2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 Nordix Foundation.
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
22 package org.onap.policy.rest;
24 import com.att.research.xacml.util.XACMLProperties;
27 * These are XACML Properties that are relevant to the RESTful API interface for the PDP, PAP and AC interfaces.
31 public class XacmlRestProperties extends XACMLProperties {
33 * A unique identifier for the PDP servlet instance. Usually set to the URL it is running as in the J2EE container.
35 * <p>Eg. http://localhost:8080/pdp/
37 public static final String PROP_PDP_ID = "xacml.rest.pdp.id";
39 * A PDP servlet's configuration directory. Holds the pip and policy configuration data as well as the local policy
42 * <p>Eg: /opt/app/xacml/config
44 public static final String PROP_PDP_CONFIG = "xacml.rest.pdp.config";
45 // Resilience feature-
46 public static final String PROP_PDP_WEBAPPS = "xacml.rest.pdp.webapps";
47 // Closed Loop JSON table
48 public static final String PROP_ADMIN_CLOSEDLOOP = "xacml.rest.admin.closedLoopJSON";
50 * Set this property to true or false if the PDP servlet should register itself upon startup with the PAP servlet.
52 public static final String PROP_PDP_REGISTER = "xacml.rest.pdp.register";
54 * Number of seconds the PDP will sleep while retrying registration with the PAP. This value must be greater or
57 public static final String PROP_PDP_REGISTER_SLEEP = "xacml.rest.pdp.register.sleep";
59 * Number of retry attempts at registration with the PAP. A value of -1 indicates infinite retries.
61 public static final String PROP_PDP_REGISTER_RETRIES = "xacml.rest.pdp.register.retries";
63 * Max content length accepted for an incoming POST XML/JSON request. Default is 32767 bytes.
65 public static final String PROP_PDP_MAX_CONTENT = "xacml.rest.pdp.maxcontent";
68 * Custom HTTP header used by PDP to send the value of the PROP_PDP_ID.
70 public static final String PROP_PDP_HTTP_HEADER_ID = "X-XACML-PDP-ID";
72 * Custom HHTP header used by PDP to send its heartbeat value.
74 public static final String PROP_PDP_HTTP_HEADER_HB = "X-XACML-PDP-HB";
76 * Custom HTTP header used by PDP to send the value of the X-XACML-PDP-JMX-PORT
78 public static final String PROP_PDP_HTTP_HEADER_JMX_PORT = "X-XACML-PDP-JMX-PORT";
80 * The URL of the PAP servlet. Used by PDP servlet's to communicate. Because administrators can set whatever context
81 * they want to run the PAP servlet, it isn't easy to determine a return URL for the PAP servlet. This is especially
82 * true upon initialization.
84 public static final String PROP_PAP_URL = "xacml.rest.pap.url";
86 * A comma divided list of urls pointing to avaiable PAP urls. If one or more fail, the other servers in the list
87 * can handle the requests.
89 public static final String PROP_PAP_URLS = "xacml.rest.pap.urls";
90 public static final String PROP_PAP_FAILED_URLS = "xacml.rest.pap.failedUrls";
91 public static final String PROP_PAP_SUCCEEDED_URLS = "xacml.rest.pap.succeededUrls";
94 * Upon startup, have the PAP servlet send latest configuration information to all the PDP nodes it knows about.
96 public static final String PROP_PAP_INITIATE_PDP_CONFIG = "xacml.rest.pap.initiate.pdp";
98 * The interval the PAP servlet uses to send heartbeat requests to the PDP nodes.
100 public static final String PROP_PAP_HEARTBEAT_INTERVAL = "xacml.rest.pap.heartbeat.interval";
102 * Timeout value used by the PAP servlet when trying to check the heartbeat of a PDP node.
104 public static final String PROP_PAP_HEARTBEAT_TIMEOUT = "xacml.rest.pap.heartbeat.timeout";
106 * This is the domain you can setup for your organization, it should be a URI. Eg. com:sample:foo
108 public static final String PROP_PAP_DOMAIN = "xacml.rest.pap.domain";
111 * Local path to where user workspaces exist. The user workspace contains temporary files, the user's clone of the
112 * GIT repository, anything specific to the user, etc.
