+++ /dev/null
-/log4j.properties
+++ /dev/null
-##
-## AUTHZ Certman (authz-certman) Properties
-##
-
-hostname=_HOSTNAME_
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=_AFT_LATITUDE_
-AFT_LONGITUDE=_AFT_LONGITUDE_
-AFT_ENVIRONMENT=_AFT_ENVIRONMENT_
-DEPLOYED_VERSION=_ARTIFACT_VERSION_
-
-## Pull in common/security properties
-
-cadi_prop_files=_COMMON_DIR_/com.att.aaf.common.props:_COMMON_DIR_/com.att.aaf.props
-
-##DME2 related parameters
-DMEServiceName=service=com.att.authz.certman/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-AFT_DME2_PORT_RANGE=_AUTHZ_CERTMAN_PORT_RANGE_
-
-
-
+++ /dev/null
-/log4j.properties
+++ /dev/null
-##
-## AUTHZ API (authz-service) Properties
-##
-
-hostname=_HOSTNAME_
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=_AFT_LATITUDE_
-AFT_LONGITUDE=_AFT_LONGITUDE_
-AFT_ENVIRONMENT=_AFT_ENVIRONMENT_
-DEPLOYED_VERSION=_ARTIFACT_VERSION_
-
-cadi_prop_files=/opt/app/aaf/common/com.att.aaf.common.props:/opt/app/aaf/common/com.att.aaf.props
-
-DMEServiceName=service=com.att.authz.authz-fs/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-AFT_DME2_PORT_RANGE=_AUTHZ_FS_PORT_RANGE_
-AFT_DME2_SSL_ENABLE=false
-AFT_DME2_DISABLE_PERSISTENT_CACHE=true
-
-CFA_WebPath=/opt/app/aaf/public
-CFA_ClearCommand=FmzYPpMY918MwE1hyacoiFSt
-CFA_MaxSize=2000000
-
+++ /dev/null
-/authGUI.props
-/log4j.properties
.leaf(HTMLGen.LI).text("The Client must utilize HTTP/S. Non Secure HTTP is not acceptable").end()
.leaf(HTMLGen.LI).text("The Client MUST supply an Identity validated by one of the following mechanisms").end()
.incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("Valid Global Login Cookie (CSP)").end()
- .leaf(HTMLGen.LI).text("BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF").end()
- .leaf(HTMLGen.LI).text("BASIC AUTH protocol using ATTUID@csp.att.com, Global Login Password").end()
- .leaf(HTMLGen.LI).text("(Available 3rd Qtr 2015) Valid tGuard Login Cookie").end()
+ .leaf(HTMLGen.LI).text("BASIC AUTH protocol using Organization Registered AppID, provisioned in AAF").end()
.leaf(HTMLGen.LI).text("(Near Future) Application level Certificate").end()
.end()
.end()
public static final String HREF = "/gui/nsdetail";
public static final String NAME = "NsDetail";
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
public static enum NS_FIELD { OWNERS, ADMINS, ROLES, PERMISSIONS, CREDS};
private static final String BLANK = "";
private static Slot keySlot;
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String CSP_ATT_COM = "@csp.att.com";
private NsDetail nd;
public void set(NsDetail nsDetail) {
for (int i=0; i< values.size(); i++) {
AbsCell label = (i==0?new TextCell(sentenceCase(field)+":"):AbsCell.Null);
String user = values.get(i);
- AbsCell userCell = (user.endsWith(CSP_ATT_COM)?
- new RefCell(user,WEBPHONE + user.substring(0,user.indexOf('@')),true):new TextCell(user));
+ AbsCell userCell = (new TextCell(user));
rv.add(new AbsCell[] {
label,
userCell
import org.onap.aaf.auth.gui.Table;
import org.onap.aaf.auth.gui.Table.Cells;
import org.onap.aaf.auth.gui.table.AbsCell;
-import org.onap.aaf.auth.gui.table.RefCell;
import org.onap.aaf.auth.gui.table.TableData;
import org.onap.aaf.auth.gui.table.TextCell;
import org.onap.aaf.cadi.CadiException;
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String CSP_ATT_COM = "@csp.att.com";
private static final String[] headers = new String[] {"Date","User","Memo"};
private Slot name;
private Slot dates;
for (Item i : histItems) {
String user = i.getUser();
- AbsCell userCell = (user.endsWith(CSP_ATT_COM)?
