diff options
author | Ronan Keogh <ronan.keogh@ericsson.com> | 2018-08-23 11:04:45 +0100 |
---|---|---|
committer | Ronan Keogh <ronan.keogh@ericsson.com> | 2018-08-29 18:00:22 +0100 |
commit | ce73ff52ce9aafb07d1aa4c28405328d83c816b9 (patch) | |
tree | bad821f50dd685251a01eb35706c98465c94f43d /datarouter-node | |
parent | fbb33454e311e72bd2f4fb0290babb92fd15b93c (diff) |
preliminary AAF changes for DR
Change-Id: I526648c42f8205c0f09b3c077aa1203e336f4f5f
Issue-ID: DMAAP-558
Signed-off-by: Ronan Keogh <ronan.keogh@ericsson.com>
Diffstat (limited to 'datarouter-node')
-rw-r--r-- | datarouter-node/aaf_certs/org.onap.dmaap-dr.jks | bin | 0 -> 3659 bytes | |||
-rw-r--r-- | datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks | bin | 0 -> 1413 bytes | |||
-rwxr-xr-x | datarouter-node/pom.xml | 4 | ||||
-rw-r--r-- | datarouter-node/self_signed/cacerts.jks | bin | 1936 -> 0 bytes | |||
-rw-r--r-- | datarouter-node/self_signed/keystore.jks | bin | 2273 -> 0 bytes | |||
-rw-r--r-- | datarouter-node/self_signed/mykey.cer | bin | 921 -> 0 bytes | |||
-rw-r--r-- | datarouter-node/self_signed/nodekey.cer | bin | 921 -> 0 bytes | |||
-rw-r--r-- | datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java | 56 | ||||
-rw-r--r-- | datarouter-node/src/main/resources/misc/node.properties | 111 | ||||
-rw-r--r-- | datarouter-node/src/main/resources/node.properties | 223 |
10 files changed, 146 insertions, 248 deletions
diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks b/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks Binary files differnew file mode 100644 index 00000000..4529cccb --- /dev/null +++ b/datarouter-node/aaf_certs/org.onap.dmaap-dr.jks diff --git a/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks b/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks Binary files differnew file mode 100644 index 00000000..096fbb26 --- /dev/null +++ b/datarouter-node/aaf_certs/org.onap.dmaap-dr.trust.jks diff --git a/datarouter-node/pom.xml b/datarouter-node/pom.xml index c6bd3e94..18743db8 100755 --- a/datarouter-node/pom.xml +++ b/datarouter-node/pom.xml @@ -376,10 +376,10 @@ <goal>copy-resources</goal> </goals> <configuration> - <outputDirectory>${basedir}/target/opt/app/datartr/self_signed</outputDirectory> + <outputDirectory>${basedir}/target/opt/app/datartr/aaf_certs</outputDirectory> <resources> <resource> - <directory>${basedir}/self_signed</directory> + <directory>${basedir}/aaf_certs</directory> <includes> <include>misc/**</include> <include>**/**</include> diff --git a/datarouter-node/self_signed/cacerts.jks b/datarouter-node/self_signed/cacerts.jks Binary files differdeleted file mode 100644 index dfd81433..00000000 --- a/datarouter-node/self_signed/cacerts.jks +++ /dev/null diff --git a/datarouter-node/self_signed/keystore.jks b/datarouter-node/self_signed/keystore.jks Binary files differdeleted file mode 100644 index e5a4e781..00000000 --- a/datarouter-node/self_signed/keystore.jks +++ /dev/null diff --git a/datarouter-node/self_signed/mykey.cer b/datarouter-node/self_signed/mykey.cer Binary files differdeleted file mode 100644 index 2a5c9d70..00000000 --- a/datarouter-node/self_signed/mykey.cer +++ /dev/null diff --git a/datarouter-node/self_signed/nodekey.cer b/datarouter-node/self_signed/nodekey.cer Binary files differdeleted file mode 100644 index 4cdfdfe3..00000000 --- a/datarouter-node/self_signed/nodekey.cer +++ /dev/null diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java index 375a38e3..2c013ca5 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java @@ -28,26 +28,30 @@ import static com.att.eelf.configuration.Configuration.MDC_SERVER_FQDN; import static com.att.eelf.configuration.Configuration.MDC_SERVER_IP_ADDRESS; import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME; -import java.security.*; -import java.io.*; -import java.util.*; -import java.security.cert.*; -import java.net.*; -import java.text.*; - +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.FileInputStream; +import java.io.IOException; +import java.net.InetAddress; +import java.security.KeyStore; +import java.security.MessageDigest; +import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.Enumeration; +import java.util.TimeZone; import org.apache.commons.codec.binary.Base64; import org.apache.log4j.Logger; import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; import org.slf4j.MDC; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - /** * Utility functions for the data router node */ public class NodeUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger("org.onap.dmaap.datarouter.node.NodeUtils"); + + private static EELFLogger eelfLogger = EELFManager.getInstance() + .getLogger("org.onap.dmaap.datarouter.node.NodeUtils"); private static Logger nodeUtilsLogger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeUtils"); private static SimpleDateFormat logDate; @@ -72,7 +76,7 @@ public class NodeUtils { /** * Given a user and password, generate the credentials * - * @param user User name + * @param user User name * @param password User password * @return Authorization header value */ @@ -96,13 +100,15 @@ public class NodeUtils { md.update(key.getBytes()); return (getAuthHdr(node, base64Encode(md.digest()))); } catch (Exception exception) { - nodeUtilsLogger.error("Exception in generating Credentials for given node name:= " + exception.toString(), exception); + nodeUtilsLogger + .error("Exception in generating Credentials for given node name:= " + exception.toString(), exception); return (null); } } /** - * Given a keystore file and its password, return the value of the CN of the first private key entry with a certificate. + * Given a keystore file and its password, return the value of the CN of the first private key entry with a + * certificate. * * @param kstype The type of keystore * @param ksfile The file name of the keystore @@ -110,15 +116,16 @@ public class NodeUtils { * @return CN of the certificate subject or null */ public static String getCanonicalName(String kstype, String ksfile, String kspass) { - KeyStore ks=null; + KeyStore ks; try { ks = KeyStore.getInstance(kstype); - try(FileInputStream fileInputStream=new FileInputStream(ksfile)) { + try (FileInputStream fileInputStream = new FileInputStream(ksfile)) { ks.load(fileInputStream, kspass.toCharArray()); + } catch (IOException ioException) { + nodeUtilsLogger.error("IOException occurred while opening FileInputStream: " + ioException.getMessage(), + ioException); + return (null); } - } catch(IOException ioException) { - nodeUtilsLogger.error("Exception occurred while opening FileInputStream",ioException); - return (null); } catch (Exception e) { setIpAndFqdnForEelf("getCanonicalName"); eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_LOAD_ERROR, ksfile, e.toString()); @@ -147,7 +154,7 @@ public class NodeUtils { if (parts.length < 1) { return (null); } - subject = parts[0].trim(); + subject = parts[5].trim(); if (!subject.startsWith("CN=")) { return (null); @@ -172,7 +179,8 @@ public class NodeUtils { try { return (InetAddress.getByName(ip).getAddress()); } catch (Exception exception) { - nodeUtilsLogger.error("Exception in generating byte array for given IP address := " + exception.toString(), exception); + nodeUtilsLogger + .error("Exception in generating byte array for given IP address := " + exception.toString(), exception); } return (null); } @@ -202,7 +210,8 @@ public class NodeUtils { } /** - * Escape fields that might contain vertical bar, backslash, or newline by replacing them with backslash p, backslash e and backslash n. + * Escape fields that might contain vertical bar, backslash, or newline by replacing them with backslash p, + * backslash e and backslash n. */ public static String loge(String s) { if (s == null) { @@ -246,7 +255,8 @@ public class NodeUtils { MDC.put(MDC_SERVER_FQDN, InetAddress.getLocalHost().getHostName()); MDC.put(MDC_SERVER_IP_ADDRESS, InetAddress.getLocalHost().getHostAddress()); } catch (Exception exception) { - nodeUtilsLogger.error("Exception in generating byte array for given IP address := " + exception.toString(), exception); + nodeUtilsLogger + .error("Exception in generating byte array for given IP address := " + exception.toString(), exception); } } diff --git a/datarouter-node/src/main/resources/misc/node.properties b/datarouter-node/src/main/resources/misc/node.properties deleted file mode 100644 index fc707413..00000000 --- a/datarouter-node/src/main/resources/misc/node.properties +++ /dev/null @@ -1,111 +0,0 @@ -#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-#
-# Configuration parameters fixed at startup for the DataRouter node
-#
-# URL to retrieve dynamic configuration
-#
-#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://prov.datarouternew.com:8443/internal/prov
-
-#
-# URL to upload PUB/DEL/EXP logs
-#
-#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://prov.datarouternew.com:8443/internal/logs
-
-#
-# The port number for http as seen within the server
-#
-#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
-IntHttpPort=8080
-#
-# The port number for https as seen within the server
-#
-IntHttpsPort=8443
-#
-# The external port number for https taking port mapping into account
-#
-ExtHttpsPort=443
-#
-# The minimum interval between fetches of the dynamic configuration
-# from the provisioning server
-#
-MinProvFetchInterval=10000
-#
-# The minimum interval between saves of the redirection data file
-#
-MinRedirSaveInterval=10000
-#
-# The path to the directory where log files are stored
-#
-LogDir=/opt/app/datartr/logs
-#
-# The retention interval (in days) for log files
-#
-LogRetention=30
-#
-# The path to the directories where data and meta data files are stored
-#
-SpoolDir=/opt/app/datartr/spool
-#
-# The path to the redirection data file
-#
-#RedirectionFile: etc/redirections.dat
-#