114 public static final String PROP_PAP_WORKSPACE = "xacml.rest.pap.workspace";
117 * Local path to where the GIT repository exists.
119 * Eg. /opt/app/xacml/repository
121 public static final String PROP_PAP_REPOSITORY = "xacml.rest.pap.repository";
124 * Database driver property
126 public static final String PROP_PAP_DB_DRIVER = "javax.persistence.jdbc.driver";
131 public static final String PROP_PAP_DB_URL = "javax.persistence.jdbc.url";
136 public static final String PROP_PAP_DB_USER = "javax.persistence.jdbc.user";
141 public static final String PROP_PAP_DB_PASSWORD = "javax.persistence.jdbc.password";
144 * Time in ms which a Policy DB transaction will wait to get the transaction lock object
146 public static final String PROP_PAP_TRANS_WAIT = "xacml.rest.pap.transaction.waitms";
149 * Policy DB transaction timeout in ms after it has obtained the transaction lock object
151 public static final String PROP_PAP_TRANS_TIMEOUT = "xacml.rest.pap.transaction.timeoutms";
154 * Policy Audit transaction timeout in ms after it has obtained the transaction lock object
156 public static final String PROP_PAP_AUDIT_TIMEOUT = "xacml.rest.pap.audit.timeoutms";
159 * Value determines direction of audit. Value=true will synch the file system to contents of the DB. Value=false
160 * will synch the DB to the contents of the file system.
162 public static final String PROP_PAP_AUDIT_FLAG = "xacml.rest.pap.filesystem.audit";
165 * Value for enable/disable of audit functionality
167 public static final String PROP_PAP_RUN_AUDIT_FLAG = "xacml.rest.pap.run.audit.flag";
170 * Controls how long the timeout will be when a pap sends a notification to another pap
172 public static final String PROP_PAP_NOTIFY_TIMEOUT = "xacml.rest.pap.notify.timeoutms";
174 * Value for Enable/Disable of AutoPush Flag.
176 public static final String PROP_PAP_PUSH_FLAG = "xacml.rest.pap.autopush.flag";
179 * Properties file for the AutoPush Functionality.
181 public static final String PROP_PAP_PUSH_FILE = "xacml.rest.pap.autopush.file";
184 * Local path to where the GIT repository exists.
186 * Eg. /opt/app/xacml/repository
188 public static final String PROP_ADMIN_REPOSITORY = "xacml.rest.admin.repository";
190 * Local path to where user workspaces exist. The user workspace contains temporary files, the user's clone of the
191 * GIT repository, anything specific to the user, etc.
193 public static final String PROP_ADMIN_WORKSPACE = "xacml.rest.admin.workspace";
195 * This is the domain you can setup for your organization, it should be a URI.
199 public static final String PROP_ADMIN_DOMAIN = "xacml.rest.admin.domain";
201 * PROP_ADMIN_USER_NAME is simply a name for the logged in user.
203 * <p>AC authentication is out the scope of the web application itself. It is up to the developer to setup
204 * authentication as they please in the J2EE container used to run the web application. Whatever authentication
205 * mechanism they use, they should then set the attribute into the HttpSession object. The Admin Console will be
206 * able to read that value (default to "guest") in.
208 * <p>((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer");
211 public static final String PROP_ADMIN_USER_NAME = "xacml.rest.admin.user.name";
214 * PROP_ADMIN_USER_ID is an id for the logged in user.
218 * <p>@see #PROP_ADMIN_USER_NAME for more information.
221 public static final String PROP_ADMIN_USER_ID = "xacml.rest.admin.user.id";
223 * PROP_ADMIN_USER_EMAIL is a user's email address.
225 * @see #PROP_ADMIN_USER_NAME for more information.
