From 9733421dbe8eb679bfc406f899ca8e68b768bc3c Mon Sep 17 00:00:00 2001 From: sunil unnava Date: Thu, 13 Sep 2018 17:42:03 -0400 Subject: AAF integration modifications Issue-ID: DMAAP-772 Change-Id: Ia343208e3a4bcecf1674413e387da1b9b8dfb594 Signed-off-by: sunil unnava --- .../etc/appprops/MsgRtrApi.properties | 2 +- demo/docker_files/cadi.properties | 33 +++++---- pom.xml | 75 +++++++++++---------- src/main/config/ajsc-override-web.xml | 4 +- src/main/config/cadi.properties | 74 +++++--------------- src/main/config/keyfilenew | 27 ++++++++ src/main/config/org.onap.dmaap.mr.p12 | Bin 0 -> 4056 bytes src/main/config/runner-web.xml | 4 +- src/main/config/truststoreONAPall.jks | Bin 0 -> 114865 bytes .../com/att/nsa/dmaap/util/DMaaPAuthFilter.java | 2 +- .../att/nsa/dmaap/util/DMaaPAuthFilterTest.java | 13 ---- 11 files changed, 105 insertions(+), 129 deletions(-) create mode 100644 src/main/config/keyfilenew create mode 100644 src/main/config/org.onap.dmaap.mr.p12 create mode 100644 src/main/config/truststoreONAPall.jks diff --git a/bundleconfig-local/etc/appprops/MsgRtrApi.properties b/bundleconfig-local/etc/appprops/MsgRtrApi.properties index 552c6a7..160cc0b 100644 --- a/bundleconfig-local/etc/appprops/MsgRtrApi.properties +++ b/bundleconfig-local/etc/appprops/MsgRtrApi.properties @@ -151,7 +151,7 @@ msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: enforced.topic.name.AAF=org.onap forceAAF=false transidUEBtopicreqd=false -defaultNSforUEB=org.onap.dmaap.mr.ueb +defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin diff --git a/demo/docker_files/cadi.properties b/demo/docker_files/cadi.properties index 1cb00a5..a79bb8d 100644 --- a/demo/docker_files/cadi.properties +++ b/demo/docker_files/cadi.properties @@ -1,21 +1,20 @@ -basic_realm=openecomp.org -basic_warn=TRUE +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +aaf_env=DEV +aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -cadi_loglevel=DEBUG -#cadi_keyfile=target/swm/package/nix/dist_files/appl/${artifactId}/etc/keyfile2 -cadi_keyfile=/appl/dmaapMR1/etc/keyfile -# Configure AAF -aaf_url=https://DME2RESOLVE/service=org.openecomp.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE +cadi_truststore=/appl/dmaapMR1/etc/truststoreONAPall.jks +cadi_truststore_password=changeit -aaf_id=dgl@openecomp.org -aaf_password=enc:f2u5br1mh29M02- -aaf_timeout=5000 -aaf_clean_interval=1200000 -aaf_user_expires=60000 -aaf_high_count=1000000 +cadi_keyfile=/appl/dmaapMR1/etc/keyfilenew +cadi_alias=dmaapmr@mr.dmaap.onap.org +cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12 +cadi_keystore_password=Messaging for All +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -# The following properties are being set by the AJSC Container and should NOT need to be set here. -AFT_LATITUDE=33.823589 -AFT_LONGITUDE=-84.366982 -AFT_ENVIRONMENT=AFTUAT + +cadi_loglevel=INFO +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_latitude=37.78187 +cadi_longitude=-122.26147 \ No newline at end of file diff --git a/pom.xml b/pom.xml