diff options
| author |   Lee, Tian (tl5884) <TianL@amdocs.com> | 2019-01-11 16:52:27 +0000 |
|---|---|---|
| committer | Lee, Tian (tl5884) <TianL@amdocs.com> | 2019-01-31 16:59:20 +0000 |
| commit | fd8e7fbf73b93b2dd302108c7a1bcebb132647cd (patch) | |
| tree | fee2a3df8807052a243eed1cf995b7b747ef6e45 /kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties | |
| parent | de248c3afe78f01e955375dac18edd742a5943de (diff) | |
Update Gizmo and Champ security config
- Update rProxy to use AAF geo-locate endpoint rather than hard coded IP
address
- Update fProxy to use separate truststore
- Restructure charts to reduce certificate duplication
Change-Id: I1e63ceb0ebabd8bb3dfacc71dac841858279b6f1
Issue-ID: AAF-718
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
Diffstat (limited to 'kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties')
| -rw-r--r-- | kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties index a82e38caf6..51ac56a88d 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties @@ -9,17 +9,31 @@ #hostname=test.aic.cip.att.com cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} aaf_env=DEV aaf_id=demo@people.osaaf.org aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz # This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA +cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
\ No newline at end of file |