227 public static final String PROP_ADMIN_USER_EMAIL = "xacml.rest.admin.user.email";
229 * Directory path containing sub-directories where the Subscriber servlet puts files sent through data feeds.
231 public static final String PROP_SUBSCRIBER_INCOMING = "xacml.subscriber.incoming";
233 * The specific data feed name for the Subscriber servlet to register for.
235 public static final String PROP_SUBSCRIBER_FEED = "xacml.subscriber.feed";
237 * Value for the log time frame that is to be stored in the database any logs after this time frame will be removed.
239 public static final String PROP_LOG_TIMEFRAME = "xacml.log.timeframe";
241 * Value for the DB connections used to store the log files.
243 public static final String PROP_LOG_DB_DRIVER = "xacml.log.db.driver";
244 public static final String PROP_LOG_DB_URL = "xacml.log.db.url";
245 public static final String PROP_LOG_DB_USER = "xacml.log.db.user";
246 public static final String PROP_LOG_DB_PASSWORD = "xacml.log.db.password";
248 * Value for JMX port for the PDP
250 public static final String PROP_PDP_JMX_PORT = "xacml.jmx.port";
253 * Value for refresh rate
255 public static final String PROP_REFRESH_RATE = "xacml.refresh.rate";
257 // added for Security between Policy Components.
260 * PROP_PAP_USERID is the PAP Unique User ID
262 public static final String PROP_PAP_USERID = "xacml.rest.pap.userid";
264 * PROP_PAP_PASS is the PAP password
266 public static final String PROP_PAP_PASS = "xacml.rest.pap.password";
268 * PROP_PAP_PASS is the PAP password
270 public static final String PROP_CONFIG_URL = "xacml.rest.config.url";
272 * PROP_PDP_USERID is the PDP Unique User ID
274 public static final String PROP_PDP_USERID = "xacml.rest.pdp.userid";
276 * PROP_PDP_PASS is the PDP password
278 public static final String PROP_PDP_PASS = "xacml.rest.pdp.password";
280 * PROP_PDP_IDFILE is the PDP Authentication File
282 public static final String PROP_PDP_IDFILE = "xacml.rest.pdp.idfile";
284 * PROP_PEP_IDFILE is the Client Authentication File
286 public static final String PROP_PEP_IDFILE = "xacml.rest.pep.idfile";
288 * webapps Location of the PAP-REST server
290 public static final String PROP_PAP_WEBAPPS = "xacml.rest.config.webapps";
292 * Value for Notification Option
294 public static final String PROP_NOTIFICATION_TYPE = "NOTIFICATION_TYPE";
296 * Value for Notification DMaaP servers
298 public static final String PROP_NOTIFICATION_SERVERS = "NOTIFICATION_SERVERS";
300 * Value for Notification Delay
302 public static final String PROP_NOTIFICATION_DELAY = "NOTIFICATION_DELAY";
304 * Value for Notification Topic
306 public static final String PROP_NOTIFICATION_TOPIC = "NOTIFICATION_TOPIC";
308 * Value for Notification Topic
310 public static final String PROP_UEB_API_KEY = "UEB_API_KEY";
312 * Value for Notification Topic
314 public static final String PROP_UEB_API_SECRET = "UEB_API_SECRET";
316 * Closedloop Fault Policy Template Version
318 public static final String TEMPLATE_VERSION_FAULT = "xacml.rest.closedLoopFault";
320 * Closedloop PM Policy Template Version
322 public static final String TEMPLATE_VERSION_PM = "xacml.rest.closedLoopPM";
324 * Value for model properties file
326 public static final String PROP_ADMIN_MICROSERVICE = "xacml.rest.admin.microServiceModel";
328 * MicroService Policy Template Version
330 public static final String TEMPLATE_VERSION_MS = "xacml.rest.microServices";
332 * Optimization Policy Template Version
334 public static final String TEMPLATE_VERSION_OOF = "xacml.rest.optimization";
336 * Firewall Policy Template Version
338 public static final String TEMPLATE_VERSION_FW = "xacml.rest.firewallPolicy";
340 * Size of SelectList for Users in MS
