+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,"
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,"
+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,"
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,"
+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
- boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs);
- // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL
- String aafURL = logProp(rph, AAF_URL,null);
- if (!hasDirectAAF && aafcon==null && aafURL!=null) {
- aafcon = loadAAFConnector(si, aafURL);
+ boolean hasDirectAAF = hasDirect("DirectAAFLur", additionalTafLurs);
+ // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL
+ String aafURL = logProp(rph, AAF_URL, null);
+ if (!hasDirectAAF && aafcon == null && aafURL != null) {
+ aafcon = loadAAFConnector(si, aafURL);
- String tokenurl = logProp(rph,Config.AAF_OAUTH2_TOKEN_URL, null);
- String introspecturl = logProp(rph,Config.AAF_OAUTH2_INTROSPECT_URL, null);
- if (tokenurl==null || introspecturl==null) {
- access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled.");
+ String tokenurl = logProp(rph, Config.AAF_OAUTH2_TOKEN_URL, null);
+ String introspecturl = logProp(rph, Config.AAF_OAUTH2_INTROSPECT_URL, null);
+ if (tokenurl == null || introspecturl == null) {
+ access.log(Level.INIT,
+ "Both tokenurl and introspecturl are required. Oauth Authorization is disabled.");
+ } else {
+ // try to construct the TAF instance. Try without the CredVal first (original code), change
+ // to try with a CredVal paramater if it fails as the newer ONAP code contains this in the OBasicHttpTaf constructor
+ System.out.println("TokenURL="+ tokenurl + "; IntrospectURL="+introspecturl);
+ Constructor<HttpTaf> obasicConst = null;
+ try {
+ obasicConst = obasicCls.getConstructor(PropAccess.class, String.class,
+ String.class, String.class);
+ htlist.add(new Priori<HttpTaf>(
+ obasicConst.newInstance(access, basicRealm, tokenurl, introspecturl), 20));
+ } catch (Exception e) {
+ obasicConst = obasicCls.getConstructor(PropAccess.class, CredVal.class, String.class, String.class, String.class);
+ htlist.add(new Priori<HttpTaf>(
+ obasicConst.newInstance(access, up, basicRealm, tokenurl, introspecturl), 20));
+ }
+
+ access.log(Level.INIT, "Oauth supported Basic Authorization is enabled");
- if (aafcon==null) {
- access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF");
- } else if (aafURL==null) {
- access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF");
- } else {// There's an AAF_URL... try to configure an AAF
- String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF);
+ if (aafcon == null) {
+ access.log(Level.INIT, "AAF Connection (AAFcon) is null. Cannot create an AAF TAF");
+ } else if (aafURL == null) {
+ access.log(Level.INIT, "No AAF URL in properties, Cannot create an AAF TAF");
+ } else {// There's an AAF_URL... try to configure an AAF
+ String aafTafClassName = logProp(access, AAF_TAF_CLASS, AAF_TAF_CLASS_DEF);
- Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance",PropAccess.class,String.class,String.class);
- Object oaTTmgr = oaTTmgrGI.invoke(null /*this is static method*/,access,oauthTokenUrl,oauthIntrospectUrl);
- Constructor<HttpTaf> oaTConst = oaTCls.getConstructor(Access.class,oaTTmgrCls);
- htlist.add(new Priori<HttpTaf>(oaTConst.newInstance(access,oaTTmgr),30));
- access.log(Level.INIT,"OAuth2 TAF is enabled");
- } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | InstantiationException e) {
- access.log(Level.INIT,"OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled",e);
+ Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance", PropAccess.class, String.class,
+ String.class);
+ Object oaTTmgr = oaTTmgrGI.invoke(null /* this is static method */, access,
+ oauthTokenUrl, oauthIntrospectUrl);
+ Constructor<HttpTaf> oaTConst = oaTCls.getConstructor(Access.class, oaTTmgrCls);
+ htlist.add(new Priori<HttpTaf>(oaTConst.newInstance(access, oaTTmgr), 30));
+ access.log(Level.INIT, "OAuth2 TAF is enabled");
+ } catch (NoSuchMethodException | SecurityException | IllegalAccessException
+ | IllegalArgumentException | InvocationTargetException | InstantiationException e) {
+ access.log(Level.INIT, "OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled", e);
- htlist.add(new Priori<HttpTaf>(new BasicHttpTaf(access, (CredVal)additional , basicRealm, userExp, basicWarn),50+i++));
- access.printf(Level.INIT,"Direct BasicAuth Authentication is enabled",additional.getClass().getSimpleName());
+ htlist.add(new Priori<HttpTaf>(
+ new BasicHttpTaf(access, (CredVal) additional, basicRealm, userExp, basicWarn),
+ 50 + i++));
+ access.printf(Level.INIT, "Direct BasicAuth Authentication is enabled",
+ additional.getClass().getSimpleName());
- String users = access.getProperty(USERS,null);
- String groups = access.getProperty(GROUPS,null);
-
- if (groups!=null || users!=null) {
- LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption.
