From: Kenny Paul Date: Fri, 23 Apr 2021 20:49:43 +0000 (-0700) Subject: changed to unmaintained X-Git-Url: https://gerrit.onap.org/r/gitweb?p=aaf%2Fauthz.git;a=commitdiff_plain;h=HEAD;hp=83d5e01bcac0bbd8c6386eb5033954001524d91f changed to unmaintained Issue-ID: CIMAN-33 Signed-off-by: Kenny Paul Change-Id: I1ad834908c16091843c4c8fcdd2089e94c306568 --- diff --git a/.gitignore b/.gitignore index 8259e7e7..a5ed1c35 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,8 @@ /cadisample/ .classpath /bin/ +.vscode/ +cadi/core/src/test/resources/keystore.p12 +cadi/core/src/test/resources/output_key +cadi/core/src/test/resources/truststore.jks +.vscode/launch.json diff --git a/INFO.yaml b/INFO.yaml index 74fedbc0..20fd8115 100644 --- a/INFO.yaml +++ b/INFO.yaml @@ -20,13 +20,13 @@ mailing_list: tag: '<[sub-project_name]>' realtime_discussion: '' meetings: - - type: 'zoom' - agenda: 'https://wiki.onap.org/display/DW/AAF+Meeting+Minutes' - url: 'https://wiki.onap.org/pages/viewpage.action?pageId=15302787' + - type: 'n/a' + agenda: 'n/a' + url: 'n/a' server: 'n/a' channel: 'n/a' - repeats: 'weekly' - time: '14:00 UTC' + repeats: 'n/a' + time: 'n/a' repositories: - 'aaf/authz' committers: diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 00000000..d9b07104 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,14 @@ +#!groovy + +properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [ +[$class: 'hudson.model.StringParameterDefinition', name: 'ECO_PIPELINE_ID', defaultValue: '0', description: 'Select an environment'], +[$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: 'BUILD, PACKAGE, SONAR, SAST', description: 'Select an instance'], +[$class: 'hudson.model.StringParameterDefinition', name: 'TARGET_NODE', defaultValue: 'zld03318.vci.att.com', description: 'Select an environment to deploy to'] +]]]) + +def wf = new MavenWorkflow() + +wf defaultPhase:'BUILD, SONAR, SAST, DAST', + language:'MAVEN', + deployType: 'SWM', + deployOptions:"swm:install -Dswm.target.node=${params.TARGET_NODE}" diff --git a/auth-client/.gitignore b/auth-client/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth-client/.gitignore +++ b/auth-client/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth-client/pom.xml b/auth-client/pom.xml index f9f000f5..f87f982f 100644 --- a/auth-client/pom.xml +++ b/auth-client/pom.xml @@ -26,7 +26,7 @@ org.onap.aaf.authz parent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT aaf-auth-client @@ -87,13 +87,6 @@ - - org.apache.maven.plugins - maven-deploy-plugin - - true - - org.jvnet.jaxb2.maven2 maven-jaxb2-plugin @@ -110,14 +103,6 @@ - - org.apache.maven.plugins - maven-deploy-plugin - - false - - - org.apache.maven.plugins maven-compiler-plugin diff --git a/auth/auth-batch/.gitignore b/auth/auth-batch/.gitignore index db5679fe..0fc83d25 100644 --- a/auth/auth-batch/.gitignore +++ b/auth/auth-batch/.gitignore @@ -5,3 +5,4 @@ NotifyCredExpiringOrig.java /*.dat /logs +/.checkstyle diff --git a/auth/auth-batch/pom.xml b/auth/auth-batch/pom.xml index 8f9db7c6..b8cd5efa 100644 --- a/auth/auth-batch/pom.xml +++ b/auth/auth-batch/pom.xml @@ -25,7 +25,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -55,9 +55,6 @@ - - - false diff --git a/auth/auth-batch/src/assemble/auth-batch.xml b/auth/auth-batch/src/assemble/auth-batch.xml index 25b37b73..aadf4e0e 100644 --- a/auth/auth-batch/src/assemble/auth-batch.xml +++ b/auth/auth-batch/src/assemble/auth-batch.xml @@ -32,26 +32,6 @@ true compile - - - org.onap.aaf.authz:aaf-auth-batch - org.onap.aaf.authz:aaf-auth-core - org.onap.aaf.authz:aaf-cadi-core - org.onap.aaf.authz:aaf-misc-env - org.onap.aaf.authz:aaf-misc-rosetta - javax.xml.bind:jaxb-api - org.glassfish.jaxb:jaxb-runtime - com.sun.istack:istack-commons-runtime - javax.activation:javax.activation-api - - \ No newline at end of file + diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java index d2695a35..983ef819 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java @@ -55,7 +55,6 @@ import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.env.StaticSlot; import org.onap.aaf.misc.env.TimeTaken; import org.onap.aaf.misc.env.util.Chrono; import org.onap.aaf.misc.env.util.Split; @@ -68,9 +67,6 @@ import com.datastax.driver.core.Session; import com.datastax.driver.core.Statement; public abstract class Batch { - - private static StaticSlot ssargs; - protected static final String STARS = "*****"; protected static Cluster cluster; @@ -83,6 +79,8 @@ public abstract class Batch { private static File logdir; + private static String[] batchArgs; + public static final String CASS_ENV = "CASS_ENV"; public static final String LOG_DIR = "LOG_DIR"; protected static final String MAX_EMAILS="MAX_EMAILS"; @@ -157,7 +155,7 @@ public abstract class Batch { protected void _close(AuthzTrans trans) {} public String[] args() { - return env.get(ssargs); + return batchArgs; } public boolean isDryRun() @@ -380,11 +378,12 @@ public abstract class Batch { // Use a StringBuilder to save off logs until a File can be setup StringBuilderOutputStream sbos = new StringBuilderOutputStream(); PropAccess access = new PropAccess(new PrintStream(sbos),args); - access.log(Level.INIT, "------- Starting Batch ------\n Args: "); + access.log(Level.INFO, "------- Starting Batch ------\n Args: "); for(String s: args) { sbos.getBuffer().append(s); sbos.getBuffer().append(' '); } + sbos.getBuffer().append('\n'); InputStream is = null; String filename; @@ -454,13 +453,10 @@ public abstract class Batch { len -= 1; if (len < 0) len = 0; - String nargs[] = new String[len]; + batchArgs = new String[len]; if (len > 0) { - System.arraycopy(args, 1, nargs, 0, len); + System.arraycopy(args, 1, batchArgs, 0, len); } - - env.put(ssargs = env.staticSlot("ARGS"), nargs); - /* * Add New Batch Programs (inherit from Batch) here */ @@ -521,6 +517,7 @@ public abstract class Batch { try { batch.run(trans); } catch (Exception e) { + trans.error().log(e); if(cluster!=null && !cluster.isClosed()) { cluster.close(); } @@ -536,6 +533,8 @@ public abstract class Batch { trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE); trans.info().log(sb); } + } catch (Exception e) { + env.warn().log(e); } finally { batchLog.close(); } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java index ff2c72a5..3a813ecd 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java @@ -438,7 +438,12 @@ public class Analyze extends Batch { if(r!=null) { Approval existing = findApproval(ur); if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); + if (org.isUserExpireExempt(ur.user(), ur.expires())) { + ur.row(notCompliantCW, UserRole.UR); + } else { + ur.row(needApproveCW, UserRole.APPROVE_UR, + "Expired user role! Membership expired " + Chrono.dateOnlyStamp(ur.expires())); + } } } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java index f346f7dd..4d6af8a0 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java @@ -48,7 +48,7 @@ public class ApprovedRpt extends Batch { private Date now; private Writer approvedW; private CSV historyR; - private static String yr_mon; + private static String yearMon; public ApprovedRpt(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); @@ -64,7 +64,7 @@ public class ApprovedRpt extends Batch { historyR = new CSV(env.access(),args()[1]).setDelimiter('|'); - yr_mon = args()[0]; + yearMon = args()[0]; } finally { tt0.done(); } @@ -73,34 +73,12 @@ public class ApprovedRpt extends Batch { @Override protected void run(AuthzTrans trans) { try { -// ResultSet results; -// Statement stmt = new SimpleStatement( "select dateof(id), approver, status, user, type, memo from authz.approved;" ); -// results = session.execute(stmt); -// Iterator iter = results.iterator(); -// Row row; - /* - * while (iter.hasNext()) { - ++totalLoaded; - row = iter.next(); - d = row.getTimestamp(0); - if(d.after(begin)) { - approvedW.row("aprvd", - Chrono.dateOnlyStamp(d), - row.getString(1), - row.getString(2), - row.getString(3), - row.getString(4), - row.getString(5) - ); - } - } - */ GregorianCalendar gc = new GregorianCalendar(); gc.add(GregorianCalendar.MONTH, -2); approvedW.comment("date, approver, status, user, role, memo"); historyR.visit(row -> { String s = row.get(7); - if(s.equals(yr_mon)) { + if(s.equals(yearMon)) { String target = row.get(5); if("user_role".equals(target)) { String action = row.get(1); diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java index b0db0a79..83de05af 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java @@ -85,6 +85,10 @@ public class Upload extends Batch { @Override protected void run(AuthzTrans trans) { List files = new ArrayList<>(); + for(String s : args()) { + trans.init().log(s); + } + if(args().length>0) { File dir = new File(args()[0]); if(dir.isDirectory()) { @@ -105,6 +109,7 @@ public class Upload extends Batch { } } } + for(File file : files) { String f = file.getName(); final Feed feed = feeds.get(f.substring(0,f.length()-4)); diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/batch/helpers/JU_BatchDataViewTest.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/batch/helpers/JU_BatchDataViewTest.java index 2ddd984b..8ff2ec57 100644 --- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/batch/helpers/JU_BatchDataViewTest.java +++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/batch/helpers/JU_BatchDataViewTest.java @@ -4,6 +4,9 @@ * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. * =========================================================================== + * Modification Copyright © 2020 IBM. + * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,7 +24,7 @@ package org.onap.aaf.auth.batch.helpers; -import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertEquals; import static org.mockito.MockitoAnnotations.initMocks; import java.io.IOException; @@ -71,57 +74,57 @@ public class JU_BatchDataViewTest { @Test public void testNs() { Result retVal = batchDataViewObj.ns(trans, "test"); - assertTrue(retVal.status == 9); + assertEquals(9,retVal.status); NS n = new NS("test1", "test2", "test3", 1, 2); NS.data.put("test", n); retVal = batchDataViewObj.ns(trans, "test"); - assertTrue(retVal.status == 0); + assertEquals(0,retVal.status); } @Test public void testRoleByName() { Result retVal = batchDataViewObj.roleByName(trans, "test"); - assertTrue(retVal.status == 9); + assertEquals(9,retVal.status); Role n = new Role("test1"); n.rdd = new RoleDAO.Data(); Role.byName.put("test", n); retVal = batchDataViewObj.roleByName(trans, "test"); - assertTrue(retVal.status == 0); + assertEquals(0,retVal.status); n.rdd = null; Role.byName.put("test", n); retVal = batchDataViewObj.roleByName(trans, "test"); - assertTrue(retVal.status == 9); + assertEquals(9,retVal.status); } @Test public void testUrsByRole() { Result> retVal = batchDataViewObj .ursByRole(trans, "test"); - assertTrue(retVal.status == 9); + assertEquals(9,retVal.status); Role n = new Role("test1"); n.rdd = new RoleDAO.Data(); UserRole ur = new UserRole("user", "role", "ns", "rname", new Date()); (new UserRole.DataLoadVisitor()).visit(ur); retVal = batchDataViewObj.ursByRole(trans, "role"); - assertTrue(retVal.status == 0); + assertEquals(retVal.status,0); } @Test public void testUrsByUser() { Result> retVal = batchDataViewObj .ursByUser(trans, "test"); - assertTrue(retVal.status == 9); + assertEquals(retVal.status,9); Role n = new Role("test1"); n.rdd = new RoleDAO.Data(); UserRole ur = new UserRole("user", "role", "ns", "rname", new Date()); (new