summaryrefslogtreecommitdiffstats
path: root/datarouter-node
diff options
context:
space:
mode:
authorRonan Keogh <ronan.keogh@ericsson.com>2018-08-23 11:04:45 +0100
committerRonan Keogh <ronan.keogh@ericsson.com>2018-08-29 18:00:22 +0100
commitce73ff52ce9aafb07d1aa4c28405328d83c816b9 (patch)
treebad821f50dd685251a01eb35706c98465c94f43d /datarouter-node
parentfbb33454e311e72bd2f4fb0290babb92fd15b93c (diff)
preliminary AAF changes for DR
Change-Id: I526648c42f8205c0f09b3c077aa1203e336f4f5f Issue-ID: DMAAP-558 Signed-off-by: Ronan Keogh <ronan.keogh@ericsson.com>
Diffstat (limited to 'datarouter-node')
-rw-r--r--datarouter-node/aaf_certs/org.onap.dmaap-dr.jksbin0 -> 3659 bytes
-rw-r--r--datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jksbin0 -> 1413 bytes
-rwxr-xr-xdatarouter-node/pom.xml4
-rw-r--r--datarouter-node/self_signed/cacerts.jksbin1936 -> 0 bytes
-rw-r--r--datarouter-node/self_signed/keystore.jksbin2273 -> 0 bytes
-rw-r--r--datarouter-node/self_signed/mykey.cerbin921 -> 0 bytes
-rw-r--r--datarouter-node/self_signed/nodekey.cerbin921 -> 0 bytes
-rw-r--r--datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java56
-rw-r--r--datarouter-node/src/main/resources/misc/node.properties111
-rw-r--r--datarouter-node/src/main/resources/node.properties223
10 files changed, 146 insertions, 248 deletions
diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks
new file mode 100644
index 00000000..4529cccb
--- /dev/null
+++ b/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks
Binary files differ
diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks
new file mode 100644
index 00000000..096fbb26
--- /dev/null
+++ b/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks
Binary files differ
diff --git a/datarouter-node/pom.xml b/datarouter-node/pom.xml
index c6bd3e94..18743db8 100755
--- a/datarouter-node/pom.xml
+++ b/datarouter-node/pom.xml
@@ -376,10 +376,10 @@
<goal>copy-resources</goal>
</goals>
<configuration>
- <outputDirectory>${basedir}/target/opt/app/datartr/self_signed</outputDirectory>
+ <outputDirectory>${basedir}/target/opt/app/datartr/aaf_certs</outputDirectory>
<resources>
<resource>
- <directory>${basedir}/self_signed</directory>
+ <directory>${basedir}/aaf_certs</directory>
<includes>
<include>misc/**</include>
<include>**/**</include>
diff --git a/datarouter-node/self_signed/cacerts.jks b/datarouter-node/self_signed/cacerts.jks
deleted file mode 100644
index dfd81433..00000000
--- a/datarouter-node/self_signed/cacerts.jks
+++ /dev/null
Binary files differ
diff --git a/datarouter-node/self_signed/keystore.jks b/datarouter-node/self_signed/keystore.jks
deleted file mode 100644
index e5a4e781..00000000
--- a/datarouter-node/self_signed/keystore.jks
+++ /dev/null
Binary files differ
diff --git a/datarouter-node/self_signed/mykey.cer b/datarouter-node/self_signed/mykey.cer
deleted file mode 100644
index 2a5c9d70..00000000
--- a/datarouter-node/self_signed/mykey.cer
+++ /dev/null
Binary files differ
diff --git a/datarouter-node/self_signed/nodekey.cer b/datarouter-node/self_signed/nodekey.cer
deleted file mode 100644
index 4cdfdfe3..00000000
--- a/datarouter-node/self_signed/nodekey.cer
+++ /dev/null
Binary files differ
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java
index 375a38e3..2c013ca5 100644
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java
@@ -28,26 +28,30 @@ import static com.att.eelf.configuration.Configuration.MDC_SERVER_FQDN;
import static com.att.eelf.configuration.Configuration.MDC_SERVER_IP_ADDRESS;
import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
-import java.security.*;
-import java.io.*;
-import java.util.*;
-import java.security.cert.*;
-import java.net.*;
-import java.text.*;
-
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.security.KeyStore;
+import java.security.MessageDigest;
+import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.TimeZone;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.onap.dmaap.datarouter.node.eelf.EelfMsgs;
import org.slf4j.MDC;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
/**
* Utility functions for the data router node
*/
public class NodeUtils {
- private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger("org.onap.dmaap.datarouter.node.NodeUtils");
+
+ private static EELFLogger eelfLogger = EELFManager.getInstance()
+ .getLogger("org.onap.dmaap.datarouter.node.NodeUtils");
private static Logger nodeUtilsLogger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeUtils");
private static SimpleDateFormat logDate;
@@ -72,7 +76,7 @@ public class NodeUtils {
/**
* Given a user and password, generate the credentials
*
- * @param user User name
+ * @param user User name
* @param password User password
* @return Authorization header value
*/
@@ -96,13 +100,15 @@ public class NodeUtils {
md.update(key.getBytes());
return (getAuthHdr(node, base64Encode(md.digest())));
} catch (Exception exception) {
- nodeUtilsLogger.error("Exception in generating Credentials for given node name:= " + exception.toString(), exception);
+ nodeUtilsLogger
+ .error("Exception in generating Credentials for given node name:= " + exception.toString(), exception);
return (null);
}
}
/**
- * Given a keystore file and its password, return the value of the CN of the first private key entry with a certificate.
