diff options
author | Jorge Hernandez <jorge.hernandez-herrero@att.com> | 2018-10-26 09:27:05 -0500 |
---|---|---|
committer | Jorge Hernandez <jorge.hernandez-herrero@att.com> | 2018-10-26 09:46:46 -0500 |
commit | 7f983422c4970efdf778b99318e346e5de0cd60f (patch) | |
tree | 0d47d1f4f9eb769999c0911467b7d7ca7989ed94 | |
parent | 5bf8486284313c32de3dc8c05233eeb621c845ab (diff) |
Enable Authorization AAF Filter programmatically3.0.0-ONAP
The intent is to reduce configuration options and
automatically set up the authorization filter
(that will complement the authentication filter
that the policy-endpoints common framework automatically
provides).
Previously to enable the AAF authorization filter,
it will need the configuration had to kept track of
AAF flag, and the "filterClasses" property configuration,
make a bit more difficult to keep them sync, and easily
turn on/off AAF.
Change-Id: I3d59de6fa83986c5dcb6b3d38077278b8e75689a
Issue-ID: POLICY-1216
Signed-off-by: Jorge Hernandez <jorge.hernandez-herrero@att.com>
5 files changed, 16 insertions, 5 deletions
diff --git a/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties b/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties index e44543a8..eaecaa67 100644 --- a/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties +++ b/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties @@ -27,8 +27,7 @@ http.server.services.HEALTHCHECK.swagger=true http.server.services.HEALTHCHECK.userName=${{HEALTHCHECK_USER}} http.server.services.HEALTHCHECK.password=${{HEALTHCHECK_PASSWORD}} http.server.services.HEALTHCHECK.https=true -http.server.services.HEALTHCHECK.aaf=false -http.server.services.HEALTHCHECK.filterClasses= +http.server.services.HEALTHCHECK.aaf=${{AAF}} http.client.services=PAP,PDP diff --git a/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/HealthCheck.java b/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/HealthCheck.java index 36444f8e..6b5dcfb8 100644 --- a/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/HealthCheck.java +++ b/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/HealthCheck.java @@ -256,6 +256,9 @@ class HealthCheckMonitor implements HealthCheck { this.clients = getClientFactory().build(healthCheckProperties); for (HttpServletServer server : servers) { + if (server.isAaf()) { + server.addFilterClass(null, AafHealthCheckFilter.class.getCanonicalName()); + } startServer(server); } } catch (Exception e) { diff --git a/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java b/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java index b181ff59..e08b3704 100644 --- a/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java +++ b/policy-management/src/main/java/org/onap/policy/drools/system/PolicyEngine.java @@ -51,6 +51,7 @@ import org.onap.policy.drools.protocol.coders.EventProtocolCoder; import org.onap.policy.drools.protocol.configuration.ControllerConfiguration; import org.onap.policy.drools.protocol.configuration.PdpdConfiguration; import org.onap.policy.drools.server.restful.RestManager; +import org.onap.policy.drools.server.restful.aaf.AafTelemetryAuthFilter; import org.onap.policy.drools.utils.logging.LoggerUtil; import org.onap.policy.drools.utils.logging.MDCTransaction; import org.slf4j.Logger; @@ -336,12 +337,14 @@ public interface PolicyEngine extends Startable, Lockable, TopicListener { * Policy Engine Manager Implementation. */ class PolicyEngineManager implements PolicyEngine { - private static final String INVALID_TOPIC_MSG = "Invalid Topic"; + /** + * String literals. + */ + private static final String INVALID_TOPIC_MSG = "Invalid Topic"; private static final String INVALID_EVENT_MSG = "Invalid Event"; private static final String ENGINE_STOPPED_MSG = "Policy Engine is stopped"; - private static final String ENGINE_LOCKED_MSG = "Policy Engine is locked"; /** @@ -509,6 +512,11 @@ class PolicyEngineManager implements PolicyEngine { try { this.httpServers = getServletFactory().build(properties); + for (HttpServletServer server : this.httpServers) { + if (server.isAaf()) { + server.addFilterClass(null, AafTelemetryAuthFilter.class.getCanonicalName()); + } + } } catch (final IllegalArgumentException e) { logger.error("{}: add-http-servers failed", this, e); } diff --git a/policy-management/src/main/server/config/policy-engine.properties b/policy-management/src/main/server/config/policy-engine.properties index 8e517528..81b7db78 100644 --- a/policy-management/src/main/server/config/policy-engine.properties +++ b/policy-management/src/main/server/config/policy-engine.properties @@ -49,6 +49,7 @@ http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.r http.server.services.SECURED-CONFIG.managed=false http.server.services.SECURED-CONFIG.swagger=true http.server.services.SECURED-CONFIG.https=true +http.server.services.SECURED-CONFIG.aaf=${{AAF}} aaf.namespace=${{AAF_NAMESPACE}} aaf.root.permission=${{AAF_NAMESPACE}}.pdpd @@ -70,7 +70,7 @@ <hibernate.commons.annotations.version>5.0.1.Final</hibernate.commons.annotations.version> <commons.io.version>2.5</commons.io.version> <xml.apis.version>1.4.01</xml.apis.version> - <policy.common.version>1.3.1</policy.common.version> + <policy.common.version>1.3.1-SNAPSHOT</policy.common.version> </properties> <modules> |