-# The type of keystore for https
-KeyStoreType: jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile:/opt/app/datartr/self_signed/keystore.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=changeit
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=changeit
-#
-# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts
-TrustStoreFile=/opt/app/datartr/self_signed/cacerts.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=changeit
-#
-# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
-#
-# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
-
diff --git a/datarouter-node/src/main/resources/node.properties b/datarouter-node/src/main/resources/node.properties index 411cc2b9..de38cb6f 100644 --- a/datarouter-node/src/main/resources/node.properties +++ b/datarouter-node/src/main/resources/node.properties @@ -1,112 +1,111 @@ -#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
-#
-# Configuration parameters fixed at startup for the DataRouter node
-#
-# URL to retrieve dynamic configuration
-#
-#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://prov.datarouternew.com:8443/internal/prov
-
-#
-# URL to upload PUB/DEL/EXP logs
-#
-#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://prov.datarouternew.com:8443/internal/logs
-
-#
-# The port number for http as seen within the server
-#
-#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
-IntHttpPort=8080
-#
-# The port number for https as seen within the server
-#
-IntHttpsPort=8443
-#
-# The external port number for https taking port mapping into account
-#
-ExtHttpsPort=443
-#
-# The minimum interval between fetches of the dynamic configuration
-# from the provisioning server
-#
-MinProvFetchInterval=10000
-#
-# The minimum interval between saves of the redirection data file
-#
-MinRedirSaveInterval=10000
-#
-# The path to the directory where log files are stored
-#
-LogDir=/opt/app/datartr/logs
-#
-# The retention interval (in days) for log files
-#
-LogRetention=30
-#
-# The path to the directories where data and meta data files are stored
-#
-SpoolDir=/opt/app/datartr/spool
-#
-# The path to the redirection data file
-#
-#RedirectionFile: etc/redirections.dat
-#
-# The type of keystore for https
-#
-KeyStoreType: jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile:/opt/app/datartr/self_signed/keystore.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=changeit
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=changeit
-#
-# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts
-TrustStoreFile=/opt/app/datartr/self_signed/cacerts.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=changeit
-#
-# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
-#
-# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
-
+#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- +# +# Configuration parameters fixed at startup for the DataRouter node +# +# URL to retrieve dynamic configuration +# +#ProvisioningURL: ${DRTR_PROV_INTURL} +ProvisioningURL=https://dmaap-dr-prov:8443/internal/prov + +# +# URL to upload PUB/DEL/EXP logs +# +#LogUploadURL: ${DRTR_LOG_URL} +LogUploadURL=https://dmaap-dr-prov:8443/internal/logs + +# +# The port number for http as seen within the server +# +#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080} +IntHttpPort=8080 +# +# The port number for https as seen within the server +# +IntHttpsPort=8443 +# +# The external port number for https taking port mapping into account +# +ExtHttpsPort=443 +# +# The minimum interval between fetches of the dynamic configuration +# from the provisioning server +# +MinProvFetchInterval=10000 +# +# The minimum interval between saves of the redirection data file +# +MinRedirSaveInterval=10000 +# +# The path to the directory where log files are stored +# +LogDir=/opt/app/datartr/logs +# +# The retention interval (in days) for log files +# +LogRetention=30 +# +# The path to the directories where data and meta data files are stored +# +SpoolDir=/opt/app/datartr/spool +# +# The path to the redirection data file +# +#RedirectionFile: etc/redirections.dat +# +# The type of keystore for https +KeyStoreType: jks +# +# The path to the keystore for https +# +KeyStoreFile:/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +# +# The password for the https keystore +# +KeyStorePassword=4*&GD+w58RUM]01No.CYY;z6 +# +# The password for the private key in the https keystore +# +KeyPassword=4*&GD+w58RUM]01No.CYY;z6 +# +# The type of truststore for https +# +TrustStoreType=jks +# +# The path to the truststore for https +# +#TrustStoreFile=/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts +TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +# +# The password for the https truststore +# +TrustStorePassword=UDXlT6Iu[F)k,Htk92+B,0Xj +# +# The path to the file used to trigger an orderly shutdown +# +QuiesceFile=etc/SHUTDOWN +# +# The key used to generate passwords for node to node transfers +# +NodeAuthKey=Node123! + |