefaultHttpClient; +import org.onap.dmaap.datarouter.provisioning.utils.AafPropsUtils; import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities; @@ -80,21 +81,23 @@ public class ProxyServlet extends BaseServlet { super.init(config); try { // Set up keystore - Properties props = (new DB()).getProperties(); - String store = props.getProperty(Main.TRUSTSTORE_PATH_PROPERTY); - String pass = props.getProperty(Main.TRUSTSTORE_PASS_PROPERTY); + String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; + String store = Main.aafPropsUtils.getKeystorePathProperty(); + String pass = Main.aafPropsUtils.getKeystorePassProperty(); + KeyStore keyStore = readStore(store, pass, type); + // Set up truststore + store = Main.aafPropsUtils.getTruststorePathProperty(); + pass = Main.aafPropsUtils.getTruststorePassProperty(); if (store == null || store.length() == 0) { - store = Main.DEFAULT_TRUSTSTORE; + store = AafPropsUtils.DEFAULT_TRUSTSTORE; pass = "changeit"; } - KeyStore trustStore = readStore(store, pass, KeyStore.getDefaultType()); + KeyStore trustStore = readStore(store, pass, AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); // We are connecting with the node name, but the certificate will have the CNAME // So we need to accept a non-matching certificate name - String type = props.getProperty(Main.KEYSTORE_TYPE_PROPERTY, "jks"); - KeyStore keyStore = readStore(store, pass, type); SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore, - props.getProperty(Main.KEYSTORE_PASS_PROPERTY), trustStore); + Main.aafPropsUtils.getKeystorePassProperty(), trustStore); socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); sch = new Scheme("https", 443, socketFactory); inited = true; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SynchronizerTask.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SynchronizerTask.java index 5d0592c3..2a907fb7 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SynchronizerTask.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SynchronizerTask.java @@ -77,6 +77,7 @@ import org.onap.dmaap.datarouter.provisioning.beans.NetworkRoute; import org.onap.dmaap.datarouter.provisioning.beans.Parameters; import org.onap.dmaap.datarouter.provisioning.beans.Subscription; import org.onap.dmaap.datarouter.provisioning.beans.Syncable; +import org.onap.dmaap.datarouter.provisioning.utils.AafPropsUtils; import org.onap.dmaap.datarouter.provisioning.utils.DB; import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader; import org.onap.dmaap.datarouter.provisioning.utils.RLEBitSet; @@ -144,20 +145,21 @@ public class SynchronizerTask extends TimerTask { logger.info("PROV5000: Sync task starting, server podState is UNKNOWN_POD"); try { - Properties props = (new DB()).getProperties(); - String type = props.getProperty(Main.KEYSTORE_TYPE_PROPERTY, "jks"); - String store = props.getProperty(Main.KEYSTORE_PATH_PROPERTY); - String pass = props.getProperty(Main.KEYSTORE_PASS_PROPERTY); + // Set up keystore + String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; + String store = Main.aafPropsUtils.getKeystorePathProperty(); + String pass = Main.aafPropsUtils.getKeystorePassProperty(); KeyStore keyStore = KeyStore.getInstance(type); try (FileInputStream instream = new FileInputStream(new File(store))) { keyStore.load(instream, pass.toCharArray()); } - store = props.getProperty(Main.TRUSTSTORE_PATH_PROPERTY); - pass = props.getProperty(Main.TRUSTSTORE_PASS_PROPERTY); + // Set up truststore + store = Main.aafPropsUtils.getTruststorePathProperty(); + pass = Main.aafPropsUtils.getTruststorePassProperty(); KeyStore trustStore = null; if (store != null && store.length() > 0) { - trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); + trustStore = KeyStore.getInstance(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); try (FileInputStream instream = new FileInputStream(new File(store))) { trustStore.load(instream, pass.toCharArray()); @@ -166,7 +168,7 @@ public class SynchronizerTask extends TimerTask { // We are connecting with the node name, but the certificate will have the CNAME // So we need to accept a non-matching certificate name - String keystorepass = props.getProperty(Main.KEYSTORE_PASS_PROPERTY); + String keystorepass = Main.aafPropsUtils.getKeystorePassProperty(); try (AbstractHttpClient hc = new DefaultHttpClient()) { SSLSocketFactory socketFactory = (trustStore == null) @@ -177,18 +179,18 @@ public class SynchronizerTask extends TimerTask { hc.getConnectionManager().getSchemeRegistry().register(sch); httpclient = hc; } - setSynchTimer(props); + setSynchTimer(new DB().getProperties().getProperty( + "org.onap.dmaap.datarouter.provserver.sync_interval", "5000")); } catch (Exception e) { logger.warn("PROV5005: Problem starting the synchronizer: " + e); } } - private void setSynchTimer(Properties props) { + private void setSynchTimer(String strInterval) { // Run once every 5 seconds to check DNS, etc. long interval; try { - String str = props.getProperty("org.onap.dmaap.datarouter.provserver.sync_interval", "5000"); - interval = Long.parseLong(str); + interval = Long.parseLong(strInterval); } catch (NumberFormatException e) { interval = 5000L; } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java new file mode 100644 index 00000000..68981599 --- /dev/null +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java @@ -0,0 +1,102 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.dmaap.datarouter.provisioning.utils; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import org.onap.aaf.cadi.PropAccess; + +public class AafPropsUtils { + + private static AafPropsUtils aafPropsUtilsInstance = null; + private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(AafPropsUtils.class); + + public static final String DEFAULT_TRUSTSTORE = "/opt/app/osaaf/local/org.onap.dmaap-dr.trust.jks"; + public static final String KEYSTORE_TYPE_PROPERTY = "PKCS12"; + public static final String TRUESTSTORE_TYPE_PROPERTY = "jks"; + private static final String KEYSTORE_PATH_PROPERTY = "cadi_keystore"; + private static final String KEYSTORE_PASS_PROPERTY = "cadi_keystore_password_p12"; + private static final String TRUSTSTORE_PATH_PROPERTY = "cadi_truststore"; + private static final String TRUSTSTORE_PASS_PROPERTY = "cadi_truststore_password"; + + private PropAccess propAccess; + + private AafPropsUtils(File propsFile) throws IOException { + propAccess = new PropAccess(); + try { + propAccess.load(new FileInputStream(propsFile)); + } catch (IOException e) { + eelfLogger.error("Failed to load props file: " + propsFile + "\n" + e.getMessage(), e); + throw e; + } + } + + public static synchronized void init(File propsFile) throws IOException { + if (aafPropsUtilsInstance != null) { + throw new IllegalStateException("Already initialized"); + } + aafPropsUtilsInstance = new AafPropsUtils(propsFile); + } + + public static AafPropsUtils getInstance() { + if (aafPropsUtilsInstance == null) { + throw new IllegalStateException("Call AafPropsUtils.init(File propsFile) first"); + } + return aafPropsUtilsInstance; + } + + private String decryptedPass(String password) { + String decryptedPass = null; + try { + decryptedPass = propAccess.decrypt(password, false); + } catch (IOException e) { + eelfLogger.error("Failed to decrypt " + password + " : " + e.getMessage(), e); + } + return decryptedPass; + } + + public PropAccess getPropAccess() { + if (propAccess == null) { + throw new IllegalStateException("Call AafPropsUtils.init(File propsFile) first"); + } + return propAccess; + } + + public String getKeystorePathProperty() { + return propAccess.getProperty(KEYSTORE_PATH_PROPERTY); + } + + public String getKeystorePassProperty() { + return decryptedPass(propAccess.getProperty(KEYSTORE_PASS_PROPERTY)); + } + + public String getTruststorePathProperty() { + return propAccess.getProperty(TRUSTSTORE_PATH_PROPERTY); + } + + public String getTruststorePassProperty() { + return decryptedPass(propAccess.getProperty(TRUSTSTORE_PASS_PROPERTY)); + } + +} diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DB.