From 34400eeebc299cbf8e4335a7bee937753554bed5 Mon Sep 17 00:00:00 2001 From: "Determe, Sebastien (sd378r)" Date: Thu, 16 Nov 2017 13:22:49 +0100 Subject: [PATCH] Rework CryptoUtils CryptoUtils now takes the key from a file located in the resource not in spring file Change-Id: I002978d292550e6173efb4324cbb977f35d7e753 Issue-ID: CLAMP-74 Signed-off-by: Determe, Sebastien (sd378r) --- .../config/EncodedPasswordBasicDataSource.java | 11 +-- .../java/org/onap/clamp/clds/util/CryptoUtils.java | 102 ++++++++++++--------- src/main/resources/application.properties | 5 +- .../resources/clds/clds-policy-config.properties | 4 +- src/main/resources/clds/clds-reference.properties | 7 +- src/main/resources/clds/key.properties | 1 + .../CryptoUtilsTest.java} | 54 ++++++----- .../resources/application-no-camunda.properties | 6 +- src/test/resources/clds/clds-reference.properties | 3 +- src/test/resources/clds/key.properties | 1 + src/test/resources/https/https-test.properties | 5 +- 11 files changed, 110 insertions(+), 89 deletions(-) create mode 100644 src/main/resources/clds/key.properties rename src/test/java/org/onap/clamp/clds/{it/CryptoUtilsItCase.java => util/CryptoUtilsTest.java} (51%) create mode 100644 src/test/resources/clds/key.properties diff --git a/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java b/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java index 3862a5ac..453689be 100644 --- a/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java +++ b/src/main/java/org/onap/clamp/clds/config/EncodedPasswordBasicDataSource.java @@ -28,25 +28,20 @@ import com.att.eelf.configuration.EELFManager; import java.security.GeneralSecurityException; +import org.apache.commons.codec.DecoderException; import org.apache.commons.dbcp.BasicDataSource; import org.onap.clamp.clds.util.CryptoUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.DependsOn; -import org.springframework.stereotype.Component; /** * This class is an extension of the standard datasource, it will be used to * decode the encoded password defined in the application.properties. * */ -@Component("EncodedPasswordBasicDataSource") -@DependsOn(value = { "CryptoUtils" }) public class EncodedPasswordBasicDataSource extends BasicDataSource { protected static final EELFLogger logger = EELFManager.getInstance() .getLogger(EncodedPasswordBasicDataSource.class); protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); - @Autowired - private CryptoUtils cryptoUtils; + private CryptoUtils cryptoUtils = new CryptoUtils(); /** * The default constructor calling the parent one. @@ -64,6 +59,8 @@ public class EncodedPasswordBasicDataSource extends BasicDataSource { this.password = cryptoUtils.decrypt(encodedPassword); } catch (GeneralSecurityException e) { logger.error("Unable to decrypt the DB password", e); + } catch (DecoderException e) { + logger.error("Exception caught when decoding the HEX String Key for encryption", e); } } } \ No newline at end of file diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java index 4b72c6fd..8dbdc77d 100644 --- a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java +++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java @@ -23,26 +23,54 @@ package org.onap.clamp.clds.util; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; +import java.security.SecureRandom; +import java.util.Properties; import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; -import org.springframework.stereotype.Component; +import org.apache.commons.codec.DecoderException; +import org.apache.commons.codec.binary.Hex; +import