From: Sébastien Determe Date: Mon, 8 Apr 2019 16:34:27 +0000 (+0000) Subject: Merge "Update cadi to 2.1.10 and updated keystore" X-Git-Tag: 4.0.0~38 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=21842a5fe883fb1a6f5795b85dbf58f10267e0bb;hp=8356ed8bce80a957c68236ce14fe0a270524c7df;p=clamp.git Merge "Update cadi to 2.1.10 and updated keystore" --- diff --git a/README.md b/README.md index 318d2c87..1cbf0e3f 100644 --- a/README.md +++ b/README.md @@ -125,8 +125,8 @@ There is a section for SSL enablement and cadi configuration (for AAF) + one spr server.port=8443 server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=34xqGdj]VnHothQ]5qCykV3X -server.ssl.key-password=34xqGdj]VnHothQ]5qCykV3X +server.ssl.key-store-password=China in the Spring +server.ssl.key-password=China in the Spring server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org server.ssl.client-auth=want @@ -139,21 +139,21 @@ spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controll .... clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile clamp.config.cadi.cadiLoglevel=DEBUG -clamp.config.cadi.cadiLatitude=37.78187 -clamp.config.cadi.cadiLongitude=-122.26147 +clamp.config.cadi.cadiLatitude=10 +clamp.config.cadi.cadiLongitude=10 clamp.config.cadi.aafLocateUrl=https://aaf.api.simpledemo.onap.org:8095 clamp.config.cadi.cadiKeystorePassword=enc:V_kq_EwDNb4itWp_lYfDGXIWJzemHGkhkZOxAQI9IHs clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5F1yB1ukf clamp.config.cadi.aafEnv=DEV clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/AAF_NS.service:2.0 -clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US In that case a certificate must be added in the browser and is required to login properly Please check that section to get the certificate https://wiki.onap.org/display/DW/Control+Loop+Flows+and+Models+for+Casablanca#ControlLoopFlowsandModelsforCasablanca-Configure Or it can be found in the Clamp source code folder src/main/resources/clds/aaf -(Default Password: "34xqGdj]VnHothQ]5qCykV3X") +(Default Password: "China in the Spring") 2. Spring authentication It's possible to enable the spring authentication by disabling the "clamp-aaf-authentication" profile and enabling only the "clamp-default-user" diff --git a/docs/index.rst b/docs/index.rst index c3c6ee40..fc0118ac 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -184,7 +184,7 @@ For OOM, the URL is https://:30258/designer/index.html Default password : password - With AAF enabled, the certificate p12 must be added to the browser - ca path: src/main/resources/clds/aaf/org.onap.clamp.p12, password "34xqGdj]VnHothQ]5qCykV3X" + ca path: src/main/resources/clds/aaf/org.onap.clamp.p12, password "China in the Spring" Or get it from this page : https://wiki.onap.org/display/DW/Control+Loop+Flows+and+Models+for+Casablanca Human Interfaces diff --git a/pom.xml b/pom.xml index e03aeada..911ffc60 100644 --- a/pom.xml +++ b/pom.xml @@ -378,7 +378,7 @@ org.onap.aaf.authz aaf-cadi-aaf - 2.1.1 + 2.1.10 javax.servlet diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 4792d057..b1077d38 