index a2bdebd..7438ac0 100644 --- a/pom.xml +++ b/pom.xml @@ -345,7 +345,7 @@ 3.2.5 - + org.springframework spring-expression @@ -457,7 +457,7 @@ org.onap.dmaap.messagerouter.msgrtr msgrtr - 1.1.7 + 1.1.9 org.slf4j @@ -602,37 +602,16 @@ pom - - com.att.cadi - cadi-aaf - 1.3.0 - - - - com.att.inno - rosetta - 1.2.11 - - - com.att.inno - env - 1.2.11 - - - com.att.inno - xgen - 1.2.11 - - - com.att.inno - rosetta - 1.2.11 - - - backport-util-concurrent - backport-util-concurrent - 3.1 - + + org.onap.aaf.authz + aaf-cadi-aaf + 2.1.2-SNAPSHOT + + + backport-util-concurrent + backport-util-concurrent + 3.1 + org.apache.camel camel-core @@ -1358,6 +1337,34 @@ + + org.apache.maven.plugins + maven-enforcer-plugin + + + enforce-no-snapshots + + enforce + + + + + No Snapshots Allowed! + + org.onap.aaf.authz:aaf-cadi-client + org.onap.aaf.authz:aaf-misc-env + org.onap.aaf.authz:aaf-cadi-aaf + org.onap.aaf.authz:aaf-auth-client + org.onap.aaf.authz:aaf-cadi-core + org.onap.aaf.authz:aaf-misc-rosetta + + + + true + + + + diff --git a/src/main/config/ajsc-override-web.xml b/src/main/config/ajsc-override-web.xml index 7bd3c1d..42652d4 100644 --- a/src/main/config/ajsc-override-web.xml +++ b/src/main/config/ajsc-override-web.xml @@ -25,10 +25,10 @@ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" metadata-complete="false" version="3.0"> - + WriteableRequestFilter diff --git a/src/main/config/cadi.properties b/src/main/config/cadi.properties index 30df1b9..a79bb8d 100644 --- a/src/main/config/cadi.properties +++ b/src/main/config/cadi.properties @@ -1,64 +1,20 @@ -############################################################################### -# ============LICENSE_START======================================================= -# org.onap.dmaap -# ================================================================================ -# Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# -############################################################################### -#This properties file is used for defining AAF properties related to the CADI framework. This file is used for running AAF framework -#using the ajsc-cadi plugin. For more information on the ajsc-cadi plugin, +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +aaf_env=DEV +aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm -#In order to test functionality of cadi-ajsc-plugin locally (pertaining to GLO (AT&T Global Login)), you will need an AT&T cross -#domain cookie. Cadi "should" find your hostname for you. However, we have seen some situations where this fails. A Local testing -#modification can include modifying your hosts file so that you can use "mywebserver.att.com" for your localhost in order -#to test/verify GLO functionality locally. If you are on a Windows machine, you will already have a machine name associated with -#it that will utilize an AT&T domain such as "sbc.com". You may need to add your AT&T domain to this as a comma separated list depending -#upon your particular machine domain. This property is commented