X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Fconfig%2FConfig.java;h=48f5e2d1297c216c4401adbb18ebc483bd8a68fb;hb=1338680ef142f9a33ee32a00b07c7d2ae658cb3a;hp=62623fb884b3244541e4076cea54e5dfa7f7cf39;hpb=815bb520743dc523f69bebc367391872888fd5ef;p=aaf%2Fauthz.git diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 62623fb8..48f5e2d1 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -88,10 +88,14 @@ public class Config { public static final String CADI_LOGDIR = "cadi_log_dir"; public static final String CADI_ETCDIR = "cadi_etc_dir"; public static final String CADI_LOGNAME = "cadi_logname"; +// public static final String CADI_LOGFMT="cad_logging_format"; +// public static final String CADI_LOGFMT_UTC="UTC"; +// public static final String CADI_LOGFMT_ISO8601="ISO-8601"; public static final String CADI_KEYFILE = "cadi_keyfile"; public static final String CADI_KEYSTORE = "cadi_keystore"; public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password"; public static final String CADI_ALIAS = "cadi_alias"; + public static final String CADI_CLIENT_ALIAS = "cadi_client_alias"; public static final String CADI_LOGINPAGE_URL = "cadi_loginpage_url"; public static final String CADI_LATITUDE = "cadi_latitude"; public static final String CADI_LONGITUDE = "cadi_longitude"; @@ -120,8 +124,9 @@ public class Config { public static final String CADI_TOKEN_DIR = "cadi_token_dir"; public static final String HTTPS_PROTOCOLS = "https.protocols"; - public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites"; public static final String HTTPS_CLIENT_PROTOCOLS="jdk.tls.client.protocols"; + public static final String HTTPS_PROTOCOLS_DEFAULT = "TLSv1.1,TLSv1.2"; + public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites"; public static final String HTTPS_CIPHER_SUITES_DEFAULT="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA," @@ -146,19 +151,15 @@ public class Config { public static final String AAF_ROOT_NS = "aaf_root_ns"; public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf"; public static final String AAF_ROOT_COMPANY = "aaf_root_company"; + /** + * Use Config.getAAFLocateUrl(access) to get correct property in/out of container + */ public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables. public static final String AAF_DEFAULT_API_VERSION = "2.1"; + public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version"; public static final String AAF_API_VERSION = "aaf_api_version"; - public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration - public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:" + AAF_DEFAULT_API_VERSION; - public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:" + AAF_DEFAULT_API_VERSION; - public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:" + AAF_DEFAULT_API_VERSION; - public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:" + AAF_DEFAULT_API_VERSION; - public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.hello:" + AAF_DEFAULT_API_VERSION; - public static final String OAUTH2_TOKEN_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:" + AAF_DEFAULT_API_VERSION +"/token"; - public static final String OAUTH2_INTROSPECT_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:" + AAF_DEFAULT_API_VERSION +"/introspect";; - + public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration public static final String AAF_LOCATOR_CLASS = "aaf_locator_class"; // AAF Locator Entries are ADDITIONAL entries, which also gives the Property ability // to set these entries manually @@ -173,12 +174,18 @@ public class Config { public static final String AAF_LOCATOR_VERSION = "aaf_locator_version"; public static final String AAF_LOCATOR_PROTOCOL = "aaf_locator_protocol"; public static final String AAF_LOCATOR_SUBPROTOCOL = "aaf_locator_subprotocol"; - public static final String AAF_LOCATOR_NS = "aaf_locator_ns"; + public static final String AAF_LOCATOR_APP_NS = "aaf_locator_app_ns"; public static final String AAF_LOCATOR_ENTRIES = "aaf_locator_entries"; public static final String AAF_LOCATOR_FQDN = "aaf_locator_fqdn"; public static final String AAF_LOCATOR_NAME = "aaf_locator_name"; public static final String AAF_LOCATOR_PUBLIC_PORT = "aaf_locator_public_port"; - public static final String AAF_LOCATOR_PUBLIC_HOSTNAME = "aaf_locator_public_hostname"; + public static final String AAF_LOCATOR_PUBLIC_FQDN = "aaf_locator_public_fqdn"; + public static final String AAF_LOCATOR_PUBLIC_NAME = "aaf_locator_public_name"; + + // AAF Service will write to the Audit Log if a past due AAF stored Password + // is being used within # of days specified. + public static final String AAF_CRED_WARN_DAYS="aaf_cred_warn_days"; + public