summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrb7147 <rb7147@att.com>2018-01-17 10:29:04 -0500
committerrb7147 <rb7147@att.com>2018-01-17 15:48:25 -0500
commit74552f84f136c01a99488aeff6d0f7b9a55d5fb3 (patch)
treecc1a463f40f3ea92b4d1efa4ef33f302d09444ca
parent528605fe8efa3631291de0b9bf8e498bdbd0c23f (diff)
Resolved Security Vulnerability issues
Issue-ID: POLICY-553 Change-Id: I3e0e6a31226e561cef9ec578790659d57b2f65f4 Signed-off-by: rb7147 <rb7147@att.com>
-rw-r--r--ONAP-SDK-APP/src/main/webapp/WEB-INF/conf/system.properties2
-rw-r--r--packages/base/src/files/install/mysql/data/180201_upgrade_script.sql63
-rw-r--r--packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties2
-rw-r--r--packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties3
4 files changed, 69 insertions, 1 deletions
diff --git a/ONAP-SDK-APP/src/main/webapp/WEB-INF/conf/system.properties b/ONAP-SDK-APP/src/main/webapp/WEB-INF/conf/system.properties
index 64f9f65c6..fce5ab184 100644
--- a/ONAP-SDK-APP/src/main/webapp/WEB-INF/conf/system.properties
+++ b/ONAP-SDK-APP/src/main/webapp/WEB-INF/conf/system.properties
@@ -19,6 +19,8 @@ cache_load_on_startup = false
user_name = fullName
decryption_key = AGLDdG4D04BKm2IxIWEr8o==
+#cookie domain
+cookie_domain = onap.org
##########################################################################
# The following properties REQUIRE changes by partner applications.
##########################################################################
diff --git a/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql b/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql
new file mode 100644
index 000000000..f2d085e17
--- /dev/null
+++ b/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql
@@ -0,0 +1,63 @@
+/*-
+* ============LICENSE_START=======================================================
+* ONAP Policy Engine
+* ================================================================================
+* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+* ================================================================================
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+* ============LICENSE_END=========================================================
+*/
+use onap_sdk;
+
+alter table configurationdataentity modify configBody mediumtext;
+
+insert into fn_restricted_url values('admin','menu_admin');
+insert into fn_restricted_url values('get_role','menu_admin');
+insert into fn_restricted_url values('get_role_functions','menu_admin');
+insert into fn_restricted_url values('role_list/*','menu_admin');
+insert into fn_restricted_url values('role_function_list/*','menu_admin');
+insert into fn_restricted_url values('addRole','menu_admin');
+insert into fn_restricted_url values('addRoleFunction','menu_admin');
+insert into fn_restricted_url values('removeRole','menu_admin');
+insert into fn_restricted_url values('removeRoleFunction','menu_admin');
+insert into fn_restricted_url values('profile/*','menu_admin');
+
+insert into fn_restricted_url values('welcome.htm','menu_home');
+insert into fn_restricted_url values('policy','menu_home');
+insert into fn_restricted_url values('policy','menu_policy');
+insert into fn_restricted_url values('get_RolesData','menu_home');
+insert into fn_restricted_url values('get_LockDownData','menu_home');
+insert into fn_restricted_url values('adminTabController/*','menu_home');
+insert into fn_restricted_url values('get_AutoPushPoliciesContainerData','menu_home');
+insert into fn_restricted_url values('auto_Push/*','menu_home');
+insert into fn_restricted_url values('get_PDPGroupData','menu_home');
+insert into fn_restricted_url values('pdp_Group/*','menu_home');
+insert into fn_restricted_url values('policy_download/*','menu_home');
+insert into fn_restricted_url values('watchPolicy','menu_home');
+insert into fn_restricted_url values('save_NonSuperRolesData','menu_home');
+insert into fn_restricted_url values('get_PolicyRolesScopeData','menu_home');
+insert into fn_restricted_url values('policyController/*','menu_home');
+insert into fn_restricted_url values('get_FunctionDefinitionDataByName','menu_home');
+insert into fn_restricted_url values('get_DashboardLoggingData','menu_home');
+insert into fn_restricted_url values('get_DashboardSystemAlertData','menu_home');
+insert into fn_restricted_url values('get_DashboardPDPStatusData','menu_home');
+insert into fn_restricted_url values('get_DashboardPolicyActivityData','menu_home');
+insert into fn_restricted_url values('get_DCAEPriorityValues','menu_home');
+insert into fn_restricted_url values('ms_dictionary/*','menu_home');
+insert into fn_restricted_url values('policycreation/*','menu_home');
+insert into fn_restricted_url values('getDictionary/*','menu_home');
+insert into fn_restricted_url values('saveDictionary/*/*','menu_home');
+insert into fn_restricted_url values('deleteDictionary/*/*','menu_home');
+insert into fn_restricted_url values('searchDictionary','menu_home');
+insert into fn_restricted_url values('searchPolicy','menu_home');
+insert into fn_restricted_url values('get_PolicyUserInfo','menu_home'); \ No newline at end of file
diff --git a/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties b/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties
index 4c95afbcc..1edaf6df1 100644
--- a/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties
+++ b/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties
@@ -36,7 +36,7 @@ use_rest_for_functional_menu=true
##########################################################################
# Name of java class that implements the OnBoardingApiService interface.
-portal.api.impl.class = org.openecomp.portalapp.service.OnBoardingApiServiceImpl
+portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl
# CSP Global Log On for single sign on
ecomp_redirect_url = ${{ONAP_REDIRECT_URL}}
diff --git a/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties b/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties
index bb33c3f7a..df4584d30 100644
--- a/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties
+++ b/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties
@@ -39,6 +39,9 @@ cache_load_on_startup = false
user_name = fullName
decryption_key = AGLDdG4D04BKm2IxIWEr8o==
+#cookie domain
+cookie_domain = onap.org
+
#DB Info
#mysql
db.driver = ${{JDBC_DRIVER}}