diff options
author | Michael Mokry <mm117s@att.com> | 2018-09-21 15:56:43 -0500 |
---|---|---|
committer | Michael Mokry <mm117s@att.com> | 2018-09-25 08:59:59 -0500 |
commit | e9312923e96a2678f794fcf08ff5918d1b005bbd (patch) | |
tree | 14625c864f82336de5e9dfc2568283092b183e36 /packages/base | |
parent | 26eed4a43bd97265ea08ded2eaf626a23bf66ce4 (diff) |
CADI AAF changes for policy/engine
Added cadi properties and modified policy aaf client code.
Fixed issue with namespace and modified code to reverse it for
structuring the username sent in AAF API call
Added properties for keystore and keystore password after getting error
response from AAF when setting up the connection to AAF
Missed a fix for one of Jorge's comments in last patch, here it is.
Change-Id: Ic164ade8aa34da95a560c1592656e0caf990a595
Issue-ID: POLICY-913
Signed-off-by: Michael Mokry <mm117s@att.com>
Diffstat (limited to 'packages/base')
-rw-r--r-- | packages/base/src/files/etc/ssl/aaf-cadi.keyfile | 27 | ||||
-rw-r--r-- | packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties | 26 |
2 files changed, 49 insertions, 4 deletions
diff --git a/packages/base/src/files/etc/ssl/aaf-cadi.keyfile b/packages/base/src/files/etc/ssl/aaf-cadi.keyfile new file mode 100644 index 000000000..59d544f3e --- /dev/null +++ b/packages/base/src/files/etc/ssl/aaf-cadi.keyfile @@ -0,0 +1,27 @@ +N3INM2bAlQ8cNODnjR3Fuvo5z4GeID0KnRYlELmt-oHCFxq_XYVyepBVR591CIbJI9prNd_LLuv7 +tQD8xX_ypcNA-jQsecTwtw4GxvpqkZPhq6Q8BWNQaCegtXGDVTQ8gG2biKiQ7v-2C6Qhx4zj62b6 +bRPS5j1bfxqcAZu7082V00oQjbn40T2zFcLwCuBChZfx5DXTW49bwtLbkCbGqJSzFcIJpbGQ8gLg +ussIoL8VE2Vee7bPJmUAdT4x9B1wrMIuvKlUMppeq0Bj-6ZJgxhM9F0WT8eEBh6NFANdK3LUgZrk +D3kY3LrK-MT9u1TOMx13nOU7vOaVjl7_rkp5Q65gFd9VYbnJBYvJcc7asOQMsrugiSiRIoXH0Fyy +-f9L3ROGae042J4M8qxcoOihMbcjVkEXqn6eRIFbDe0eIAlkSRYfaxg9v4tf8GbBjQcShBjzGaI2 +g6QxTA5G6Aa7p63aVRGv3ZODCHcbsbxnkyByXgmkON4cTk9vR0RbT6YYhT5t8xTU3rhqV3jeE0Bz +KbU0c4188xTnhdq_bje2TuuLvtEvevdvDsbtAj7chQmWMOW7GMF3MnqdEpcw1NCoNRdN8wpAdE-5 +mkG-jlYHljSRh9qZK5wdEoO4IXgpFktdGj50XuzcskqqURNfDGHGb29fHznL1-ssdQK6EXcKN0AU +nYyGLAie3VfFxWKj5dGODBs5RttvkX4PHyLcLD3kOrVgtQrz7d0PWWYCxDRqKT6qnJkLB1CUwghn +XweEiDfoQmuUmwFEQNRDp0NGLnde5nsw7NYgLrv5VafGK8EyT4GeVhuu5Tnb6T-HalxCq2p5JaIA +SG8zlDmRx_TykrhfQEJe7sr0pRcAMwgxEhwunG2oBiKnzdRx5jxMfqnVC8xGirumhmOQNterfnd5 +0pIsfvIuntyxRQ48yzIb2gb5kaSkfSzCaVnlqK-_jpj1T74qO86eaKVee4faQAbXDPYF2z5w06nD +WS2dd54wBjGmkFNzi13ejTrAJeA6UzOd1CF_WSpc9XSJJPTPUGxmnfLjmGThErFBYuQxjhpH7vKN +uZgokkIXX78rVcO3zpfa5kTYWjE8lk9y3WA7sGNtTWfG8bR3WLWNLPCnrzxtKZdhq2JsQYC0gwW7 +ZgJSXhgPoaC_RrtCn7haj1_601G_MkD-jcUEsO-4XOBVicsCgG8hn7B-SpgKspqv8gulbeKoORqa +CkrtiFPlXEqdNuaBSHcQ0MWJ3tpXzWtIPM3ouEFOR32xVfptfz4sRPOkM_PNiVXxQtLOn_z3uC7K +VVJCKZxVaavQ6QiZvRRANS9_GD3kDILX15EnbEvh-2DfycDrEo330vMwvNJP7i9eM5vo0YADe--G +r5UDqctmFjl1ulc1yAQkDBGWGxT92x-hhLqCnCXcYPu_aeWssfDpRj573PHPaTiM0SYxJixjszRD +6-AMC1DqugkjiGA5_enQORn-G_H4ZVtoQ_zebizEfIxKv5-8uRdyZDHGG3mDu6_nasEffry-UyVu +STU3oJMycZ1qf5GR1evRJ7gxkrtPXHWKNnVgxfrBC72ON6wJnr7KaY-l9L44epIsk1pEmXm3YQu1 +N0NxiAwdus9OnCXQ7GgZPRXCpxjJPNs7EIKFrYjKJfdtSzT85ZrTpHQtjim2L1ZP9iIlq2QVKD1v +bKSjCwjtb9ztjrV-Bw1BHcAApPcfpXHLhYkJ7iL1XUhxjXp_DGUkD7ZN9S5tuyrsMXz5hh6wMfcq +NPR_XqHaS2ur-ONNrHuFFCmY7Ehc5FArFzb_Xn1JTpOQJTcy6_3r3u3B_euT8GmXHahtVN1Rv8RM +kAD5m_UBx-nHoZDVDYZkfR9k4hF2Sz5rfrWs6Zrl0r8FBrVFtU1j2vOTvTGwrkO9yZvgIqOkX_eq +TnGIpM4paHxEGTP8H8A3Y0ZpsvLttmh0rT_OwzBPa1Mof3RQKhyTzfbptxuUJyVxU0Ln-9f--5Mk +wEFqhuSrgssI6b1iMqm97PqFQMYrWX3SV8l0V-PKxFxDM1bguHq4mOXEtmZBUtMBepwSsI96
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties index f05f9e951..ad27cd09e 100644 --- a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties +++ b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties @@ -136,10 +136,28 @@ javax.persistence.jdbc.password=${{JDBC_PASSWORD}} ENVIRONMENT=${{ENVIRONMENT}} xacml.rest.pep.idfile = client.properties -#AAF Policy Name space -#Required only, when we use AAF -policy.aaf.namespace = ${{POLICY_AAF_NAMESPACE}} -policy.aaf.resource = ${{POLICY_AAF_RESOURCE}} +#AAF cadi properties +policy.aaf.namespace = ${{AAF_NAMESPACE}} +policy.aaf.root.permission=${{AAF_NAMESPACE}}.pdpx +cm_url=https://${{AAF_HOST}}:8095/AAF_NS.cm:2.1 +cadi_latitude=38.000 +cadi.longitude=72.000 +cadi_alias=policy@policy.onap.org +cadi_loglevel=DEBUG +cadi_keyfile=${{POLICY_HOME}}/etc/ssl/aaf-cadi.keyfile +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US +cadi_keystore=${{POLICY_HOME}}/etc/ssl/policy-keystore +cadi_keystore_password=${{KEYSTORE_PASSWD}} +cadi_key_password=${{KEYSTORE_PASSWD}} +aaf_env=DEV +aaf_url=https://${{AAF_HOST}}:8095/AAF_NS.service:2.1 +aaf_fqdn=${{AAF_HOST}} +aaf_oauth2_introspect_url=https://${{AAF_HOST}}:8095/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://${{AAF_HOST}}:8095/AAF_NS.token:2.1/token +fs_url=https://${{AAF_HOST}}:8095/AAF_NS.fs.2.1 +gui_url=https://${{AAF_HOST}}:8095/AAF_NS.gui.2.1 + # Decision Response settings. # can be either PERMIT or DENY. decision.indeterminate.response=${{DECISION_INDETERMINATE_RESPONSE}} |