static final String AAF_CRED_WARN_DAYS_DFT="7"; public static final String AAF_APPID = "aaf_id"; public static final String AAF_APPPASS = "aaf_password"; @@ -213,11 +220,17 @@ public class Config { public static final String AAF_CERT_IDS = "aaf_cert_ids"; public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only. - public static final String AAF_RELEASE = "aaf_release"; - public static final String GW_URL = "gw_url"; - public static final String CM_URL = "cm_url"; + public static final String AAF_URL_OAUTH = "aaf_url_oauth"; + public static final String AAF_URL_GUI="aaf_url_gui"; + public static final String AAF_URL_FS="aaf_url_fs"; + public static final String AAF_URL_CM = "aaf_url_cm"; + public static final String AAF_URL_CM_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:"+AAF_DEFAULT_API_VERSION; + public static final String AAF_URL_HELLO = "aaf_url_hello"; public static final String CM_TRUSTED_CAS = "cm_trusted_cas"; + // let NS Owners choose with .certman aaf ignoreIPs" to ignoreIP Check for Configs + // Probably only want to allow in a DEV Env. + public static final String CM_ALLOW_IGNORE_IPS="cm_allow_ignore_ips"; public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern"; public static final String PATHFILTER_STACK = "pathfilter_stack"; @@ -555,7 +568,7 @@ public class Config { } access.log(Level.INIT, sb); - Locator locator = loadLocator(si, logProp(rph, AAF_LOCATE_URL, null)); + Locator locator = loadLocator(si, aafURL); taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null String level = logProp(access, CADI_LOGLEVEL, null); @@ -572,7 +585,7 @@ public class Config { if (rv == null) { rph.access().log(Level.INIT,tag,"is not explicitly set"); } else { - rv = rph.replacements(rv, null, null); + rv = rph.replacements("Config.logProp",rv, null, null); rph.access().log(Level.INIT,tag,"is set to",rv); } return rv; @@ -840,29 +853,65 @@ public class Config { if (_url==null) { access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled"); } else { + try { + Class aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator"); + Method aalMth = aalCls.getMethod("create", String.class,String.class); + int colon = _url.lastIndexOf(':'); + if(colon>=0) { + int slash = _url.indexOf('/',colon); + String version; + if(slash<0) { + version = _url.substring(colon+1); + } else { + version = _url.substring(colon+1,slash); + } + slash = _url.lastIndexOf('/',colon); + if(slash>=0) { + Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version); + return (Locator)aal; + } + } + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + String msg; + char quote; + if(e.getCause()!=null) { + msg=e.getCause().getMessage(); + quote='"'; + } else { + msg = "-"; + quote=' '; + } + access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote); + } // String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS."); // String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); String url; RegistrationPropHolder rph; try { rph = new RegistrationPropHolder(access, 0); - url = rph.replacements(_url, null, null); + url = rph.replacements("Config.loadLocator",_url, null, null); access.printf(Level.INFO, "loadLocator URL is %s",url); } catch (UnknownHostException | CadiException e1) { throw new LocatorException(e1); } - + + String aaf_locator_class; + if(_url.equals(url) && !url.contains("/locate/")) { + aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator"; + } else { + aaf_locator_class = AAF_LOCATOR_CLASS_DEF; + } try { - Class lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF); + Class lcls = loadClass(access,aaf_locator_class); if (lcls==null) { throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator"); } // First check for preloaded try { - Method meth = lcls.getMethod("create",String.class); - locator = (Locator)meth.invoke(null,url); + Method meth = lcls.getMethod("create",Access.class,String.class); + locator = (Locator)meth.invoke(null,access,url); } catch (Exception e) { - access.log(Level.DEBUG, "(Not fatal) Cannot load by create(String)", e); + access.log(Level.NONE, "(Not fatal) Cannot load by create(String)", e); } if (locator==null) { URI locatorURI = new URI(url); @@ -892,6 +941,18 @@ public class Config { public static String getDefaultRealm() { return defaultRealm; } + + public static String getAAFLocateUrl(Access access) { + String rv = null; + String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null); + if(cont!=null) { + rv = access.getProperty(AAF_LOCATE_URL + '.' +cont, null); + } + if(rv==null) { + rv = access.getProperty(AAF_LOCATE_URL, null); + } + return rv; + } private static class Priori implements Comparable> { public final T t;