aboutsummaryrefslogtreecommitdiffstats
path: root/cmso-topology/src
diff options
context:
space:
mode:
Diffstat (limited to 'cmso-topology/src')
-rw-r--r--cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java155
-rw-r--r--cmso-topology/src/main/java/org/onap/observations/Observation.java129
-rw-r--r--cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java49
-rw-r--r--cmso-topology/src/main/java/org/onap/observations/ObservationObject.java198
-rw-r--r--cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java56
-rw-r--r--cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java89
-rw-r--r--cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java82
-rw-r--r--cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java137
-rw-r--r--cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java56
9 files changed, 951 insertions, 0 deletions
diff --git a/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java b/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java
new file mode 100644
index 0000000..fe6cea2
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.observations;
+
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * The Class MessageHeaders.
+ */
+public class MessageHeaders {
+
+ /**
+ * The Enum HeadersEnum.
+ */
+ public enum HeadersEnum {
+ UNDEFINED("UNDEFINED"),
+ TransactionID("X-TransactionId"),
+ FromAppID("X-FromAppId"),
+ MinorVersion("X-MinorVersion"),
+ PatchVersion("X-PatchVersion"),
+ LatestVersion("X-LatestVersion"),;
+
+ private final String text;
+
+ private HeadersEnum(String text) {
+ this.text = text;
+ }
+
+ /**
+ * To string.
+ *
+ * @return the string
+ */
+ @Override
+ public String toString() {
+ return text;
+ }
+ }
+
+ /** The Constant supportedMajorVersions. */
+ public static final Map<String, String> supportedMajorVersions = new HashMap<String, String>();
+
+ static {
+ supportedMajorVersions.put("v1", "0");
+ supportedMajorVersions.put("v2", "0");
+ }
+
+ /** The Constant supportedMajorMinorVersions. */
+ public static final Set<String> supportedMajorMinorVersions = new HashSet<String>();
+
+ static {
+ supportedMajorMinorVersions.add("v1.0");
+ supportedMajorMinorVersions.add("v2.0");
+ }
+
+ /** The Constant latestVersion. */
+ public static final String latestVersion = "2.0.0";
+
+ /** The Constant patchVersion. */
+ public static final String patchVersion = "0";
+
+ /**
+ * From string.
+ *
+ * @param text the text
+ * @return the headers enum
+ */
+ public static HeadersEnum fromString(String text) {
+ for (HeadersEnum e : HeadersEnum.values()) {
+ if (e.text.equals(text)) {
+ return e;
+ }
+ }
+ return HeadersEnum.UNDEFINED;
+ }
+
+ /**
+ * Gets the patch version.
+ *
+ * @return the patch version
+ */
+ public static String getPatchVersion() {
+ return patchVersion;
+ }
+
+ /**
+ * Gets the latest version.
+ *
+ * @return the latest version
+ */
+ public static String getLatestVersion() {
+ return latestVersion;
+ }
+
+ /**
+ * Validate major version.
+ *
+ * @param major the major
+ * @return true, if successful
+ */
+ public static boolean validateMajorVersion(String major) {
+ String majorKey = major.toLowerCase();
+ if (!supportedMajorVersions.containsKey(majorKey)) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * Validate major minor version.
+ *
+ * @param major the major
+ * @param minor the minor
+ * @return true, if successful
+ */
+ public static boolean validateMajorMinorVersion(String major, String minor) {
+ String majorKey = major.toLowerCase();
+ if (!supportedMajorVersions.containsKey(majorKey)) {
+ return false;
+ }
+
+ if (minor != null) {
+ String majorMinorKey = majorKey + "." + minor;
+ return supportedMajorMinorVersions.contains(majorMinorKey);
+ }
+ return true;
+ }
+}
diff --git a/cmso-topology/src/main/java/org/onap/observations/Observation.java b/cmso-topology/src/main/java/org/onap/observations/Observation.java
new file mode 100644
index 0000000..e1ec30c
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/observations/Observation.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.observations;
+
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import org.apache.log4j.Level;
+import org.onap.optf.cmso.topology.Application;
+
+
+/**
+ * The Class Observation.
+ */
+public class Observation {
+ private static EELFLogger log = EELFManager.getInstance().getLogger(Application.class);
+ private static EELFLogger metrics = EELFManager.getInstance().getMetricsLogger();
+ private static EELFLogger audit = EELFManager.getInstance().getAuditLogger();
+ private static EELFLogger errors = EELFManager.getInstance().getErrorLogger();
+ private static EELFLogger debug = EELFManager.getInstance().getDebugLogger();
+
+ /**
+ * Report.
