|-|-|-|-|
|MR.projectID | Value for some constructs of fully qualified topic names | 99999 | ONAP |
|-|-|-|-|
+|MR.hostnameVerify | Indicates if we want to relax hostname verification on SSL connection | true | false |
+|-|-|-|-|
+|MR.authentication | Authentication method used when connecting to MR | none | basicAuth |
+| | none = no creds sent (default) | | |
+| | basicAuth = formulate Basic Auth HTTP Header using name and pwd credentials | | |
+| | cert = use client certificate | | |
+|-|-|-|-|
|cadi.properties | Path to CADI properties file | /opt/app/osaaf/local/org.onap.dmaap-bc.props | /opt/app/osaaf/lcoal/org.onap.dmaap-bc.props |
|-|-|-|-|
|aaf.URL | URL of the AAF server | https://authentication.domain.netset.com:8095/proxy/ | https://aaf-authz/ |
import org.onap.dmaap.dbcapi.model.Topic;
import org.onap.dmaap.dbcapi.util.DmaapConfig;
+import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
+
import java.io.*;
import java.net.*;
import java.util.Arrays;
private String topicMgrCred;
- private boolean useAAF;
+ private String authMethod;
private String user;
private String encPwd;
+ private boolean hostnameVerify;
public MrProvConnection() {
String mechIdProperty = "aaf.TopicMgrUser";
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
user = p.getProperty( mechIdProperty, "noMechId@domain.netset.com" );
encPwd = p.getProperty( pwdProperty, "notSet" );
- useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
+ authMethod = p.getProperty("MR.authentication", "none");
topicMgrCred = getCred();
+ hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true"));
}
logger.info( "makeConnection to " + pURL );
try {
+
+ HostnameVerifier hostnameVerifier = new HostnameVerifier() {
+ @Override
+ public boolean verify( String hostname, SSLSession session ) {
+ return true;
+ }
+
+ };
URL u = new URL( pURL );
uc = (HttpsURLConnection) u.openConnection();
uc.setInstanceFollowRedirects(false);
- logger.info( "open connect to " + pURL );
+ if ( ! hostnameVerify ) {
+ HttpsURLConnection ucs = (HttpsURLConnection) uc;
+ ucs.setHostnameVerifier(hostnameVerifier);
+ }
+ logger.info( "open secure connect to " + pURL );
return(true);
} catch( UnknownHostException uhe ){
logger.error( "Caught UnknownHostException for " + pURL);
try {
URL u = new URL( pURL );
uc = (HttpURLConnection) u.openConnection();
- uc.setInstanceFollowRedirects(false);
+ uc.setInstanceFollowRedirects(false);
+
logger.info( "open connect to " + pURL );
return(true);
} catch( UnknownHostException uhe ){
byte[] postData = postTopic.getBytes();
logger.info( "post fields=" + Arrays.toString(postData));
- // when not using AAF, do not attempt Basic Authentication
- if ( useAAF ) {
- uc.setRequestProperty("Authorization", auth);
- logger.info( "Authenticating with " + auth );
- }
+ if ( authMethod.equalsIgnoreCase("basicAuth") ) {
+ uc.setRequestProperty("Authorization", auth);
+ logger.info( "Authenticating with " + auth );
+ } else if ( authMethod.equalsIgnoreCase("cert")) {
+ logger.error( "MR.authentication set for client certificate. Not supported yet.");
+ }
uc.setRequestMethod("POST");
uc.setRequestProperty("Content-Type", "application/json");
uc.setRequestProperty( "charset", "utf-8");
}
} catch (Exception e) {
- errorLogger.error("Unable to read response " );
+ errorLogger.error("Unable to read response: " + e.getMessage() );
}
finally {
private String mmProvCred;
private String unit_test;
- private boolean useAAF;
+ private String authMethod;
private boolean hostnameVerify;
public MrTopicConnection(String user, String pwd ) {
mmProvCred = new String( user + ":" + pwd );
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
unit_test = p.getProperty( "UnitTest", "No" );
- useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
+ authMethod = p.getProperty("MR.authentication", "none");
hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true"));
}
try {
byte[] postData = postMessage.getBytes();
logger.info( "post fields=" + postMessage );
- if ( useAAF ) {
+ if ( authMethod.equalsIgnoreCase("basicAuth") ) {
uc.setRequestProperty("Authorization", auth);
logger.info( "Authenticating with " + auth );
+ } else if ( authMethod.equalsIgnoreCase("cert")) {
+ logger.error( "MR.authentication set for client certificate. Not supported yet.");
}
uc.setRequestMethod("POST");
uc.setRequestProperty("Content-Type", "application/json");