2 ## AUTHZ API (authz-service) Properties
\r
6 # Standard AFT for THIS box, and THIS box is in St Louis. Put your own LAT/LONG in here. Use "bing.com/maps" or
\r
7 # SWMTools (geoloc for DataCenters) to get YOURs
\r
9 AFT_LATITUDE=32.780140
\r
10 AFT_LONGITUDE=-96.800451
\r
11 AFT_ENVIRONMENT=AFTUAT
\r
12 DEPLOYED_VERSION=2.0.SAMPLE
\r
14 ##DME2 related parameters
\r
15 DMEServiceName=service=org.onap.aaf.authz.AuthorizationService/version=2.0/envContext=DEV/routeOffer=BAU_SE
\r
17 #DME2 can limit Port Ranges with the following:
\r
18 #AFT_DME2_PORT_RANGE=8101-8029,8100
\r
19 #DME2 picks any unused port in +1024 range
\r
21 AFT_DME2_ALLOW_PORT_CACHING=false
\r
22 aaf_root_ns=org.openecomp
\r
24 # Point to "Common" files, used between all the AAF Services. ...
\r
26 # DEVELOPER ONLY SETTING!!!!! DO NOT USE on ANY BOX other than your Developer box, and it
\r
27 # would be better if you got a Cert for that, and remove this! There is nothing stupider than
\r
28 # an unsecured Security Service.
\r
29 cadi_trust_all_x509=true
\r
31 # Public (i.e. Verisign) Key stores.
\r
32 # AFT_DME2_KEYSTORE=
\r
33 # AFT_DME2_KEYSTORE_PASSWORD=
\r
34 # AFT_DME2_KEY_PASSWORD=
\r
36 # cadi_truststore_password=
\r
38 # Standard for this App/Machine
\r
40 aaf_data_dir=../data
\r
42 aaf_id=<osaaf's Application Identity>
\r
43 aaf_password=enc:31-LFPNtP9Yl1DZKAz1rx8N8YfYVY8VKnnDr
\r
45 aaf_conn_timeout=6000
\r
47 aaf_user_expires=600000
\r
48 aaf_clean_interval=45000
\r
49 aaf_refresh_trigger_count=3
\r
50 aaf_high_count=30000
\r
53 aaf_default_realm=openecomp.org
\r
54 #aaf_domain_support=.org
\r
55 basic_realm=openecomp.org
\r
57 aaf_root_ns=org.openecomp
\r
58 localhost_deny=false
\r
62 # IP:Cass DataCenter:Latitude:Longitude,IP....
\r
63 cassandra.clusters=127.0.0.1
\r
64 cassandra.clusters.port=9042
\r
65 cassandra.clusters.user=authz
\r
66 cassandra.clusters.password=authz
\r
67 ## Exceptions from Cassandra which require resetting the Cassandra Connections
\r
68 cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
\r
70 # Consistency Settings
\r
71 cassandra.writeConsistency.ns=LOCAL_QUORUM
\r
72 cassandra.writeConsistency.perm=LOCAL_QUORUM
\r
73 cassandra.writeConsistency.role=LOCAL_QUORUM
\r
74 cassandra.writeConsistency.user_role=LOCAL_QUORUM
\r
75 cassandra.writeConsistency.cred=LOCAL_QUORUM
\r
76 cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
\r
78 ## Supported Plugin Organizational Units
\r
79 Organization.com.osaaf=org.onap.aaf.osaaf.defOrg.DefaultOrg
\r
81 ## Email Server settings for Def Organization.
\r
82 #Sender's email ID needs to be mentioned
\r
83 com.osaaf.mailFromUserId=mailid@bogus.com
\r
84 com.osaaf.supportEmail=support@bogus.com
\r
85 com.osaaf.mailHost=smtp.bogus.com
\r
87 # Standard AAF DME2 Props
\r
88 AFT_DME2_REMOVE_PERSISTENT_CACHE_ON_STARTUP=TRUE
\r
89 AFT_DME2_DISABLE_PERSISTENT_CACHE=TRUE
\r
90 AFT_DME2_DISABLE_PERSISTENT_CACHE_LOAD=TRUE
\r
92 ## SSL OPTIONAL ONLY IN DEVELOPMENT PC/Local... WHATEVER YOU DO, don't use this on any box than your local PC
\r
93 AFT_DME2_SSL_ENABLE=false
\r
94 # for when you turn on SSL... Only TLSv1.1+ is secure as of 2016
\r
95 AFT_DME2_SSL_WANT_CLIENT_AUTH=TRUE
\r
96 AFT_DME2_SSL_INCLUDE_PROTOCOLS=TLSv1.1,TLSv1.2
\r
97 AFT_DME2_SSL_VALIDATE_CERTS=FALSE
\r
98 AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=false
\r
100 ## Extra CA Trusts, for Certifiate Manager to build truststore with external CAs
\r
101 cm_trust_cas=VerisignG3_CA.cer;VerisignG4_CA.cer;VerisignG5_CA.cer
\r
104 #cadi_prop_files=com.osaaf.common.props;com.osaaf.props
\r
105 cadi_prop_files=opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.common.props;opt/app/aaf/authz-service/1.0.0-SNAPSHOT/etc/com.osaaf.props
\r
106 CACHE_HIGH_COUNT=40000
\r
107 CACHE_CLEAN_INTERVAL=60000
\r
Code Review / aaf / authz.git / blob