public static final String CADI_LOGDIR = "cadi_log_dir";
public static final String CADI_ETCDIR = "cadi_etc_dir";
public static final String CADI_LOGNAME = "cadi_logname";
+// public static final String CADI_LOGFMT="cad_logging_format";
+// public static final String CADI_LOGFMT_UTC="UTC";
+// public static final String CADI_LOGFMT_ISO8601="ISO-8601";
public static final String CADI_KEYFILE = "cadi_keyfile";
public static final String CADI_KEYSTORE = "cadi_keystore";
public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password";
public static final String CADI_ALIAS = "cadi_alias";
+ public static final String CADI_CLIENT_ALIAS = "cadi_client_alias";
public static final String CADI_LOGINPAGE_URL = "cadi_loginpage_url";
public static final String CADI_LATITUDE = "cadi_latitude";
public static final String CADI_LONGITUDE = "cadi_longitude";
public static final String CADI_TOKEN_DIR = "cadi_token_dir";
public static final String HTTPS_PROTOCOLS = "https.protocols";
- public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites";
public static final String HTTPS_CLIENT_PROTOCOLS="jdk.tls.client.protocols";
+ public static final String HTTPS_PROTOCOLS_DEFAULT = "TLSv1.1,TLSv1.2";
+ public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites";
public static final String HTTPS_CIPHER_SUITES_DEFAULT="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,"
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,"
public static final String AAF_ROOT_NS = "aaf_root_ns";
public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
public static final String AAF_ROOT_COMPANY = "aaf_root_company";
+ /**
+ * Use Config.getAAFLocateUrl(access) to get correct property in/out of container
+ */
public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
public static final String AAF_DEFAULT_API_VERSION = "2.1";
+ public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version";
public static final String AAF_API_VERSION = "aaf_api_version";
- public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
- public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:" + AAF_DEFAULT_API_VERSION;
- public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:" + AAF_DEFAULT_API_VERSION;
- public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:" + AAF_DEFAULT_API_VERSION;
- public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:" + AAF_DEFAULT_API_VERSION;
- public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.hello:" + AAF_DEFAULT_API_VERSION;
- public static final String OAUTH2_TOKEN_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:" + AAF_DEFAULT_API_VERSION +"/token";
- public static final String OAUTH2_INTROSPECT_URL_DEF = "https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:" + AAF_DEFAULT_API_VERSION +"/introspect";;
-
+ public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
// AAF Locator Entries are ADDITIONAL entries, which also gives the Property ability
// to set these entries manually
public static final String AAF_LOCATOR_VERSION = "aaf_locator_version";
public static final String AAF_LOCATOR_PROTOCOL = "aaf_locator_protocol";
public static final String AAF_LOCATOR_SUBPROTOCOL = "aaf_locator_subprotocol";
- public static final String AAF_LOCATOR_NS = "aaf_locator_ns";
+ public static final String AAF_LOCATOR_APP_NS = "aaf_locator_app_ns";
public static final String AAF_LOCATOR_ENTRIES = "aaf_locator_entries";
public static final String AAF_LOCATOR_FQDN = "aaf_locator_fqdn";
public static final String AAF_LOCATOR_NAME = "aaf_locator_name";
public static final String AAF_LOCATOR_PUBLIC_PORT = "aaf_locator_public_port";
- public static final String AAF_LOCATOR_PUBLIC_HOSTNAME = "aaf_locator_public_hostname";
+ public static final String AAF_LOCATOR_PUBLIC_FQDN = "aaf_locator_public_fqdn";
+ public static final String AAF_LOCATOR_PUBLIC_NAME = "aaf_locator_public_name";
+
+ // AAF Service will write to the Audit Log if a past due AAF stored Password
+ // is being used within # of days specified.
