From e640955cbe2c2c39aaa897476ceaac156072133f Mon Sep 17 00:00:00 2001 From: xg353y Date: Tue, 8 May 2018 16:21:39 +0200 Subject: Integrate AAF Integrate AAF framework into Clamp. Issue-ID: CLAMP-103 Change-Id: I2ceeb2a85b8b5674e712b3924a96a2bd6fb71d68 Signed-off-by: xg353y --- src/main/resources/application.properties | 44 ++++++++++++++++++++++--------- 1 file changed, 32 insertions(+), 12 deletions(-) (limited to 'src/main/resources/application.properties') diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 179553dde..fd61badd8 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -30,7 +30,7 @@ info.build.version=@project.version@ ### (See below for the parameter 'server.http.port' if you want to have both enabled) ### To have only HTTP, keep the lines server.ssl.* commented ### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location -server.port=8080 +### server.port=8080 ### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port') #server.ssl.key-store=file:/tmp/mykey.jks #server.ssl.key-store-password=pass @@ -54,15 +54,21 @@ server.port=8080 ### HTTP (Redirected to HTTPS) and HTTPS Example: ### -------------------------------------------- -### server.port=8443 <-- The HTTPS port -### server.ssl.key-store=file:/tmp/mykey.jks -### server.ssl.key-store-password=mypass -### server.ssl.key-password=mypass -### server.http-to-https-redirection.port=8090 <-- The HTTP port +server.port=8443 +server.ssl.client-auth=want +server.ssl.key-store=file:/opt/clamp/config/clamp@clamp.onap.org.p12 +server.ssl.key-store-password=China in the Spring +server.ssl.key-password=China in the Spring +server.ssl.key-store-type=PKCS12 +server.ssl.trust=/opt/clamp/config/truststoreONAP.p12 +server.ssl.trust-pass=changeit +server.ssl.trust-type=PKCS12 +server.ssl.key-alias=clamp@clamp.onap.org +server.http-to-https-redirection.port=8080 server.contextPath=/ #Modified engine-rest applicationpath -spring.profiles.active=clamp-default,clamp-spring-authentication,clamp-sdc-controller +spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller #The max number of active threads in this pool server.tomcat.max-threads=200 @@ -208,10 +214,24 @@ clamp.config.dcae.dispatcher.retry.limit=10 clamp.config.dcae.header.requestId = X-ECOMP-RequestID #Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case ! -clamp.config.security.permission.type.cl=permission-type-cl -clamp.config.security.permission.type.cl.manage=permission-type-cl-manage -clamp.config.security.permission.type.cl.event=permission-type-cl-event -clamp.config.security.permission.type.filter.vf=permission-type-filter-vf -clamp.config.security.permission.type.template=permission-type-template +clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl +clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage +clamp.config.security.permission.type.cl.event=org.onap.clds.cl.event +clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf +clamp.config.security.permission.type.template=org.onap.clamp.clds.template #This one indicates the type of instances (dev|prod|perf...), this must be set accordingly in clds-users.properties clamp.config.security.permission.instance=dev + +#AAF related parameters +clamp.config.cadi.keyFile=/opt/clamp/config/org.onap.clamp.keyfile +clamp.config.cadi.cadiLoglevel=INFO +clamp.config.cadi.cadiLatitude=37.78187 +clamp.config.cadi.cadiLongitude=-122.26147 +clamp.config.cadi.aafLocateUrl=https://aaf-onap-beijing-test.osaaf.org +clamp.config.cadi.cadiKeystorePassword=enc:V_kq_EwDNb4itWp_lYfDGXIWJzemHGkhkZOxAQI9IHs +clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5F1yB1ukf +#clamp.config.cadi.oauthTokenUrl=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +#clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect +clamp.config.cadi.aafEnv=DEV +clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/AAF_NS.service:2.0 +clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US -- cgit 1.2.3-korg