+ * Given a keystore file and its password, return the value of the CN of the first private key entry with a
+ * certificate.
*
* @param kstype The type of keystore
* @param ksfile The file name of the keystore
@@ -110,15 +116,16 @@ public class NodeUtils {
* @return CN of the certificate subject or null
*/
public static String getCanonicalName(String kstype, String ksfile, String kspass) {
- KeyStore ks=null;
+ KeyStore ks;
try {
ks = KeyStore.getInstance(kstype);
- try(FileInputStream fileInputStream=new FileInputStream(ksfile)) {
+ try (FileInputStream fileInputStream = new FileInputStream(ksfile)) {
ks.load(fileInputStream, kspass.toCharArray());
+ } catch (IOException ioException) {
+ nodeUtilsLogger.error("IOException occurred while opening FileInputStream: " + ioException.getMessage(),
+ ioException);
+ return (null);
}
- } catch(IOException ioException) {
- nodeUtilsLogger.error("Exception occurred while opening FileInputStream",ioException);
- return (null);
} catch (Exception e) {
setIpAndFqdnForEelf("getCanonicalName");
eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_LOAD_ERROR, ksfile, e.toString());
@@ -147,7 +154,7 @@ public class NodeUtils {
if (parts.length < 1) {
return (null);
}
- subject = parts[0].trim();
+ subject = parts[5].trim();
if (!subject.startsWith("CN=")) {
return (null);
@@ -172,7 +179,8 @@ public class NodeUtils {
try {
return (InetAddress.getByName(ip).getAddress());
} catch (Exception exception) {
- nodeUtilsLogger.error("Exception in generating byte array for given IP address := " + exception.toString(), exception);
+ nodeUtilsLogger
+ .error("Exception in generating byte array for given IP address := " + exception.toString(), exception);
}
return (null);
}
@@ -202,7 +210,8 @@ public class NodeUtils {
}
/**
- * Escape fields that might contain vertical bar, backslash, or newline by replacing them with backslash p, backslash e and backslash n.
+ * Escape fields that might contain vertical bar, backslash, or newline by replacing them with backslash p,
+ * backslash e and backslash n.
*/
public static String loge(String s) {
if (s == null) {
@@ -246,7 +255,8 @@ public class NodeUtils {
MDC.put(MDC_SERVER_FQDN, InetAddress.getLocalHost().getHostName());
MDC.put(MDC_SERVER_IP_ADDRESS, InetAddress.getLocalHost().getHostAddress());
} catch (Exception exception) {
- nodeUtilsLogger.error("Exception in generating byte array for given IP address := " + exception.toString(), exception);
+ nodeUtilsLogger
+ .error("Exception in generating byte array for given IP address := " + exception.toString(), exception);
}
}
diff --git a/datarouter-node/src/main/resources/misc/node.properties b/datarouter-node/src/main/resources/misc/node.properties
deleted file mode 100644
index fc707413..00000000
--- a/datarouter-node/src/main/resources/misc/node.properties
+++ /dev/null
@@ -1,111 +0,0 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-#
-# Configuration parameters fixed at startup for the DataRouter node
-#
-# URL to retrieve dynamic configuration
-#
-#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://prov.datarouternew.com:8443/internal/prov
-
-#
-# URL to upload PUB/DEL/EXP logs
-#
-#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://prov.datarouternew.com:8443/internal/logs
-
-#
-# The port number for http as seen within the server
-#
-#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
-IntHttpPort=8080
-#
-# The port number for https as seen within the server
-#
-IntHttpsPort=8443
-#
-# The external port number for https taking port mapping into account
-#
-ExtHttpsPort=443
-#
-# The minimum interval between fetches of the dynamic configuration
-# from the provisioning server
-#
-MinProvFetchInterval=10000
-#
-# The minimum interval between saves of the redirection data file
-#
-MinRedirSaveInterval=10000
-#
-# The path to the directory where log files are stored
-#
-LogDir=/opt/app/datartr/logs
-#
-# The retention interval (in days) for log files
-#
-LogRetention=30
-#
-# The path to the directories where data and meta data files are stored
-#
-SpoolDir=/opt/app/datartr/spool
-#
-# The path to the redirection data file
-#
-#RedirectionFile: etc/redirections.dat
-#
-# The type of keystore for https
-KeyStoreType: jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile:/opt/app/datartr/self_signed/keystore.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=changeit
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=changeit
-#
-# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts
-TrustStoreFile=/opt/app/datartr/self_signed/cacerts.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=changeit
-#
-# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
-#
-# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
-
