From 8f25e72bd3cef408f78037f6c85c264aa9899cf1 Mon Sep 17 00:00:00 2001
From: liamfallon <liam.fallon@est.tech>
Date: Sun, 7 Feb 2021 18:52:13 +0000
Subject: Remove security credentials from JMS plugin

The default security credential of "password" was encoded in a constant
in the JMS plugin parameters file. This commit removes these credentials
and defaults the credentials to null.

Issue-ID: POLICY-3035
Change-Id: I6313340e64c893c4f99de78d9dd448ac53d81246
Signed-off-by: liamfallon <liam.fallon@est.tech>
---
 .../plugins/event/carrier/jms/ApexJmsConsumer.java | 12 ++++-----
 .../jms/JmsCarrierTechnologyParameters.java        | 16 +++++------
 .../event/carrier/jms/ApexJmsProducerTest.java     |  7 +++--
 .../jms/JmsCarrierTechnologyParametersTest.java    | 31 ++++++++++++++++------
 4 files changed, 40 insertions(+), 26 deletions(-)

(limited to 'plugins/plugins-event/plugins-event-carrier')

diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
index 88980762f..538b63546 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsConsumer.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2016-2018 Ericsson. All rights reserved.
- *  Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ *  Modifications Copyright (C) 2019-2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -132,10 +132,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message
         try (final Session jmsSession = connection.createSession(false, Session.AUTO_ACKNOWLEDGE)) {
             // Create a message consumer for reception of messages and set this class as a message listener
             createMessageConsumer(jmsSession);
-        } catch (final Exception e) {
+        } catch (final Exception exc) {
             final String errorMessage = "failed to create a JMS session towards the JMS server for receiving messages";
-            LOGGER.warn(errorMessage, e);
-            throw new ApexEventRuntimeException(errorMessage, e);
+            throw new ApexEventRuntimeException(errorMessage, exc);
         }
         // Everything is now set up
         if (LOGGER.isDebugEnabled()) {
@@ -157,10 +156,9 @@ public class ApexJmsConsumer extends ApexPluginsEventConsumer implements Message
             while (consumerThread.isAlive() && !stopOrderedFlag) {
                 ThreadUtilities.sleep(jmsConsumerProperties.getConsumerWaitTime());
             }
-        } catch (final Exception e) {
+        } catch (final Exception exc) {
             final String errorMessage = "failed to create a JMS message consumer for receiving messages";
-            LOGGER.warn(errorMessage, e);
-            throw new ApexEventRuntimeException(errorMessage, e);
+            throw new ApexEventRuntimeException(errorMessage, exc);
         }
     }
 
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
index 6eba263e6..cdb3b4677 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/main/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParameters.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2016-2018 Ericsson. All rights reserved.
- *  Modifications Copyright (C) 2019 Nordix Foundation.
+ *  Modifications Copyright (C) 2019,2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@
 
 package org.onap.policy.apex.plugins.event.carrier.jms;
 
-import java.util.Base64;
 import java.util.Properties;
 import javax.naming.Context;
 import org.apache.commons.lang3.StringUtils;
@@ -87,7 +86,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
     private static final String  DEFAULT_INITIAL_CTXT_FACTORY  = "org.jboss.naming.remote.client.InitialContextFactory";
     private static final String  DEFAULT_PROVIDER_URL          = "remote://localhost:4447";
     private static final String  DEFAULT_SECURITY_PRINCIPAL    = "userid";
-    private static final String  DEFAULT_SECURITY_CREDENTIALS  = "cGFzc3dvcmQ=";
+    private static final String  DEFAULT_SECURITY_CREDENTIALS  = null;
     private static final String  DEFAULT_CONSUMER_TOPIC        = "apex-in";
     private static final String  DEFAULT_PRODUCER_TOPIC        = "apex-out";
     private static final int     DEFAULT_CONSUMER_WAIT_TIME    = 100;
@@ -104,7 +103,7 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
     private String  initialContextFactory = DEFAULT_INITIAL_CTXT_FACTORY;
     private String  providerUrl           = DEFAULT_PROVIDER_URL;
     private String  securityPrincipal     = DEFAULT_SECURITY_PRINCIPAL;
-    private String  securityCredentials   = getDefaultCredential();
+    private String  securityCredentials   = DEFAULT_SECURITY_CREDENTIALS;
     private String  producerTopic         = DEFAULT_PRODUCER_TOPIC;
     private String  consumerTopic         = DEFAULT_CONSUMER_TOPIC;
     private int     consumerWaitTime      = DEFAULT_CONSUMER_WAIT_TIME;
@@ -153,7 +152,10 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
         jmsProperties.put(PROPERTY_INITIAL_CONTEXT_FACTORY, initialContextFactory);
         jmsProperties.put(PROPERTY_PROVIDER_URL, providerUrl);
         jmsProperties.put(PROPERTY_SECURITY_PRINCIPAL, securityPrincipal);
-        jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials);
+
+        if (securityCredentials != null) {
+            jmsProperties.put(PROPERTY_SECURITY_CREDENTIALS, securityCredentials);
+        }
 
         return jmsProperties;
     }
@@ -371,8 +373,4 @@ public class JmsCarrierTechnologyParameters extends CarrierTechnologyParameters
 
