summaryrefslogtreecommitdiffstats
path: root/policy-management
diff options
context:
space:
mode:
Diffstat (limited to 'policy-management')
-rw-r--r--policy-management/src/main/java/org/onap/policy/drools/system/Main.java9
-rw-r--r--policy-management/src/main/server/config/engine-system.properties12
-rw-r--r--policy-management/src/main/server/config/engine.properties25
3 files changed, 30 insertions, 16 deletions
diff --git a/policy-management/src/main/java/org/onap/policy/drools/system/Main.java b/policy-management/src/main/java/org/onap/policy/drools/system/Main.java
index 0e7b44f2..3451587b 100644
--- a/policy-management/src/main/java/org/onap/policy/drools/system/Main.java
+++ b/policy-management/src/main/java/org/onap/policy/drools/system/Main.java
@@ -21,7 +21,9 @@
package org.onap.policy.drools.system;
import java.util.Properties;
+import org.apache.commons.lang3.StringUtils;
import org.onap.policy.common.endpoints.event.comm.TopicEndpointManager;
+import org.onap.policy.common.utils.security.CryptoUtils;
import org.onap.policy.drools.persistence.SystemPersistenceConstants;
import org.onap.policy.drools.properties.DroolsPropertyConstants;
import org.onap.policy.drools.utils.PropertyUtil;
@@ -34,6 +36,10 @@ import org.slf4j.LoggerFactory;
* Programmatic entry point to the management layer.
*/
public class Main {
+ /**
+ * Symmetric Key to decode sensitive configuration data.
+ */
+ protected static final String SYSTEM_SYMM_KEY = "engine.symm.key";
/** constructor (hides public default one). */
private Main() {}
@@ -52,6 +58,9 @@ public class Main {
/* system properties */
for (Properties systemProperties : SystemPersistenceConstants.getManager().getSystemProperties()) {
+ if (!StringUtils.isBlank(systemProperties.getProperty(SYSTEM_SYMM_KEY))) {
+ PropertyUtil.setDefaultCryptoCoder(new CryptoUtils(systemProperties.getProperty(SYSTEM_SYMM_KEY)));
+ }
PropertyUtil.setSystemProperties(systemProperties);
}
diff --git a/policy-management/src/main/server/config/engine-system.properties b/policy-management/src/main/server/config/engine-system.properties
index c1f21b86..a61df280 100644
--- a/policy-management/src/main/server/config/engine-system.properties
+++ b/policy-management/src/main/server/config/engine-system.properties
@@ -30,8 +30,12 @@ com.sun.management.jmxremote.ssl=false
# certs
-javax.net.ssl.trustStore=${env:POLICY_HOME}/etc/ssl/policy-truststore
-javax.net.ssl.trustStorePassword=${env:TRUSTSTORE_PASSWD}
+javax.net.ssl.trustStore=${envd:POLICY_HOME:/opt/app/policy}/etc/ssl/policy-truststore
+javax.net.ssl.trustStorePassword=${envd:TRUSTSTORE_PASSWD}
-javax.net.ssl.keyStore=${env:POLICY_HOME}/etc/ssl/policy-keystore
-javax.net.ssl.keyStorePassword=${env:KEYSTORE_PASSWD}
+javax.net.ssl.keyStore=${envd:POLICY_HOME:/opt/app/policy}/etc/ssl/policy-keystore
+javax.net.ssl.keyStorePassword=${envd:KEYSTORE_PASSWD}
+
+# symmetric key for sensitive configuration data
+
+engine.symm.key=${envd:SYMM_KEY} \ No newline at end of file
diff --git a/policy-management/src/main/server/config/engine.properties b/policy-management/src/main/server/config/engine.properties
index aa9b6d80..4f114d88 100644
--- a/policy-management/src/main/server/config/engine.properties
+++ b/policy-management/src/main/server/config/engine.properties
@@ -22,27 +22,28 @@
dmaap.source.topics=PDPD-CONFIGURATION
-dmaap.source.topics.PDPD-CONFIGURATION.servers=${env:DMAAP_SERVERS}
-dmaap.source.topics.PDPD-CONFIGURATION.effectiveTopic=${env:PDPD_CONFIGURATION_TOPIC}
-dmaap.source.topics.PDPD-CONFIGURATION.apiKey=${env:PDPD_CONFIGURATION_API_KEY}
-dmaap.source.topics.PDPD-CONFIGURATION.apiSecret=${env:PDPD_CONFIGURATION_API_SECRET}
-dmaap.source.topics.PDPD-CONFIGURATION.consumerGroup=${env:PDPD_CONFIGURATION_CONSUMER_GROUP}
-dmaap.source.topics.PDPD-CONFIGURATION.consumerInstance=${env:PDPD_CONFIGURATION_CONSUMER_INSTANCE}
+dmaap.source.topics.PDPD-CONFIGURATION.servers=${envd:DMAAP_SERVERS}
+dmaap.source.topics.PDPD-CONFIGURATION.effectiveTopic=${envd:PDPD_CONFIGURATION_TOPIC}
+dmaap.source.topics.PDPD-CONFIGURATION.apiKey=${envd:PDPD_CONFIGURATION_API_KEY}
+dmaap.source.topics.PDPD-CONFIGURATION.apiSecret=${envd:PDPD_CONFIGURATION_API_SECRET}
+dmaap.source.topics.PDPD-CONFIGURATION.consumerGroup=${envd:PDPD_CONFIGURATION_CONSUMER_GROUP}
+dmaap.source.topics.PDPD-CONFIGURATION.consumerInstance=${envd:PDPD_CONFIGURATION_CONSUMER_INSTANCE}
dmaap.source.topics.PDPD-CONFIGURATION.managed=false
dmaap.source.topics.PDPD-CONFIGURATION.https=true
http.server.services=SECURED-CONFIG
-http.server.services.SECURED-CONFIG.host=${env:TELEMETRY_HOST}
+http.server.services.SECURED-CONFIG.host=${envd:TELEMETRY_HOST}
http.server.services.SECURED-CONFIG.port=9696
-http.server.services.SECURED-CONFIG.userName=${env:TELEMETRY_USER}
-http.server.services.SECURED-CONFIG.password=${env:TELEMETRY_PASSWORD}
+http.server.services.SECURED-CONFIG.userName=${envd:TELEMETRY_USER}
+http.server.services.SECURED-CONFIG.password=${envd:TELEMETRY_PASSWORD}
http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.restful
http.server.services.SECURED-CONFIG.managed=false
http.server.services.SECURED-CONFIG.swagger=true
http.server.services.SECURED-CONFIG.https=true
-http.server.services.SECURED-CONFIG.aaf=${env:AAF}
+http.server.services.SECURED-CONFIG.aaf=${envd:AAF:false}
http.server.services.SECURED-CONFIG.serialization.provider=org.onap.policy.common.gson.JacksonHandler,org.onap.policy.common.endpoints.http.server.YamlJacksonHandler
-aaf.namespace=${env:AAF_NAMESPACE}
-aaf.root.permission=${env:AAF_NAMESPACE}.pdpd
+aaf.namespace=${envd:AAF_NAMESPACE:false}
+aaf.root.permission=${envd:AAF_NAMESPACE:org.onap.policy}.pdpd
+
#n334'>334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422