UserRole.DataLoadVisitor()).visit(ur); retVal = batchDataViewObj.ursByUser(trans, "user"); - assertTrue(retVal.status == 0); + assertEquals(retVal.status,0); } @Test @@ -129,7 +132,7 @@ public class JU_BatchDataViewTest { FutureDAO.Data dataObj = new FutureDAO.Data(); dataObj.id = new UUID(1000L, 1000L); Result retVal = batchDataViewObj.delete(trans, dataObj); - assertTrue(retVal.status == 0); + assertEquals(retVal.status,0); } @Test @@ -138,7 +141,7 @@ public class JU_BatchDataViewTest { dataObj.id = new UUID(1000L, 1000L); Result retVal = batchDataViewObj.delete(trans, dataObj); - assertTrue(retVal.status == 0); + assertEquals(retVal.status, 0); } @@ -150,7 +153,7 @@ public class JU_BatchDataViewTest { dataObj.ticket = new UUID(1000L, 1000L); Result retVal = batchDataViewObj.insert(trans, dataObj); - assertTrue(retVal.status == 0); + assertEquals(retVal.status, 0); } @Test @@ -160,11 +163,11 @@ public class JU_BatchDataViewTest { dataObj.memo = "memo"; dataObj.construct = ByteBuffer.allocate(1000); Result retVal = batchDataViewObj.insert(trans, dataObj); - assertTrue(retVal.status == 0); + assertEquals(retVal.status, 0); dataObj.target_key = "memo"; retVal = batchDataViewObj.insert(trans, dataObj); - assertTrue(retVal.status == 0); + assertEquals(retVal.status, 0); } @Test public void testFlush() { diff --git a/auth/auth-cass/.gitignore b/auth/auth-cass/.gitignore index d0b9b474..7c3755cd 100644 --- a/auth/auth-cass/.gitignore +++ b/auth/auth-cass/.gitignore @@ -3,3 +3,4 @@ /target/ /.classpath /*.tgz +/.checkstyle diff --git a/auth/auth-cass/cass_init/authBatch.props b/auth/auth-cass/cass_init/authBatch.props index 0505ce8b..bef1659b 100644 --- a/auth/auth-cass/cass_init/authBatch.props +++ b/auth/auth-cass/cass_init/authBatch.props @@ -1,24 +1,21 @@ -aaf_data_dir=/opt/app/aaf/data +aaf_data_dir=/opt/app/aaf/cass_init/data aaf_root_ns=org.osaaf.aaf cadi_latitude=38.0 cadi_longitude=-72.0 +cadi_loglevel=INFO ## Supported Plugin Organizational Units Organization.att.com=org.onap.aaf.org.DefaultOrg DRY_RUN=false -CASS_ENV=DOCKER - -UNKNOWN.LOG_DIR=logs/DOCKER ## Cassandra Configurations, when commented out, uses LocalHost (non authenticated) and default ports -DOCKER.cassandra.clusters=127.0.0.1 -DOCKER.cassandra.clusters.port=9042 -DOCKER.cassandra.clusters.user=cassandra -DOCKER.cassandra.clusters.password=cassandra -DOCKER.VERSION=3.1.0 -DOCKER.GUI_URL=https://mithrilcsp.sbc.com:8095/gui -DOCKER.MAX_EMAILS=3 -DOCKER.SPECIAL_NAMES=aaf@aaf.osaaf.org +cassandra.clusters=127.0.0.1 +cassandra.clusters.port=9042 +cassandra.clusters.user=cassandra +cassandra.clusters.password=cassandra + +GUI_URL=https://aaf-gui.onap:8095/gui +MAX_EMAILS=3 +SPECIAL_NAMES=aaf@aaf.osaaf.org -cadi_loglevel=AUDIT diff --git a/auth/auth-cass/cass_init/cmd.sh b/auth/auth-cass/cass_init/cmd.sh index b6650122..bfd592a3 100644 --- a/auth/auth-cass/cass_init/cmd.sh +++ b/auth/auth-cass/cass_init/cmd.sh @@ -24,6 +24,7 @@ DIR="/opt/app/aaf/status" INSTALLED_VERSION=/var/lib/cassandra/AAF_VERSION AAF_INIT_DATA=/var/lib/cassandra/AAF_INIT_DATA +CQLSH=${CQLSH:=/usr/bin/cqlsh} if [ ! -e /aaf_cmd ]; then ln -s /opt/app/aaf/cass_init/cmd.sh /aaf_cmd @@ -71,7 +72,7 @@ function wait_start { function wait_cql { status wait for keyspace to be initialized for CNT in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do - if [ -n "$(/usr/bin/cqlsh -e 'describe keyspaces' | grep authz)" ]; then + if [ -n "$($CQLSH -e 'describe keyspaces' | grep authz)" ]; then break else echo "Waiting for Keyspaces to be loaded... Sleep 10" @@ -96,11 +97,11 @@ function wait_ready { function install_cql { wait_start cassandra responsive # Now, make sure data exists - if [ ! -e $INSTALLED_VERSION ] && [ -n "$(/usr/bin/cqlsh -e 'describe keyspaces' | grep authz)" ]; then - /usr/bin/cqlsh --request-timeout=60 -e 'DROP KEYSPACE authz' + if [ ! -e $INSTALLED_VERSION ] && [ -n "$($CQLSH -e 'describe keyspaces' | grep authz)" ]; then + $CQLSH --request-timeout=60 -e 'DROP KEYSPACE authz' fi - if [ -z "`/usr/bin/cqlsh --request-timeout 60 -e 'describe keyspaces' | grep authz`" ]; then + if [ -z "$($CQLSH --request-timeout 60 -e 'describe keyspaces' | grep authz)" ]; then status install echo "Initializing Cassandra DB" echo "Docker Installed Basic Cassandra on aaf.cass. Executing the following " @@ -109,15 +110,15 @@ function install_cql { echo " cd /opt/app/aaf/cass_init" cd /opt/app/aaf/cass_init echo " cqlsh -f keyspace.cql" - /usr/bin/cqlsh --request-timeout=100 -f keyspace.cql + $CQLSH --request-timeout=100 -f keyspace.cql status keyspace installed echo " cqlsh -f init.cql" - /usr/bin/cqlsh --request-timeout=100 -f init.cql + $CQLSH --request-timeout=100 -f init.cql status data initialized echo "" echo "The following will give you a temporary identity with which to start working, or emergency" echo " cqlsh -f temp_identity.cql" - echo "casablanca" > $INSTALLED_VERSION + echo "frankfurt" > $INSTALLED_VERSION else echo "Cassandra DB already includes 'authz' keyspace" fi @@ -135,6 +136,7 @@ function install_onap { status prep data bash prep.sh status push data to cassandra + # bash push.sh bash push.sh cd - echo $(date) > $AAF_INIT_DATA diff --git a/auth/auth-cass/cass_init/minimal.cql b/auth/auth-cass/cass_init/minimal.cql new file mode 100644 index 00000000..af8f8c60 --- /dev/null +++ b/auth/auth-cass/cass_init/minimal.cql @@ -0,0 +1,59 @@ +USE authz; + +// Create 'org' root NS +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org','Root Namespace','.',1,1); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','admin',{'org.access|*|*'},'Org Admins'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org','access','*','*',{'org.admin'},'Org Write Access'); + + +// Create org.osaaf +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.osaaf','OSAAF Namespace','org',2,2); + +INSERT INTO role(ns, name, perms,description) + VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access'); + +INSERT INTO role(ns, name, perms,description) + VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners'); + +INSERT INTO perm(ns, type, instance, action, roles,description) + VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access'); + +// Create org.osaaf.aaf +INSERT INTO ns (name,description,parent,scope,type) + VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access'); + +INSERT INTO perm(ns, type, instance, action, roles, description) + VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access'); + +INSERT INTO role(ns, name, perms, description) + VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners'); + +// OSAAF Root +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('aaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin'); + +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin'); + + diff --git a/auth/auth-cass/cass_init/push.sh b/auth/auth-cass/cass_init/push.sh index f887f077..a6f8277d 100644 --- a/auth/auth-cass/cass_init/push.sh +++ b/auth/auth-cass/cass_init/push.sh @@ -22,6 +22,9 @@ # These are obtained from "gzipped" files, or pre-placed (i.e. initialization) # in the "dats" directory # + +CQLSH="${CQLSH:=/usr/bin/cqlsh} -k authz" + DIR=/opt/app/aaf/cass_init cd $DIR if [ ! -e dats ]; then @@ -35,7 +38,7 @@ fi cd dats for T in $(ls *.dat); do if [ -s $T ]; then - cqlsh --request-timeout=100 -e "COPY authz.${T/.dat/} FROM '$T' WITH DELIMITER='|';"; + $CQLSH --request-timeout=100 -e "COPY authz.${T/.dat/} FROM '$T' WITH DELIMITER='|';"; fi done cd $DIR diff --git a/auth/auth-cass/cass_init/restore.sh b/auth/auth-cass/cass_init/restore.sh index a2c02929..0bf0ea65 100644 --- a/auth/auth-cass/cass_init/restore.sh +++ b/auth/auth-cass/cass_init/restore.sh @@ -4,7 +4,7 @@ echo `date` ENV=DOCKER -CQLSH="/usr/bin/cqlsh -k authz" +CQLSH="${CQLSH:=/usr/bin/cqlsh} -k authz" cd dats if [ "$*" = "" ]; then @@ -52,7 +52,7 @@ done if [ ! "$UPLOAD" = "" ]; then cd dats - java -Dcadi_prop_files=../authBatch.props -DCASS_ENV=$ENV -jar ../aaf-auth-batch-*-full.jar Upload $UPLOAD + java -Dcadi_prop_files=../authBatch.props -DCASS_ENV=$ENV -jar ../aaf-auth-batch-*-full.jar Upload $UPLOAD 2>&1 logs/stdout cd - fi diff --git a/auth/auth-cass/docker/Dockerfile.cass b/auth/auth-cass/docker/Dockerfile.cass index c25135ed..ea639579 100644 --- a/auth/auth-cass/docker/Dockerfile.cass +++ b/auth/auth-cass/docker/Dockerfile.cass @@ -28,14 +28,21 @@ LABEL version=${AAF_VERSION} COPY cass_init/*.cql /opt/app/aaf/cass_init/ COPY cass_init/*.sh /opt/app/aaf/cass_init/ COPY cass_init/*.props /opt/app/aaf/cass_init/ -COPY aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf/cass_init/ +COPY aaf-auth-batch-*-full.jar /opt/app/aaf/cass_init/ COPY cass_data/*.dat /opt/app/aaf/cass_init/dats/ +COPY sample.identities.dat /opt/app/aaf/cass_init/data/identities.dat -RUN mkdir -p /opt/app/aaf/status && chmod 777 /opt/app/aaf/status && \ - addgroup ${USER} && adduser --no-create-home --ingroup ${USER} --disabled-password --gecos "" --shell /bin/bash ${USER} && \ - chown -R ${USER}:${USER} /opt/app/aaf/cass_init - +RUN mkdir -p /opt/app/aaf/status &&\ + chmod 777 /opt/app/aaf/status && \ + if [ ! -z "${DUSER}" ]; then \ + addgroup --gid 1000 ${DUSER}; \ + adduser --ingroup ${DUSER} --disabled-password --gecos "" --shell /bin/bash -u 1000 ${DUSER} ; \ + mkdir -p /var/lib/cassandra/data /var/log/cassandra ; \ + chown -R 1000:1000 /opt/app/aaf /etc/cassandra /var/log/cassandra /var/lib/cassandra ; \ + fi && \ + ln -s /opt/app/aaf/cass_init/cmd.sh /aaf_cmd && chmod a+x /aaf_cmd +USER ${DUSER} ENTRYPOINT ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh"] CMD ["start"] # Default is to start up with CQL setup only diff --git a/auth/auth-cass/docker/dbuild.sh b/auth/auth-cass/docker/dbuild.sh index 641b42ba..6a1ae1c1 100644 --- a/auth/auth-cass/docker/dbuild.sh +++ b/auth/auth-cass/docker/dbuild.sh @@ -26,6 +26,19 @@ if [ -e ../../docker/d.props ]; then fi DOCKER=${DOCKER:-docker} +function SCP() { + SANS=${1/-SNAPSHOT/} + echo $1 = $SANS + if [ -e $SANS ]; then + cp $SANS $2 + else + + ln $1 $SANS + cp $SANS $2 + rm $SANS + fi +} + echo "$0: Building aaf_cass Container for aaf_cass:$VERSION" # default nexus repo only contains Amd64 images, use docker.io for multi-platform builds @@ -38,16 +51,15 @@ echo "$0: DOCKER_PULL_REGISTRY=${DOCKER_REGISTRY}" DIR=$(pwd) cd .. -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${USER}/'${USER}'/g' \ +sed -e 's/${AAF_VERSION}/'${VERSION/-SNAPSHOT/}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \ $DIR/Dockerfile.cass > Dockerfile cd .. +pwd cp -Rf sample/cass_data auth-cass/cass_data cp sample/data/sample.identities.dat auth-cass -pwd -ls -ltr auth-batch/target -cp auth-batch/target/aaf-auth-batch-$VERSION-full.jar auth-cass +SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar auth-cass echo "$0: $DOCKER build -t ${ORG}/${PROJECT}/aaf_cass:${VERSION} auth-cass" $DOCKER build -t ${ORG}/${PROJECT}/aaf_cass:${VERSION} auth-cass @@ -58,6 +70,6 @@ cd - rm Dockerfile rm -Rf cass_data rm sample.identities.dat -rm aaf-auth-batch-$VERSION-full.jar +rm aaf-auth-batch-*-full.jar cd $DIR diff --git a/auth/auth-cass/docker/dcqlsh.sh b/auth/auth-cass/docker/dcqlsh.sh index 2518eb90..c8708d75 100644 --- a/auth/auth-cass/docker/dcqlsh.sh +++ b/auth/auth-cass/docker/dcqlsh.sh @@ -22,5 +22,5 @@ if [ -e ../../docker/d.props ]; then . ../../docker/d.props fi -${DOCKER:=docker} exec -it aaf-cass /usr/bin/cqlsh -k authz +${DOCKER:=docker} exec -it aaf-cass ${CQLSH:=/usr/bin/cqlsh} -k