org.apache.commons.lang3.ArrayUtils; /** * CryptoUtils for encrypting/decrypting string based on a Key defined in * application.properties (Spring config file). * */ -@Component("CryptoUtils") -@Order(Ordered.HIGHEST_PRECEDENCE) public final class CryptoUtils { - public static final String AES = "AES"; - public static final String KEY_PARAM = "org.onap.clamp.encryption.aes.key"; - private SecretKeySpec secretKeySpec = getSecretKeySpec("aa3871669d893c7fb8abbcda31b88b4f"); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(CryptoUtils.class); + // Openssl commands: + // Encrypt: echo -n "123456" | openssl aes-128-cbc -e -K + // -iv <16 Hex Bytes iv> | xxd -u -g100 + // Final result is to put in properties file is: IV + Outcome of openssl + // command + // ************************************************************ + // Decrypt: echo -n 'Encrypted string' | xxd -r -ps | openssl aes-128-cbc -d + // -K + // -iv <16 Bytes IV extracted from Encrypted String> + private static final String ALGORITHM = "AES"; + private static final String ALGORYTHM_DETAILS = ALGORITHM + "/CBC/PKCS5PADDING"; + private static final int BLOCK_SIZE = 128; + private static final String KEY_PARAM = "org.onap.clamp.encryption.aes.key"; + private static SecretKeySpec secretKeySpec = null; + private IvParameterSpec ivspec; + static { + Properties props = new Properties(); + try { + props.load(ResourceFileUtil.getResourceAsStream("clds/key.properties")); + secretKeySpec = getSecretKeySpec(props.getProperty(KEY_PARAM)); + } catch (IOException | DecoderException e) { + logger.error("Exception occurred during the key reading", e); + } + } /** * Encrypt a value based on the Clamp Encryption Key. @@ -51,16 +79,21 @@ public final class CryptoUtils { * @return The encrypted string * @throws GeneralSecurityException * In case of issue with the encryption + * @throws UnsupportedEncodingException + * In case of issue with the charset conversion */ - public String encrypt(String value) throws GeneralSecurityException { - Cipher cipher = Cipher.getInstance(CryptoUtils.AES); - cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, cipher.getParameters()); - byte[] encrypted = cipher.doFinal(value.getBytes()); - return byteArrayToHexString(encrypted); + public String encrypt(String value) throws GeneralSecurityException, UnsupportedEncodingException { + Cipher cipher = Cipher.getInstance(CryptoUtils.ALGORYTHM_DETAILS, "SunJCE"); + SecureRandom r = SecureRandom.getInstance("SHA1PRNG"); + byte[] iv = new byte[BLOCK_SIZE / 8]; + r.nextBytes(iv); + ivspec = new IvParameterSpec(iv); + cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivspec); + return Hex.encodeHexString(ArrayUtils.addAll(iv, cipher.doFinal(value.getBytes("UTF-8")))); } /** - * Decrypt a value. + * Decrypt a value based on the Clamp Encryption Key * * @param message * The encrypted string that must be decrypted using the Clamp @@ -68,38 +101,21 @@ public final class CryptoUtils { * @return The String decrypted * @throws GeneralSecurityException * In case of issue with the encryption + * @throws DecoderException + * In case of issue to decode the HexString */ - public String decrypt(String message) throws GeneralSecurityException { - Cipher cipher = Cipher.getInstance(CryptoUtils.AES); - cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); - byte[] decrypted = cipher.doFinal(hexStringToByteArray(message)); + public String decrypt(String message) throws GeneralSecurityException, DecoderException { + byte[] encryptedMessage = Hex.decodeHex(message.toCharArray()); + Cipher cipher = Cipher.getInstance(CryptoUtils.ALGORYTHM_DETAILS, "SunJCE"); + ivspec = new IvParameterSpec(ArrayUtils.subarray(encryptedMessage, 0, BLOCK_SIZE / 8)); + byte[] realData = ArrayUtils.subarray(encryptedMessage, BLOCK_SIZE / 8, encryptedMessage.length); + cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivspec); + byte[] decrypted = cipher.doFinal(realData); return new String(decrypted); } - private SecretKeySpec getSecretKeySpec(String keyString) { - byte[] key = hexStringToByteArray(keyString); - return new SecretKeySpec(key, CryptoUtils.AES); - } - - private String byteArrayToHexString(byte[] b) { - StringBuilder sb = new StringBuilder(b.length * 2); - for (int i = 0; i < b.length; i++) { - int v = b[i] & 0xff; - if (v < 16) { - sb.append('0'); - } - sb.append(Integer.toHexString(v)); - } - return sb.toString().toUpperCase(); - } - - private byte[] hexStringToByteArray(String s) { - byte[] b = new byte[s.length() / 2]; - for (int i = 0; i < b.length; i++) { - int index = i * 2; - int v = Integer.parseInt(s.substring(index, index + 2), 16); - b[i] = (byte) v; - } - return b; + private static SecretKeySpec getSecretKeySpec(String keyString) throws DecoderException { + byte[] key = Hex.decodeHex(keyString.toCharArray()); + return new SecretKeySpec(key, CryptoUtils.ALGORITHM); } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 8155cb2b..321d88e1 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -96,7 +96,7 @@ kubernetes.namespace=com-att-ajsc spring.datasource.camunda.driverClassName=org.mariadb.jdbc.Driver spring.datasource.camunda.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/camundabpm?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.camunda.username=camunda -spring.datasource.camunda.password=D75B89195FD913848EA11416F755390E +spring.datasource.camunda.password=e1bb2a8381d1aa6c09879bd627db3bb560ad29e8a3343fe6aa7e6a7ba622da4e spring.datasource.camunda.validationQuery=SELECT 1 spring.datasource.camunda.validationQueryTimeout=20000 spring.datasource.camunda.validationInterval=30000 @@ -117,7 +117,7 @@ camunda.bpm.database.schema-update=false spring.datasource.cldsdb.driverClassName=org.mariadb.jdbc.Driver spring.datasource.cldsdb.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.cldsdb.username=clds -spring.datasource.cldsdb.password=035F8819FEBB754F3C99ECCCC1259850 +spring.datasource.cldsdb.password=4c90a0b48204383f4283448d23e0b885a47237b2a23588e7c4651604f51c1067 spring.datasource.cldsdb.validationQuery=SELECT 1 spring.datasource.cldsdb.validationQueryTimeout=20000 spring.datasource.cldsdb.validationInterval=30000 @@ -144,7 +144,6 @@ org.onap.clamp.config.files.cldsReference=classpath:/clds/clds-reference.propert org.onap.clamp.config.files.cldsPolicyConfig=classpath:/clds/clds-policy-config.properties org.onap.clamp.config.files.cldsUsers=classpath:/clds/clds-users.json org.onap.clamp.config.files.globalClds=classpath:/clds/globalClds.properties -org.onap.clamp.encryption.aes.key=aa3871669d893c7fb8abbcda31b88b4f #Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case ! CLDS_PERMISSION_TYPE_CL=permission-type-cl diff --git a/src/main/resources/clds/clds-policy-config.properties b/src/main/resources/clds/clds-policy-config.properties index b812ffa7..54b92772 100644 --- a/src/main/resources/clds/clds-policy-config.properties +++ b/src/main/resources/clds/clds-policy-config.properties @@ -20,6 +20,7 @@ # =================================================================== # ECOMP is a trademark and service mark of AT&T Intellectual Property. ### + # Configuration Settings for Policy Engine Components