From 2a7317e1f2024847bd6e44310aa266351490e0f0 Mon Sep 17 00:00:00 2001 From: JulienBe Date: Tue, 21 Apr 2020 13:44:13 +0200 Subject: Remove legacy password encryption This makes it easier to have a clean password policy on oom Issue-ID: CLAMP-796 Change-Id: Ib02e65e32daeeaeaa8faa10631dc62604734ab8c Signed-off-by: JulienBe --- src/main/java/org/onap/clamp/clds/Application.java | 3 +- .../config/EncodedPasswordBasicDataSource.java | 58 ---------------------- .../clds/config/spring/CldsConfiguration.java | 14 ------ 3 files changed, 1 insertion(+), 74 deletions(-) delete mode 100644 src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java (limited to 'src/main/java') diff --git a/src/main/java/org/onap/clamp/clds/Application.java b/src/main/java/org/onap/clamp/clds/Application.java index 63320d2fe..84232999e 100644 --- a/src/main/java/org/onap/clamp/clds/Application.java +++ b/src/main/java/org/onap/clamp/clds/Application.java @@ -65,8 +65,7 @@ import org.springframework.scheduling.annotation.EnableScheduling; import org.springframework.transaction.annotation.EnableTransactionManagement; @ComponentScan(basePackages = { "org.onap.clamp" }) -@SpringBootApplication(exclude = { DataSourceAutoConfiguration.class, SecurityAutoConfiguration.class, - UserDetailsServiceAutoConfiguration.class }) +@SpringBootApplication(exclude = { SecurityAutoConfiguration.class, UserDetailsServiceAutoConfiguration.class }) @EnableJpaRepositories(basePackages = { "org.onap.clamp" }) @EntityScan(basePackages = { "org.onap.clamp" }) @EnableTransactionManagement diff --git a/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java b/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java deleted file mode 100644 index 0d39cd54d..000000000 --- a/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java +++ /dev/null @@ -1,58 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ - -package org.onap.clamp.clds.config; - -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - -import java.security.GeneralSecurityException; - -import org.apache.commons.codec.DecoderException; -import org.apache.commons.dbcp.BasicDataSource; -import org.onap.clamp.clds.util.CryptoUtils; - -/** - * This class is an extension of the standard datasource, it will be used to - * decode the encoded password defined in the application.properties. - * - */ -public class EncodedPasswordBasicDataSource extends BasicDataSource { - protected static final EELFLogger logger = EELFManager.getInstance() - .getLogger(EncodedPasswordBasicDataSource.class); - protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); - - /** - * This method is used automatically by Spring to decode the password. - */ - @Override - public synchronized void setPassword(String encodedPassword) { - try { - this.password = CryptoUtils.decrypt(encodedPassword); - } catch (GeneralSecurityException e) { - logger.error("Unable to decrypt the DB password", e); - } catch (DecoderException e) { - logger.error("Exception caught when decoding the HEX String Key for encryption", e); - } - } -} \ No newline at end of file diff --git a/src/main/java/org/onap/clamp/clds/config/spring/CldsConfiguration.java b/src/main/java/org/onap/clamp/clds/config/spring/CldsConfiguration.java index b2478462f..14c08c800 100644 --- a/src/main/java/org/onap/clamp/clds/config/spring/CldsConfiguration.java +++ b/src/main/java/org/onap/clamp/clds/config/spring/CldsConfiguration.java @@ -23,13 +23,9 @@ package org.onap.clamp.clds.config.spring; -import javax.sql.DataSource; - import org.onap.clamp.clds.config.ClampProperties; -import org.onap.clamp.clds.config.EncodedPasswordBasicDataSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.config.PropertiesFactoryBean; -import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -44,16 +40,6 @@ public class CldsConfiguration { @Autowired private ClampProperties refProp; - /** - * Clds Identity database DataSource configuration. - * - * @return encoded password data source - */ - @Bean(name = "cldsDataSource") - @ConfigurationProperties(prefix = "spring.datasource.cldsdb") - public DataSource cldsDataSource() { - return new EncodedPasswordBasicDataSource(); - } /** * This loads the file system.properties. -- cgit 1.2.3-korg