authz diff --git a/auth/auth-cass/docker/drun.sh b/auth/auth-cass/docker/drun.sh index cd8ab78c..33b59d7c 100644 --- a/auth/auth-cass/docker/drun.sh +++ b/auth/auth-cass/docker/drun.sh @@ -23,8 +23,22 @@ if [ -e ../../docker/d.props ]; then . ../../docker/d.props fi DOCKER=${DOCKER:-docker} - -if [ "$1" = "publish" ]; then +if [ "$DOCKER" = "podman" ]; then + PODNAME=aaf-cass.onap + if $(podman pod exists $PODNAME); then + echo "Using existing 'podman' pod $PODNAME" + POD="--pod $PODNAME " + else + echo "Create new 'podman' pod $PODNAME" + # Note: Cassandra needs "infra" to work + # Keep in separate pod + #podman pod create --infra=true -n $PODNAME --publish 9042:9042 + podman pod create --infra=false -n $PODNAME + #POD="--pod new:$PODNAME " + POD="--pod $PODNAME " + PUBLISH='--publish 9042:9042 ' + fi +else PUBLISH='--publish 9042:9042 ' fi @@ -47,6 +61,7 @@ if [ "`$DOCKER ps -a | grep aaf-cass`" == "" ]; then -e CASSANDRA_CLUSTER_NAME=osaaf \ -v "aaf_cass_data:/var/lib/cassandra" \ -v "aaf_status:/opt/app/aaf/status" \ + ${POD} \ $PUBLISH \ -d ${PREFIX}${ORG}/${PROJECT}/aaf_cass:${VERSION} "onap" else diff --git a/auth/auth-cass/pom.xml b/auth/auth-cass/pom.xml index 5e86ba60..0be9d85a 100644 --- a/auth/auth-cass/pom.xml +++ b/auth/auth-cass/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -123,6 +123,11 @@ slf4j-log4j12 test + + org.onap.aaf.authz + aaf-auth-deforg + test + diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java index 31e5069b..10136272 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java @@ -71,12 +71,19 @@ public class FileGetter { if(CredDAO.CERT_SHA256_RSA == type) { return; } + byte ba[]; CredDAO.Data cdd = new CredDAO.Data(); cdd.id=row.get(0); cdd.type = type; try { cdd.expires = sdf.parse(row.get(2)); - cdd.cred = ByteBuffer.wrap(Hash.fromHex(row.get(3))); + // Note: Note sure this can be null, but throwing was + // part of original "fromHex" method. Remove if you can + // prove ba will never be null J - May 19,2020 + if((ba=Hash.fromHex(row.get(3)))==null) { + throw new CadiException("Invalid Cred"); + } + cdd.cred = ByteBuffer.wrap(ba); cdd.notes= row.get(4); cdd.ns = row.get(5); cdd.other = Integer.parseInt(row.get(6)); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index e5cde35c..761ebec9 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -759,7 +759,7 @@ public class Function { } for (CredDAO.Data cd : cdr.value) { - if (cd.expires.after(now)) { + if (cd.expires.after(now) || trans.org().isUserExpireExempt(cd.id, cd.expires)) { return Result.ok(); } } @@ -1440,7 +1440,7 @@ public class Function { List list = rurdd.value; List rv = new ArrayList<>(list.size()); // presize for (UserRoleDAO.Data urdd : rurdd.value) { - if (includeExpired || urdd.expires.after(now)) { + if (includeExpired || urdd.expires.after(now) || trans.org().isUserExpireExempt(urdd.user, urdd.expires)) { rv.add(urdd.user); } } diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java index 5a27e5ec..5a66be8a 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java @@ -82,7 +82,7 @@ public class PermLookup { List lurdd = new ArrayList<>(); Date now = new Date(); for (UserRoleDAO.Data urdd : userRoles.value) { - if (urdd.expires.after(now)) { // Remove Expired + if (urdd.expires.after(now) || trans.org().isUserExpireExempt(user, urdd.expires)) { // Remove Expired lurdd.add(urdd); } } diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 39578f83..2e8e55f5 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -938,7 +938,7 @@ public class Question { if (!cdd.id.equals(user)) { trans.error().log("doesUserCredMatch DB call does not match for user: " + user); } - if (cdd.expires.after(now)) { + if (cdd.expires.after(now) || trans.org().isUserExpireExempt(cdd.id, cdd.expires)) { byte[] dbcred = cdd.cred.array(); try { @@ -1273,7 +1273,7 @@ public class Question { if (rur.isOKhasData()) { Date now = new Date(); for (UserRoleDAO.Data urdd : rur.value){ - if (urdd.expires.after(now)) { + if (urdd.expires.after(now) || trans.org().isUserExpireExempt(urdd.user, urdd.expires)) { return true; } } @@ -1285,7 +1285,7 @@ public class Question { Result> rur = userRoleDAO().read(trans, user,ns+DOT_OWNER); if (rur.isOKhasData()) {for (UserRoleDAO.Data urdd : rur.value){ Date now = new Date(); - if (urdd.expires.after(now)) { + if (urdd.expires.after(now) || trans.org().isUserExpireExempt(urdd.user, urdd.expires)) { return true; } }}; @@ -1297,7 +1297,7 @@ public class Question { Date now = new Date(); int count = 0; if (rur.isOKhasData()) {for (UserRoleDAO.Data urdd : rur.value){ - if (urdd.expires.after(now)) { + if (urdd.expires.after(now) || trans.org().isUserExpireExempt(urdd.user, urdd.expires)) { ++count; } }}; diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/hl/JU_PermLookup.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/hl/JU_PermLookup.java index f5d22ba2..1d82505e 100644 --- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/hl/JU_PermLookup.java +++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/hl/JU_PermLookup.java @@ -49,6 +49,7 @@ import org.onap.aaf.auth.layer.Result; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.misc.env.LogTarget; +import org.onap.aaf.org.DefaultOrg; @RunWith(MockitoJUnitRunner.class) @@ -130,13 +131,17 @@ public class JU_PermLookup { Result> retVal1 = Mockito.mock(Result.class); retVal1.value = new ArrayList(); UserRoleDAO.Data dataObj = Mockito.mock( UserRoleDAO.Data.class); - dataObj.expires = new Date(); retVal1.value.add(dataObj); Mockito.doReturn(true).when(retVal1).isOKhasData(); + Mockito.doReturn(retVal1).when(userRoleDAO).readByUser(trans,""); - PermLookup cassExecutorObj =PermLookup.get(trans, q,""); + + DefaultOrg org = Mockito.mock(DefaultOrg.class); + when(trans.org()).thenReturn(org); + + PermLookup cassExecutorObj = PermLookup.get(trans, q,""); Result> userRoles = cassExecutorObj.getUserRoles(); //System.out.println(""+userRoles.status); @@ -151,7 +156,11 @@ public class JU_PermLookup { Mockito.doReturn(false).when(retVal1).isOKhasData(); Mockito.doReturn(retVal1).when(userRoleDAO).readByUser(trans,""); - PermLookup cassExecutorObj =PermLookup.get(trans, q,""); + + DefaultOrg org = Mockito.mock(DefaultOrg.class); + when(trans.org()).thenReturn(org); + + PermLookup cassExecutorObj = PermLookup.get(trans, q,""); Result> userRoles = cassExecutorObj.getUserRoles(); // System.out.println("output is"+userRoles.status); @@ -174,7 +183,11 @@ public class JU_PermLookup { retVal1.value.add(dataObj); Mockito.doReturn(true).when(retVal1).isOKhasData(); Mockito.doReturn(retVal1).when(userRoleDAO).readByUser(trans,""); - PermLookup cassExecutorObj =PermLookup.get(trans, q,""); + + DefaultOrg org = Mockito.mock(DefaultOrg.class); + when(trans.org()).thenReturn(org); + + PermLookup cassExecutorObj = PermLookup.get(trans, q,""); Result> userRoles = cassExecutorObj.getUserRoles(); //System.out.println(userRoles.status); diff --git a/auth/auth-certman/.gitignore b/auth/auth-certman/.gitignore index 6028f0a5..1e3d8e50 100644 --- a/auth/auth-certman/.gitignore +++ b/auth/auth-certman/.gitignore @@ -2,3 +2,5 @@ /.settings/ /target/ /.project +/.checkstyle + diff --git a/auth/auth-certman/pom.xml b/auth/auth-certman/pom.xml index 64ab8372..94c2a6de 100644 --- a/auth/auth-certman/pom.xml +++ b/auth/auth-certman/pom.xml @@ -20,7 +20,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -129,6 +129,7 @@ cadi_prop_files=${project.ext_root_dir}/etc/org.osaaf.aaf.cm.props cadi_log_dir=${project.ext_root_dir}/logs/cm + cadi_etc_dir=${project.ext_root_dir}/etc diff --git a/auth/auth-cmd/.gitignore b/auth/auth-cmd/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-cmd/.gitignore +++ b/auth/auth-cmd/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-cmd/pom.xml b/auth/auth-cmd/pom.xml index 2e7cb2d9..656d45af 100644 --- a/auth/auth-cmd/pom.xml +++ b/auth/auth-cmd/pom.xml @@ -18,7 +18,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -177,8 +177,7 @@ jline jline 2.14.2 - - + diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java index 0ae4ce99..7913b76e 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java @@ -54,7 +54,6 @@ import aaf.v2_0.History; import aaf.v2_0.History.Item; import aaf.v2_0.Request; - public abstract class Cmd { // Sonar claims DateFormat is not thread safe. Leave as Instance Variable. private final DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:SSS"); @@ -272,7 +271,7 @@ public abstract class Cmd { sb.append(", "); sb.append(desc); } - pw().println(sb); + pw().println(sb.toString()); } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java index ef25f75a..84a01614 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java @@ -39,7 +39,7 @@ import aaf.v2_0.Users.User; public class List extends BaseCmd { - private static final String cformat = " %-30s %-6s %-24s\n"; + private static final String cformat = " %-30s %-6s %-24s %-20s\n"; private static final String pformat = " %-30s %-24s %-15s\n"; private static final String sformat = " %-72s\n"; protected static final String kformat = " %-72s\n"; @@ -152,7 +152,7 @@ public class List extends BaseCmd { if (this.aafcli.isTest()) { pw().format(sformat,u.getId()); } else { - pw().format(cformat,u.getId(),getType(u),Chrono.niceDateStamp(u.getExpires())); + pw().format(cformat,u.getId(),getType(u),Chrono.niceDateStamp(u.getExpires()),u.getTag()); } } } diff --git a/auth/auth-core/.gitignore b/auth/auth-core/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-core/.gitignore +++ b/auth/auth-core/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-core/pom.xml b/auth/auth-core/pom.xml index 5409a327..3d3cedec 100644 --- a/auth/auth-core/pom.xml +++ b/auth/auth-core/pom.xml @@ -25,7 +25,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -106,7 +106,7 @@ org.slf4j slf4j-log4j12 - + diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java index f34ed151..778eb295 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java @@ -348,6 +348,16 @@ public interface Organization { public void setTestMode(boolean dryRun); + /** + * Evaluates a user to determine if they are exempt from role and cred expiration. + * Returns true if true, false if false. Default implementation is always false. + * + * @param user + * @param expires + * @return + */ + public boolean isUserExpireExempt(String user, Date expires); + public static final Organization NULL = new Organization() { private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1); @@ -586,6 +596,11 @@ public interface Organization { return null; } + @Override + public boolean isUserExpireExempt(String user, Date expires) { + return false; + } + }; } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java index fcdcf878..af549356 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java @@ -157,7 +157,7 @@ public abstract class AbsServiceStarterauthparent ../pom.xml org.onap.aaf.authz - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT aaf-auth-deforg diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java index 307c9c95..c7f3b1cc 100644 --- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java +++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java @@ -68,13 +68,12 @@ public class DefaultOrg implements Organization { root_ns = env.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF); try { - String defFile; - String temp=env.getProperty(defFile = (getClass().getName()+".file")); + String temp=env.getProperty(realm +".file"); File fIdentities=null; if (temp==null) { temp = env.getProperty(AAF_DATA_DIR); if (temp!