PDP_URL1=http://vm1.policy.simpledemo.onap.org:8081/pdp/ , testpdp, alpha123 PDP_URL2=http://vm1.policy.simpledemo.onap.org:8081/pdp/ , testpdp, alpha123 @@ -28,7 +29,8 @@ NOTIFICATION_UEB_SERVERS=localhost NOTIFICATION_TOPIC= CLIENT_ID=myclientid # base64 encoding -CLIENT_KEY=ChlakDuk +#CLIENT_KEY=ChlakDuk +CLIENT_KEY=5CE79532B3A2CB4D132FC0C04BF916A7 #DEVL for development #TEST for Test environments #PROD for prod environments diff --git a/src/main/resources/clds/clds-reference.properties b/src/main/resources/clds/clds-reference.properties index 72308a94..a8382cb0 100644 --- a/src/main/resources/clds/clds-reference.properties +++ b/src/main/resources/clds/clds-reference.properties @@ -81,14 +81,14 @@ sdc.catalog.url=http://sdc.api.simpledemo.onap.org:8080/sdc/v1/catalog/ sdc.hostUrl=http://sdc.api.simpledemo.onap.org:8080 sdc.serviceUrl=http://sdc.api.simpledemo.onap.org:8080/sdc/v1/catalog/services sdc.serviceUsername=test -sdc.servicePassword=A7CADD84A22398C980847A54D23E24E9 +sdc.servicePassword=aa2871669d793c7fb7abbcda31b88b4c29bf2982755b25f08f8d0130539c11b0 sdc.artifactLabel=blueprintclampcockpit sdc.sdcX-InstanceID=CLAMP sdc.artifactType=DCAE_INVENTORY_BLUEPRINT sdc.locationArtifactLabel=locationclampcockpit sdc.locationArtifactType=DCAE_INVENTORY_JSON sdc.InstanceID=X-ECOMP-InstanceID -# +sdc.header.requestId = X-ECOMP-RequestID # # ui.location.default={"DC1":"Data Center 1","DC2":"Data Center 2","DC3":"Data Center 3"} @@ -104,5 +104,6 @@ CLDS_SERVICE_CACHE_MAX_SECONDS=30 DCAE_INVENTORY_URL = https://dcae.api.simpledemo.onap.org:8080 #DCAE Dispatcher Url Properties -DCAE_DISPATCHER_URL = https://dcae.api.simpledemo.onap.org:8443 +DCAE_DISPATCHER_URL = https://dcae.api.simpledemo.onap.org:8443 +dcae.header.requestId = "X-ECOMP-RequestID" diff --git a/src/main/resources/clds/key.properties b/src/main/resources/clds/key.properties new file mode 100644 index 00000000..dda81104 --- /dev/null +++ b/src/main/resources/clds/key.properties @@ -0,0 +1 @@ +org.onap.clamp.encryption.aes.key=aa3871669d893c7fb8abbcda31b88b4f \ No newline at end of file diff --git a/src/test/java/org/onap/clamp/clds/it/CryptoUtilsItCase.java b/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java similarity index 51% rename from src/test/java/org/onap/clamp/clds/it/CryptoUtilsItCase.java rename to src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java index f03fe83c..6fe44755 100644 --- a/src/test/java/org/onap/clamp/clds/it/CryptoUtilsItCase.java +++ b/src/test/java/org/onap/clamp/clds/util/CryptoUtilsTest.java @@ -21,56 +21,60 @@ * ECOMP is a trademark and service mark of AT&T Intellectual Property. */ -package org.onap.clamp.clds.it; +package org.onap.clamp.clds.util; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertNotNull; +import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; +import org.apache.commons.codec.DecoderException; +import org.apache.commons.codec.binary.Hex; +import org.apache.commons.lang3.ArrayUtils; import org.junit.Test; -import org.junit.runner.RunWith; -import org.onap.clamp.clds.util.CryptoUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.TestPropertySource; -import org.springframework.test.context.junit4.SpringRunner; /** * Test Crypto Utils with Spring. */ -@RunWith(SpringRunner.class) -@SpringBootTest -@TestPropertySource(locations = "classpath:application-no-camunda.properties") -public class CryptoUtilsItCase { - @Autowired - private CryptoUtils cryptoUtils; +public class CryptoUtilsTest { + private CryptoUtils cryptoUtils = new CryptoUtils(); + final String data = "This is a