out as cadi SHOULD find your machine name. With version 1.2.1 of cadi, -#it appears to resolve Mac machine names as well, now. But, this can be somewhat inconsistent depending on your specific working envrironment. -hostname=mywebserver.att.com +cadi_truststore=/appl/dmaapMR1/etc/truststoreONAPall.jks +cadi_truststore_password=changeit -#Setting csp_domain to PROD will allow for testing using your attuid and password through GLO. -csp_domain=PROD -csp_devl_localhost=true +cadi_keyfile=/appl/dmaapMR1/etc/keyfilenew -basic_realm=csp.att.com -#basic_realm=aaf.att.com -basic_warn=TRUE +cadi_alias=dmaapmr@mr.dmaap.onap.org +cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12 +cadi_keystore_password=Messaging for All +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -cadi_loglevel=DEBUG -#cadi_keyfile=target/swm/package/nix/dist_files/appl/${artifactId}/etc/keyfile2 -cadi_keyfile=etc/keyfile -# Configure AAF -aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE -#AJSC - MECHID - -aaf_id= -aaf_password= - - -aaf_timeout=5000 -aaf_clean_interval=1200000 -aaf_user_expires=60000 -aaf_high_count=1000000 - - -# Some Libs need System Property Sets (i.e. AT&T Discovery) -# The following properties are being set by the AJSC Container and should NOT need to be set here. -#AFT_LATITUDE=33.823589 -#AFT_LONGITUDE=-84.366982 -#AFT_ENVIRONMENT=AFTUAT \ No newline at end of file +cadi_loglevel=INFO +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_latitude=37.78187 +cadi_longitude=-122.26147 \ No newline at end of file diff --git a/src/main/config/keyfilenew b/src/main/config/keyfilenew new file mode 100644 index 0000000..884375f --- /dev/null +++ b/src/main/config/keyfilenew @@ -0,0 +1,27 @@ +Riwh4gx5yeqp3KFVdmuREXNlB2ie9JSWKRBR08cNhaubYzsoAlCgOYu8g1OuA735u59jaRwAtLxt +5m3aMD5MJZ1ItS4x6CeGCKQ0X3F3OzDRsIv-6iDBhlKdOX9pdR8UF7CBqgqbDmvhg3D-h2JcoYJ4 +uzCPI0ZMXeUELkB3l1ZyhsiDrI892AL_VOxQhhsZk1E3P4UFmhfy_579OCVRVhC38xvL0vrtWkHK +5-1wO3enzrt_p2Jrv-LTgNHTwLF7djyesb55FC9VlTqCrvIomBXvG6NaFuy9_tNJ507ees1_KfTh +4_BVWfZwoXx8ZXWG9_Pu-S8qKn-f8HtgbJnvAW9wze0H7jpRmOQ1nattTqq7sUTgBT-gzzMsFFH9 +61Mwf_OZc41PneLK9ajy8AzvffPVbW_KNssUC96X6DEkzjrk--fN6uE1VMJVK515smSV0bpcbD6e +o5GRC2xaa6t3IpZ6Z4f08Dxgob5oyWPKNYKSdcvIgp_HT6oJ7m4TovOQm23ZuuLsGAz9My1pJn42 +fcug_tR2sVSzTYTO9mEAEfRRhPQAWYpAFxclb08Frd-ZOy9V9epsJwLE1tFxjNX31lkFb5G-i0MP +ZHhtDpIlHM_CvX3tlKrJWMSA91JIfZ0E1mXEkrG9Tzz8jifoijzM_rTvAQf5RQqqAhiuEMSjZeVV +UoKhEp9duhsJCwNelgpjbAvthYa-InQhC9b4FmMWN0QnhUddb8dw_cNOIfuQu8i38qm9MmkGBSD3 +6dS4Ly6XXqAfz7j7TjrqDJfYWaYRa3OkE2I1jxwo-3IUkKLah9gYKX_FkaNlObHN1c1A5uQ4wJVK +FAkd98e4vr3UiY6wuKBgKeE-wwU0mUK1lRVmb5fwrsVmCUPOXO8wZZxtjmJddB08jkACyLbHEMg2 +U5fKBpaqq_9DQxnLvd0-ydNcVxYgiTCB9vsmIJ38maLROARmUtfiuuZD-cwOLnDzRkTmARwwxPks +6ea0cpx-SckhwZHuavq4DLGYbsk-pXToia-M6pPf9rW8qQqeMyUBg4c3--unHBSajT0UxPSbiFrL +9pxwVeUBulB4j1BtLOPhQaAXHTWpD-85n6ecPEYfpIK73_S7fLBfUD1gyQ6tZj4VYjoSfGKAFStE +zCUMvryARBNVFJ0ENq-xKyst_M4V3WjcIeiLW3LmjByk-aymys-e8mUL_tcn_MO9pCktAr1xu5Yx +wBcBOrFlB2UP8Im7vBHbGgf77ssqyxy5_cJhaO9MBKUx5KZQw9eE9ePf6UvELTev7Urhla4QKUm9 +AMemzy2RvC2ghZeh7fzBahbZpRM3vDDm4IhbcZavA2d2DEgq8c0AUhlPYE-LCv2BOKBeUEkGULxU +29uIc8LkcLHh37WHmJOjVbH9gB9enHH0sBf9cnv7A70R1evSWeHn0ty9vVXPOLODSQGqbB40qAhQ +MEsRt-13WUAlHjosA7yj2zHTLMeuSqqPuPeiyGPtblkWUC-gpEJxgK8hTb1LzoZVZeteqgdMKlde +Q0gmI_0CX5RtCjITSlHaKxzw6ly9qqv52GZVpAYlu2SWeFdlCg9txh2ke0x3rTMKsM8i0ccCdmLq +E60akH2bPa4vB7zRiu3im-IVli9V8zz8U2roQrfN08IJCAatSQRVfUiyAAJkOEcghuHmaErA-kD8 +fu0sWuAHsEgKBtfaeOu5OFeyeLmNRiPKpVotMyDHrEjjBW-TVTppWwgN5Utmx80RghSmzwUjglyG +3aaM3iJqp8xvgtlLtoJkq2A8rMbw0eAQ7I33hAn-jfBkmjsVkzsVgffe5xqGA1DDYm1lTkv4OjFX +_tTzYfN2V1BtYNUN_edhQRMsNh5-mpZwOeb5JpdJQFZUXaFtwDedx_sqe54NEJ4jV7w4up7H0MXp +WTazMQmwRzsLTs1U8zeJ0Ib0LAb4EsX6DML3Ue87nmYCj450KE9DM0tYGWn13jiGWoDEhW4noi2X +gkcjwIcM-87wwvsb-rMIOdo2DXQee8zKzB51N4YAn4VBUfjXVMhjjSwg40yHlzKQE0hAOuJN \ No newline at end of file diff --git a/src/main/config/org.onap.dmaap.mr.p12 b/src/main/config/org.onap.dmaap.mr.p12 new file mode 100644 index 0000000..79549ed Binary files /dev/null and b/src/main/config/org.onap.dmaap.mr.p12 differ diff --git a/src/main/config/runner-web.xml b/src/main/config/runner-web.xml index 55d7961..2bcf11d 100644 --- a/src/main/config/runner-web.xml +++ b/src/main/config/runner-web.xml @@ -66,7 +66,7 @@ - + diff --git a/src/main/config/truststoreONAPall.jks b/src/main/config/truststoreONAPall.jks new file mode 100644 index 0000000..2da1dcc Binary files /dev/null and b/src/main/config/truststoreONAPall.jks differ diff --git a/src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java b/src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java index 8453a12..652bfc2 100644 --- a/src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java +++ b/src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java @@ -33,7 +33,7 @@ import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; import org.springframework.stereotype.Component; -import com.att.cadi.filter.CadiFilter; +import org.onap.aaf.cadi.filter.CadiFilter; //import ajsc.external.plugins.cadi.AjscCadiFilter; import javax.servlet.FilterConfig; diff --git a/src/test/java/com/att/nsa/dmaap/util/DMaaPAuthFilterTest.java b/src/test/java/com/att/nsa/dmaap/util/DMaaPAuthFilterTest.java index 4d9fa95..f5ad531 100644 --- a/src/test/java/com/att/nsa/dmaap/util/DMaaPAuthFilterTest.java +++ b/src/test/java/com/att/nsa/dmaap/util/DMaaPAuthFilterTest.java @@ -44,7 +44,6 @@ import com.att.ajsc.beans.PropertiesMapBean; import com.att.dmf.mr.beans.DMaaPContext; import com.att.dmf.mr.exception.DMaaPResponseCode; -import com.att.cadi.Access.Level; @RunWith(PowerMockRunner.class) @PrepareForTest({ PropertiesMapBean.class, DMaaPResponseCode.class }) @@ -97,17 +96,5 @@ public class DMaaPAuthFilterTest { } - @Test - public void testLog() { - String s[] = { "test1", "test2" }; - Object[] o = s; - filter.log(Level.AUDIT, o); - filter.log(Level.DEBUG, o); - filter.log(Level.ERROR, o); - filter.log(Level.INFO, o); - filter.log(Level.INIT, o); - filter.log(Level.WARN, o); - assertTrue(true); - } } \ No newline at end of file -- cgit 1.2.3-korg