+ public static final String AAF_CRED_WARN_DAYS="aaf_cred_warn_days";
+ public static final String AAF_CRED_WARN_DAYS_DFT="7";
public static final String AAF_APPID = "aaf_id";
public static final String AAF_APPPASS = "aaf_password";
public static final String AAF_CERT_IDS = "aaf_cert_ids";
public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
- public static final String AAF_RELEASE = "aaf_release";
- public static final String GW_URL = "gw_url";
- public static final String CM_URL = "cm_url";
+ public static final String AAF_URL_OAUTH = "aaf_url_oauth";
+ public static final String AAF_URL_GUI="aaf_url_gui";
+ public static final String AAF_URL_FS="aaf_url_fs";
+ public static final String AAF_URL_CM = "aaf_url_cm";
+ public static final String AAF_URL_CM_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:"+AAF_DEFAULT_API_VERSION;
+ public static final String AAF_URL_HELLO = "aaf_url_hello";
public static final String CM_TRUSTED_CAS = "cm_trusted_cas";
+ // let NS Owners choose with <ns>.certman aaf ignoreIPs" to ignoreIP Check for Configs
+ // Probably only want to allow in a DEV Env.
+ public static final String CM_ALLOW_IGNORE_IPS="cm_allow_ignore_ips";
public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern";
public static final String PATHFILTER_STACK = "pathfilter_stack";
}
access.log(Level.INIT, sb);
- Locator<URI> locator = loadLocator(si, logProp(rph, AAF_LOCATE_URL, null));
+ Locator<URI> locator = loadLocator(si, aafURL);
taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null
String level = logProp(access, CADI_LOGLEVEL, null);
if (rv == null) {
rph.access().log(Level.INIT,tag,"is not explicitly set");
} else {
- rv = rph.replacements(rv, null, null);
+ rv = rph.replacements("Config.logProp",rv, null, null);
rph.access().log(Level.INIT,tag,"is set to",rv);
}
return rv;
if (_url==null) {
access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled");
} else {
+ try {
+ Class<?> aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator");
+ Method aalMth = aalCls.getMethod("create", String.class,String.class);
+ int colon = _url.lastIndexOf(':');
+ if(colon>=0) {
+ int slash = _url.indexOf('/',colon);
+ String version;
+ if(slash<0) {
+ version = _url.substring(colon+1);
+ } else {
+ version = _url.substring(colon+1,slash);
+ }
+ slash = _url.lastIndexOf('/',colon);
+ if(slash>=0) {
+ Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version);
+ return (Locator<URI>)aal;
+ }
+ }
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ String msg;
+ char quote;
+ if(e.getCause()!=null) {
+ msg=e.getCause().getMessage();
+ quote='"';
+ } else {
+ msg = "-";
+ quote=' ';
+ }
+ access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote);
+ }
// String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS.");
// String root_ns = access.getProperty(Config.AAF_ROOT_NS, null);
String url;
RegistrationPropHolder rph;
try {
rph = new RegistrationPropHolder(access, 0);
- url = rph.replacements(_url, null, null);
+ url = rph.replacements("Config.loadLocator",_url, null, null);
access.printf(Level.INFO, "loadLocator URL is %s",url);
} catch (UnknownHostException | CadiException e1) {
throw new LocatorException(e1);
}
-
+
+ String aaf_locator_class;
+ if(_url.equals(url) && !url.contains("/locate/")) {
+ aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator";
+ } else {
+ aaf_locator_class = AAF_LOCATOR_CLASS_DEF;
+ }
try {
- Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
+ Class<?> lcls = loadClass(access,aaf_locator_class);
if (lcls==null) {
throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
}
// First check for preloaded
try {
- Method meth = lcls.getMethod("create",String.class);
- locator = (Locator<URI>)meth.invoke(null,url);
+ Method meth = lcls.getMethod("create",Access.class,String.class);
+ locator = (Locator<URI>)meth.invoke(null,access,url);
} catch (Exception e) {
- access.log(Level.DEBUG, "(Not fatal) Cannot load by create(String)", e);
+ access.log(Level.NONE, "(Not fatal) Cannot load by create(String)", e);
}
if (locator==null) {
URI locatorURI = new URI(url);
public static String getDefaultRealm() {
return defaultRealm;
}
+
+ public static String getAAFLocateUrl(Access access) {
+ String rv = null;
+ String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null);
+ if(cont!=null) {
+ rv = access.getProperty(AAF_LOCATE_URL + '.' +cont, null);
+ }
+ if(rv==null) {
+ rv = access.getProperty(AAF_LOCATE_URL, null);
+ }
+ return rv;
+ }
private static class Priori<T> implements Comparable<Priori<T>> {
public final T t;
Code Review / aaf / authz.git / blobdiff