summaryrefslogtreecommitdiffstats
path: root/policy-management
diff options
context:
space:
mode:
authorJorge Hernandez <jh1730@att.com>2018-09-10 23:27:53 -0500
committerJorge Hernandez <jh1730@att.com>2018-09-10 23:38:30 -0500
commit64004833c5c71ae75c8fff71d48e4d3d670ac70e (patch)
tree657df5a78d05bf776d35eb2435b7840fb78edd0f /policy-management
parent6c11303e4a4af3df99754a7c7028284231961fe5 (diff)
disabling http for configuration services
per security recommendations. Change-Id: Ic195f8270c2270239408e33e27f87436878e28b4 Signed-off-by: Jorge Hernandez <jh1730@att.com> Issue-ID: POLICY-1104
Diffstat (limited to 'policy-management')
-rw-r--r--policy-management/src/main/server-gen/bin/telemetry4
-rw-r--r--policy-management/src/main/server/config/policy-engine.properties47
2 files changed, 21 insertions, 30 deletions
diff --git a/policy-management/src/main/server-gen/bin/telemetry b/policy-management/src/main/server-gen/bin/telemetry
index 397c2508..7058d64c 100644
--- a/policy-management/src/main/server-gen/bin/telemetry
+++ b/policy-management/src/main/server-gen/bin/telemetry
@@ -35,10 +35,10 @@ fi
if [[ ! -r ${TELEMETRY_SPEC} ]]; then
echo "generating new spec .."
- if ! http -a "${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}" :9696/swagger.json > ${TELEMETRY_SPEC} 2> /dev/null; then
+ if ! http --verify=no -a "${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}" https://localhost:9696/swagger.json > ${TELEMETRY_SPEC} 2> /dev/null; then
echo "error: cannot generate telemetry spec"
exit 3
fi
fi
-exec http-prompt http://localhost:9696/policy/pdp/engine --auth "${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}" --spec ${TELEMETRY_SPEC}
+exec http-prompt https://localhost:9696/policy/pdp/engine --verify=no --auth "${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}" --spec ${TELEMETRY_SPEC}
diff --git a/policy-management/src/main/server/config/policy-engine.properties b/policy-management/src/main/server/config/policy-engine.properties
index c89b95bb..758d13eb 100644
--- a/policy-management/src/main/server/config/policy-engine.properties
+++ b/policy-management/src/main/server/config/policy-engine.properties
@@ -22,36 +22,27 @@
# Configuration Channel Settings: PDPD_CONFIGURATION
-ueb.source.topics=${{PDPD_CONFIGURATION_TOPIC}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerGroup=${{PDPD_CONFIGURATION_CONSUMER_GROUP}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerInstance=${{PDPD_CONFIGURATION_CONSUMER_INSTANCE}}
-ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false
-
-ueb.sink.topics=${{PDPD_CONFIGURATION_TOPIC}}
-ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}}
-ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}}
-ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}}
-ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.partitionKey=${{PDPD_CONFIGURATION_PARTITION_KEY}}
-ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false
-
-# temporary configuration to support an http and https server,
-# to support the incremental phase out of http.
-
-http.server.services=CONFIG,SECURED-CONFIG
-
-http.server.services.CONFIG.host=${{ENGINE_MANAGEMENT_HOST}}
-http.server.services.CONFIG.port=${{ENGINE_MANAGEMENT_PORT}}
-http.server.services.CONFIG.userName=${{ENGINE_MANAGEMENT_USER}}
-http.server.services.CONFIG.password=${{ENGINE_MANAGEMENT_PASSWORD}}
-http.server.services.CONFIG.restPackages=org.onap.policy.drools.server.restful
-http.server.services.CONFIG.managed=false
-http.server.services.CONFIG.swagger=true
+dmaap.source.topics=${{PDPD_CONFIGURATION_TOPIC}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerGroup=${{PDPD_CONFIGURATION_CONSUMER_GROUP}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerInstance=${{PDPD_CONFIGURATION_CONSUMER_INSTANCE}}
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false
+dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.https=true
+
+dmaap.sink.topics=${{PDPD_CONFIGURATION_TOPIC}}
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}}
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}}
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}}
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.partitionKey=${{PDPD_CONFIGURATION_PARTITION_KEY}}
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false
+dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.https=true
+
+http.server.services=SECURED-CONFIG
http.server.services.SECURED-CONFIG.host=${{ENGINE_MANAGEMENT_HOST}}
-http.server.services.SECURED-CONFIG.port=9697
+http.server.services.SECURED-CONFIG.port=9696
http.server.services.SECURED-CONFIG.userName=${{ENGINE_MANAGEMENT_USER}}
http.server.services.SECURED-CONFIG.password=${{ENGINE_MANAGEMENT_PASSWORD}}
http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.restful