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DB.java index 340b4213..a83f81a5 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DB.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DB.java @@ -114,8 +114,7 @@ public class DB { synchronized (queue) {
try {
connection = queue.remove();
- } catch (NoSuchElementException nseEx) {
- intlogger.error("PROV9006 No connection on queue: " + nseEx.getMessage(), nseEx);
+ } catch (NoSuchElementException ignore) {
int num = 0;
do {
// Try up to 3 times to get a connection
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java index 867d1163..f078d80e 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java @@ -23,6 +23,8 @@ package org.onap.dmaap.datarouter.provisioning.utils;
+import static java.lang.System.exit;
+
import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
import java.io.File;
@@ -96,9 +98,9 @@ public class DRRouteCLI { }
}
- public static final String ENV_VAR = "PROVSRVR";
- public static final String PROMPT = "dr-route> ";
- public static final String DEFAULT_TRUSTSTORE_PATH = /* $JAVA_HOME + */ "/jre/lib/security/cacerts";
+ private static final String ENV_VAR = "PROVSRVR";
+ private static final String PROMPT = "dr-route> ";
+ private static final String DEFAULT_TRUSTSTORE_PATH = /* $JAVA_HOME + */ "/jre/lib/security/cacerts";
private static final EELFLogger intlogger = EELFManager.getInstance().getLogger("InternalLog");
private final String server;
@@ -113,12 +115,20 @@ public class DRRouteCLI { */
public DRRouteCLI(String server) throws Exception {
this.server = server;
- this.width = 120;
this.httpclient = new DefaultHttpClient();
- Properties prop = (new DB()).getProperties();
- String truststoreFile = prop.getProperty("org.onap.dmaap.datarouter.provserver.truststore.path");
- String truststorePw = prop.getProperty("org.onap.dmaap.datarouter.provserver.truststore.password");
+ Properties provProperties = (new DB()).getProperties();
+ try {
+ AafPropsUtils.init(new File(provProperties.getProperty(
+ "org.onap.dmaap.datarouter.provserver.aafprops.path",
+ "/opt/app/osaaf/local/org.onap.dmaap-dr.props")));
+ } catch (IOException e) {
+ intlogger.error("NODE0314 Failed to load AAF props. Exiting", e);
+ exit(1);
+ }
+
+ String truststoreFile = AafPropsUtils.getInstance().getTruststorePathProperty();
+ String truststorePw = AafPropsUtils.getInstance().getTruststorePassProperty();
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
if (truststoreFile == null || truststoreFile.equals("")) {
@@ -139,8 +149,8 @@ public class DRRouteCLI { } finally {
try {
instream.close();
- } catch (Exception ignore) {
- intlogger.error("Ignore error closing input stream: " + ignore.getMessage(), ignore);
+ } catch (Exception e) {
+ intlogger.error("Ignore error closing input stream: " + e.getMessage(), e);
}
}
}
@@ -178,7 +188,7 @@ public class DRRouteCLI { * @param args The command line arguments.
* @return true if the command was valid and succeeded
*/
- public boolean runCommand(String[] args) {
+ boolean runCommand(String[] args) {
String cmd = args[0].trim().toLowerCase();
if (cmd.equals("add")) {
if (args.length > 2) {
@@ -471,12 +481,12 @@ public class DRRouteCLI { return rv;
}