test string"; /** * This method tests encryption. * * @throws GeneralSecurityException + * @throws DecoderException + * @throws UnsupportedEncodingException */ @Test - public final void testEncryption() throws GeneralSecurityException { - final String testData = "This is a test string"; - final String encodedStringExpected = "A5CB112C9F608A220B35AFED08024D98B9653333AF4C9527C2E934DE473F6145"; - String encodedString = cryptoUtils.encrypt(testData); + public final void testEncryption() throws GeneralSecurityException, DecoderException, UnsupportedEncodingException { + String encodedString = cryptoUtils.encrypt(data); assertNotNull(encodedString); - assertEquals(encodedStringExpected, encodedString); + assertEquals(data, cryptoUtils.decrypt(encodedString)); } /** - * This method tests decryption. + * This method tests encryption. * * @throws GeneralSecurityException + * @throws DecoderException + * @throws UnsupportedEncodingException */ @Test - public final void testDecryption() throws GeneralSecurityException { - final String decodedStringExpected = "This is a test string"; - final String encodedString = "A5CB112C9F608A220B35AFED08024D98B9653333AF4C9527C2E934DE473F6145"; - String decryptedString = cryptoUtils.decrypt(encodedString); - assertNotNull(decryptedString); - assertEquals(decodedStringExpected, decryptedString); + public final void testEncryptedStringIsDifferent() + throws GeneralSecurityException, DecoderException, UnsupportedEncodingException { + String encodedString1 = cryptoUtils.encrypt(data); + String encodedString2 = cryptoUtils.encrypt(data); + byte[] encryptedMessage1 = Hex.decodeHex(encodedString1.toCharArray()); + byte[] encryptedMessage2 = Hex.decodeHex(encodedString2.toCharArray()); + assertNotNull(encryptedMessage1); + assertNotNull(encryptedMessage2); + assertNotEquals(encryptedMessage1, encryptedMessage2); + byte[] subData1 = ArrayUtils.subarray(encryptedMessage1, 16, encryptedMessage1.length); + byte[] subData2 = ArrayUtils.subarray(encryptedMessage2, 16, encryptedMessage2.length); + assertNotEquals(subData1, subData2); } } \ No newline at end of file diff --git a/src/test/resources/application-no-camunda.properties b/src/test/resources/application-no-camunda.properties index f8727946..ece42484 100644 --- a/src/test/resources/application-no-camunda.properties +++ b/src/test/resources/application-no-camunda.properties @@ -97,7 +97,7 @@ kubernetes.namespace=com-att-ajsc spring.datasource.camunda.driverClassName=org.mariadb.jdbc.Driver spring.datasource.camunda.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/camundabpm?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.camunda.username=camunda -spring.datasource.camunda.password=D75B89195FD913848EA11416F755390E +spring.datasource.camunda.password=e1bb2a8381d1aa6c09879bd627db3bb560ad29e8a3343fe6aa7e6a7ba622da4e spring.datasource.camunda.validationQuery=SELECT 1 spring.datasource.camunda.validationQueryTimeout=20000 spring.datasource.camunda.validationInterval=30000 @@ -122,7 +122,7 @@ camunda.bpm.metrics.enabled=false spring.datasource.cldsdb.driverClassName=org.mariadb.jdbc.Driver spring.datasource.cldsdb.