         return result;
     }
-
-    private String getDefaultCredential() {
-        return new String(Base64.getDecoder().decode(DEFAULT_SECURITY_CREDENTIALS.getBytes()));
-    }
 }
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsProducerTest.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsProducerTest.java
index 3783c1ba3..09a87f804 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsProducerTest.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/ApexJmsProducerTest.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2019 Samsung. All rights reserved.
- *  Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ *  Modifications Copyright (C) 2019-2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -116,7 +116,10 @@ public class ApexJmsProducerTest {
                 apexJmsConsumer, apexJmsProducer, DEFAULT_SYNCHRONOUS_EVENT_TIMEOUT);
         apexJmsProducer.setPeeredReference(EventHandlerPeeredMode.SYNCHRONOUS,
                 synchronousEventCache);
-        assertThatThrownBy(() -> apexJmsProducer.sendEvent(-1L, null, "TestApexJmsProducer", new ApexJmsProducerTest()))
+
+        ApexJmsProducerTest producerTest = new ApexJmsProducerTest();
+
+        assertThatThrownBy(() -> apexJmsProducer.sendEvent(-1L, null, "TestApexJmsProducer", producerTest))
             .isInstanceOf(ApexEventRuntimeException.class);
     }
 
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParametersTest.java b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParametersTest.java
index eb0e3d888..6be0fd32c 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParametersTest.java
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/src/test/java/org/onap/policy/apex/plugins/event/carrier/jms/JmsCarrierTechnologyParametersTest.java
@@ -1,7 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  *  Copyright (C) 2019 Samsung. All rights reserved.
- *  Modifications Copyright (C) 2019 Nordix Foundation.
+ *  Modifications Copyright (C) 2019,2021 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,10 +25,11 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 
-import java.util.Base64;
 import java.util.Properties;
+import javax.naming.Context;
 import org.junit.Before;
 import org.junit.Test;
 import org.onap.policy.common.parameters.GroupValidationResult;
@@ -54,7 +55,6 @@ public class JmsCarrierTechnologyParametersTest {
             "org.jboss.naming.remote.client.InitialContextFactory";
     private static final String DEFAULT_PROVIDER_URL = "remote://localhost:4447";
     private static final String DEFAULT_SECURITY_PRINCIPAL = "userid";
-    private static final String DEFAULT_SECURITY_CREDENTIALS = "cGFzc3dvcmQ=";
     private static final String DEFAULT_CONSUMER_TOPIC = "apex-in";
     private static final String DEFAULT_PRODUCER_TOPIC = "apex-out";
     private static final int DEFAULT_CONSUMER_WAIT_TIME = 100;
@@ -72,6 +72,11 @@ public class JmsCarrierTechnologyParametersTest {
 
     @Test
     public void testValidate() {
+        result = jmsCarrierTechnologyParameters.validate();
+        assertNotNull(result);
+        assertFalse(result.getStatus().isValid());
+
+        jmsCarrierTechnologyParameters.setSecurityCredentials("DUMMY");
         result = jmsCarrierTechnologyParameters.validate();
         assertNotNull(result);
         assertTrue(result.getStatus().isValid());
@@ -84,12 +89,24 @@ public class JmsCarrierTechnologyParametersTest {
 
     @Test
     public void testGetJmsProducerProperties() {
-        assertNotNull(jmsCarrierTechnologyParameters.getJmsConsumerProperties());
+        Properties producerProperties = jmsCarrierTechnologyParameters.getJmsProducerProperties();
+        assertNotNull(producerProperties);
+        assertNull(producerProperties.get(Context.SECURITY_CREDENTIALS));
+
+        jmsCarrierTechnologyParameters.setSecurityCredentials("DUMMY");
+        producerProperties = jmsCarrierTechnologyParameters.getJmsProducerProperties();
+        assertEquals("DUMMY", producerProperties.get(Context.SECURITY_CREDENTIALS));
     }
 
     @Test
     public void testGetJmsConsumerProperties() {
-        assertNotNull(jmsCarrierTechnologyParameters.getJmsProducerProperties());
+        Properties consumerProperties = jmsCarrierTechnologyParameters.getJmsConsumerProperties();
+        assertNotNull(consumerProperties);
+        assertNull(consumerProperties.get(Context.SECURITY_CREDENTIALS));
+
+        jmsCarrierTechnologyParameters.setSecurityCredentials("DUMMY");
+        consumerProperties = jmsCarrierTechnologyParameters.getJmsProducerProperties();
+        assertEquals("DUMMY", consumerProperties.get(Context.SECURITY_CREDENTIALS));
     }
 
     @Test
@@ -179,9 +196,7 @@ public class JmsCarrierTechnologyParametersTest {
 
     @Test
     public void testSetSecurityCredentials() {
-        assertEquals(
-                new String(Base64.getDecoder().decode(DEFAULT_SECURITY_CREDENTIALS.getBytes())),
-                jmsCarrierTechnologyParameters.getSecurityCredentials());
+        assertNull(jmsCarrierTechnologyParameters.getSecurityCredentials());
         jmsCarrierTechnologyParameters.setSecurityCredentials("");
         result = jmsCarrierTechnologyParameters.validate();
         assertFalse(result.getStatus().isValid());
-- 
cgit 1.2.3-korg