=null) { - env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat"); + env.warn().log("Datafile for " + realm + " is not defined. Using default: ",temp+"/identities.dat"); File dir = new File(temp); fIdentities=new File(dir,"identities.dat"); @@ -706,4 +705,9 @@ public class DefaultOrg implements Organization { return 0; } } + + @Override + public boolean isUserExpireExempt(String user, Date expires) { + return false; + } } diff --git a/auth/auth-fs/.gitignore b/auth/auth-fs/.gitignore index 1999002f..112dedb3 100644 --- a/auth/auth-fs/.gitignore +++ b/auth/auth-fs/.gitignore @@ -2,4 +2,4 @@ /.settings/ /target/ /.project - +/.checkstyle diff --git a/auth/auth-fs/pom.xml b/auth/auth-fs/pom.xml index 87763650..21e820c0 100644 --- a/auth/auth-fs/pom.xml +++ b/auth/auth-fs/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -75,7 +75,7 @@ org.onap.aaf.authz aaf-cadi-core - + diff --git a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java index 64d93539..6077b39d 100644 --- a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java +++ b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java @@ -45,8 +45,6 @@ import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.register.Registrant; import org.onap.aaf.cadi.register.RemoteRegistrant; - - public class AAF_FS extends AbsService { public AAF_FS(final AuthzEnv env) throws IOException, CadiException { diff --git a/auth/auth-gui/.gitignore b/auth/auth-gui/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-gui/.gitignore +++ b/auth/auth-gui/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-gui/pom.xml b/auth/auth-gui/pom.xml index f93fb7e4..cb61fe0f 100644 --- a/auth/auth-gui/pom.xml +++ b/auth/auth-gui/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java index 4ad7893a..e98b40f2 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java @@ -285,7 +285,7 @@ public class CredDetail extends Page { } first=false; hgen.end().leaf(HTMLGen.TD,cls,STYLE_WIDTH_70) - .text(Chrono.niceDateStamp(u.getExpires())) + .text(Chrono.niceDateStamp(u.getExpires()) + ", TAG ID: " + u.getTag()) .end(); hgen.end(uRow); diff --git a/auth/auth-hello/.gitignore b/auth/auth-hello/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-hello/.gitignore +++ b/auth/auth-hello/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml index 47285766..856a316f 100644 --- a/auth/auth-hello/pom.xml +++ b/auth/auth-hello/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -54,8 +54,8 @@ org.onap.aaf.authz aaf-cadi-aaf - - + + diff --git a/auth/auth-locate/.gitignore b/auth/auth-locate/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-locate/.gitignore +++ b/auth/auth-locate/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-locate/pom.xml b/auth/auth-locate/pom.xml index 8df23909..e30fc390 100644 --- a/auth/auth-locate/pom.xml +++ b/auth/auth-locate/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml @@ -77,7 +77,8 @@ org.onap.aaf.authz aaf-misc-rosetta - + + diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java index ff538269..5c5f9a6c 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java @@ -33,6 +33,7 @@ import org.onap.aaf.auth.cache.Cache.Dated; import org.onap.aaf.auth.dao.CassAccess; import org.onap.aaf.auth.dao.cass.ConfigDAO; import org.onap.aaf.auth.dao.cass.LocateDAO; +import org.onap.aaf.auth.dao.hl.Question; import org.onap.aaf.auth.direct.DirectLocatorCreator; import org.onap.aaf.auth.direct.DirectRegistrar; import org.onap.aaf.auth.env.AuthzEnv; @@ -81,7 +82,7 @@ public class AAF_Locate extends AbsService { public final ConfigDAO configDAO; private Locator dal; - + public final Question question; /** * Construct AuthzAPI with all the Context Supporting Routes that Authz needs * @@ -121,6 +122,7 @@ public class AAF_Locate extends AbsService { } } + question = new Question(trans, cluster, CassAccess.KEYSPACE); //////////////////////////////////////////////////////////////////////////// // Time Critical @@ -128,7 +130,7 @@ public class AAF_Locate extends AbsService { //////////////////////////////////////////////////////////////////////// API_AAFAccess.init(this,facade); API_Find.init(this, facade); - API_Proxy.init(this, facade); + API_Proxy.init(this, facade, question); //////////////////////////////////////////////////////////////////////// // Management APIs diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java index 36a987e5..2076e847 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java @@ -269,7 +269,7 @@ public class API_AAFAccess { redirectURL.append('?'); redirectURL.append(str); } - trans.info().log("Redirect to",redirectURL); + trans.info().log("Redirect to",redirectURL); resp.sendRedirect(redirectURL.toString()); } else { context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection")); diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java index c77e9a85..8d56dc96 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java @@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.eclipse.jetty.http.HttpStatus; +import org.onap.aaf.auth.dao.hl.Question; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.locate.AAF_Locate; import org.onap.aaf.auth.locate.BasicAuthCode; @@ -35,6 +36,7 @@ import org.onap.aaf.auth.locate.facade.LocateFacade; import org.onap.aaf.auth.locate.mapper.Mapper.API; import org.onap.aaf.auth.rserv.HttpMethods; import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.Symm; import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; @@ -42,6 +44,7 @@ import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.oauth.OAuth2Principal; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Env; +import org.onap.aaf.misc.env.LogTarget; import org.onap.aaf.misc.env.TimeTaken; /** @@ -59,7 +62,7 @@ public class API_Proxy { * @param facade * @throws Exception */ - public static void init(final AAF_Locate gwAPI, LocateFacade facade) { + public static void init(final AAF_Locate gwAPI, LocateFacade facade, final Question question) { String aafurl = gwAPI.access.getProperty(Config.AAF_URL,null); if (aafurl!=null) { @@ -72,6 +75,7 @@ public class API_Proxy { gwAPI.routeAll(HttpMethods.GET,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy GET", true) { @Override public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + populateCredentialTag(trans, req, question); if ("/proxy/authn/basicAuth".equals(req.getPathInfo()) && !(req.getUserPrincipal() instanceof OAuth2Principal)) { bac.handle(trans, req, resp); } else { @@ -159,4 +163,29 @@ public class API_Proxy { }); } } + + /** + * Populates TAG value for the user from DB + * + * @param trans + * @param req + * @param question + */ + private static void populateCredentialTag(AuthzTrans trans, HttpServletRequest req, Question question) { + + try { + String authz = req.getHeader("Authorization"); + String decoded = Symm.base64noSplit.decode(authz.substring(6)); + int colon = decoded.indexOf(':'); + // Update transaction object with TAG information from DB + question.doesUserCredMatch(trans, decoded.substring(0, colon), decoded.substring(colon + 1).getBytes()); + String tag = trans.getTag(); + if (null != tag) { + req.setAttribute("CRED_TAG", tag); + } + } catch (Exception e) { + LogTarget lt = trans.error(); + lt.log("Exception occured while fetching TAG details from DB :" + e.getMessage()); + } + } } diff --git a/auth/auth-oauth/.gitignore b/auth/auth-oauth/.gitignore index 6028f0a5..112dedb3 100644 --- a/auth/auth-oauth/.gitignore +++ b/auth/auth-oauth/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/auth/auth-oauth/pom.xml b/auth/auth-oauth/pom.xml index cc0ed53e..19f6cfcc 100644 --- a/auth/auth-oauth/pom.xml +++ b/auth/auth-oauth/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml diff --git a/auth/auth-service/.gitignore b/auth/auth-service/.gitignore index f3bad092..172fcb3f 100644 --- a/auth/auth-service/.gitignore +++ b/auth/auth-service/.gitignore @@ -3,3 +3,4 @@ /target/ /.project /logs/ +/.checkstyle diff --git a/auth/auth-service/pom.xml b/auth/auth-service/pom.xml index 9f9ca869..45cd601f 100644 --- a/auth/auth-service/pom.xml +++ b/auth/auth-service/pom.xml @@ -17,7 +17,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml diff --git a/auth/docker/.gitignore b/auth/docker/.gitignore index f3a8bcb9..3f4818d6 100644 --- a/auth/docker/.gitignore +++ b/auth/docker/.gitignore @@ -16,3 +16,5 @@ /sdnc /working /target +/ldrun.sh +/.checkstyle diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent index ec5f24ea..71f70098 100644 --- a/auth/docker/Dockerfile.agent +++ b/auth/docker/Dockerfile.agent @@ -27,9 +27,14 @@ LABEL version=${AAF_VERSION} COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh COPY bin/aaf-cadi-aaf-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ -COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ +#COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ -RUN chmod 755 /opt/app/aaf_config/bin/* &&\ - if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi CMD [] + +RUN mkdir -p /opt/app/osaaf/local && \ + if [ -n "${DUSER}" ]; then \ + addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \ + chown ${DUSER}:${DUSER} /opt/app/osaaf/local; \ + fi +# Note: User added if in d.props diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base index 523d63f0..4d305d7a 100644 --- a/auth/docker/Dockerfile.base +++ b/auth/docker/Dockerfile.base @@ -18,19 +18,20 @@ # ============LICENSE_END==================================================== # # Use dbuild.sh input parameter to set registry -#FROM ${REGISTRY}/openjdk:11-jre-slim #FROM ${REGISTRY}/openjdk:8-jdk-alpine FROM ${REGISTRY}/alpine -#FROM openjdk:12-jdk-alpine -#FROM openjdk:13-jdk-alpine MAINTAINER AAF Team, AT&T 2018 LABEL description="aaf_base" ENV JAVA_HOME /usr/lib/jvm/java-11-openjdk -RUN apk --no-cache add openjdk11 &&\ - apk add --no-cache bash &&\ + +RUN apk add --no-cache bash &&\ + apk --no-cache add openjdk11 &&\ apk add --no-cache openssl &&\ - apk add --no-cache curl &&\ - if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi + apk add --no-cache curl + +# mkdir -p /opt/app/aaf/status +# addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash +# Note: User added if in d.props diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index 4bb7a940..3d9aa352 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -36,8 +36,16 @@ COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh COPY bin/aaf-auth-cmd-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-auth-batch-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ -RUN mkdir -p /opt/app/osaaf &&\ - chmod 755 /opt/app/aaf_config/bin/*.sh &&\ - if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi - +RUN mkdir -p /opt/app/aaf /opt/app/osaaf/logs && \ + if [ -n "${DUSER}" ]; then \ + addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \ + chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/osaaf /opt/app/aaf_config; \ + fi && \ + chmod 774 /opt/app/aaf_config/bin/*.sh + CMD ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] +# Note: User added if in d.props +# if [ -n "${DUSER}" ]; then \ +# addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \ +# chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/aaf_config; \ +# fi && \ diff --git a/auth/docker/Dockerfile.core b/auth/docker/Dockerfile.core index 5c66c8ca..206d1c4d 100644 --- a/auth/docker/Dockerfile.core +++ b/auth/docker/Dockerfile.core @@ -30,11 +30,11 @@ COPY lib /opt/app/aaf/lib COPY bin /opt/app/aaf/bin COPY theme/ /opt/app/aaf/theme/ -RUN mkdir -p /opt/app/osaaf &&\ - mkdir -p /opt/app/aaf/status &&\ - chmod 755 /opt/app/aaf/bin/* &&\ - if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ - && chown ${DUSER}:${DUSER} /opt/app/osaaf \ - && chown -R ${DUSER}:${DUSER} /opt/app/aaf;\ +RUN mkdir -p /opt/app/aaf && \ + if [ -n "${DUSER}" ]; then \ + addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash ;\ + chown -R ${DUSER}:${DUSER} /opt/app/aaf ;\ + chmod 774 /opt/app/aaf/bin/* ;\ fi +# Note: User added if in d.props diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello index 4b12a6f1..e8a60566 100644 --- a/auth/docker/Dockerfile.hello +++ b/auth/docker/Dockerfile.hello @@ -27,15 +27,16 @@ LABEL version=${AAF_VERSION} COPY bin/pod_wait.sh /opt/app/aaf/bin/ COPY lib /opt/app/aaf/lib COPY bin/hello /opt/app/aaf/bin/ -COPY etc /opt/app/aaf/etc -COPY logs /opt/app/aaf/logs +COPY etc /opt/app/osaaf/etc +COPY logs /opt/app/osaaf/logs -RUN mkdir -p /opt/app/osaaf &&\ - mkdir -p /opt/app/aaf/status &&\ - chmod 755 /opt/app/aaf/bin/* &&\ - if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ - && chown ${DUSER}:${DUSER} /opt/app/osaaf \ - && chown -R ${DUSER}:${DUSER} /opt/app/aaf;\ +RUN mkdir -p /opt/app/aaf /opt/app/osaaf/logs/hello /opt/app/osaaf/local && \ + if [ -n "${DUSER}" ]; then \ + addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash ;\ + chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/osaaf;\ + chmod 774 /opt/app/aaf/bin/* ;\ fi CMD [] + +# Note: User added if in d.props diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh index b498428b..d0393d0a 100644 --- a/auth/docker/aaf.sh +++ b/auth/docker/aaf.sh @@ -21,9 +21,18 @@ . ./d.props -DOCKER=${DOCKER:=docker} -# if something, may not want CASS attached all the tim -#LINKS="--link $CASSANDRA_DOCKER" +DOCKER=${DOCKER:-docker} +if [ "$DOCKER" = "podman" ]; then + PODNAME=${PODNAME:-$HOSTNAME} + if $(podman pod exists $PODNAME); then + echo "Using existing 'podman' pod $PODNAME" + LINKS="--pod $PODNAME " + #else + #echo "Create new 'podman' pod $PODNAME" + #podman pod create --infra=true -n $PODNAME --publish 8100:8100 + fi + LINKS="--pod $PODNAME " +fi # DOCKER doesn't have DNS out of the box, only links. # so we add cm_always_ignore_ips in --env diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh index f59bd228..0abce9c6 100644 --- a/auth/docker/agent.sh +++ b/auth/docker/agent.sh @@ -111,8 +111,9 @@ function run_it() { fi $DOCKER run -it --rm \ ${USER_LINE} \ - -v "${VOLUME}:/opt/app/osaaf" \ + -v "${VOLUME}:/opt/app/osaaf/local" \ --add-host="$AAF_FQDN:$AAF_FQDN_IP" \ + $USER_LINE \ --env AAF_FQDN=${AAF_FQDN} \ --env DEPLOY_FQI=${DEPLOY_FQI} \ --env DEPLOY_PASSWORD=${DEPLOY_PASSWORD} \ @@ -138,6 +139,7 @@ function reset_sso { mkdir -p ~/.aaf > $HOME/.aaf/sso.props sso aaf_locate_url "https://$AAF_FQDN:8095" + sso aaf_url_cm "https://$AAF_FQDN:8150" sso cadi_latitude "$LATITUDE" sso cadi_longitude "$LONGITUDE" sso cadi_loglevel "DEBUG" diff --git a/auth/docker/components b/auth/docker/components index 7f58dc33..bb5f27b2 100644 --- a/auth/docker/components +++ b/auth/docker/components @@ -3,5 +3,4 @@ locate oauth cm gui -hello fs diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init index 8ef2e31a..ebc550a5 100644 --- a/auth/docker/d.props.init +++ b/auth/docker/d.props.init @@ -23,7 +23,7 @@ PROJECT=aaf # Note: Override can happen on dbuild.sh Commandline, -r DOCKER_PULL_REGISTRY=nexus3.onap.org:10001 DOCKER_REPOSITORY=nexus3.onap.org:10003 -VERSION=2.1.17-SNAPSHOT +VERSION=2.1.20-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # For local builds, set PREFIX= PREFIX="$DOCKER_REPOSITORY/" diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index 0a816461..e768904b 100644 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -31,6 +31,19 @@ fi # Remove "SNAPSHOT" from AAF Jars in Containers JAR_VERSION=${VERSION/-SNAPSHOT/} +function SCP() { + SANS=${1/-SNAPSHOT/} + echo $1 = $SANS + if [ -e $SANS ]; then + cp $SANS $2 + else + + ln $1 $SANS + cp $SANS $2 + rm $SANS + fi +} + # process input. originally, an optional positional parameter is used to designate a component. # A flagged parameter has been added to optionally indicate docker pull registry. Ideally, options # would be flagged but we're avoiding ripple effect of changing original usage @@ -46,6 +59,7 @@ if [ $# -gt 0 ]; then else DOCKER_PULL_REGISTRY=$3 fi + shift fi fi fi @@ -54,81 +68,82 @@ grep -v '#' d.props | grep '=' | grep -v -e "=$" DOCKER=${DOCKER:=docker} -echo "Building Containers for aaf components, version $VERSION" -# AAF_cass now needs a version... -echo "### Build Cass" -cd ../auth-cass/docker -pwd -bash ./dbuild.sh $DOCKER_PULL_REGISTRY -cd - - ######## -# First, build a AAF Base version - set the core image, etc -echo "### Build Base" -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ - -e 's/${DUSER}/'${DUSER}'/g' \ - -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \ - Dockerfile.base > Dockerfile -$DOCKER build -t ${ORG}/${PROJECT}/aaf_base:${VERSION} . -$DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:${VERSION} -$DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:latest -rm Dockerfile - -function SCP() { - SANS=${1/-SNAPSHOT/} - echo $1 = $SANS - if [ -e $SANS ]; then - cp $SANS $2 - else - - ln $1 $SANS - cp $SANS $2 - rm $SANS - fi -} +# Preliminary: if Cass exists, build that first +if [[ -z "$1" || "$1" = "cass" ]]; then + echo "#### Delegate to Cassandra build" + echo "Building Containers for aaf components, version $VERSION" + # AAF_cass now needs a version... + echo "### Build Cass" + cd ../auth-cass/docker + bash ./dbuild.sh $DOCKER_PULL_REGISTRY + cd - +fi -######## -# Second, Create the AAF Config (Security) Images +if [[ -z "$1" || "$1" = "base" ]]; then + ######## + # First, build a AAF Base version - set the core image, etc + echo "### Build Base" + sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ + -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \ + Dockerfile.base > Dockerfile + $DOCKER build -t ${ORG}/${PROJECT}/aaf_base:${VERSION} . + $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:${VERSION} + $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:latest + rm Dockerfile +fi + +# Common copies cd .. -# Note: only 2 jars each in Agent/Config -SCP auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin -SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin SCP ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin -SCP ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin -cp -Rf ../conf/CA sample - -# AAF Config image (for AAF itself) -echo "### Build Config" -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ - -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ - -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ - -e 's/${DUSER}/'${DUSER}'/g' \ - docker/Dockerfile.config > sample/Dockerfile -$DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample -$DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION} -$DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:latest - - -# AAF Agent Image (for Clients) -echo "### Build Agent" -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ - -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ - -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ - -e 's/${DUSER}/'${DUSER}'/g' \ - docker/Dockerfile.agent > sample/Dockerfile -$DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample -$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION} -$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest + +if [[ -z "$1" || "$1" = "config" ]]; then + ######## + # Second, Create the AAF Config (Security) Images + # Note: only 2 jars each in Agent/Config + SCP auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin + SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin + SCP ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin + cp -Rf ../conf/CA sample + + # AAF Config image (for AAF itself) + echo "### Build Config" + sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ + -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ + -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ + docker/Dockerfile.config > sample/Dockerfile + # Note: do Config as Root, to get directories correct + $DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample + $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION} + $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:latest +fi + +if [[ -z "$1" || "$1" = "agent" ]]; then + # AAF Agent Image (for Clients) + echo "### Build Agent" + sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ + -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ + -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ + docker/Dockerfile.agent > sample/Dockerfile + #if [ -n "$DUSER" ]; then + # echo "USER $DUSER" >> sample/Dockerfile + #fi + $DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample + $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION} + $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest + +fi # Clean up -rm sample/Dockerfile sample/bin/aaf-*-*.jar -rm -Rf sample/CA +rm -Rf sample/Dockerfile sample/bin/aaf-*-*.jar sample/CA cd - - ######## # Third Copy AAF Executables to a BUILD Directory, for easy Cleanup echo "### Copy to aaf_DBUILD" @@ -155,53 +170,65 @@ if [ ! "$VERSION" = "$JAR_VERSION" ]; then done cd ${START_DIR} fi - -######## -# Third, build a core Docker Image to be used for all AAF Components cp ../sample/bin/pod_wait.sh ../aaf_DBUILD/bin -# Apply currrent Properties to Docker file, and put in place. -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ - -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ - -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ - -e 's/${DUSER}/'${DUSER}'/g' \ - Dockerfile.core >../aaf_DBUILD/Dockerfile -cd .. - -echo "### Building Core" -# Don't need "Hello" App in core -mv aaf_DBUILD/lib/aaf-auth-hello-${JAR_VERSION}* /tmp -$DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_DBUILD -$DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION} -$DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest -rm aaf_DBUILD/Dockerfile -mv /tmp/aaf-auth-hello-${JAR_VERSION}* aaf_DBUILD/lib - -######## -# Fourth, do Hello -# Apply currrent Properties to Docker file, and put in place. -echo "### Building Hello" -cd - -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ - -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ - -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ - -e 's/${DUSER}/'${DUSER}'/g' \ - Dockerfile.hello >../aaf_DBUILD/Dockerfile -cd .. - -cp -Rf sample/etc aaf_DBUILD -cp -Rf sample/logs aaf_DBUILD - -for C in cass certman cmd deforg fs gui locate oauth service; do - rm aaf_DBUILD/lib/aaf-auth-$C-* -done +if [[ -z "$1" || "$1" = "core" ]]; then + ######## + # Fourth, build a core Docker Image to be used for all AAF Components + # Apply currrent Properties to Docker file, and put in place. + sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ + -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ + -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ + Dockerfile.core >../aaf_DBUILD/Dockerfile + if [ -n "$DUSER" ]; then + echo "USER $DUSER" >> ../aaf_DBUILD/Dockerfile + fi + cd .. + + $DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_DBUILD + $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION} + $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest + rm aaf_DBUILD/Dockerfile + + cd - +fi -$DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_DBUILD -$DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:${VERSION} -$DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:latest +if [[ -z "$1" || "$1" = "hello" ]]; then + ######## + # Fifth, do Hello + # Apply currrent Properties to Docker file, and put in place. + echo "### Building Hello" + cp ../sample/bin/client.sh ../aaf_DBUILD/bin + cp ../sample/hello/init.sh ../aaf_DBUILD/bin/hello_init.sh + SCP ../../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar ../aaf_DBUILD/bin + + sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ + -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ + -e 's/${DUSER}/'${DUSER}'/g' \ + Dockerfile.hello >../aaf_DBUILD/Dockerfile + #if [ -n "$DUSER" ]; then + # echo "USER $DUSER" >> ../aaf_DBUILD/Dockerfile + #fi + + cd .. + cp -Rf sample/etc aaf_DBUILD + cp -Rf sample/logs aaf_DBUILD + cp -Rf sample/cert aaf_DBUILD + + for C in cass certman cmd deforg fs gui locate oauth service; do + rm aaf_DBUILD/lib/aaf-auth-$C-* + done + $DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_DBUILD + if [ -n ${DOCKER_REPOSITORY} ]; then + $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:${VERSION} + $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:latest + fi + cd - +fi # Final cleanup -rm -Rf aaf_DBUILD +rm -Rf ../aaf_DBUILD -cd - diff --git a/auth/docker/dclean.sh b/auth/docker/dclean.sh index f27cc4ec..867f4c69 100644 --- a/auth/docker/dclean.sh +++ b/auth/docker/dclean.sh @@ -22,6 +22,10 @@ . ./d.props DOCKER=${DOCKER:=docker} +if [ "$1" == "all" ]; then + AAF_COMPONENTS=cass + shift +fi if [ "$1" == "" ]; then AAF_COMPONENTS="$(cat components) config core agent base " else diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh index 57a61676..86fe5984 100644 --- a/auth/docker/drun.sh +++ b/auth/docker/drun.sh @@ -34,6 +34,14 @@ else AAF_COMPONENTS="$@" fi +# All the NORMAL services use common directory +# remove this for Hello, which we want non shared +CONFIG="-v aaf_config:$CONF_ROOT_DIR" +if [ -n "${DUSER}" ]; then + THE_USER="--user $DUSER" +fi +IMAGE="${PREFIX}${ORG}/${PROJECT}/aaf_core:${VERSION}" + for AAF_COMPONENT in ${AAF_COMPONENTS}; do LINKS="" CMD_LINE="" @@ -75,17 +83,40 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs" ;; "hello") - PUBLISH="--publish 8130:8130" LINKS="--link aaf-service --link aaf-locate --link aaf-oauth --link aaf-cm" - CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate && exec bin/hello" + CONFIG="-v aaf_hello_config:/opt/app/osaaf/local" + + # Since Helm based element have init-containers, take the same approach here. + if [ -z "$(docker volume ls | grep aaf_hello_config)" ]; then + echo Init Hello Config Container + + echo -n "Creating Volume: " + $DOCKER volume create -d local aaf_hello_config + + $DOCKER run --rm --name aaf_hello_config ${LINKS} \ + $CONFIG \ + --env AAF_FQDN=$HOSTNAME \ + --env DEPLOY_FQI=deployer@people.osaaf.org \ + --env DEPLOY_PASSWORD=demo123456! \ + --env APP_FQI=aaf@aaf.osaaf.org \ + --env APP_FQDN=aaf-hello \ + --env LATITUDE=$LATITUDE \ + --env LONGITUDE=$LONGITUDE \ + --env aaf_locator_container_ns=onap \ + --env aaf_locator_container=docker \ + $LINKS \ + "${PREFIX}${ORG}/${PROJECT}/aaf_agent:${VERSION}" \ + bash -c "bash /opt/app/aaf_config/bin/agent.sh && chown -R ${DUSER}:${DUSER} /opt/app/osaaf/local" + fi + + PUBLISH="--publish 8130:8130" + #CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate aaf-cm && sleep 240" + CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate aaf-cm && exec bin/hello" + IMAGE="${PREFIX}${ORG}/${PROJECT}/aaf_hello:${VERSION}" ;; esac echo Starting aaf-$AAF_COMPONENT... - if [ -n "${DUSER}" ]; then - THE_USER="--user $DUSER" - fi - $DOCKER run \ -d \ @@ -104,9 +135,10 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do --env CASSANDRA_USER=${CASSANDRA_USER} \ --env CASSANDRA_PASSWORD=${CASSANDRA_PASSWORD} \ --env CASSANDRA_PORT=${CASSANDRA_PORT} \ - $PUBLISH \ - -v "aaf_config:$CONF_ROOT_DIR" \ -v "aaf_status:/opt/app/aaf/status" \ - ${PREFIX}${ORG}/${PROJECT}/aaf_core:${VERSION} \ + $PUBLISH \ + $CONFIG \ + $IMAGE \ /bin/bash -c "$CMD_LINE" + done diff --git a/auth/docker/dstop.sh b/auth/docker/dstop.sh index fce79226..6549f3cf 100644 --- a/auth/docker/dstop.sh +++ b/auth/docker/dstop.sh @@ -22,7 +22,11 @@ . ./d.props DOCKER=${DOCKER:=docker} -if [ "$1" == "" ]; then +if [ "$1" = "all" ]; then + AAF_COMPONENTS="cass" + shift +fi +if [ -z "$1" ]; then for C in $(cat components); do AAF_COMPONENTS="$C $AAF_COMPONENTS" done @@ -33,3 +37,4 @@ fi for AAF_COMPONENT in ${AAF_COMPONENTS}; do $DOCKER stop aaf-$AAF_COMPONENT done + diff --git a/auth/docker/podman_create.sh b/auth/docker/podman_create.sh new file mode 100644 index 00000000..ad164e91 --- /dev/null +++ b/auth/docker/podman_create.sh @@ -0,0 +1,5 @@ +podman pod create --name "aaf.gathsys.com" --publish 9042,8100 + +#--publish 8095:8095 --publish 8140:8140 --publish 8150:8150 --publish 8200:8200 --publish 8130:8130 --publish 9042:9042 + +# --publish 80:8096 diff --git a/auth/docker/pom.xml b/auth/docker/pom.xml index 9bfb80c8..8f7782e7 100644 --- a/auth/docker/pom.xml +++ b/auth/docker/pom.xml @@ -25,7 +25,7 @@ org.onap.aaf.authz authparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT ../pom.xml diff --git a/auth/helm/aaf-hello/templates/aaf-hello.yaml b/auth/helm/aaf-hello/templates/aaf-hello.yaml index 3ff9a576..37127c73 100644 --- a/auth/helm/aaf-hello/templates/aaf-hello.yaml +++ b/auth/helm/aaf-hello/templates/aaf-hello.yaml @@ -60,7 +60,7 @@ spec: image: "{{ .Values.image.repository }}{{ .Values.service.agentImage }}" imagePullPolicy: IfNotPresent volumeMounts: - - mountPath: "/opt/app/osaaf" + - mountPath: "/opt/app/osaaf/local" name: aaf-hello-vol command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] env: @@ -94,7 +94,7 @@ spec: imagePullPolicy: IfNotPresent command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"] volumeMounts: - - mountPath: "/opt/app/osaaf" + - mountPath: "/opt/app/osaaf/local" name: aaf-hello-vol ports: - name: aaf-hello diff --git a/auth/helm/aaf-hello/values.yaml b/auth/helm/aaf-hello/values.yaml index 130fa74e..d907fcbe 100644 --- a/auth/helm/aaf-hello/values.yaml +++ b/auth/helm/aaf-hello/values.yaml @@ -37,8 +37,8 @@ image: # repository: localhost:5000/ service: - agentImage: onap/aaf/aaf_agent:2.1.17-SNAPSHOT - image: onap/aaf/aaf_hello:2.1.17-SNAPSHOT + agentImage: onap/aaf/aaf_agent:2.1.20-SNAPSHOT + image: onap/aaf/aaf_hello:2.1.20-SNAPSHOT app_ns: "org.osaaf.aaf" fqi: "aaf@aaf.osaaf.org" fqdn: "aaf-hello" diff --git a/auth/helm/aaf/Chart.yaml b/auth/helm/aaf/Chart.yaml index 976e2efe..727aa2b4 100644 --- a/auth/helm/aaf/Chart.yaml +++ b/auth/helm/aaf/Chart.yaml @@ -22,4 +22,7 @@ apiVersion: v1 appVersion: "1.0" description: AAF Helm Chart name: aaf -version: 2.1.17-SNAPSHOT +## Use this to pull Released Version +# version: 2.1.19 + +version: 2.1.19-SNAPSHOT diff --git a/auth/helm/aaf/aaf.sh b/auth/helm/aaf/aaf.sh index 2b94c2ff..51a81da5 100644 --- a/auth/helm/aaf/aaf.sh +++ b/auth/helm/aaf/aaf.sh @@ -1,5 +1,5 @@ -. ../../docker/aaf.props -IMAGE=onap/aaf/aaf_config:$VERSION +. ../../docker/d.props +IMAGE=$DOCKER_REPOSITORY/onap/aaf/aaf_config:$VERSION kubectl -n onap run -it --rm aaf-config-$USER --image=$IMAGE --overrides=' { diff --git a/auth/helm/aaf/templates/aaf-cass.yaml b/auth/helm/aaf/templates/aaf-cass.yaml index f795dfe5..ace21817 100644 --- a/auth/helm/aaf/templates/aaf-cass.yaml +++ b/auth/helm/aaf/templates/aaf-cass.yaml @@ -68,6 +68,23 @@ spec: - name: aaf-status-vol persistentVolumeClaim: claimName: aaf-status-pvc + initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /var/lib/cassandra + chown -R 1000:1000 /var/lib/cassandra + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /var/lib/cassandra + name: aaf-cass-vol containers: ### ### AAF-CASS diff --git a/auth/helm/aaf/templates/aaf-cm.yaml b/auth/helm/aaf/templates/aaf-cm.yaml index ebb49835..e64da6cc 100644 --- a/auth/helm/aaf/templates/aaf-cm.yaml +++ b/auth/helm/aaf/templates/aaf-cm.yaml @@ -59,6 +59,22 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /opt/app/osaaf + name: aaf-config-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent diff --git a/auth/helm/aaf/templates/aaf-fs.yaml b/auth/helm/aaf/templates/aaf-fs.yaml index 479447de..e3973af0 100644 --- a/auth/helm/aaf/templates/aaf-fs.yaml +++ b/auth/helm/aaf/templates/aaf-fs.yaml @@ -59,6 +59,22 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-config-vol + - mountPath: /opt/app/aaf/status + name: aaf-status-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent diff --git a/auth/helm/aaf/templates/aaf-gui.yaml b/auth/helm/aaf/templates/aaf-gui.yaml index 14c42599..93c1473f 100644 --- a/auth/helm/aaf/templates/aaf-gui.yaml +++ b/auth/helm/aaf/templates/aaf-gui.yaml @@ -60,6 +60,22 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/osaaf + name: aaf-config-vol + - mountPath: /opt/app/aaf/status + name: aaf-status-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent diff --git a/auth/helm/aaf/templates/aaf-locate.yaml b/auth/helm/aaf/templates/aaf-locate.yaml index d4f2bf66..57ba43d0 100644 --- a/auth/helm/aaf/templates/aaf-locate.yaml +++ b/auth/helm/aaf/templates/aaf-locate.yaml @@ -59,6 +59,22 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /opt/app/osaaf + name: aaf-config-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent diff --git a/auth/helm/aaf/templates/aaf-oauth.yaml b/auth/helm/aaf/templates/aaf-oauth.yaml index 4d5ac75a..ab21e3ab 100644 --- a/auth/helm/aaf/templates/aaf-oauth.yaml +++ b/auth/helm/aaf/templates/aaf-oauth.yaml @@ -59,6 +59,22 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /opt/app/osaaf + name: aaf-config-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent diff --git a/auth/helm/aaf/templates/aaf-service.yaml b/auth/helm/aaf/templates/aaf-service.yaml index 96efa75c..da1134ac 100644 --- a/auth/helm/aaf/templates/aaf-service.yaml +++ b/auth/helm/aaf/templates/aaf-service.yaml @@ -58,10 +58,26 @@ spec: persistentVolumeClaim: claimName: aaf-status-pvc initContainers: + - command: + - /bin/sh + - -c + - | + chmod -R 775 /opt/app/aaf/status + chown -R 1000:1000 /opt/app/aaf/status + chmod -R 775 /opt/app/osaaf + chown -R 1000:1000 /opt/app/osaaf + image: busybox:1.28 + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: init-sysctl + volumeMounts: + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /opt/app/osaaf + name: aaf-config-vol - name: aaf-config-container image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} imagePullPolicy: IfNotPresent - command: ["bash","/opt/app/aaf_config/bin/agent.sh"] + command: ["bash","-c","/opt/app/aaf_config/bin/agent.sh"] volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol diff --git a/auth/helm/aaf/values.yaml b/auth/helm/aaf/values.yaml index 9cfee331..4a023295 100644 --- a/auth/helm/aaf/values.yaml +++ b/auth/helm/aaf/values.yaml @@ -26,6 +26,22 @@ global: persistence: enabled: true +image: + ### FOR RELEASED VERSION ### + # When using Docker Repo, add, and include trailing "/" + # For Released Versions (both Repo and remove "-SNAPSHOT" from version) + # repository: nexus3.onap.org:10001/ + # version: 2.1.20 + + ### FOR SNAPSHOTS, DEVELOPMENT, ETC ### + # When using Locally built images, comment out "repository" + # repository: nexus3.onap.org:10001/ + # For your own Repo + # repository: localhost:5000/ + # When using locally built Docker Container, set Repository to "" + repository: "" + version: 2.1.20-SNAPSHOT + services: aaf_env: "DEV" aaf_id: "aaf@aaf.osaaf.org" @@ -98,14 +114,6 @@ persistence: mountSubPath: "config" storageClass: "manual" -image: - # When using locally built Docker Container, set Repository to "" - repository: "" - # When using Docker Repo, add, and include trailing "/" - # repository: nexus3.onap.org:10003/ - # repository: localhost:5000/ - version: 2.1.17-SNAPSHOT - resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little diff --git a/auth/pom.xml b/auth/pom.xml index eb65a5d3..16804d32 100644 --- a/auth/pom.xml +++ b/auth/pom.xml @@ -26,7 +26,7 @@ org.onap.aaf.authz parent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT authparent AAF Auth Parent diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index 4132e6ca..00818c99 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -21,25 +21,54 @@ # This script is run when starting client Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # + +# +# error handling. REQUIRED: if this script fails, it must give non-zero exit value +# +# We exit non-zero with an explanation echod to standard +# out in some situations, like bad input or failed keygen. +# We exit non-zero without explanation in other situations +# like command not found, or file access perms error. +# +# exit without explaining to stdout if some error +set -e + +[ -z "$JAVA_HOME" ] && { echo FAILURE: JAVA_HOME is not set; exit 1;} JAVA=${JAVA_HOME}/bin/java + +[ -e ${JAVA_HOME} ] || { echo FAILURE: java home does not exist: ${JAVA_HOME}; exit 1;} +[ -e ${JAVA} ] || { echo FAILURE: java executable does not exist: ${JAVA}; exit 1;} + AAF_INTERFACE_VERSION=2.1 # Extract Name, Domain and NS from FQI +[ -z "$APP_FQI" ] && { echo FAILURE: APP_FQI is not set; exit 1; } + FQIA=($(echo ${APP_FQI} | tr '@' '\n')) FQI_SHORT=${FQIA[0]} FQI_DOMAIN=${FQIA[1]} +[ -z "$FQI_SHORT" ] && { echo FAILURE: malformed APP_FQI, should be like email form: name@domain; exit 1; } +[ -z "$FQI_DOMAIN" ] && { echo FAILURE: malformed APP_FQI, should be like email form: name@domain; exit 1; } + # Reverse DOMAIN for NS FQIA_E=($(echo ${FQI_DOMAIN} | tr '.' '\n')) for (( i=( ${#FQIA_E[@]} -1 ); i>0; i-- )); do NS=${NS}${FQIA_E[i]}'.' done NS=${NS}${FQIA_E[0]} -CONFIG="/opt/app/aaf_config" -OSAAF="/opt/app/osaaf" -LOCAL="$OSAAF/local" -DOT_AAF="$HOME/.aaf" +CONFIG=${CONFIG:-"/opt/app/aaf_config"} + +# perhaps AAF HOME? (root of aaf installation) +OSAAF=${OSAAF:-"/opt/app/osaaf"} + +# this is the 'place' operation's destination +LOCAL=${LOCAL:-"$OSAAF/local"} +DOT_AAF=${DOT_AAF:-"${HOME}/.aaf"} SSO="$DOT_AAF/sso.props" +# for *backup files +backupDir=${BACKUP_DIR:-${LOCAL}} + if [ -e "$CONFIG" ]; then CONFIG_BIN="$CONFIG/bin" else @@ -50,17 +79,32 @@ AGENT_JAR="$CONFIG_BIN/aaf-cadi-aaf-*-full.jar" JAVA_AGENT="$JAVA -Dcadi_loglevel=DEBUG -Dcadi_etc_dir=${LOCAL} -Dcadi_log_dir=${LOCAL} -jar $AGENT_JAR " +function backup() { + # any backup files? + if stat -t *.backup > /dev/null 2>&1; then + # move them somewhere else? + if [ "${backupDir}" != "${LOCAL}" ]; then + mkdir -p ${backupDir} + mv -f ${LOCAL}/*.backup ${backupDir} + fi + fi +} + # Setup SSO info for Deploy ID function sso_encrypt() { - $JAVA_AGENT cadi digest ${1} $DOT_AAF/keyfile + $JAVA_AGENT cadi digest ${1} $DOT_AAF/keyfile || { + echo agent fails to digest password + exit 1 + } } -# Setup Bash, first time only -if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep agent $HOME/.bashrc)" ]; then - echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" >>$HOME/.bashrc +# Setup Bash, first time only, Agent only +if [ ! -f "$HOME/.bashrc" ] || [ -z "$(grep agent $HOME/.bashrc)" ]; then + echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" >> $HOME/.bashrc chmod a+x $CONFIG_BIN/agent.sh . $HOME/.bashrc fi + if [ ! -e "$DOT_AAF/truststoreONAPall.jks" ]; then mkdir -p $DOT_AAF base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks @@ -68,8 +112,18 @@ fi # Create Deployer Info, located at /root/.aaf if [ ! -e "$DOT_AAF/keyfile" ]; then - $JAVA_AGENT cadi keygen $DOT_AAF/keyfile + + $JAVA_AGENT cadi keygen $DOT_AAF/keyfile || { + echo "Cannot create $DOT_AAF/keyfile" + exit 1 + } + chmod 400 $DOT_AAF/keyfile + +fi + +if [ ! -e "${SSO}" ]; then + echo Creating and adding content to ${SSO} echo "cadi_keyfile=$DOT_AAF/keyfile" > ${SSO} # Add Deployer Creds to Root's SSO @@ -86,7 +140,7 @@ if [ ! -e "$DOT_AAF/keyfile" ]; then echo "aaf_url_cm=https://aaf-cm:8150" >> ${SSO} echo "aaf_url=https://aaf-service:8100" >> ${SSO} else - echo "aaf_locate_url=https://$aaf-locator.${CONTAINER_NS}:8095" >> ${SSO} + echo "aaf_locate_url=https://${aaf_locator_fqdn}:8095" >> ${SSO} echo "aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%NS.cm:2.1" >> ${SSO} echo "aaf_url=https://AAF_LOCATE_URL/%CNS.%NS.service:2.1" >> ${SSO} fi @@ -111,7 +165,6 @@ if [ ! -e "$DOT_AAF/keyfile" ]; then . ${SSO} echo "Caller Properties Initialized" - INITIALIZED="true" echo "cat SSO" cat ${SSO} fi @@ -128,38 +181,64 @@ cd $LOCAL echo "Existing files in $LOCAL" ls -l -# Should we clean up? +# Should we refresh the client version?? if [ "${VERSION}" != "$(cat ${LOCAL}/VERSION 2> /dev/null)" ]; then echo "Clean up directory ${LOCAL}" rm -Rf ${LOCAL}/* + + echo "${VERSION}" > $LOCAL/VERSION + cp $AGENT_JAR $LOCAL + echo "#!/bin/bash" > $LOCAL/agent + echo 'java -jar aaf-cadi-aaf-*-full.jar $*' >> $LOCAL/agent + echo "#!/bin/bash" > $LOCAL/cadi + echo 'java -jar aaf-cadi-aaf-*-full.jar cadi $*' >> $LOCAL/cadi + chmod 755 $LOCAL/agent $LOCAL/cadi fi -echo "${VERSION}" > $LOCAL/VERSION echo "Namespace is ${NS}" + # Only initialize once, automatically... -if [ ! -e $LOCAL/${NS}.props ]; then +if [ ! -f $LOCAL/${NS}.props ]; then + [ -z "$APP_FQDN" ] && { echo FAILURE: APP_FQDN is not set; exit 1; } + echo "#### Create Configuration files " - $JAVA_AGENT config $APP_FQI $APP_FQDN + > $LOCAL/$NS + $JAVA_AGENT config $APP_FQI $APP_FQDN --nopasswd || { + echo Cannot create config files + exit 1 + } cat $LOCAL/$NS.props echo echo "#### Certificate Authorization Artifact" # TMP=$(mktemp) TMP=$LOCAL/agent.log - $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} | tee $TMP + + + $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} | tee $TMP ; [ ${PIPESTATUS[0]} -eq 0 ] || { + echo Cannot read artificate; + exit 1; + } + if [ -n "$(grep 'Namespace:' $TMP)" ]; then echo "#### Place Certificates (by deployer)" - $JAVA_AGENT place $APP_FQI $APP_FQDN + $JAVA_AGENT place $APP_FQI $APP_FQDN || { + echo Failed to obtain new certificate + exit 1 + + } - if [ -z "$(grep cadi_alias $NS.cred.props)" ]; then - echo "FAILED to get Certificate" - INITIALIZED="false" + if [ -z "$(grep cadi_alias ${LOCAL}/$NS.cred.props)" ]; then + echo "FAILED to get Certificate, cadi_alias is not defined." + exit 1 else echo "Obtained Certificates" echo "#### Validate Configuration and Certificate with live call" - $JAVA_AGENT validate cadi_prop_files=${NS}.props - INITIALIZED="true" + $JAVA_AGENT validate cadi_prop_files=${NS}.props || { + echo Failed to validate new certificate + exit 1 + } fi else echo "#### Certificate Authorization Artifact must be valid to continue" @@ -169,19 +248,16 @@ else INITIALIZED="true" fi -# Now run a command -CMD=$2 -if [ -z "$CMD" ]; then - if [ -n "$INITIALIZED" ]; then - echo "Initialization complete" - fi +if [ -z "$*" ]; then + echo "Initialization complete" else - shift + # Now run a command + CMD=$1 shift case "$CMD" in ls) echo ls requested - find /opt/app/osaaf -depth + find ${OSAAF} -depth ;; cat) if [ "$1" = "" ]; then @@ -200,33 +276,53 @@ else ;; read) echo "## Read Artifacts" - $JAVA_AGENT read $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=INFO + $JAVA_AGENT read $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=INFO || { + echo Command faile, cannot read artifacts + exit 1 + } ;; showpass) echo "## Show Passwords" - $JAVA_AGENT showpass $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=ERROR + $JAVA_AGENT showpass $APP_FQI $APP_FQDN cadi_prop_files=${SSO} cadi_loglevel=ERROR || { + echo Failure showing password + exit 1 + } ;; check) echo "## Check Certificate" echo "$JAVA_AGENT check $APP_FQI $APP_FQDN cadi_prop_files=${LOCAL}/${NS}.props" - $JAVA_AGENT check $APP_FQI $APP_FQDN cadi_prop_files=${LOCAL}/${NS}.props + # inspects and repots on certificate validation and renewal date + $JAVA_AGENT check $APP_FQI $APP_FQDN cadi_prop_files=${LOCAL}/${NS}.props || { + echo Checking certificate fails. + exit 1 + } ;; validate) echo "## validate requested" - $JAVA_AGENT validate $APP_FQI $APP_FQDN + # attempt to send request to aaf; authenticate with this local certificate + $JAVA_AGENT validate $APP_FQI $APP_FQDN || { + echo Validation fails. + exit 1 + } ;; place) echo "## Renew Certificate" - $JAVA_AGENT place $APP_FQI $APP_FQDN cadi_prop_files=${SSO} + $JAVA_AGENT place $APP_FQI $APP_FQDN cadi_prop_files=${SSO} || { + echo Placing certificate fails. + exit 1 + } ;; renew) echo "## Renew Certificate" - $JAVA_AGENT place $APP_FQI $APP_FQDN + $JAVA_AGENT place $APP_FQI $APP_FQDN || { + echo Failure renewing certificate + exit 1 + } ;; bash) shift cd $LOCAL || exit - exec bash "$@" + exec bash "$@" ;; setProp) cd $LOCAL || exit @@ -280,11 +376,14 @@ else done ;; taillog) - sh /opt/app/osaaf/logs/taillog + sh ${OSAAF}/logs/taillog ;; testConnectivity|testconnectivity) echo "--- Test Connectivity ---" - $JAVA -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props + $JAVA -cp $AGENT_JAR org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/${NS}.props || { + echo Failure while testing connectivity + exit 1 + } ;; --help | -?) case "$1" in @@ -320,10 +419,12 @@ else ### Possible Dublin # sample) # echo "--- run Sample Servlet App ---" - # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props + # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $AGENT_JAR:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props # ;; *) $JAVA_AGENT "$CMD" "$@" ;; esac fi + +backup diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh index 10a3e15e..2fd49cac 100644 --- a/auth/sample/bin/service.sh +++ b/auth/sample/bin/service.sh @@ -193,6 +193,10 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then fi echo "Created AAF Initial Configurations" INITIALIZED="true" + if [ -n ${DUSER} ]; then + mkdir -p /opt/app/osaaf/logs + chown -R 1000:1000 /opt/app/aaf /opt/app/osaaf + fi fi diff --git a/auth/sample/cass_data/cred.dat b/auth/sample/cass_data/cred.dat index be30ad33..6d81bc42 100644 --- a/auth/sample/cass_data/cred.dat +++ b/auth/sample/cass_data/cred.dat @@ -1,47 +1,47 @@ -portal@portal.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.portal|53344| -shi@shi.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.shi|53344| -aaf@aaf.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.aaf|53344| -aaf-sms@aaf-sms.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aaf-sms|53344| -clamp@clamp.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344| -aai@aai.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344| -appc@appc.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344| -dcae@dcae.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dcae|53344| -oof@oof.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.oof|53344| -so@so.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.so|53344| -sdc@sdc.