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.cldsdb.username=clds -spring.datasource.cldsdb.password=035F8819FEBB754F3C99ECCCC1259850 +spring.datasource.cldsdb.password=4c90a0b48204383f4283448d23e0b885a47237b2a23588e7c4651604f51c1067 spring.datasource.cldsdb.validationQuery=SELECT 1 spring.datasource.cldsdb.validationQueryTimeout=20000 spring.datasource.cldsdb.validationInterval=30000 @@ -149,7 +149,7 @@ org.onap.clamp.config.files.cldsReference=classpath:/clds/clds-reference.propert org.onap.clamp.config.files.cldsPolicyConfig=classpath:/clds/clds-policy-config.properties org.onap.clamp.config.files.cldsUsers=classpath:/clds/clds-users.json org.onap.clamp.config.files.globalClds=classpath:/clds/globalClds.properties -org.onap.clamp.encryption.aes.key=aa3871669d893c7fb8abbcda31b88b4f + #Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case ! CLDS_PERMISSION_TYPE_CL=permission-type-cl diff --git a/src/test/resources/clds/clds-reference.properties b/src/test/resources/clds/clds-reference.properties index 0657fe7b..83f7351a 100644 --- a/src/test/resources/clds/clds-reference.properties +++ b/src/test/resources/clds/clds-reference.properties @@ -81,13 +81,14 @@ sdc.catalog.url=http://127.0.0.1:8080/sdc/v1/catalog/ sdc.hostUrl=http://127.0.0.1:8080 sdc.serviceUrl=http://127.0.0.1:8080/sdc/v1/catalog/services sdc.serviceUsername=test -sdc.servicePassword=123456 +sdc.servicePassword=aa2871669d793c7fb7abbcda31b88b4c29bf2982755b25f08f8d0130539c11b0 sdc.artifactLabel=blueprintclampcockpit sdc.sdcX-InstanceID=CLAMP sdc.artifactType=DCAE_INVENTORY_BLUEPRINT sdc.locationArtifactLabel=LocationClampCockpit sdc.locationArtifactType=DCAE_INVENTORY_JSON sdc.InstanceID=X-ONAP-InstanceID +sdc.header.requestId = X-ECOMP-RequestID # # # diff --git a/src/test/resources/clds/key.properties b/src/test/resources/clds/key.properties new file mode 100644 index 00000000..dda81104 --- /dev/null +++ b/src/test/resources/clds/key.properties @@ -0,0 +1 @@ +org.onap.clamp.encryption.aes.key=aa3871669d893c7fb8abbcda31b88b4f \ No newline at end of file diff --git a/src/test/resources/https/https-test.properties b/src/test/resources/https/https-test.properties index 58345d06..bd84242e 100644 --- a/src/test/resources/https/https-test.properties +++ b/src/test/resources/https/https-test.properties @@ -96,7 +96,7 @@ kubernetes.namespace=com-att-ajsc spring.datasource.camunda.driverClassName=org.mariadb.jdbc.Driver spring.datasource.camunda.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/camundabpm?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.camunda.username=camunda -spring.datasource.camunda.password=D75B89195FD913848EA11416F755390E +spring.datasource.camunda.password=e1bb2a8381d1aa6c09879bd627db3bb560ad29e8a3343fe6aa7e6a7ba622da4e spring.datasource.camunda.validationQuery=SELECT 1 spring.datasource.camunda.validationQueryTimeout=20000 spring.datasource.camunda.validationInterval=30000 @@ -122,7 +122,7 @@ camunda.bpm.metrics.enabled=false spring.datasource.cldsdb.driverClassName=org.mariadb.jdbc.Driver spring.datasource.cldsdb.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647 spring.datasource.cldsdb.username=clds -spring.datasource.cldsdb.password=035F8819FEBB754F3C99ECCCC1259850 +spring.datasource.cldsdb.password=4c90a0b48204383f4283448d23e0b885a47237b2a23588e7c4651604f51c1067 spring.datasource.cldsdb.validationQuery=SELECT 1 spring.datasource.cldsdb.validationQueryTimeout=20000 spring.datasource.cldsdb.validationInterval=30000 @@ -149,7 +149,6 @@ org.onap.clamp.config.files.cldsReference=classpath:/clds/clds-reference.propert org.onap.clamp.config.files.cldsPolicyConfig=classpath:/clds/clds-policy-config.properties org.onap.clamp.config.files.cldsUsers=classpath:/clds/clds-users.json org.onap.clamp.config.files.globalClds=classpath:/clds/globalClds.properties -org.onap.clamp.encryption.aes.key=aa3871669d893c7fb8abbcda31b88b4f #Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case ! CLDS_PERMISSION_TYPE_CL=permission-type-cl -- 2.16.6