- private void printErrorText(HttpEntity entity) throws IllegalStateException, IOException {
+ private void printErrorText(HttpEntity entity) throws IOException {
// Look for and print only the part of the output between <pre>...</pre>
InputStream is = entity.getContent();
StringBuilder sb = new StringBuilder();
byte[] bite = new byte[512];
- int num = 0;
+ int num;
while ((num = is.read(bite)) > 0) {
sb.append(new String(bite, 0, num));
}
diff --git a/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.cred.props b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..ddc3da56 --- /dev/null +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:52:33.828+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=enc:D1K4bZlKwIDTY6RYX4V1nCgj1mJruMZ4qDaO80iSwm20J8zpUa0qEzOwM-aFjKCe +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_key_password=enc:d80GqeXpOhPOmZAn76t5xgKlq54yAPYQw-OoVqFwcXkCwd58zwHfzZQ3Rgitj30- +cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr.p12 +cadi_keystore_password=enc:xcPI_-oWnLvQ8SFDyafZG7ii7yZdcgaUwVQFp7x9mkHTnyODGDUaPHb5svAE2euP +cadi_keystore_password_jks=enc:EO1-8pk7wWbiGMriX0aAOX0zxoQ9-ow7LRqOlKgMYVlYGs59yappGzKd0FxkcqM0 +cadi_keystore_password_p12=enc:xcPI_-oWnLvQ8SFDyafZG7ii7yZdcgaUwVQFp7x9mkHTnyODGDUaPHb5svAE2euP +cadi_truststore=/opt/app/osaaf/local/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=enc:XawqMezvaPspcdG9J9tdYx-pEtIu4VaY_QG3ZyLtyWg_gsxvrfg2tInmj95fAkrj +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.keyfile b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.keyfile new file mode 100644 index 00000000..c5d9d876 --- /dev/null +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +0wlntBQae2B_RCqlj0vFvThyNkGfB47eGQ-JDX2LvNaIWjhg6P114TZ1dVwoqIUO_GvGdZfXvTNe +9W-86XLVDuaom2Ep0bWGpweiIfnRuXuMWwZy7vNRS_jj1GQ8Y30_SrXft3YVHR_r1AC3XTOk1LSS +Yeo356B7juJuOnkRpZwyZflEZM_U72EymWOd5JKb5ugrtdRBCXzh_pmQ24kxepi8XMFoaViI2ccL +KbL3fjSsberNKsSYqeGtXmcElEvDUfNam_ylxTStu-BbZRjelr5zY-rQnvXl01Tapkdl_ejIo8fT +FcdZTSMH2eic32WGO5QJzIhaEXoJu3oNzK0x-rfyURtE15tJAn6FiFvtWFb8nSnWH8TBUYnTLXiJ +6cBE2ER7MQwf5NMGBa1CaLYzrx4B0ZbrbtBr2ETt7k9r1RxjxAoBBxpiMz9ivRj_KzO1mg8Cc47R +PXkjlspPGsx--568_TVSrrFA5nM8By33kDTZCpQbAboFophLRyQ8r6LPp6qEY5OD3YAzTL09nZsD +brZPLowktube0wJLfsomvtPdol6eg44QuQgdZ4RyOaxbeQl5H9M2t6q9G6vRfyVGDkEwbF-rwllX +XjSmltoUZwhjy7gtYZEnbPjwQcdCho0Pub2jj9xLNKf68oJFRQFB8orYNDoaqVdvRRLyeWOs6P86 +deRMIYPz3DzgzIINxZLyOivxlWXNX-fs5WOe3OUER_q5ONkvV2zXg9qnwQLiqbU_98GE6EA3w5X2 +BXTZsvPQTk9G9K3B-hCb9NIxmCPnlTTAHvmgwI7e4yrXOvHbbW4kAaLiT5CzBrcm7cUv-5ADecCM +NUTHKYqu0HeRr1L5f56OQESp_G16NtStQ3j-9G_bFMrc6gkGMioWaFxdTfBvKYoP7Mbnkaw5L0Tt +TK7PR_3VfET4fdMg33l7YnnRu-B114qGxCQCz7KvcoLfKRwYKi-F5Hf_t36IAAFJheflKkSqzLCF +WjY6cO9DrVz2L60iybXwaNXROVzt2HMLnMLI9e7EQMX7censpQ-NW6vhN7udWiIJ9flerZe3ofK6 +EO70sIAhS0ZkZvTDxiFfc2vryZc3sgtJAW-65D3DRhZyFLW8PerD4NUMpdu-Np-Dt89z4WxElFX5 +ZFs5hkSUSht8-mp84RDLju4y_3jcha5rhptGQMJBOwx9mtnkEoD6U2282dpYsCl3xgXICF1QPCD- +v0oLlded24Tjm9WWeooYo7Gb_tKj8wtNmJwPQ7E9o5gd8XVwrckWugTdXufMmbedKQPZ4bmuqlkx +VI3k05VIYuriTB4t1OsU8OgzoFyTn-38X00dzjJrE40vbX6GdJ51BdcULFz2gJuHKVrLXWPrqEFE +S0moPSU7DyfrgIuRidDwtawAA-JHtgiuf_wrmpShQri1CJ3JCQ6yPAPTBXUjVjzlTCaVkIpmgMoe +tclMBS4AaWP2ac5OPwxP3ldnZcMuHLSVhhxyNLk9nhn8BB8_vtNEZUopU2tb7OKHKgdX47qsP5aa +ueb1_T_0ojj9grruiWO_C0_DaKlpmTh7xKzhCOt3w4IOTezN4If9oJ0AB-3vL7XHb6qs3OZw9Iop +MB1ztIrv1QAE87ZfdyZzZVuNgmosZtNJa2IOjRe83ipr5-DolUgR5OYFNVNg-fFO59SwILdM38U9 +Nq4B_rzR9R7dEdOMp-rs4YBJxqLlL6zZE1tdEP6yba09Dx1fqeh1oXHlWjGSX5JZMnjwrgai_z3q +2h2SeLOUlbyi-i-rMlrqbzro4-kFONIqZdAAsocjGfkoXBtGNJgkmGhHq2TMI2SCXDYqCKtFYOQa +2XSGyJ1QsvOGcHlJhGK-hwFj_JcbnxDx6b_24RrEzWSTXlW0R03JAl9fM24Nk9Y1v5iO6fPfWXU0 +J5BniYOohauEGbogRLwupN9-Deh5JzZlaFCFEDup32oxm4RC6tVk_Ik6jA7C3wVU5pfu8t2lgG6M +PhH0efEjQWNbX5Uv1pbTY8W5bIJ3BSYI4o-cRabaA8UbuCViJ8uvHvFIXew6O3pWDB7vcGKA