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -58,8 +58,8 @@ server.port=8443 ## Config part for Server certificates # Can be a classpath parameter instead of file:/ server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=34xqGdj]VnHothQ]5qCykV3X -server.ssl.key-password=34xqGdj]VnHothQ]5qCykV3X +server.ssl.key-store-password=China in the Spring +server.ssl.key-password=China in the Spring server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org @@ -236,8 +236,8 @@ clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Princ #AAF related parameters clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile clamp.config.cadi.cadiLoglevel=DEBUG -clamp.config.cadi.cadiLatitude=37.78187 -clamp.config.cadi.cadiLongitude=-122.26147 +clamp.config.cadi.cadiLatitude=10 +clamp.config.cadi.cadiLongitude=10 clamp.config.cadi.aafLocateUrl=https://aaf.api.simpledemo.onap.org:8095 clamp.config.cadi.cadiKeystorePassword=enc:V_kq_EwDNb4itWp_lYfDGXIWJzemHGkhkZOxAQI9IHs clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5F1yB1ukf @@ -245,4 +245,4 @@ clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5 #clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect clamp.config.cadi.aafEnv=DEV clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/AAF_NS.service:2.0 -clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US diff --git a/src/main/resources/clds/aaf/org.onap.clamp.keyfile b/src/main/resources/clds/aaf/org.onap.clamp.keyfile index 4908ca7e..45cdcb60 100644 --- a/src/main/resources/clds/aaf/org.onap.clamp.keyfile +++ b/src/main/resources/clds/aaf/org.onap.clamp.keyfile @@ -1,27 +1,27 @@ -dK4TahfDgZ9dafmSF971Olx2sfGYPTm7JZnfbtjWxJOWSoRXzyLnJ2C1JwfucH99_9QTF2HQc_Av -LiBCbDt1UJz8K63igFpZhKHR1RpsF-jjGWcrkSWu5z9yz52DJYru4uJ-GY0simVUvlVOn_QR2SHV -D2qknw7FzUKO8NzQd0xJSbxP2lbTEOw5bD74d3gXaVnMEA1yUrV2f5LV5F6O6zPC7s94l9G1Prxa -LS2VE1ZUY2Y2VD9bigQxw_OdtfbMk9DrDAfvYmhUZwd4MMqurHYdqwn5iuMVBT3cz4saFVGhoFNv -d_NwEmsaeGujnZWRQUwhnv5SPXslQY_QXOnTbucvItDwpIA07W8fxZk1os3D5q2XFkHjqDzhWqnq -4Snv1Bz9gw7WIHBjVIgPDHfheQfvm7gO5E5LlmSiVouBdyEp1Yc4mhdR1zs8Kt1AvUEkXVzlbR7a -rMBcASvn1lGvjcU4NqM_u8hIFg-O-w2ooMJK9UUOOVlYRI_wblAGF173Z67CfVRtWdepKb2Fv4pb -3N9w95knLUsh6xea05W4FnNYdoGwHRofRVkH3Kotd0KUoXwe4p6UpfFw33jj-8pWMaRpkkDu9-Ol -Q_B006lHZ6HnXMWnQyrpqYxPRWc0TvoYvlSPqcXVQWIOVP3K-pp6lnREFfJSJ4MPm9AgE9v5GywH -YC9Tq0fWxzKuEbNZCU9xJyXP8rrQi9O8CVwBT0oAzJ012Ztt4mEXvjByKOJsCAPVbEqB3THcL-X5 -UNnyiM7aDFiemQGFbRQgNu9fkk3CgvgU_G4MvXneFmsbJdthvqVDMDe26miUmjOsQl6tZgqKg5sN -pExhOpoApRi7YL_1J79zkeziLHLU5NC9ryRrUfQgpwivnj9nqJr0COsEYLg9381NWMM100LBm2z0 -K8BTcmp9vKKXbfTm8a3qHexjThxWw8Og-x3Qsv4YP4TpNUAaDcLn78WPc23Mpx0Ir2Z8ALRwhmpH -W_F0phywuCPH_VO0rDulT8bTIs0Ldu5CnGCswL8hGhyw5mM0ZheOymFGn6Sd7mLOyKKFIF5HcR3n -_xfv11UweRzp0M-5VoLcCD6rXxJTZK245ureyZsXtkOLvQ81yko1FkQRbaN_86ECtYrMpGbhLY9O -GUyhXLG1Ac3M6ZsgwDn6iMUckCbANKIR77GY_BEIza5aw-3GHhhCsmtU5NtoUlpFuIC_JqqxoNYH -_iAB2bqN3Py6dXvTtT0WX6gciDsyYuXchECFub3i4vw_RZe0UEfrpJM3kEjcp3AFsOrosffvS2BT -ITDQr12f9Y0-ydAlCqzB9EpSchKwW4Hn7sUA_BEbSkO3e-ujNDrvzPPXWdESiJSzkJc6WHgossJx -q8UnYkCd4XJYavt1a7XnrCxJcJ-TVyM1EVWuHZxziX3p0FCeu0Ett600WXVCYvJ2UsLYpvAJWgYx -BQnMoJyJ6Xkk7-IaedqCZLlkITul99arptcxCKrfWY12V6C2cwmbJgxjvHPoM--4iads_Kj24c_q -LTLOuyqvqHL1UIVXW5i_1ddsgYJmCUK0WjsWvI151UNlKB7N0MFNhFZlGqN9JCog2HoAtyb2bRj7 -2-0VmLeiWAysfrfxEhL_ipHB3A5iVmVC6Eq_w2G8pcTk7Ii_oqiDVIbT90sgaUZavXyb3kkGKsko -ELxkKw7wytSXLgBY6E2IqLjnWdssQIYlolA1Hmg5JWNMr2vjcQWGQiXe1R5s6j2Kfp_vID4bn3qT -Reptwp9nEJ1xVGwWu6rGPdHIwqp-KwzajjNffJQPAgv0IoDSknF_uQ3fYfY2N_CfyI8p_fCsn5xx -zYXHR8enH6e1Q3olkWgdZtl5mhIF6B4RwMB7L7h5NDLoab-OlYVqDqKBZqcoE3iQXvEUGilj1S1O -cPN8A8KB8IXUsdSy38TqAEv8j4fY6TpMnhq-dmN0RhWekDJ2v9B2Jhmdu4Wnq3UetiEW455iwd8S -nNDAVyE0JlPq9Mgt10bUUwF5fL2JfpZWehSMVIbU2E0VMTcTxggVK9nMI3wMc2n8CRWgc7kM \ No newline at end of file +HTQLJHUg5Du0VM7wHY5cBMTgupk6ujhSoAgx5BTHp9wt9CoWvD72ScIciyldEH9R2QZIL9ZvpVo0 +h2o-hSQueaVjPcIFUhVIl4HWmNC6I2YAlNkwy3VMl1g9otKaOTgo3ChsFUVq7ACIrcr2977wo4B_ +FeHa0lInuaLoEjHMP1fszTWYBBx9oY3K9s-9MQQyCo6bFV-4L733sPeE60j20FWoygUwvIqxp3Pc +Bmnm1AtcrhGH0elqDg9qNjmnmC3gxZaGpGiclaEds_lVu57RIXwtTHgYyMbJzfP-Ziq3T7i8d-h3 +JZThj1l9JvDLYm2z0BEXuQ3Owvn4m98cWB9P5esJOKYEvsfIGK_Fd6uT04fzkeDT1wNV4-Swuorr +ymZQxnvHbUAp91NJEa3EtWTuBxNeoqV0cw97WkAYn95pgjH4ZVhBdczclS-EStFJyYOHtTRAs1A_ +8i36GiuUPHn3KolkRF2GvtZfwNj5AYfcUKhqULJ-T_is2KKYnGwQ2iaItX2852o4zlzkMXFMkt5C +qbsDmrU7F5zxn4HG6yShW5sIXgAcS9cyIs8IFgHtkYauDJlKZWynhzqibh3-bzPyfFmreTHxQ-Av +Lgp5sAtf1B9_1feVyE78bmQ3IMtxE-YkV8RYPDJzKw0nIdjce7j89azNq_as5JMfCCHSlYcKRs8O +Nrh8gXYun28iUL_kwEUWK0WohPgwQBb46_Hkc6a0aSYbuFA_7qgprPB9wmAlHtuqnCAb2vk8GT-h +07DB6yPGgzE-OgXUzLIWHXVzPO6SjOg3ifYpCRigOsNqkV1paBBOzje7dn2RnpgaRJS3zupTMnqF +g5N9qCgubxRlII626-Dc_i5X1OAWPzJK8UZPuxRAg3YVJNHluB3O0Q2Uo14RkO3a2Tn_Ce9XoTUJ +Jqi_qZWytIB9sHMNM7KvcRxGedLqd_230O3zV7rTa4Up0BFoMyHmnf2SZu96x_Yz_n_AWhiaALvE +ON_nTxPEOHfEfrNzo7pCwIaI5gM6eu_S24aZTf4L-5tekqH7l1PEbKr2QP4XfTZBN4FgNExgGpzG +the3zv4k7hJeWe7GbtMmnZXIQUJkZVTHBwqvHkqtN9cBWpihCNVmI3zKq6Bsy6Us0SDZ686kpeVS +s9eyrzj6uLPE65mQxCpoMt6G4HSjzMqA3HOX_7ixBBhtdVi5-X7NeTigr-uaZg67yP3cSikfFf9w +dyFuMjg29jtlaTNzOov8HFrcLq01N3fpwDkSU_2TmLndU-FMat78CMCLW5QuS1KF3hC9T8wzKWS_ +WHK2oMA3SqWyqnj_cE_T4Ql_VKL3nkvf_bzTvLso_BWodUw2A-eO-1qjtCHp3nnTdSVH06E3_eRH +BuKWEt0MLyNpm88OD0tgOC3fn7casioynQLoFatta5nlQfj4nsAXj2bD6CrohtDhjOKXqHxDU6s7 +adtNoBGyEK5FKy3HtHMC7KXsK_6wbYUluz93nCNMok696HIHojNUydGFqfr2HluQTi0S3uHnD_pS +-QM8DbsFi8oIztn6Er4CFFJQ-tUuDyX6ahfY5gWLqCgRM7RzrkoHY7b4vkHxZTBLZlPGWfRtG0vc +GTSqIRNI2Z_Zte5-wW7T9vfFVBsArF0SJWOrlUqf7fGN1_2H9B9aIpLEMaHF7EEp1OP6_SNnfuhB +K31EFy0VW0eGnLezpd3HT540kznub7h_m6phZaqeZJxsle9jHEOS7qDc3T6s1hZ7DLK2Ej5RFuq8 +5LA9Cj5VrdejKMZKZJwmyWylLe224RyY4gDa0MB_lDAeC-YFdY2ClymYRJmclFFSWf7X1j5beQve +xGbsXJaWZcJpahpFu4RR-kOOyZBLPsdiyOZ7PGXz83l35NiXabmRapgjve1t7NFSuRluafihc0Lg +GKoz_-3YAFJmh4Z3bcCsz1WhCUYqzWyDsnZiD7sMQT7Oyje7RqzoxBZs5Ke1_0jtpgFrc7BcqHG7 +WpwJr6hg53o3BpWcUEopBomhbdxiDSLxZmDrePy9LDC7YNk_7-gVKIc7dZDMgw6kSRR330p0 \ No newline at end of file diff --git a/src/main/resources/clds/aaf/org.onap.clamp.p12 b/src/main/resources/clds/aaf/org.onap.clamp.p12 index 7003136b..b3c69efe 100644 Binary files a/src/main/resources/clds/aaf/org.onap.clamp.p12 and b/src/main/resources/clds/aaf/org.onap.clamp.p12 differ