Code Review / clamp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "removing inactive committers"
[clamp.git] / README.md
diff --git a/README.md b/README.md
index f6a0ec7..783501a 100644 (file)
--- a/README.md
+++ b/README.md
@@ -67,26 +67,32 @@ This file is a JSON that must be specified to Spring config, here is an example:
 {\r
   "sdc-connections":{\r
     "sdc-controller1":{\r
-        "user": "User1",\r
+        "user": "clamp",\r
         "consumerGroup": "consumerGroup1",\r
         "consumerId": "consumerId1",\r
-        "environmentName": "environmentName1",\r
-        "sdcAddress": "sdc.api.simpledemo.onap.org:8080",\r
-        "password": "bb3871669d893c7fb8aaacda31b77b4f537E67A081C2726889548ED7BC4C2DE6",\r
-        "pollingInterval":10,\r
+        "environmentName": "AUTO",\r
+        "sdcAddress": "localhost:8443",\r
+        "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",\r
+        "pollingInterval":30,\r
         "pollingTimeout":30,\r
-        "messageBusAddresses":["localhost"]\r
+        "activateServerTLSAuth":"false",\r
+        "keyStorePassword":"",\r
+        "keyStorePath":"",\r
+        "messageBusAddresses":["dmaaphost.com"]\r
     },\r
-     "sdc-controller2":{\r
-        "user": "User2",\r
-        "consumerGroup": "consumerGroup2",\r
-        "consumerId": "consumerId2",\r
-        "environmentName": "environmentName2",\r
-        "sdcAddress": "sdc.api.simpledemo.onap.org:8080",\r
-        "password": "bb3871669d893c7fb8aaacda31b77b4f537E67A081C2726889548ED7BC4C2DE6",\r
-        "pollingInterval":10,\r
+    "sdc-controller2":{\r
+        "user": "clamp",\r
+        "consumerGroup": "consumerGroup1",\r
+        "consumerId": "consumerId1",\r
+        "environmentName": "AUTO",\r
+        "sdcAddress": "localhost:8443",\r
+        "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",\r
+        "pollingInterval":30,\r
         "pollingTimeout":30,\r
-        "messageBusAddresses":["localhost"]\r
+        "activateServerTLSAuth":"false",\r
+        "keyStorePassword":"",\r
+        "keyStorePath":"",\r
+        "messageBusAddresses":["dmaaphost.com"]\r
     }\r
   }\r
 }\r
@@ -116,7 +122,48 @@ You can see the swagger definition for the jaxrs apis at `/restservices/clds/v1/
 \r
 ## Clamp Credentials\r
 \r
-Credentials should be specified in `src/main/resources/clds/clds-users.json`. You might specify you own credential file by redefining the `clamp.config.files.cldsUsers` in `application.properties`.\r
+There are two mechanisms that can enabled for the authentication, one or the other never both at the same time. \r
+They can be enabled in the application.properties.\r
+\r
+1. AAF CA\r
+There is a section for SSL enablement and cadi configuration (for AAF) + one spring profile to enable\r
+\r
+server.port=8443\r
+server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12\r
+server.ssl.key-store-password=China in the Spring\r
+server.ssl.key-password=China in the Spring\r
+server.ssl.key-store-type=PKCS12\r
+server.ssl.key-alias=clamp@clamp.onap.org\r
+server.ssl.client-auth=want\r
+server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks\r
+server.ssl.trust-store-password=changeit\r
+\r
+server.http-to-https-redirection.port=8080\r
+....\r
+spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller\r
+....\r
+clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile\r
+clamp.config.cadi.cadiLoglevel=DEBUG\r
+clamp.config.cadi.cadiLatitude=37.78187\r
+clamp.config.cadi.cadiLongitude=-122.26147\r
+clamp.config.cadi.aafLocateUrl=https://aaf.api.simpledemo.onap.org:8095\r
+clamp.config.cadi.cadiKeystorePassword=enc:V_kq_EwDNb4itWp_lYfDGXIWJzemHGkhkZOxAQI9IHs\r
+clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5F1yB1ukf\r
+clamp.config.cadi.aafEnv=DEV\r
+clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/AAF_NS.service:2.0\r
+clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US\r
+\r
+In that case a certificate must be added in the browser and is required to login properly\r
+Please check that section to get the certificate\r
+https://wiki.onap.org/display/DW/Control+Loop+Flows+and+Models+for+Casablanca#ControlLoopFlowsandModelsforCasablanca-Configure\r
+\r
+Or it can be found in the Clamp source code folder src/main/resources/clds/aaf\r
+(Default Password: "China in the Spring")\r
+\r
+2. Spring authentication\r
+It's possible to enable the spring authentication by disabling the "clamp-aaf-authentication" profile and enabling only the "clamp-default-user"\r
+spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller\r
+In that case, the credentials should be specified in `src/main/resources/clds/clds-users.json`. You might specify you own credential file by redefining the `clamp.config.files.cldsUsers` in `application.properties`.\r
 \r
 Passwords should be hashed using Bcrypt :\r
 ```\r
@@ -126,4 +173,9 @@ Passwords should be hashed using Bcrypt :
 \r
 Default credentials are admin/password and cs0008/password.\r
 \r
+There is a spring file that disables the AAF and enable the Spring authentication by default. \r
+To use it just add\r
+\r
+--spring.config.name=application-noaaf\r
 \r
+to the jvm parameters. This file is available by default in the java classpath resource folder. 
\ No newline at end of file
CLAMP is a platform for designing and managing control loops. Archived.