summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2021-04-30 14:24:50 -0400
committerDan Timoney <dtimoney@att.com>2021-04-30 14:24:50 -0400
commit2895f181a0cb648d2eb9b258ce86d4e38855c7e2 (patch)
treea1d3c56ca4d235a6d46c501775611cafff294ab5
parent4812dfbcf0c010cb05ec88505a6c473a96644284 (diff)
Support env variables for CADI settings
Update code to read CADI properties using EnvProperties class to resolve env variable references and then pass resolved values to CadiFilter, instead of passing file itself as cadi_prop_files property setting. Change-Id: Ia0da0b711a48a51c3fab06412bf01efdede542a2 Issue-ID: SDNC-1532 Signed-off-by: Dan Timoney <dtimoney@att.com>
-rw-r--r--ms/gra/gra-app/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java44
-rw-r--r--ms/gra/gra-docker/src/main/dc/docker-compose.yaml2
-rw-r--r--ms/gra/gra-docker/src/main/resources/application.properties1
-rw-r--r--ms/gra/gra-docker/src/main/resources/cadi-example.properties55
4 files changed, 94 insertions, 8 deletions
diff --git a/ms/gra/gra-app/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java b/ms/gra/gra-app/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java
index f63dd97..c054a1b 100644
--- a/ms/gra/gra-app/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java
+++ b/ms/gra/gra-app/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java
@@ -1,9 +1,15 @@
package org.onap.sdnc.apps.ms.gra;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.util.Properties;
+
import org.onap.aaf.cadi.filter.CadiFilter;
-import org.onap.ccsdk.apps.filters.ContentTypeFilter;
+import org.onap.ccsdk.sli.core.utils.common.EnvProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
@@ -11,24 +17,48 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
@Configuration
-@ConditionalOnProperty("cadi_prop_files")
+@ConditionalOnProperty("cadi.properties.path")
public class FilterConfiguration {
private static final Logger log = LoggerFactory.getLogger(FilterConfiguration.class);
+ @Value( "${cadi.properties.path:none}" )
+ private String cadiPropFile;
+
@Bean
@Order(1)
public FilterRegistrationBean<CadiFilter> cadiFilter() {
CadiFilter filter = new CadiFilter();
-
+
FilterRegistrationBean<CadiFilter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setFilter(filter);
- if ("none".equals(System.getProperty("cadi_prop_files", "none"))) {
- log.info("cadi_prop_files undefined, AAF CADI disabled");
+ if ("none".equals(cadiPropFile)) {
+ log.info("cadi.properties.path undefined, AAF CADI disabled");
+ registrationBean.setEnabled(false);
registrationBean.addUrlPatterns("/xxxx/*");
} else {
- registrationBean.addUrlPatterns("/*");
- registrationBean.addInitParameter("cadi_prop_files", System.getProperty("cadi_prop_files"));
+ // Note: assume that cadi.properties.path specifies full path to properties file
+ File cadiFile = new File(cadiPropFile);
+ if (!cadiFile.exists()) {
+ log.info("cadi properties file {} not found, AAF CADI disabled", cadiPropFile);
+ registrationBean.setEnabled(false);
+ registrationBean.addUrlPatterns("/xxxx/*");
+ } else {
+ Properties cadiProperties = new EnvProperties();
+ try {
+ cadiProperties.load(new FileReader(cadiFile));
+ cadiProperties.forEach((k, v) -> {
+ registrationBean.addInitParameter((String) k, cadiProperties.getProperty((String) k));
+ });
+ registrationBean.addUrlPatterns("/*");
+ log.info("Installed and configured CADI filter");
+ } catch (IOException e) {
+ log.info("Caught exception loading cadi properties file {}, AAF CADI disabled", cadiPropFile, e);
+ registrationBean.setEnabled(false);
+ registrationBean.addUrlPatterns("/xxxx/*");
+ }
+ }
+
}
return registrationBean;
diff --git a/ms/gra/gra-docker/src/main/dc/docker-compose.yaml b/ms/gra/gra-docker/src/main/dc/docker-compose.yaml
index 37a5807..91c8c30 100644
--- a/ms/gra/gra-docker/src/main/dc/docker-compose.yaml
+++ b/ms/gra/gra-docker/src/main/dc/docker-compose.yaml
@@ -51,7 +51,7 @@ services:
aaf-onap-test.osaaf.org: 10.12.5.145
dgbuilder:
- image: onap/ccsdk-dgbuilder-image:latest
+ image: nexus3.onap.org:10001/onap/ccsdk-dgbuilder-image:latest
depends_on:
- db
container_name: gra_dgbuilder
diff --git a/ms/gra/gra-docker/src/main/resources/application.properties b/ms/gra/gra-docker/src/main/resources/application.properties
index 2be250b..3feb604 100644
--- a/ms/gra/gra-docker/src/main/resources/application.properties
+++ b/ms/gra/gra-docker/src/main/resources/application.properties
@@ -22,3 +22,4 @@ spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.Im
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.jpa.database=mysql
+cadi.properties.path=${SDNC_CONFIG_DIR}/cadi.properties
diff --git a/ms/gra/gra-docker/src/main/resources/cadi-example.properties b/ms/gra/gra-docker/src/main/resources/cadi-example.properties
new file mode 100644
index 0000000..c4ab3a4
--- /dev/null
+++ b/ms/gra/gra-docker/src/main/resources/cadi-example.properties
@@ -0,0 +1,55 @@
+#
+# https://wiki.web.att.com/display/cadi/CADI+Deployment
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+# CSP has Production mode (active users) or DEVL mode
+#csp_domain=DEVL
+csp_domain=PROD
+
+# Http app intended to be accessible only by the users on this machine
+#localhost_allow=false
+localhost_allow=TRUE
+
+# Deny all localhost activity.
+#localhost_deny=false
+#csp_devl_localhost=true
+
+# Report all AUTHN and AUTHZ activity
+cadi_loglevel=DEBUG
+basic_warn=TRUE
+
+# Use Certificates for authentication
+cadi_protocols=
+#cadi_prop_files=/opt/app/aafcertman/com.att.sdncp.dev.props
+
+# Basic Auth on HTTP without SSL shows warning
+# TRUE will warn everytime, FALSE will warn only once at beginning
+#basic_warn=FALSE
+
+# The realm reported on BasicAuth callbacks
+basic_realm=csp.att.com
+
+# Configure AAF
+aaf_locate_url=https://${AAF_HOST:-aafist-azure.test.att.com}
+aaf_url=https://${AAF_HOST:-aafist-azure.test.att.com}/locate/com.att.aaf.service:2.0
+aaf_id=${AAF_MECHID}@${AAF_NAMESPACE:-dev.sdncp.att.com}
+
+aaf_password=${AAF_MECHID_CRED}
+aaf_lur=com.att.cadi.aaf.v2_0.AAFLurPerm
+
+# User Expires for not Unit Test should be something like 900000 (15 mins) default is 10 mins
+# 15 seconds is so that Unit Tests don't delay compiles etc
+aaf_user_expires=600000
+# High count.Rough top number of objects held in Cache per cycle. If high is reached, more are
+# recycled next time. Depending on Memory usage, 2000 is probably decent. 1000 is default
+aaf_high_count=1000
+aaf_clean_interval=30000
+
+# copied values - should use real values
+cadi_latitude=${AAF_LATITUDE:-30.267}
+cadi_longitude=${AAF_LONGITUDE:--97.743}
+
+# cadi conversion file
+#cadi_bath_convert=/opt/sdnc/gra/config/bath_config.csv