From 64004833c5c71ae75c8fff71d48e4d3d670ac70e Mon Sep 17 00:00:00 2001 From: Jorge Hernandez Date: Mon, 10 Sep 2018 23:27:53 -0500 Subject: disabling http for configuration services per security recommendations. Change-Id: Ic195f8270c2270239408e33e27f87436878e28b4 Signed-off-by: Jorge Hernandez Issue-ID: POLICY-1104 --- .../main/server/config/policy-engine.properties | 47 +++++++++------------- 1 file changed, 19 insertions(+), 28 deletions(-) (limited to 'policy-management/src/main/server/config/policy-engine.properties') diff --git a/policy-management/src/main/server/config/policy-engine.properties b/policy-management/src/main/server/config/policy-engine.properties index c89b95bb..758d13eb 100644 --- a/policy-management/src/main/server/config/policy-engine.properties +++ b/policy-management/src/main/server/config/policy-engine.properties @@ -22,36 +22,27 @@ # Configuration Channel Settings: PDPD_CONFIGURATION -ueb.source.topics=${{PDPD_CONFIGURATION_TOPIC}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerGroup=${{PDPD_CONFIGURATION_CONSUMER_GROUP}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerInstance=${{PDPD_CONFIGURATION_CONSUMER_INSTANCE}} -ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false - -ueb.sink.topics=${{PDPD_CONFIGURATION_TOPIC}} -ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} -ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} -ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} -ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.partitionKey=${{PDPD_CONFIGURATION_PARTITION_KEY}} -ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false - -# temporary configuration to support an http and https server, -# to support the incremental phase out of http. - -http.server.services=CONFIG,SECURED-CONFIG - -http.server.services.CONFIG.host=${{ENGINE_MANAGEMENT_HOST}} -http.server.services.CONFIG.port=${{ENGINE_MANAGEMENT_PORT}} -http.server.services.CONFIG.userName=${{ENGINE_MANAGEMENT_USER}} -http.server.services.CONFIG.password=${{ENGINE_MANAGEMENT_PASSWORD}} -http.server.services.CONFIG.restPackages=org.onap.policy.drools.server.restful -http.server.services.CONFIG.managed=false -http.server.services.CONFIG.swagger=true +dmaap.source.topics=${{PDPD_CONFIGURATION_TOPIC}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerGroup=${{PDPD_CONFIGURATION_CONSUMER_GROUP}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerInstance=${{PDPD_CONFIGURATION_CONSUMER_INSTANCE}} +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false +dmaap.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.https=true + +dmaap.sink.topics=${{PDPD_CONFIGURATION_TOPIC}} +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.partitionKey=${{PDPD_CONFIGURATION_PARTITION_KEY}} +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false +dmaap.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.https=true + +http.server.services=SECURED-CONFIG http.server.services.SECURED-CONFIG.host=${{ENGINE_MANAGEMENT_HOST}} -http.server.services.SECURED-CONFIG.port=9697 +http.server.services.SECURED-CONFIG.port=9696 http.server.services.SECURED-CONFIG.userName=${{ENGINE_MANAGEMENT_USER}} http.server.services.SECURED-CONFIG.password=${{ENGINE_MANAGEMENT_PASSWORD}} http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.restful -- cgit 1.2.3-korg