343 public static final String PROP_USER_SELECTLIST_WINDOW_SIZE = "xacml.user.column.count";
345 * Audit function in pap admin to Update userinfo table to syncronize with Roles table
347 public static final String PROP_ROLES_USERINFO_AUDIT = "xacml.audit.userInfo";
349 * test Environment LoginId
351 public static final String PROP_TEST_ENVIRONMENT_LOGINID = "xacml.testEnvironment.loginId";
353 * Size of of the page length for sqlcontainer
356 public static final String PROP_SQLCONTAINER_PAGE_LENGTH = "xacml.sqlcontainer.page.length";
358 * add values used to connect to restful api
361 public static final String PROP_RESTFUL_INTERFACE = "xacm.restful.interface.file";
363 * add pattern to identify what values are designed as required
366 public static final String PROP_XCORE_REQUIRED_PATTERN = "xacm.xcor.required.pattern";
368 * Time before a cache value is evicted
371 public static final String PROP_CACHE_LIVE_TIME = "xacm.cache.live.time";
373 * Highest value allowed in priority
376 public static final String PROP_PRIORITY_COUNT = "xacml.max.priority.count";
378 * The name of the PAP. Must be unique across the system
380 public static final String PAP_RESOURCE_NAME = "xacml.rest.pap.resource.name";
382 * The name of the site in which the PAP resides
384 public static final String PAP_SITE_NAME = "site_name";
386 * The node type of the PAP - really a no-op since it's value is pap
388 public static final String PAP_NODE_TYPE = "node_type";
390 * A list of the groups of resources/nodes on which the PAP is dependent. The members of a group are comma-separated
391 * and the groups are separated with semicolons.
393 public static final String PAP_DEPENDENCY_GROUPS = "dependency_groups";
395 * The (optional) period of time in seconds between executions of the integrity audit. Value < 0 : Audit does not
396 * run (default value if property is not present = -1) Value = 0 : Audit runs continuously Value > 0 : The period of
397 * time in seconds between execution of the audit on a particular node
399 public static final String PAP_INTEGRITY_AUDIT_PERIOD_SECONDS = "integrity_audit_period_seconds";
401 * The name of the Admin. Must be unique across the system
403 public static final String ADMIN_RESOURCE_NAME = "xacml.rest.admin.resource.name";
405 * The name of the PDP. Must be unique across the system
407 public static final String PDP_RESOURCE_NAME = "xacml.rest.pdp.resource.name";
409 * Audit function in pap admin to Update userinfo table to syncronize with Roles table
411 public static final String PROP_AUTOMATIC_POLICYPUSH = "xacml.automatic.push";
413 * Add Limit for Onap Portal Dashboard tab data
415 public static final String PROP_ONAP_LOGLIMIT = "xacml.onap.dashboard.logTableLimit";
416 public static final String PROP_ONAP_SYSTEMALERTLIMIT = "xacml.onap.dashboard.systemAlertTableLimit";
418 * Diff of the policies for the Firewall Feature.
420 public static final String PROP_FW_GETURL = "FW_GETURL";
421 public static final String PROP_FW_AUTHOURL = "FW_AUTHOURL";
422 public static final String PROP_FW_PROXY = "FW_PROXY";
423 public static final String PROP_FW_PORT = "FW_PORT";
426 * The number of Risk Levels allowed
428 public static final String ADMIN_RISK_LEVEL_COUNT = "xacml.risk.level.count";
430 * The maxium Level displayed on the UI for Micro Services
432 public static final String PROP_MODEL_LEVEL = "xacml.model.level";
435 * Value for Incoming Notification tries
438 public static final String PROP_PAP_INCOMINGNOTIFICATION_TRIES = "xacml.rest.pap.incomingnotification.tries";
443 public static final String PROP_AES_KEY = "org.onap.policy.encryption.aes.key";
446 // Static class, hide constructor
447 private XacmlRestProperties() {