+ *
+ * @param obs the o
+ * @param execpt the e
+ * @param arguments the arguments
+ */
+ // *************************************************************************************************
+ public static void report(ObservationInterface obs, Exception execpt, String... arguments) {
+ Mdc.setCaller(4);
+ Mdc.setObservation(obs);
+ if (obs.getAudit()) {
+ audit.info(obs, execpt, arguments);
+ }
+ if (obs.getMetric()) {
+ metrics.info(obs, execpt, arguments);
+ }
+ Level lev = obs.getLevel();
+ switch (lev.toInt()) {
+ case Level.WARN_INT:
+ errors.warn(obs, arguments);
+ debug.debug(obs, execpt, arguments);
+ break;
+ case Level.INFO_INT:
+ log.info(obs, execpt, arguments);
+ debug.debug(obs, execpt, arguments);
+ break;
+ case Level.ERROR_INT:
+ errors.error(obs, arguments);
+ debug.debug(obs, execpt, arguments);
+ break;
+ case Level.TRACE_INT:
+ debug.trace(obs, execpt, arguments);
+ break;
+ case Level.DEBUG_INT:
+ debug.debug(obs, execpt, arguments);
+ break;
+ default:
+ log.info(obs, execpt, arguments);
+ }
+ Mdc.clearCaller();
+ }
+
+ /**
+ * Report.
+ *
+ * @param obs the o
+ * @param arguments the arguments
+ */
+ public static void report(ObservationInterface obs, String... arguments) {
+ Mdc.setCaller(4);
+ Mdc.setObservation(obs);
+ if (obs.getAudit()) {
+ audit.info(obs, arguments);
+ }
+ if (obs.getMetric()) {
+ metrics.info(obs, arguments);
+ }
+ Level levl = obs.getLevel();
+ switch (levl.toInt()) {
+ case Level.WARN_INT:
+ errors.warn(obs, arguments);
+ debug.debug(obs, arguments);
+ break;
+ case Level.INFO_INT:
+ log.info(obs, arguments);
+ debug.debug(obs, arguments);
+ break;
+ case Level.ERROR_INT:
+ errors.error(obs, arguments);
+ debug.debug(obs, arguments);
+ break;
+ case Level.TRACE_INT:
+ debug.debug(obs, arguments);
+ break;
+ case Level.DEBUG_INT:
+ debug.debug(obs, arguments);
+ break;
+ default:
+ log.info(obs, arguments);
+ }
+ Mdc.clearCaller();
+ }
+
+}
diff --git a/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java b/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java
new file mode 100644
index 0000000..0dce93d
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.observations;
+
+import com.att.eelf.i18n.EELFResolvableErrorEnum;
+import javax.ws.rs.core.Response.Status;
+import org.apache.log4j.Level;
+
+public interface ObservationInterface extends EELFResolvableErrorEnum {
+ public Enum<?> getValue();
+
+ public Level getLevel();
+
+ public String getMessage();
+
+ public Status getStatus();
+
+ public String getDomain();
+
+ public String name();
+
+ public Boolean getAudit();
+
+ public Boolean getMetric();
+}
diff --git a/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java b/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java
new file mode 100644
index 0000000..f1c1277
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java
@@ -0,0 +1,198 @@
+/*
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.observations;
+
+import com.att.eelf.i18n.EELFResolvableErrorEnum;
+import com.att.eelf.i18n.EELFResourceManager;
+import javax.ws.rs.core.Response.Status;
+import org.apache.log4j.Level;
+
+
+/**
+ * The Class ObservationObject.
+ */
+public class ObservationObject implements ObservationInterface {
+
+ // *************************************************************************************************
+ // Interface class that matches the ObservationInteface pattern
+ // This will be used in case we decide to provide external overrides and we need to instantiate
+ // For now, we'll just use the Enum itself.
+ //
+ //
+ private Enum<?> value = null;
+
+ private Level level = null;
+ private String message = null;
+ private Status status = null;
+ private String domain = null;
+ private Boolean metric = false;
+ private Boolean audit = false;
+
+ /**
+ * Instantiates a new observation object.
