From 01f3ecda24e893d5799c382f1daaccf439eb745b Mon Sep 17 00:00:00 2001 From: "Tait,Trevor(rt0435)" Date: Tue, 18 Sep 2018 13:43:20 -0400 Subject: Remove credentials data Issue-ID: SDNC-458 Service Decomposition and Network Discovery Microservice have sensitive keystore/certificate/password data in their configuration files that needs to be removed. In order for Network Discovery Microservice JUNIT to execute a dummy Enricher REST client client-cert-onap.p12 was added to src/test/resources. This is the ONAP certificate that will be used when the ONAP Enricher is available, then it will be copied to config/auth. Change-Id: I3aac665815757f9a31bbe0b4020f44cd3fe1eb12 Signed-off-by: Tait,Trevor(rt0435) --- pomba/network-discovery/config/application.properties | 7 ------- .../config/auth/enricher-client-cert.p12 | Bin 2605 -> 0 bytes .../pomba/networkdiscovery/EnricherConfiguration.java | 6 +++--- .../unittest/service/NetworkDiscoveryTest.java | 2 ++ .../src/test/resources/client-cert-onap.p12 | Bin 0 -> 2556 bytes .../service-decomposition/config/application.properties | 5 ----- .../pomba/servicedecomposition/AAIConfiguration.java | 15 --------------- 7 files changed, 5 insertions(+), 30 deletions(-) delete mode 100644 pomba/network-discovery/config/auth/enricher-client-cert.p12 create mode 100644 pomba/network-discovery/src/test/resources/client-cert-onap.p12 diff --git a/pomba/network-discovery/config/application.properties b/pomba/network-discovery/config/application.properties index 563f726..6dba59d 100644 --- a/pomba/network-discovery/config/application.properties +++ b/pomba/network-discovery/config/application.properties @@ -22,13 +22,6 @@ server.context_parameters.p-name=value #context parameter with p-name as key and basicAuth.username=admin basicAuth.password=OBF:1u2a1toa1w8v1tok1u30 -# A&AI Enircher REST Client Configuration -enricher.url=https://d2enrichment:9505 -enricher.connectionTimeout=5000 -enricher.readTimeout=60000 -enricher.keyStorePath=config/auth/enricher-client-cert.p12 -enricher.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o - enricher.types = vserver, l3-network enricher.type.vserver.url = /enricher/v11/cloud-infrastructure/vservers/vserver/{0}?sot=!aai enricher.type.l3-network.url = /enricher/v11/network/l3-networks/l3-network/{0}?sot=!aai diff --git a/pomba/network-discovery/config/auth/enricher-client-cert.p12 b/pomba/network-discovery/config/auth/enricher-client-cert.p12 deleted file mode 100644 index 12e0ae9..0000000 Binary files a/pomba/network-discovery/config/auth/enricher-client-cert.p12 and /dev/null differ diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java index 9d28322..62ea3f7 100644 --- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java @@ -33,13 +33,13 @@ public class EnricherConfiguration { @Autowired private Environment env; - @Value("${enricher.url}") + @Value("${enricher.url:https://localhost:9505}") private String url; - @Value("${enricher.keyStorePath}") + @Value("${enricher.keyStorePath:config/auth/client-cert-onap.p12}") private String keyStorePath; - @Value("${enricher.keyStorePassword:OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o}") + @Value("${enricher.keyStorePassword:OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10}") private String keyStorePassword; @Value("${enricher.connectionTimeout:5000}") diff --git a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java index 943bf7d..1829e6e 100644 --- a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java +++ b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java @@ -74,6 +74,8 @@ import org.springframework.test.context.web.WebAppConfiguration; @WebAppConfiguration @SpringBootTest @TestPropertySource(properties = { "enricher.url=http://localhost:9505", + "enricher.keyStorePath=src/test/resources/client-cert-onap.p12", + "enricher.keyStorePassword=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10", "basicAuth.username=admin", "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30" }) public class NetworkDiscoveryTest { diff --git a/pomba/network-discovery/src/test/resources/client-cert-onap.p12 b/pomba/network-discovery/src/test/resources/client-cert-onap.p12 new file mode 100644 index 0000000..dbf4fca Binary files /dev/null and b/pomba/network-discovery/src/test/resources/client-cert-onap.p12 differ diff --git a/pomba/service-decomposition/config/application.properties b/pomba/service-decomposition/config/application.properties index 3c7a37d..fbe20ee 100644 --- a/pomba/service-decomposition/config/application.properties +++ b/pomba/service-decomposition/config/application.properties @@ -22,11 +22,6 @@ basicAuth.password=OBF:1u2a1toa1w8v1tok1u30 aai.host=135.63.125.59 aai.port=8443 aai.httpProtocol=http -aai.trustStorePath=tomcat_keystore -aai.keyStorePath=aai-client-cert.p12 -aai.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o -aai.keyManagerFactoryAlgorithm=SunX509 -aai.keyStoreType=PKCS12 aai.securityProtocol=TLS aai.connectionTimeout=5000 aai.readTimeout=1000 diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AAIConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AAIConfiguration.java index ba0b730..41451a1 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AAIConfiguration.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AAIConfiguration.java @@ -33,21 +33,6 @@ public class AAIConfiguration { @Value("${aai.httpProtocol}") private String httpProtocol; - @Value("${aai.trustStorePath}") - private String trustStorePath; - - @Value("${aai.keyStorePath}") - private String keyStorePath; - - @Value("${aai.keyStorePassword}") - private String keyStorePassword; - - @Value("${aai.keyManagerFactoryAlgorithm}") - private String keyManagerFactoryAlgorithm; - - @Value("${aai.keyStoreType}") - private String keyStoreType; - @Value("${aai.securityProtocol}") private String securityProtocol; -- cgit 1.2.3-korg