- new RefCell(user,WEBPHONE + user.substring(0,user.indexOf('@')),true):new TextCell(user));
+ AbsCell userCell = new TextCell(user);
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String CSP_ATT_COM = "@csp.att.com";
final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
private static final String[] headers = new String[] {"Request Date","Status","Memo","Approver"};
prevTicket = ticket;
}
- AbsCell approverCell = null;
- if (approver.endsWith(CSP_ATT_COM)) {
- approverCell = new RefCell(approver, WEBPHONE + approverShort,true);
- } else {
- approverCell = new TextCell(approver);
- }
+ AbsCell approverCell = new TextCell(approver);
AbsCell[] sa = new AbsCell[] {
tsCell,
new TextCell(a.getStatus()),
import org.onap.aaf.auth.gui.Table;
import org.onap.aaf.auth.gui.Table.Cells;
import org.onap.aaf.auth.gui.table.AbsCell;
-import org.onap.aaf.auth.gui.table.RefCell;
import org.onap.aaf.auth.gui.table.TableData;
import org.onap.aaf.auth.gui.table.TextCell;
import org.onap.aaf.cadi.CadiException;
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String CSP_ATT_COM = "@csp.att.com";
private static final String[] headers = new String[] {"Date","User","Memo"};
private Slot sType;
private Slot sDates;
for (Item i : histItems) {
String user = i.getUser();
- AbsCell userCell = (user.endsWith(CSP_ATT_COM)?
- new RefCell(user,WEBPHONE + user.substring(0,user.indexOf('@')),true):new TextCell(user));
+ AbsCell userCell = new TextCell(user);
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
import org.onap.aaf.auth.gui.Table;
import org.onap.aaf.auth.gui.Table.Cells;
import org.onap.aaf.auth.gui.table.AbsCell;
-import org.onap.aaf.auth.gui.table.RefCell;
import org.onap.aaf.auth.gui.table.TableData;
import org.onap.aaf.auth.gui.table.TextCell;
import org.onap.aaf.cadi.CadiException;
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- private static final String CSP_ATT_COM = "@csp.att.com";
final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
private Slot sTicket;
public Model(AuthzEnv env) {
});
rv.add(new AbsCell[]{new TextCell("Operation:"),new TextCell(decodeOp(approval.getOperation()),"colspan=3")});
String user = approval.getUser();
- if (user.endsWith(CSP_ATT_COM)) {
- rv.add(new AbsCell[]{new TextCell("User:"),
- new RefCell(user,WEBPHONE + user.substring(0, user.indexOf("@")),true,"colspan=3")});
- } else {
- rv.add(new AbsCell[]{new TextCell("User:"),new TextCell(user,"colspan=3")});
- }
+ rv.add(new AbsCell[]{new TextCell("User:"),new TextCell(user,"colspan=3")});
// headers for listing each approver
rv.add(new AbsCell[]{new TextCell(" ","colspan=4","class=blank_line")});
approverLine[0] = AbsCell.Null;
}
- String approver = approval.getApprover();
- String approverShort = approver.substring(0,approver.indexOf('@'));
-
- if (approver.endsWith(CSP_ATT_COM)) {
- approverLine[1] = new RefCell(approver, WEBPHONE + approverShort,true);
- } else {
- approverLine[1] = new TextCell(approval.getApprover());
- }
-
+ approverLine[1] = new TextCell(approval.getApprover());
String type = approval.getType();
if ("owner".equalsIgnoreCase(type)) {
type = "resource owner";
*
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String CSP_ATT_COM = "@csp.att.com";
private static final String[] headers = new String[] {"Date","User","Memo"};
private Slot role;
private Slot dates;
for (Item i : histItems) {
String user = i.getUser();
- AbsCell userCell = (user.endsWith(CSP_ATT_COM)?