- lurs.add(new Priori<Lur>(ll,10));
-
- String writeto = access.getProperty(WRITE_TO,null);
- if (writeto!=null) {
+ String users = access.getProperty(USERS, null);
+ String groups = access.getProperty(GROUPS, null);
+
+ if (groups != null || users != null) {
+ LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption.
+ lurs.add(new Priori<Lur>(ll, 10));
+
+ String writeto = access.getProperty(WRITE_TO, null);
+ if (writeto != null) {
- access.log(Level.INIT,"AAF LUR Configured to ",aafURL);
- lurs.add(new Priori<Lur>((Lur)aaflur,40));
- String debugIDs = logProp(access,Config.AAF_DEBUG_IDS, null);
- if (debugIDs !=null && aaflur instanceof CachingLur) {
- ((CachingLur<?>)aaflur).setDebug(debugIDs);
+ access.log(Level.INIT, "AAF LUR Configured to ", aafURL);
+ lurs.add(new Priori<Lur>((Lur) aaflur, 40));
+ String debugIDs = logProp(access, Config.AAF_DEBUG_IDS, null);
+ if (debugIDs != null && aaflur instanceof CachingLur) {
+ ((CachingLur<?>) aaflur).setDebug(debugIDs);
- try {
- Class<?> aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator");
- Method aalMth = aalCls.getMethod("create", String.class,String.class);
- int colon = _url.lastIndexOf(':');
- if(colon>=0) {
- int slash = _url.indexOf('/',colon);
- String version;
- if(slash<0) {
- version = _url.substring(colon+1);
- } else {
- version = _url.substring(colon+1,slash);
- }
- slash = _url.lastIndexOf('/',colon);
- if(slash>=0) {
- Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version);
- return (Locator<URI>)aal;
- }
- }
- } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- String msg;
- char quote;
- if(e.getCause()!=null) {
- msg=e.getCause().getMessage();
- quote='"';
- } else {
- msg = "-";
- quote=' ';
- }
- access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote);
- }
-// String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS.");
-// String root_ns = access.getProperty(Config.AAF_ROOT_NS, null);
- String url;
+ try {
+ Class<?> aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator");
+ Method aalMth = aalCls.getMethod("create", String.class, String.class);
+ int colon = _url.lastIndexOf(':');
+ if (colon >= 0) {
+ int slash = _url.indexOf('/', colon);
+ String version;
+ if (slash < 0) {
+ version = _url.substring(colon + 1);
+ } else {
+ version = _url.substring(colon + 1, slash);
+ }
+ slash = _url.lastIndexOf('/', colon);
+ if (slash >= 0) {
+ Object aal = aalMth.invoke(null/* static */, _url.substring(slash + 1, colon), version);
+ return (Locator<URI>) aal;
+ }
+ }
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException
+ | IllegalArgumentException | InvocationTargetException e) {
+ String msg;
+ char quote;
+ if (e.getCause() != null) {
+ msg = e.getCause().getMessage();
+ quote = '"';
+ } else {
+ msg = "-";
+ quote = ' ';
+ }
+ access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",
+ quote, msg, quote);
+ }
+ // String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS.");
+ // String root_ns = access.getProperty(Config.AAF_ROOT_NS, null);
+ String url;
- rph = new RegistrationPropHolder(access, 0);
- url = rph.replacements("Config.loadLocator",_url, null, null);
- access.printf(Level.INFO, "loadLocator URL is %s",url);
- } catch (UnknownHostException | CadiException e1) {
- throw new LocatorException(e1);
- }
-
- String aaf_locator_class;
- if(_url.equals(url) && !url.contains("/locate/")) {
- aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator";
- } else {
- aaf_locator_class = AAF_LOCATOR_CLASS_DEF;
+ rph = new RegistrationPropHolder(access, 0);
+ url = rph.replacements("Config.loadLocator", _url, null, null);
+ access.printf(Level.INFO, "loadLocator URL is %s", url);
+ } catch (UnknownHostException | CadiException e1) {
+ throw new LocatorException(e1);
+
+ /**
+ * Simplify logic - if we have a URL with /locate/ in it, we use the default locator.