diff --git a/datarouter-node/src/main/resources/node.properties b/datarouter-node/src/main/resources/node.properties
index 411cc2b9..de38cb6f 100644
--- a/datarouter-node/src/main/resources/node.properties
+++ b/datarouter-node/src/main/resources/node.properties
@@ -1,112 +1,111 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-#
-# Configuration parameters fixed at startup for the DataRouter node
-#
-# URL to retrieve dynamic configuration
-#
-#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://prov.datarouternew.com:8443/internal/prov
-
-#
-# URL to upload PUB/DEL/EXP logs
-#
-#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://prov.datarouternew.com:8443/internal/logs
-
-#
-# The port number for http as seen within the server
-#
-#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
-IntHttpPort=8080
-#
-# The port number for https as seen within the server
-#
-IntHttpsPort=8443
-#
-# The external port number for https taking port mapping into account
-#
-ExtHttpsPort=443
-#
-# The minimum interval between fetches of the dynamic configuration
-# from the provisioning server
-#
-MinProvFetchInterval=10000
-#
-# The minimum interval between saves of the redirection data file
-#
-MinRedirSaveInterval=10000
-#
-# The path to the directory where log files are stored
-#
-LogDir=/opt/app/datartr/logs
-#
-# The retention interval (in days) for log files
-#
-LogRetention=30
-#
-# The path to the directories where data and meta data files are stored
-#
-SpoolDir=/opt/app/datartr/spool
-#
-# The path to the redirection data file
-#
-#RedirectionFile: etc/redirections.dat
-#
-# The type of keystore for https
-#
-KeyStoreType: jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile:/opt/app/datartr/self_signed/keystore.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=changeit
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=changeit
-#
-# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts
-TrustStoreFile=/opt/app/datartr/self_signed/cacerts.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=changeit
-#
-# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
-#
-# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
-
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==================================================
+# * org.onap.dmaap
+# * ===========================================================================
+# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# * ===========================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# * ============LICENSE_END====================================================
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# *
+#-------------------------------------------------------------------------------
+#
+# Configuration parameters fixed at startup for the DataRouter node
+#
+# URL to retrieve dynamic configuration
+#
+#ProvisioningURL: ${DRTR_PROV_INTURL}
+ProvisioningURL=https://dmaap-dr-prov:8443/internal/prov
+
+#
+# URL to upload PUB/DEL/EXP logs
+#
+#LogUploadURL: ${DRTR_LOG_URL}
+LogUploadURL=https://dmaap-dr-prov:8443/internal/logs
+
+#
+# The port number for http as seen within the server
+#
+#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
+IntHttpPort=8080
+#
+# The port number for https as seen within the server
+#
+IntHttpsPort=8443
+#
+# The external port number for https taking port mapping into account
+#
+ExtHttpsPort=443
+#
+# The minimum interval between fetches of the dynamic configuration
+# from the provisioning server
+#
+MinProvFetchInterval=10000
+#
+# The minimum interval between saves of the redirection data file
+#
+MinRedirSaveInterval=10000
+#
+# The path to the directory where log files are stored
+#
+LogDir=/opt/app/datartr/logs
+#
+# The retention interval (in days) for log files
+#
+LogRetention=30
+#
+# The path to the directories where data and meta data files are stored
+#
+SpoolDir=/opt/app/datartr/spool
+#
+# The path to the redirection data file
+#
+#RedirectionFile: etc/redirections.dat
+#
+# The type of keystore for https
+KeyStoreType: jks
+#
+# The path to the keystore for https
+#
+KeyStoreFile:/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+#
+# The password for the https keystore
+#
+KeyStorePassword=4*&GD+w58RUM]01No.CYY;z6
+#
+# The password for the private key in the https keystore
+#
+KeyPassword=4*&GD+w58RUM]01No.CYY;z6
+#
+# The type of truststore for https
+#
+TrustStoreType=jks
+#
+# The path to the truststore for https
+#
+#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts
+TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+#
+# The password for the https truststore
+#
+TrustStorePassword=UDXlT6Iu[F)k,Htk92+B,0Xj
+#
+# The path to the file used to trigger an orderly shutdown
+#
+QuiesceFile=etc/SHUTDOWN
+#
+# The key used to generate passwords for node to node transfers
+#
+NodeAuthKey=Node123!
+