\ No newline at end of file diff --git a/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.location.props b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.location.props new file mode 100644 index 00000000..4f6befb8 --- /dev/null +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.location.props @@ -0,0 +1,8 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:52:10.009+0000 +# @copyright 2019, AT&T +############################################################ +cadi_latitude=0.00 +cadi_longitude=0.00 diff --git a/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.p12 b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.p12 Binary files differnew file mode 100644 index 00000000..bd60d26e --- /dev/null +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.p12 diff --git a/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.props b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.props new file mode 100644 index 00000000..561a8782 --- /dev/null +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.props @@ -0,0 +1,21 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:52:10.008+0000 +# @copyright 2019, AT&T +############################################################ +aaf_env=DEV +aaf_id=dmaap-dr-prov@dmaap-dr.onap.org +aaf_locate_url=https://aaf-locate:8095 +aaf_locator_container=docker +aaf_locator_container_ns=onap +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1 +aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1 +aaf_url_fs=https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1 +aaf_url_gui=https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1 +aaf_url_hello=https://aaf-locate:8095/locate/onap.org.osaaf.aaf.hello:2.1 +aaf_url_oauth=https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1 +cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap-dr.location.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props +cadi_protocols=TLSv1.1,TLSv1.2 diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.trust.jks Binary files differindex 808c1b92..0c9da2e5 100644 --- a/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks +++ b/datarouter-prov/src/main/resources/aaf/org.onap.dmaap-dr.trust.jks diff --git a/datarouter-prov/src/main/resources/docker/Dockerfile b/datarouter-prov/src/main/resources/docker/Dockerfile index 115dc7cb..61d32473 100644 --- a/datarouter-prov/src/main/resources/docker/Dockerfile +++ b/datarouter-prov/src/main/resources/docker/Dockerfile @@ -34,7 +34,7 @@ RUN chmod 0700 startup.sh ENTRYPOINT ["sh", "startup.sh"] RUN addgroup -S -g 1001 onap \ - && adduser -S -u 1000 datarouter -G onap \ - && chown -R datarouter:onap /opt/ + && adduser -S -u 1000 dradmin -G onap \ + && chown -R dradmin:onap /opt/ /var/ -USER datarouter +USER dradmin diff --git a/datarouter-prov/src/main/resources/docker/startup.sh b/datarouter-prov/src/main/resources/docker/startup.sh index ba0f7351..aa2f69b6 100644 --- a/datarouter-prov/src/main/resources/docker/startup.sh +++ b/datarouter-prov/src/main/resources/docker/startup.sh @@ -13,4 +13,5 @@ java -classpath $CLASSPATH org.onap.dmaap.datarouter.provisioning.Main runner_file="$LIB/datarouter-prov-jar-with-dependencies.jar" echo "Starting using" $runner_file -java -Dorg.onap.dmaap.datarouter.provserver.properties=/opt/app/datartr/etc/provserver.properties -Dcom.att.eelf.logging.file=/opt/app/datartr/etc/logback.xml -Dcom.att.eelf.logging.path=/root -jar $runner_file
\ No newline at end of file +java -Dorg.onap.dmaap.datarouter.provserver.properties=/opt/app/datartr/etc/provserver.properties \ +-Dcom.att.eelf.logging.file=/opt/app/datartr/etc/logback.xml -Dcom.att.eelf.logging.path=/root -jar $runner_file