+ * If we have an explicitly set locator from configuration, we use that one.
+ * Otherwise we fall back to the SingleEndpointLocator, basically default normal HTTP client behavior.
+ */
+ String aaf_locator_class = null;
+ if (url.contains("/locate/")) {
+ aaf_locator_class = AAF_LOCATOR_CLASS_DEF;
+ } else if (si.access.getProperty(Config.AAF_LOCATOR_CLASS, null) != null) {
+ aaf_locator_class = si.access.getProperty(Config.AAF_LOCATOR_CLASS, null);
+ }
+ if (aaf_locator_class == null) {
+ aaf_locator_class = Config.AAF_LOCATOR_CLASS_SINGLE;
+ }
+
- public final T t;
- public final int priority;
-
- public Priori(final T t, final int priority) {
- this.t = t;
- this.priority = priority;
- }
-
- @Override
- public int compareTo(Priori<T> o) {
- if(priority==o.priority) {
- return 0;
- } else if(priority<o.priority) {
- return -1;
- } else {
- return 1;
- }
- }
- public static<T> void add(Access access, final String tag, List<Priori<T>> list) {
- String plugins = access.getProperty(tag, null);
- if(plugins!=null) {
- access.log(Level.INIT, "Adding TAF Plugins: ", plugins);
- for(String tafs : Split.splitTrim(';', plugins)) {
- String[] pluginArray = Split.splitTrim(',', tafs);
- String clssn = null;
- int priority = 60;
- switch(pluginArray.length) {
- case 0:
- break;
- case 1:
- clssn = tafs;
- break;
- default:
- clssn = pluginArray[0];
- try {
- priority = Integer.parseInt(pluginArray[1]);
- } catch (NumberFormatException nfe) {
- access.printf(Level.ERROR, "%s format is <classname>,priority[;...]\n",CADI_ADD_TAFS);
- }
- }
-
- if(clssn!=null) {
- Class<?> cls = loadClass(access, clssn);
- if(cls!=null) {
- try {
- @SuppressWarnings("unchecked")
- Constructor<T> cnst = (Constructor<T>)cls.getConstructor(Access.class);
- try {
- list.add(new Priori<T>(cnst.newInstance(access),priority));
- } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- String hostname = access.getProperty(Config.HOSTNAME,null);
- if(hostname==null) {
- access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn);
- } else {
- access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname);
- }
- }
- } catch (NoSuchMethodException | SecurityException e) {
- access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn);
- }
- }
- }
- }
- }
- }
+ public final T t;
+ public final int priority;
+
+ public Priori(final T t, final int priority) {
+ this.t = t;
+ this.priority = priority;
+ }
+
+ @Override
+ public int compareTo(Priori<T> o) {
+ if(priority==o.priority) {
+ return 0;
+ } else if(priority<o.priority) {
+ return -1;
+ } else {
+ return 1;
+ }
+ }
+ public static<T> void add(Access access, final String tag, List<Priori<T>> list) {
+ String plugins = access.getProperty(tag, null);
+ if(plugins!=null) {
+ access.log(Level.INIT, "Adding TAF Plugins: ", plugins);
+ for(String tafs : Split.splitTrim(';', plugins)) {
+ String[] pluginArray = Split.splitTrim(',', tafs);
+ String clssn = null;
+ int priority = 60;
+ switch(pluginArray.length) {
+ case 0:
+ break;
+ case 1:
+ clssn = tafs;
+ break;
+ default:
+ clssn = pluginArray[0];
+ try {
+ priority = Integer.parseInt(pluginArray[1]);
+ } catch (NumberFormatException nfe) {
+ access.printf(Level.ERROR, "%s format is <classname>,priority[;...]\n",CADI_ADD_TAFS);
+ }
+ }
+
+ if(clssn!=null) {
+ Class<?> cls = loadClass(access, clssn);
+ if(cls!=null) {
+ try {
+ @SuppressWarnings("unchecked")
+ Constructor<T> cnst = (Constructor<T>)cls.getConstructor(Access.class);
+ try {
+ list.add(new Priori<T>(cnst.newInstance(access),priority));
+ } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ String hostname = access.getProperty(Config.HOSTNAME,null);
+ if(hostname==null) {
+ access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn);
+ } else {
+ access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname);
+ }
+ }
+ } catch (NoSuchMethodException | SecurityException e) {
+ access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn);
+ }
+ }
+ }
+ }
+ }
+ }