From 8f25e72bd3cef408f78037f6c85c264aa9899cf1 Mon Sep 17 00:00:00 2001 From: liamfallon Date: Sun, 7 Feb 2021 18:52:13 +0000 Subject: Remove security credentials from JMS plugin The default security credential of "password" was encoded in a constant in the JMS plugin parameters file. This commit removes these credentials and defaults the credentials to null. Issue-ID: POLICY-3035 Change-Id: I6313340e64c893c4f99de78d9dd448ac53d81246 Signed-off-by: liamfallon --- .../apex/plugins/event/carrier/jms/ApexJmsConsumer.java | 12 +++++------- .../carrier/jms/JmsCarrierTechnologyParameters.java | 16 +++++++--------- 2 files changed, 12 insertions(+), 16 deletions(-) (limited to 'plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main') diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java index 88980762f..538b63546 100644 --- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java +++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. - * Modifications Copyright (C) 2019-2020 Nordix Foundation. + * Modifications Copyright (C) 2019-2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -132,10 +132,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message try (final Session jmsSession = connection.createSession(false, Session.AUTO_ACKNOWLEDGE)) { // Create a message consumer for reception of messages and set this class as a message listener createMessageConsumer(jmsSession); - } catch (final Exception e) { + } catch (final Exception exc) { final String errorMessage = "failed to create a JMS session towards the JMS server for receiving messages"; - LOGGER.warn(errorMessage, e); - throw new ApexEventRuntimeException(errorMessage, e); + throw new ApexEventRuntimeException(errorMessage, exc); } // Everything is now set up if (LOGGER.isDebugEnabled()) { @@ -157,10 +156,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message while (consumerThread.isAlive() && !stopOrderedFlag) { ThreadUtilities.sleep(jmsConsumerProperties.getConsumerWaitTime()); } - } catch (final Exception e) { + } catch (final Exception exc) { final String errorMessage = "failed to create a JMS message consumer for receiving messages"; - LOGGER.warn(errorMessage, e); - throw new ApexEventRuntimeException(errorMessage, e); + throw new ApexEventRuntimeException(errorMessage, exc); } } diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java index 6eba263e6..cdb3b4677 100644 --- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java +++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. - * Modifications Copyright (C) 2019 Nordix Foundation. + * Modifications Copyright (C) 2019,2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,6 @@ package org.onap.policy.apex.plugins.event.carrier.jms; -import java.util.Base64; import java.util.Properties; import javax.naming.Context; import org.apache.commons.lang3.StringUtils; @@ -87,7 +86,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters private static final String DEFAULT_INITIAL_CTXT_FACTORY = "org.jboss.naming.remote.client.InitialContextFactory"; private static final String DEFAULT_PROVIDER_URL = "remote://localhost:4447"; private static final String DEFAULT_SECURITY_PRINCIPAL = "userid"; - private static final String DEFAULT_SECURITY_CREDENTIALS = "cGFzc3dvcmQ="; + private static final String DEFAULT_SECURITY_CREDENTIALS = null; private static final String DEFAULT_CONSUMER_TOPIC = "apex-in"; private static final String DEFAULT_PRODUCER_TOPIC = "apex-out"; private static final int DEFAULT_CONSUMER_WAIT_TIME = 100; @@ -104,7 +103,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters private String initialContextFactory = DEFAULT_INITIAL_CTXT_FACTORY; private String providerUrl = DEFAULT_PROVIDER_URL; private String securityPrincipal = DEFAULT_SECURITY_PRINCIPAL; - private String securityCredentials = getDefaultCredential(); + private String securityCredentials = DEFAULT_SECURITY_CREDENTIALS; private String producerTopic = DEFAULT_PRODUCER_TOPIC; private String consumerTopic = DEFAULT_CONSUMER_TOPIC; private int consumerWaitTime = DEFAULT_CONSUMER_WAIT_TIME; @@ -153,7 +152,10 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters jmsProperties.put(PROPERTY_INITIAL_CONTEXT_FACTORY, initialContextFactory); jmsProperties.put(PROPERTY_PROVIDER_URL, providerUrl); jmsProperties.put(PROPERTY_SECURITY_PRINCIPAL, securityPrincipal); - jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials); + + if (securityCredentials != null) { + jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials); + } return jmsProperties; } @@ -371,8 +373,4 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters return result; } - - private String getDefaultCredential() { - return new String(Base64.getDecoder().decode(DEFAULT_SECURITY_CREDENTIALS.getBytes())); - } } -- cgit 1.2.3-korg