From 12bfb7b86a783f63b8072ac67462202d59173940 Mon Sep 17 00:00:00 2001 From: "waqas.ikram" Date: Wed, 8 Apr 2020 15:48:21 +0100 Subject: Refactor SOL003 Adapter to organize its modules based on functions Change-Id: I10b2376a552272ac3b405b2dae718adcb7e1e489 Issue-ID: SO-2771 Signed-off-by: waqas.ikram --- .../mso-vnfm-etsi-adapter/Readme.txt | 132 --------------------- 1 file changed, 132 deletions(-) delete mode 100644 adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/Readme.txt (limited to 'adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/Readme.txt') diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/Readme.txt b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/Readme.txt deleted file mode 100644 index aaad60320d..0000000000 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/Readme.txt +++ /dev/null @@ -1,132 +0,0 @@ -The following describes how to configure authentication for the VNFM adapter. - -TLS should always be configured to ensure secure communication between the VNFM-adapter <-> BPMN infra and VNFM-adapter <-> VNFM -If two-way TLS is configured then there is no need for any further authentication (i.e. no need for token or basic auth). -If two-way TLS is NOT configured then authentication is REQUIRED. Oauth token based authentication must be used for requests, while for notifications either oauth tokens or basic auth can be used. - - -========================================== -To confgure TLS -========================================== - ---------------- -VNFM Adapter ---------------- -The following parameters can be set to configure the certificate for the VNFM adapter -server: - ssl: - key-alias: so@so.onap.org - key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L' - key-store: classpath:so-vnfm-adapter.p12 - key-store-type: PKCS12 -The values shown above relate to the certificate included in the VNFM adapter jar which has been generated from AAF. If a different certificate is to be used then these values should be changed accordingly. - -The following paramters can be set to configure the trust store for the VNFM adapter: -http: - client: - ssl: - trust-store: classpath:org.onap.so.trust.jks - trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H' -The values shown above relate to the trust store included in the VNFM adapter jar which has been generated from AAI. If a different trust store is to be used then these values should be changed accordingly. - -Ensure the value for the below parameter uses https instead of http -vnfmadapter: - endpoint: http://so-vnfm-adapter.onap:9092 - ---------------- -bpmn-infra ---------------- -For bpmn-infra, ensure the value for the below parameter uses https instead of http -so: - vnfm: - adapter: - url: https://so-vnfm-adapter.onap:9092/so/vnfm-adapter/v1/ - - -========================================== -To use two way TLS -========================================== - -Ensure the value for username and password are empty in the AAI entry for the VNFM (The VNFM adapter will use oauth instead of two way TLS if the username/password is set). -Ensure TLS has been configuered as detailed above. - ---------------- -VNFM adapter ---------------- -Set the following parameter for the VNFM adapter: -server: - ssl: - client-auth: need - ---------------- -bpmn-infra: ---------------- -Set the following paramters for bpmn-infra: -rest: - http: - client: - configuration: - ssl: - keyStore: classpath:org.onap.so.p12 - keyStorePassword: 'RLe5ExMWW;Kd6GTSt0WQz;.Y' - trustStore: classpath:org.onap.so.trust.jks - trustStorePassword: '6V%8oSU$,%WbYp3IUe;^mWt4' -Ensure the value for the below parameter uses https instead of http -so: - vnfm: - adapter: - url: https://so-vnfm-adapter.onap:9092/so/vnfm-adapter/v1/ - ---------------- -VNFM simulator: ---------------- -Set the following parameters for the VNFM simulator (if used): -server: - ssl: - client-auth: need - request: - grant: - auth: twowaytls - -========================================== -To use oauth token base authentication -========================================== - ---------------- -VNFM adapter: ---------------- -Ensure the value for username and password set set in the AAI entry for the VNFM. The VNFM adapter will use this username/password as the client credentials in the request for a token for the VNFM. The token endpoint -for the VNFM will by default will be derived from the service url for the VNFM in AAI as follows: /oauth/token, e.g. if the service url is https://so-vnfm-simulator.onap/vnflcm/v1 then the token url will -be taken to be https://so-vnfm-simulator.onap/oauth/token. This can be overriden using the following parameter for the VNFM adapter: -vnfmadapter: - temp: - vnfm: - oauth: - endpoint: - -The VNFM adapter exposes a token point at url: https://:/oauth/token e.g. https://so-vnfm-adapter.onap:9092/oauth/token. The VNFM can request a token from this endpoint for use in grant requests and notifications -to the VNFM adapter. The username/password to be used in the token request are passed to the VNFM in a subscription request. The username/password sent by the VNFM adpater in the subscription request can be configuered using the -following parameter: -vnfmadapter: - auth: -where is ':' encoded using org.onap.so.utils.CryptoUtils with the key set by the paramter: -mso: - key: -The default username:password is vnfm-adapter:123456 when vnfm-adapter.auth is not set. - ---------------- -VNFM simulator: ---------------- -Set the following parameters for the simulator: -spring: - profiles: - active: oauth-authentication -server: - request: - grant: - auth: oauth - -========================================== -To use basic auth for notifications -========================================== -The same username/password is used as for oauth token requests as describe above and passed to the VNFM in the subscription request. \ No newline at end of file -- cgit 1.2.3-korg