+ *
+ * @param obs the o
+ */
+ public ObservationObject(ObservationInterface obs) {
+ this.value = obs.getValue();
+ this.level = obs.getLevel();
+ this.message = obs.getMessage();
+ this.status = obs.getStatus();
+ this.domain = obs.getDomain();
+ this.metric = obs.getMetric();
+ this.audit = obs.getAudit();
+
+ }
+
+ /**
+ * Gets the value.
+ *
+ * @return the value
+ */
+ @Override
+ public Enum<?> getValue() {
+ return value;
+ }
+
+ /**
+ * Gets the message.
+ *
+ * @return the message
+ */
+ @Override
+ public String getMessage() {
+ return message;
+ }
+
+ /**
+ * Gets the status.
+ *
+ * @return the status
+ */
+ @Override
+ public Status getStatus() {
+ return status;
+ }
+
+ /**
+ * Gets the domain.
+ *
+ * @return the domain
+ */
+ @Override
+ public String getDomain() {
+ return domain;
+ }
+
+ /**
+ * Gets the level.
+ *
+ * @return the level
+ */
+ @Override
+ public Level getLevel() {
+ return level;
+ }
+
+ /**
+ * Name.
+ *
+ * @return the string
+ */
+ @Override
+ public String name() {
+ return value.name();
+ }
+
+ /**
+ * Gets the audit.
+ *
+ * @return the audit
+ */
+ @Override
+ public Boolean getAudit() {
+ return audit;
+ }
+
+ /**
+ * Gets the metric.
+ *
+ * @return the metric
+ */
+ @Override
+ public Boolean getMetric() {
+ return metric;
+ }
+
+ /**
+ * Gets the message.
+ *
+ * @param arguments the arguments
+ * @return the message
+ */
+ public String getMessagef(String... arguments) {
+ return EELFResourceManager.format((EELFResolvableErrorEnum) value, arguments);
+ }
+
+ /**
+ * Sets the value.
+ *
+ * @param value the new value
+ */
+ public void setValue(Enum<?> value) {
+ this.value = value;
+ }
+
+ /**
+ * Sets the level.
+ *
+ * @param level the new level
+ */
+ public void setLevel(Level level) {
+ this.level = level;
+ }
+
+ /**
+ * Sets the message.
+ *
+ * @param message the new message
+ */
+ public void setMessage(String message) {
+ this.message = message;
+ }
+
+ /**
+ * Sets the status.
+ *
+ * @param status the new status
+ */
+ public void setStatus(Status status) {
+ this.status = status;
+ }
+
+
+}
diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java b/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java
new file mode 100644
index 0000000..7e15760
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.optf.cmso;
+
+import java.util.HashMap;
+import java.util.Map;
+import org.onap.optf.cmso.common.PropertiesManagement;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.env.EnvironmentPostProcessor;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.MutablePropertySources;
+
+public class CmsoEnvironmentPostProcessor implements EnvironmentPostProcessor {
+ // TODO tested in ONAP springboot and this is called before all of the properties files have been
+ // loaded...
+ // perhaps there is a post post processor? Until this works. DB password will be in the clear in the
+ // proeprties files.
+ @Override
+ public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
+ String pwd = environment.getProperty("cmso.database.password");
+ if (pwd != null) {
+ pwd = PropertiesManagement.getDecryptedValue(pwd);
+ Map<String, Object> map = new HashMap<String, Object>();
+ map.put("spring.datasource.password", pwd);
+ MapPropertySource propertySource = new MapPropertySource("abc", map);
+ MutablePropertySources proeprtySources = environment.getPropertySources();
+ proeprtySources.addLast(propertySource);
+ }
+ }
+
+}
diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java
new file mode 100644
index 0000000..e2602d0
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java
@@ -0,0 +1,89 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.io.IOException;
+import java.util.List;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.cadi.CadiWrap;
+import org.onap.aaf.cadi.Permission;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CmsoException;
+import org.onap.optf.cmso.topology.SpringProfiles;
+import org.onap.optf.cmso.topology.common.LogMessages;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authorization filter.
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafAuthorizationFilter extends OrderedRequestContextFilter {
+
+ @Autowired
+ AafUserRoleProperties userRoleProperties;
+
+ /**
+ * Instantiates a new aaf authorization filter.