- new RefCell(user,WEBPHONE + user.substring(0,user.indexOf('@')),false):new TextCell(user));
+ AbsCell userCell = new TextCell(user);
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
+++ /dev/null
-/log4j.properties
-/logging.properties
+++ /dev/null
-##
-## AUTHZ GUI (authz-gui) Properties
-##
-
-hostname=_HOSTNAME_
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=_AFT_LATITUDE_
-AFT_LONGITUDE=_AFT_LONGITUDE_
-AFT_ENVIRONMENT=_AFT_ENVIRONMENT_
-DEPLOYED_VERSION=_ARTIFACT_VERSION_
-
-## Pull in common/security properties
-
-cadi_prop_files=_COMMON_DIR_/com.att.aaf.common.props:_COMMON_DIR_/com.att.aaf.props
-
-##DME2 related parameters
-DMEServiceName=service=com.att.authz.authz-gui/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-AFT_DME2_PORT_RANGE=_AUTHZ_HELLO_PORT_RANGE_
-
-# Turn on both AAF TAF & LUR 2.0
-aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-# 1 min cache changes (when left alone)
-aaf_user_expires=60000
-
-# CSP
-csp_domain=PROD
-
-
+++ /dev/null
-/authGW.props
-/log4j.properties
+++ /dev/null
-/log4j.properties
+++ /dev/null
-##
-## AAF OAUTH2 API (authz-oauth) Properties
-##
-
-# Standard AFT for this box
-hostname=_HOSTNAME_
-
-## DISCOVERY (DME2) Parameters on the Command Line
-AFT_LATITUDE=_AFT_LATITUDE_
-AFT_LONGITUDE=_AFT_LONGITUDE_
-AFT_ENVIRONMENT=_AFT_ENVIRONMENT_
-DEPLOYED_VERSION=_ARTIFACT_VERSION_
-
-## Pull in common/security properties
-
-cadi_prop_files=_COMMON_DIR_/com.att.aaf.common.props:_COMMON_DIR_/com.att.aaf.props
-
-##DME2 related parameters
-
-DMEServiceName=service=com.att.authz.oauth/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
-AFT_DME2_PORT_RANGE=_AUTHZ_OAUTH_PORT_RANGE_
-
-
-
-
-
+++ /dev/null
-/authAPI.props
-/log4j.properties
expectedCode = 201,
errorCodes = { 403,404,406,409 },
text = { "Add an Identity :id to the list of Admins for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)" }
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
)
@Override
public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id) {
expectedCode = 200,
errorCodes = { 403,404 },
text = { "Remove an Identity :id from the list of Admins for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)" }
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
)
@Override
public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id) {
expectedCode = 201,
errorCodes = { 403,404,406,409 },
text = { "Add an Identity :id to the list of Responsibles for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)" }
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
)
@Override
public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id) {
expectedCode = 200,
errorCodes = { 403,404 },
text = { "Remove an Identity :id to the list of Responsibles for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)",
"Note: A namespace must have at least 1 responsible party"
}
)
expectedCode = 200,
errorCodes = { 403,404 },
text = { "Lists all Namespaces where Identity :id is an Admin",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)"
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
}
)
@Override
expectedCode = 200,
errorCodes = { 403,404 },
text = { "Lists all Namespaces where Identity :id is either an Admin or an Owner",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)"
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
}
)
@Override
expectedCode = 200,
errorCodes = { 403,404 },
text = { "Lists all Namespaces where Identity :id is a Responsible Party",
- "Note: :id must be fully qualified (i.e. ab1234@csp.att.com)"
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
}
)
@Override
COPY theme /opt/app/aaf/${AAF_COMPONENT}/theme
COPY bin /opt/app/aaf/${AAF_COMPONENT}/bin
-CMD ["/bin/bash","-c","/opt/app/aaf/${AAF_COMPONENT}/bin/${AAF_COMPONENT} >> /opt/app/osaaf/logs/${AAF_COMPONENT}/stdout`date -I` 2>> /opt/app/osaaf/logs/${AAF_COMPONENT}/stderr`date -I`"]
+CMD ["/bin/bash","-c","/opt/app/aaf/${AAF_COMPONENT}/bin/${AAF_COMPONENT}"]
# For Debugging installation
# CMD ["/bin/bash","-c","pwd;cd /opt/app/osaaf;find /opt/app/osaaf -depth;df -k; cat /opt/app/aaf/${AAF_COMPONENT}/bin/${AAF_COMPONENT};cat /etc/hosts;/opt/app/aaf/${AAF_COMPONENT}/bin/${AAF_COMPONENT}"]
aaf_gui_title=AAF
aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
aaf_gui_theme=theme/onap
-cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
+cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
# GUI URLS and Help URLS
cm_url=https://aaf.osaaf.org:8150
gw_url=https://aaf.osaaf.org:8095
fs_url=http://aaf.osaaf.org:8096
-aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
-aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
+aaf_url.gui_onboard=https://wiki.onap.org/display/DW/Client+Onboarding
+# aaf_url.cuigui=https://???/Using+the+Command+Prompt
aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
# Define Organizations for use in some of the components. Not all use them
#
Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
-org.osaaf.mailHost=smtp.mail.att.com
-org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
+org.osaaf.mailHost=smtp.mail.YOUR.ORG
+org.osaaf.mailFrom=YOUR@EMAIL
org.osaaf.default=true
org.osaaf.also_supports=org.osaaf.people
private static UserRoleRequest newUserRoleRequestv2_0(boolean optional) {
UserRoleRequest urr = new UserRoleRequest();
urr.setRole("org.osaaf.myns.myRole");
- urr.setUser("ab1234@csp.att.com");
+ urr.setUser("ab1234@people.osaaf.org");
if(optional) setOptional(urr);
return urr;
}
private static NsRequest newNsRequestv2_0(boolean optional) {
NsRequest nr = new NsRequest();
nr.setName("org.osaaf.myns");
- nr.getResponsible().add("ab1234@csp.att.com");
- nr.getResponsible().add("cd5678@csp.att.com");
- nr.getAdmin().add("zy9876@csp.att.com");
- nr.getAdmin().add("xw5432@csp.att.com");
+ nr.getResponsible().add("ab1234@people.osaaf.org");
+ nr.getResponsible().add("cd5678@people.osaaf.org");
+ nr.getAdmin().add("zy9876@people.osaaf.org");
+ nr.getAdmin().add("xw5432@people.osaaf.org");
if(optional) {
nr.setDescription("This is my Namespace to set up");
nr.setType("APP");
Nss nss = new Nss();
nss.getNs().add(ns = new Nss.Ns());
ns.setName("org.osaaf.myns");
- ns.getResponsible().add("ab1234@csp.att.com");
- ns.getResponsible().add("cd5678@csp.att.com");
- ns.getAdmin().add("zy9876@csp.att.com");
- ns.getAdmin().add("xw5432@csp.att.com");
+ ns.getResponsible().add("ab1234@people.osaaf.org");
+ ns.getResponsible().add("cd5678@people.osaaf.org");
+ ns.getAdmin().add("zy9876@people.osaaf.org");
+ ns.getAdmin().add("xw5432@people.osaaf.org");
ns.setDescription("This is my Namespace to set up");
nss.getNs().add(ns = new Nss.Ns());
ns.setName("org.osaaf.myOtherNs");
- ns.getResponsible().add("ab1234@csp.att.com");
- ns.getResponsible().add("cd5678@csp.att.com");
- ns.getAdmin().add("zy9876@csp.att.com");
- ns.getAdmin().add("xw5432@csp.att.com");
+ ns.getResponsible().add("ab1234@people.osaaf.org");
+ ns.getResponsible().add("cd5678@people.osaaf.org");
+ ns.getAdmin().add("zy9876@people.osaaf.org");
+ ns.getAdmin().add("xw5432@people.osaaf.org");
return nss;
}
Users users = new Users();
users.getUser().add(user = new Users.User());
- user.setId("ab1234@csp.att.com");
+ user.setId("ab1234@people.osaaf.org");
GregorianCalendar gc = new GregorianCalendar();
user.setExpires(Chrono.timeStamp(gc));
users.getUser().add(user = new Users.User());
- user.setId("zy9876@csp.att.com");
+ user.setId("zy9876@people.osaaf.org");
user.setExpires(Chrono.timeStamp(gc));
return users;
app=FQI.reverseDomain(ss.getID());
//TODO Get Realm from AAF
- realm="csp.att.com";
+ realm="people.osaaf.org";
env = new RosettaEnv();
permsDF = env.newDataFactory(Perms.class);
hman = new HMangr(access,loc);
final String path = String.format("/authz/perms/user/%s",
- access.getProperty(Config.AAF_APPID,"xx9999@csp.att.com"));
+ access.getProperty(Config.AAF_APPID,"xx9999@people.osaaf.org"));
hman.best(ss, new Retryable<Void>() {
@Override
public Void code(Rcli<?> cli) throws APIException, CadiException {
*
* Where
* APP is name suitable for Logging (i.e. official App Acronym)
- * ID is official User or MechID, best if includes Identity Source (i.e. ab1234@csp.att.com)
+ * ID is official User or MechID, best if includes Identity Source (i.e. ab1234@people.osaaf.org)
* Protocol is the Security protocol,
*
* Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
#ISAM
aaf_alt_oauth2_domain=isam.att.com
#aaf_alt_oauth2_client_id=<get from ISAM>
-#aaf_alt_oauth2_domain=csp.att.com
+#aaf_alt_oauth2_domain=people.osaaf.org
#ISAM TEST
aaf_alt_oauth2_token_url=https://oauth.stage.elogin.att.com/mga/sps/oauth/oauth20/token
Code Review / aaf / authz.git / commitdiff