From 8f25e72bd3cef408f78037f6c85c264aa9899cf1 Mon Sep 17 00:00:00 2001
From: liamfallon <liam.fallon@est.tech>
Date: Sun, 7 Feb 2021 18:52:13 +0000
Subject: Remove security credentials from JMS plugin

The default security credential of "password" was encoded in a constant
in the JMS plugin parameters file. This commit removes these credentials
and defaults the credentials to null.

Issue-ID: POLICY-3035
Change-Id: I6313340e64c893c4f99de78d9dd448ac53d81246
Signed-off-by: liamfallon <liam.fallon@est.tech>
---
 .../apex/plugins/event/carrier/jms/ApexJmsConsumer.java  | 12 +++++-------
 .../carrier/jms/JmsCarrierTechnologyParameters.java      | 16 +++++++---------
 2 files changed, 12 insertions(+), 16 deletions(-)

(limited to 'plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main')

diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
index 88980762f..538b63546 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2016-2018 Ericsson. All rights reserved.
- *  Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ *  Modifications Copyright (C) 2019-2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -132,10 +132,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message
         try (final Session jmsSession = connection.createSession(false, Session.AUTO_ACKNOWLEDGE)) {
             // Create a message consumer for reception of messages and set this class as a message listener
             createMessageConsumer(jmsSession);
-        } catch (final Exception e) {
+        } catch (final Exception exc) {
             final String errorMessage = "failed to create a JMS session towards the JMS server for receiving messages";
-            LOGGER.warn(errorMessage, e);
-            throw new ApexEventRuntimeException(errorMessage, e);
+            throw new ApexEventRuntimeException(errorMessage, exc);
         }
         // Everything is now set up
         if (LOGGER.isDebugEnabled()) {
@@ -157,10 +156,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message
             while (consumerThread.isAlive() && !stopOrderedFlag) {
                 ThreadUtilities.sleep(jmsConsumerProperties.getConsumerWaitTime());
             }
-        } catch (final Exception e) {
+        } catch (final Exception exc) {
             final String errorMessage = "failed to create a JMS message consumer for receiving messages";
-            LOGGER.warn(errorMessage, e);
-            throw new ApexEventRuntimeException(errorMessage, e);
+            throw new ApexEventRuntimeException(errorMessage, exc);
         }
     }
 
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
index 6eba263e6..cdb3b4677 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2016-2018 Ericsson. All rights reserved.
- *  Modifications Copyright (C) 2019 Nordix Foundation.
+ *  Modifications Copyright (C) 2019,2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@
 
 package org.onap.policy.apex.plugins.event.carrier.jms;
 
-import java.util.Base64;
 import java.util.Properties;
 import javax.naming.Context;
 import org.apache.commons.lang3.StringUtils;
@@ -87,7 +86,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
     private static final String  DEFAULT_INITIAL_CTXT_FACTORY  = "org.jboss.naming.remote.client.InitialContextFactory";
     private static final String  DEFAULT_PROVIDER_URL          = "remote://localhost:4447";
     private static final String  DEFAULT_SECURITY_PRINCIPAL    = "userid";
-    private static final String  DEFAULT_SECURITY_CREDENTIALS  = "cGFzc3dvcmQ=";
+    private static final String  DEFAULT_SECURITY_CREDENTIALS  = null;
     private static final String  DEFAULT_CONSUMER_TOPIC        = "apex-in";
     private static final String  DEFAULT_PRODUCER_TOPIC        = "apex-out";
     private static final int     DEFAULT_CONSUMER_WAIT_TIME    = 100;
@@ -104,7 +103,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
     private String  initialContextFactory = DEFAULT_INITIAL_CTXT_FACTORY;
     private String  providerUrl           = DEFAULT_PROVIDER_URL;
     private String  securityPrincipal     = DEFAULT_SECURITY_PRINCIPAL;
-    private String  securityCredentials   = getDefaultCredential();
+    private String  securityCredentials   = DEFAULT_SECURITY_CREDENTIALS;
     private String  producerTopic         = DEFAULT_PRODUCER_TOPIC;
     private String  consumerTopic         = DEFAULT_CONSUMER_TOPIC;
     private int     consumerWaitTime      = DEFAULT_CONSUMER_WAIT_TIME;
@@ -153,7 +152,10 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
         jmsProperties.put(PROPERTY_INITIAL_CONTEXT_FACTORY, initialContextFactory);
         jmsProperties.put(PROPERTY_PROVIDER_URL, providerUrl);
         jmsProperties.put(PROPERTY_SECURITY_PRINCIPAL, securityPrincipal);
-        jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials);
+
+        if (securityCredentials != null) {
+            jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials);
+        }
 
         return jmsProperties;
     }
@@ -371,8 +373,4 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
 
         return result;
     }
-
-    private String getDefaultCredential() {
-        return new String(Base64.getDecoder().decode(DEFAULT_SECURITY_CREDENTIALS.getBytes()));
-    }
 }
-- 
cgit 1.2.3-korg