+ */
+ public AafAuthorizationFilter() {
+ this.setOrder(FilterPriority.AAF_AUTHORIZATION.getPriority());
+
+
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+ throws IOException, ServletException {
+ try {
+ if (request instanceof CadiWrap) {
+ CadiWrap cw = (CadiWrap) request;
+ List<Permission> perms = cw.getPermissions(cw.getUserPrincipal());
+ if (userRoleProperties.processPermissions(request, perms)) {
+ filterChain.doFilter(request, response);
+ } else {
+ Observation.report(LogMessages.UNAUTHORIZED);
+ ResponseFormatter.errorResponse(request, response, new CmsoException(
+ LogMessages.UNAUTHORIZED.getStatus(), LogMessages.UNAUTHORIZED, ""));
+ }
+ } else {
+ throw new Exception();
+ }
+ } catch (Exception e) {
+ Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage());
+ ResponseFormatter.errorResponse(request, response,
+ new CmsoException(LogMessages.UNAUTHORIZED.getStatus(), LogMessages.UNAUTHORIZED, ""));
+ }
+ }
+}
diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java
new file mode 100644
index 0000000..e396264
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.io.IOException;
+import java.util.Properties;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CmsoException;
+import org.onap.optf.cmso.topology.Application;
+import org.onap.optf.cmso.topology.SpringProfiles;
+import org.onap.optf.cmso.topology.common.LogMessages;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authentication filter.
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafFilter extends OrderedRequestContextFilter {
+
+ private final CadiFilter cadiFilter;
+
+ /**
+ * Instantiates a new aaf filter.
+ *
+ * @throws IOException Signals that an I/O exception has occurred.
+ * @throws ServletException the servlet exception
+ */
+ public AafFilter() throws IOException, ServletException {
+ Properties cadiProperties = new Properties();
+ cadiProperties.load(Application.class.getClassLoader().getResourceAsStream("cadi.properties"));
+ cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
+ this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority());
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+ throws IOException, ServletException {
+ cadiFilter.doFilter(request, response, filterChain);
+ if (response.getStatus() == 401) {
+ Observation.report(LogMessages.UNAUTHENTICATED);
+ ResponseFormatter.errorResponse(request, response,
+ new CmsoException(LogMessages.UNAUTHENTICATED.getStatus(),
+ LogMessages.UNAUTHENTICATED, ""));
+ }
+ }
+
+
+}
diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java
new file mode 100644
index 0000000..db58156
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java
@@ -0,0 +1,137 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.util.HashSet;
+import java.util.Set;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+
+
+/**
+ * The Class AafPerm.
+ */
+public class AafPerm {
+ private String type;
+ private String instance;
+ private String action;
+ private Set<String> actions = new HashSet<>();
+
+ /**
+ * Gets the action.
+ *
+ * @return the action
+ */
+ public String getAction() {
+ return action;
+ }
+
+ /**
+ * Sets the action.
+ *
+ * @param action the new action
+ */
+ public void setAction(String action) {
+ this.action = action;
+ String[] list = action.split(",");
+ for (String a : list) {
+ actions.add(a);
+ }
+ }
+
+ /**
+ * Gets the type.
+ *
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * Sets the type.
+ *
+ * @param type the new type
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * Gets the single instance of AafPerm.
+ *
+ * @return single instance of AafPerm
+ */
+ public String getInstance() {
+ return instance;
+ }
+
+ /**
+ * Sets the instance.
+ *
+ * @param instance the new instance
+ */
+ public void setInstance(String instance) {
+ this.instance = instance;
+ }
+
+ /**
+ * Gets the actions.
+ *
+ * @return the actions
+ */
+ public Set<String> getActions() {
+ return actions;
+ }
+
+ /**
+ * Sets the actions.
+ *
+ * @param actions the new actions
+ */
+ public void setActions(Set<String> actions) {
+ this.actions = actions;
+ }
+
+ /**
+ * Matches.
+ *
+ * @param userPerm the user perm
+ * @return true, if successful
+ */
+ public boolean matches(AAFPermission userPerm) {
+ if (type.equals(userPerm.getType())) {
+ if (userPerm.getInstance().equals("*") || instance.equals("*") || userPerm.getInstance().equals(instance)) {
+ for (String userAction : userPerm.getAction().split(",")) {
+ if (userAction.equals("*") || actions.contains("*") || actions.contains(userAction)) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+}
diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java
new file mode 100644
index 0000000..787d786
--- /dev/null
+++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.optf.cmso.aaf;
+
+import org.onap.optf.cmso.topology.SpringProfiles;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@ComponentScan("org.onap.optf")
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafSecurityConfig extends WebSecurityConfigurerAdapter {
+
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+
+ http.csrf().disable();
+
+ }
+}