\ No newline at end of file diff --git a/datarouter-prov/src/main/resources/drProvCadi.properties b/datarouter-prov/src/main/resources/drProvCadi.properties deleted file mode 100644 index 56f2e5c0..00000000 --- a/datarouter-prov/src/main/resources/drProvCadi.properties +++ /dev/null @@ -1,23 +0,0 @@ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5 -cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5 -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%] - -aaf_env=DEV -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect -aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token -aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 -cadi_protocols=TLSv1.1,TLSv1.2 -cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 -fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 -gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 - -cadi_latitude=53.423 -cadi_longitude=7.940 - -cadi_loglevel=DEBUG
\ No newline at end of file diff --git a/datarouter-prov/src/main/resources/provserver.properties b/datarouter-prov/src/main/resources/provserver.properties index 59b791dc..20b5cb92 100755 --- a/datarouter-prov/src/main/resources/provserver.properties +++ b/datarouter-prov/src/main/resources/provserver.properties @@ -26,12 +26,7 @@ org.onap.dmaap.datarouter.provserver.http.port = 8080 org.onap.dmaap.datarouter.provserver.https.port = 8443 org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool @@ -62,7 +57,4 @@ org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.fe org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe - -# AAF URL to connect to AAF server -org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095
\ No newline at end of file +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtilsTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtilsTest.java new file mode 100644 index 00000000..09d4a819 --- /dev/null +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtilsTest.java @@ -0,0 +1,64 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.dmaap.datarouter.provisioning.utils; + +import java.io.File; +import java.io.IOException; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; + +public class AafPropsUtilsTest { + + private static AafPropsUtils aafPropsUtils; + + @BeforeClass + public static void init() throws Exception { + AafPropsUtils.init(new File("src/test/resources/aaf/org.onap.dmaap-dr.props")); + aafPropsUtils = AafPropsUtils.getInstance(); + } + + @Test + public void Assert_AaafPropsUtils_Decrypt_KeyStorePass() { + Assert.assertEquals("m9l&3F+{7E&xE&v7xugWAAy0", aafPropsUtils.getKeystorePassProperty()); + } + + @Test + public void Assert_AaafPropsUtils_Decrypt_TruststorePass() { + Assert.assertEquals("@y,%VD).h8k1z+j1Nhar?.Af", aafPropsUtils.getTruststorePassProperty()); + } + + @Test + public void Assert_AaafPropsUtils_Get_KeyStorePathProp() { + Assert.assertEquals("src/test/resources/aaf/org.onap.dmaap-dr.p12", aafPropsUtils.getKeystorePathProperty()); + } + + @Test + public void Assert_AaafPropsUtils_Get_TrustStorePathProp() { + Assert.assertEquals("src/test/resources/aaf/org.onap.dmaap-dr.trust.jks", aafPropsUtils.getTruststorePathProperty()); + } + + @Test + public void Assert_AaafPropsUtils_Get_PropAccessObj() { + Assert.assertNotNull(aafPropsUtils.getPropAccess()); + } + +} diff --git a/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.cred.props b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..b06b283d --- /dev/null +++ b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:52:33.828+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=enc:D1K4bZlKwIDTY6RYX4V1nCgj1mJruMZ4qDaO80iSwm20J8zpUa0qEzOwM-aFjKCe +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_key_password=enc:d80GqeXpOhPOmZAn76t5xgKlq54yAPYQw-OoVqFwcXkCwd58zwHfzZQ3Rgitj30- +cadi_keyfile=src/test/resources/aaf/org.onap.dmaap-dr.keyfile +cadi_keystore=src/test/resources/aaf/org.onap.dmaap-dr.p12 +cadi_keystore_password=enc:xcPI_-oWnLvQ8SFDyafZG7ii7yZdcgaUwVQFp7x9mkHTnyODGDUaPHb5svAE2euP +cadi_keystore_password_jks=enc:EO1-8pk7wWbiGMriX0aAOX0zxoQ9-ow7LRqOlKgMYVlYGs59yappGzKd0FxkcqM0 +cadi_keystore_password_p12=enc:xcPI_-oWnLvQ8SFDyafZG7ii7yZdcgaUwVQFp7x9mkHTnyODGDUaPHb5svAE2euP +cadi_truststore=src/test/resources/aaf/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=enc:XawqMezvaPspcdG9J9tdYx-pEtIu4VaY_QG3ZyLtyWg_gsxvrfg2tInmj95fAkrj +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.keyfile b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.keyfile new file mode 100644 index 00000000..c5d9d876 --- /dev/null +++ b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +0wlntBQae2B_RCqlj0vFvThyNkGfB47eGQ-JDX2LvNaIWjhg6P114TZ1dVwoqIUO_GvGdZfXvTNe +9W-86XLVDuaom2Ep0bWGpweiIfnRuXuMWwZy7vNRS_jj1GQ8Y30_SrXft3YVHR_r1AC3XTOk1LSS +Yeo356B7juJuOnkRpZwyZflEZM_U72EymWOd5JKb5ugrtdRBCXzh_pmQ24kxepi8XMFoaViI2ccL +KbL3fjSsberNKsSYqeGtXmcElEvDUfNam_ylxTStu-BbZRjelr5zY-rQnvXl01Tapkdl_ejIo8fT +FcdZTSMH2eic32WGO5QJzIhaEXoJu3oNzK0x-rfyURtE15tJAn6FiFvtWFb8nSnWH8TBUYnTLXiJ +6cBE2ER7MQwf5NMGBa1CaLYzrx4B0ZbrbtBr2ETt7k9r1RxjxAoBBxpiMz9ivRj_KzO1mg8Cc47R +PXkjlspPGsx--568_TVSrrFA5nM8By33kDTZCpQbAboFophLRyQ8r6LPp6qEY5OD3YAzTL09nZsD +brZPLowktube0wJLfsomvtPdol6eg44QuQgdZ4RyOaxbeQl5H9M2t6q9G6vRfyVGDkEwbF-rwllX +XjSmltoUZwhjy7gtYZEnbPjwQcdCho0Pub2jj9xLNKf68oJFRQFB8orYNDoaqVdvRRLyeWOs6P86 +deRMIYPz3DzgzIINxZLyOivxlWXNX-fs5WOe3OUER_q5ONkvV2zXg9qnwQLiqbU_98GE6EA3w5X2 +BXTZsvPQTk9G9K3B-hCb9NIxmCPnlTTAHvmgwI7e4yrXOvHbbW4kAaLiT5CzBrcm7cUv-5ADecCM +NUTHKYqu0HeRr1L5f56OQESp_G16NtStQ3j-9G_bFMrc6gkGMioWaFxdTfBvKYoP7Mbnkaw5L0Tt +TK7PR_3VfET4fdMg33l7YnnRu-B114qGxCQCz7KvcoLfKRwYKi-F5Hf_t36IAAFJheflKkSqzLCF +WjY6cO9DrVz2L60iybXwaNXROVzt2HMLnMLI9e7EQMX7censpQ-NW6vhN7udWiIJ9flerZe3ofK6 +EO70sIAhS0ZkZvTDxiFfc2vryZc3sgtJAW-65D3DRhZyFLW8PerD4NUMpdu-Np-Dt89z4WxElFX5 +ZFs5hkSUSht8-mp84RDLju4y_3jcha5rhptGQMJBOwx9mtnkEoD6U2282dpYsCl3xgXICF1QPCD- +v0oLlded24Tjm9WWeooYo7Gb_tKj8wtNmJwPQ7E9o5gd8XVwrckWugTdXufMmbedKQPZ4bmuqlkx +VI3k05VIYuriTB4t1OsU8OgzoFyTn-38X00dzjJrE40vbX6GdJ51BdcULFz2gJuHKVrLXWPrqEFE +S0moPSU7DyfrgIuRidDwtawAA-JHtgiuf_wrmpShQri1CJ3JCQ6yPAPTBXUjVjzlTCaVkIpmgMoe +tclMBS4AaWP2ac5OPwxP3ldnZcMuHLSVhhxyNLk9nhn8BB8_vtNEZUopU2tb7OKHKgdX47qsP5aa +ueb1_T_0ojj9grruiWO_C0_DaKlpmTh7xKzhCOt3w4IOTezN4If9oJ0AB-3vL7XHb6qs3OZw9Iop +MB1ztIrv1QAE87ZfdyZzZVuNgmosZtNJa2IOjRe83ipr5-DolUgR5OYFNVNg-fFO59SwILdM38U9 +Nq4B_rzR9R7dEdOMp-rs4YBJxqLlL6zZE1tdEP6yba09Dx1fqeh1oXHlWjGSX5JZMnjwrgai_z3q +2h2SeLOUlbyi-i-rMlrqbzro4-kFONIqZdAAsocjGfkoXBtGNJgkmGhHq2TMI2SCXDYqCKtFYOQa +2XSGyJ1QsvOGcHlJhGK-hwFj_JcbnxDx6b_24RrEzWSTXlW0R03JAl9fM24Nk9Y1v5iO6fPfWXU0 +J5BniYOohauEGbogRLwupN9-Deh5JzZlaFCFEDup32oxm4RC6tVk_Ik6jA7C3wVU5pfu8t2lgG6M +PhH0efEjQWNbX5Uv1pbTY8W5bIJ3BSYI4o-cRabaA8UbuCViJ8uvHvFIXew6O3pWDB7vcGKA
\ No newline at end of file diff --git a/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.props b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.props new file mode 100644 index 00000000..4e15dc32 --- /dev/null +++ b/datarouter-prov/src/test/resources/aaf/org.onap.dmaap-dr.props @@ -0,0 +1,21 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2019-10-02T14:52:10.008+0000 +# @copyright 2019, AT&T +############################################################ +aaf_env=DEV +aaf_id=dmaap-dr-prov@dmaap-dr.onap.org +aaf_locate_url=https://aaf-locate:8095 +aaf_locator_container=docker +aaf_locator_container_ns=onap +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1 +aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1 +aaf_url_fs=https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1 +aaf_url_gui=https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1 +aaf_url_hello=https://aaf-locate:8095/locate/onap.org.osaaf.aaf.hello:2.1 +aaf_url_oauth=https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1 +cadi_prop_files=src/test/resources/aaf/org.onap.dmaap-dr.location.props:src/test/resources/aaf/org.onap.dmaap-dr.cred.props +cadi_protocols=TLSv1.1,TLSv1.2 diff --git a/datarouter-prov/src/test/resources/h2Database.properties b/datarouter-prov/src/test/resources/h2Database.properties index 991fadc5..a9c831a3 100755 --- a/datarouter-prov/src/test/resources/h2Database.properties +++ b/datarouter-prov/src/test/resources/h2Database.properties @@ -30,11 +30,4 @@ org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 -org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# - -org.onap.dmaap.datarouter.provserver.keystore.type = jks -org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.keystore.path = aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX -org.onap.dmaap.datarouter.provserver.truststore.path = aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b
\ No newline at end of file +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234#
\ No newline at end of file diff --git a/datarouter-subscriber/pom.xml b/datarouter-subscriber/pom.xml index d7294a33..28372f4e 100755 --- a/datarouter-subscriber/pom.xml +++ b/datarouter-subscriber/pom.xml @@ -153,27 +153,6 @@ <include>**/*.properties</include> </includes> </resource> - <resource> - <directory>src/main/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/subscriber.properties</include> - </includes> - </resource> - <resource> - <directory>src/main/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/log4j.properties</include> - </includes> - </resource> - <resource> - <directory>src/test/resources</directory> - <filtering>true</filtering> - <includes> - <include>**/log4j.properties</include> - </includes> - </resource> </resources> <plugins> <plugin> @@ -225,7 +204,7 @@ <directory>${basedir}/src/main/resources/docker</directory> <filtering>true</filtering> <includes> - <include>**/*</include> + <include>Dockerfile</include> </includes> </resource> </resources> @@ -273,19 +252,6 @@ </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-dependencies</id> - <phase>package</phase> - <configuration> - <outputDirectory>${project.build.directory}/docker-stage/opt/app/subscriber/lib</outputDirectory> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> </plugin> <plugin> @@ -32,11 +32,11 @@ <parent> <groupId>org.onap.oparent</groupId> <artifactId>oparent</artifactId> - <version>2.0.0</version> + <version>2.1.0</version> </parent> <properties> <!--revision must also be set in the version.properties file at project root--> - <revision>2.1.2-SNAPSHOT</revision> + <revision>2.1.3-SNAPSHOT</revision> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <maven.compiler.source>1.8</maven.compiler.source> <maven.compiler.target>1.8</maven.compiler.target> @@ -65,7 +65,7 @@ <javax.mail-api.version>1.5.5</javax.mail-api.version> <javax.servlet-api.version>4.0.1</javax.servlet-api.version> <qos.logback.version>1.2.3</qos.logback.version> - <aaf-cadi-aaf.version>2.1.10</aaf-cadi-aaf.version> + <aaf-cadi-aaf.version>2.1.15</aaf-cadi-aaf.version> <commons-codec.version>1.13</commons-codec.version> <gmaven-plugin.version>1.5</gmaven-plugin.version> <io.fabric8.version>0.28.0</io.fabric8.version> @@ -198,6 +198,7 @@ <groupId>org.sonatype.http-testing-harness</groupId> <artifactId>junit-runner</artifactId> <version>${junit-runner.version}</version> + <scope>test</scope> <exclusions> <exclusion> <groupId>org.databene</groupId> diff --git a/version.properties b/version.properties index 44a1614c..11080dd0 100644 --- a/version.properties +++ b/version.properties @@ -27,7 +27,7 @@ major=2
minor=1
-patch=2
+patch=3
base_version=${major}.${minor}.${patch}
|