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdc|53344| -sdnc@sdnc.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc|53344| -sdnc-cds@sdnc-cds.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc-cds|53344| -vfc@vfc.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vfc|53344| -policy@policy.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.policy|53344| -pomba@pomba.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.pomba|53344| -holmes@holmes.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes|53344| -nbi@nbi.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.nbi|53344| -music@music.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.music|53344| -vid@vid.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid|53344| -vid1@vid1.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid1|53344| -vid2@vid2.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid2|53344| -dmaap-bc@dmaap-bc.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc|53344| -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-topic-mgr|53344| -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-mm-prov|53344| -dmaap-dr@dmaap-dr.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr|53344| -dmaap-dr-prov@dmaap-dr-prov.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-prov|53344| -dmaap-dr-node@dmaap-dr-node.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-node|53344| -dmaap-mr@dmaap-mr.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-mr|53344| -dmaapmr@dmaapmr.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaapmr|53344| -#dmaap.mr@#dmaap.mr.onap.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.mr.#dmaap|53344| -iowna@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -mmanager@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -bdevl@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -mmarket@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -demo@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -jh0003@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -cs0008@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -jm0007@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -op0001@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -gv0001@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -pm0001@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -gs0001@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -ps0001@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -aaf_admin@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -deployer@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| -portal_admin@people.osaaf.org|2|2020-08-18 08:41:56.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +portal@portal.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.portal|53344| +shi@shi.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.shi|53344| +aaf@aaf.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.aaf|53344| +aaf-sms@aaf-sms.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aaf-sms|53344| +clamp@clamp.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344| +aai@aai.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344| +appc@appc.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344| +dcae@dcae.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dcae|53344| +oof@oof.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.oof|53344| +so@so.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.so|53344| +sdc@sdc.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdc|53344| +sdnc@sdnc.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc|53344| +sdnc-cds@sdnc-cds.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc-cds|53344| +vfc@vfc.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vfc|53344| +policy@policy.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.policy|53344| +pomba@pomba.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.pomba|53344| +holmes@holmes.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes|53344| +nbi@nbi.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.nbi|53344| +music@music.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.music|53344| +vid@vid.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid|53344| +vid1@vid1.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid1|53344| +vid2@vid2.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid2|53344| +dmaap-bc@dmaap-bc.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc|53344| +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-topic-mgr|53344| +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-mm-prov|53344| +dmaap-dr@dmaap-dr.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr|53344| +dmaap-dr-prov@dmaap-dr-prov.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-prov|53344| +dmaap-dr-node@dmaap-dr-node.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-node|53344| +dmaap-mr@dmaap-mr.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-mr|53344| +dmaapmr@dmaapmr.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaapmr|53344| +#dmaap.mr@#dmaap.mr.onap.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.mr.#dmaap|53344| +iowna@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +mmanager@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +bdevl@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +mmarket@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +demo@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +jh0003@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +cs0008@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +jm0007@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +op0001@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +gv0001@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +pm0001@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +gs0001@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +ps0001@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +aaf_admin@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +deployer@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| +portal_admin@people.osaaf.org|2|2020-09-05 12:09:20.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344| diff --git a/auth/sample/cass_data/perm.dat b/auth/sample/cass_data/perm.dat index 811b1a07..73b3cd52 100644 --- a/auth/sample/cass_data/perm.dat +++ b/auth/sample/cass_data/perm.dat @@ -440,54 +440,7 @@ org.onap.sdnc|odl|odl-api|read||"{'org.onap.sdnc|service'}" org.onap.sdnc|odl|odl-api|update||"{'org.onap.sdnc|service'}" org.onap.so|access|*|*|AAF Namespace Write Access|"{'org.onap.so|admin', 'org.onap.so|app'}" org.onap.so|access|*|read|AAF Namespace Read Access|"{'org.onap.so|owner'}" -org.onap.so|actuatorManagementPerm|/manage/*|GET||"{'org.onap.so|actuatorManagementUsers'}" -org.onap.so|apihPerm|/globalhealthcheck|GET||"{'org.onap.so|apihUsers.Read'}" -org.onap.so|apihPerm|/manage/*|GET|| -org.onap.so|apihPerm|/nodehealthcheck|GET||"{'org.onap.so|apihUsers.Read'}" -org.onap.so|apihPerm|/onap/so/infra/*|DELETE||"{'org.onap.so|apihUsers.Write'}" -org.onap.so|apihPerm|/onap/so/infra/*|GET||"{'org.onap.so|apihUsers.Read', 'org.onap.so|apihUsers.Write'}" -org.onap.so|apihPerm|/onap/so/infra/*|PATCH||"{'org.onap.so|apihUsers.Write'}" -org.onap.so|apihPerm|/onap/so/infra/*|POST||"{'org.onap.so|apihUsers.Write'}" -org.onap.so|apihPerm|/onap/so/infra/*|PUT||"{'org.onap.so|apihUsers.Write'}" -org.onap.so|apihPerm|/tasks/*|POST||"{'org.onap.so|apihUsers.Write'}" -org.onap.so|bpmnPerm|*|DELETE||"{'org.onap.so|bpmnUsers.Write'}" -org.onap.so|bpmnPerm|*|GET||"{'org.onap.so|bpmnUsers.Read', 'org.onap.so|bpmnUsers.Write'}" -org.onap.so|bpmnPerm|*|POST||"{'org.onap.so|bpmnUsers.Write'}" -org.onap.so|bpmnPerm|*|PUT||"{'org.onap.so|bpmnUsers.Write'}" -org.onap.so|bpmnPerm|/manage/*|GET|| -org.onap.so|catalogDbAdapterPerm|*|DELETE||"{'org.onap.so|catalogDbAdapterUsers.Write'}" -org.onap.so|catalogDbAdapterPerm|*|GET||"{'org.onap.so|catalogDbAdapterUsers.Read', 'org.onap.so|catalogDbAdapterUsers.Write'}" -org.onap.so|catalogDbAdapterPerm|*|POST||"{'org.onap.so|catalogDbAdapterUsers.Write'}" -org.onap.so|catalogDbAdapterPerm|*|PUT||"{'org.onap.so|catalogDbAdapterUsers.Write'}" -org.onap.so|catalogDbAdapterPerm|/manage/*|GET|| org.onap.so|certman|local|request,ignoreIPs,showpass||"{'org.onap.so|admin', 'org.osaaf.aaf|deploy'}" -org.onap.so|monitoringPerm|*|GET||"{'org.onap.so|monitoringUsers.Read', 'org.onap.so|monitoringUsers.Write'}" -org.onap.so|monitoringPerm|*|POST||"{'org.onap.so|monitoringUsers.Write'}" -org.onap.so|monitoringPerm|/manage/*|GET|| -org.onap.so|openStackAdapterPerm|*|DELETE||"{'org.onap.so|openStackAdapterUsers.Write'}" -org.onap.so|openStackAdapterPerm|*|GET||"{'org.onap.so|openStackAdapterUsers.Read', 'org.onap.so|openStackAdapterUsers.Write'}" -org.onap.so|openStackAdapterPerm|*|POST||"{'org.onap.so|openStackAdapterUsers.Write'}" -org.onap.so|openStackAdapterPerm|*|PUT||"{'org.onap.so|openStackAdapterUsers.Write'}" -org.onap.so|openStackAdapterPerm|/manage/*|GET|| -org.onap.so|requestDbAdapterPerm|*|DELETE||"{'org.onap.so|requestDbAdapterUsers.Write'}" -org.onap.so|requestDbAdapterPerm|*|GET||"{'org.onap.so|requestDbAdapterUsers.Read', 'org.onap.so|requestDbAdapterUsers.Write'}" -org.onap.so|requestDbAdapterPerm|*|PATCH||"{'org.onap.so|requestDbAdapterUsers.Write'}" -org.onap.so|requestDbAdapterPerm|*|POST||"{'org.onap.so|requestDbAdapterUsers.Write'}" -org.onap.so|requestDbAdapterPerm|*|PUT||"{'org.onap.so|requestDbAdapterUsers.Write'}" -org.onap.so|requestDbAdapterPerm|/manage/*|GET|| -org.onap.so|sdcControllerPerm|*|GET||"{'org.onap.so|sdcControllerUsers.Read', 'org.onap.so|sdcControllerUsers.Write'}" -org.onap.so|sdcControllerPerm|*|POST||"{'org.onap.so|sdcControllerUsers.Write'}" -org.onap.so|sdcControllerPerm|*|PUT||"{'org.onap.so|sdcControllerUsers.Write'}" -org.onap.so|sdcControllerPerm|/manage/*|GET|| -org.onap.so|sdncAdapterPerm|*|GET||"{'org.onap.so|sdncAdapterUsers.Read', 'org.onap.so|sdncAdapterUsers.Write'}" -org.onap.so|sdncAdapterPerm|*|POST||"{'org.onap.so|sdncAdapterUsers.Write'}" -org.onap.so|sdncAdapterPerm|/manage/*|GET|| -org.onap.so|vfcAdapterPerm|*|GET||"{'org.onap.so|vfcAdapterUsers.Read', 'org.onap.so|vfcAdapterUsers.Write'}" -org.onap.so|vfcAdapterPerm|*|POST||"{'org.onap.so|vfcAdapterUsers.Write'}" -org.onap.so|vfcAdapterPerm|/manage/*|GET|| -org.onap.so|vnfmAdapterPerm|*|GET||"{'org.onap.so|vnfmAdapterUsers.Read', 'org.onap.so|vnfmAdapterUsers.Write'}" -org.onap.so|vnfmAdapterPerm|*|POST||"{'org.onap.so|vnfmAdapterUsers.Write'}" -org.onap.so|vnfmAdapterPerm|/manage/*|GET|| org.onap.vfc|access|*|*|AAF Namespace Write Access|"{'org.onap.vfc|admin', 'org.onap.vfc|service'}" org.onap.vfc|access|*|read|AAF Namespace Read Access|"{'org.onap.vfc|owner'}" org.onap.vfc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}" diff --git a/auth/sample/cass_data/role.dat b/auth/sample/cass_data/role.dat index 257eedc2..73ac13d4 100644 --- a/auth/sample/cass_data/role.dat +++ b/auth/sample/cass_data/role.dat @@ -268,30 +268,9 @@ org.onap.sdnc-cds|service||"{'org.onap.sdnc-cds|access|*|*'}" org.onap.sdnc|admin|AAF Namespace Administrators|"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*'}" org.onap.sdnc|owner|AAF Namespace Owners|"{'org.onap.sdnc|access|*|read'}" org.onap.sdnc|service||"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*', 'org.onap.sdnc|odl|odl-api|create', 'org.onap.sdnc|odl|odl-api|delete', 'org.onap.sdnc|odl|odl-api|read', 'org.onap.sdnc|odl|odl-api|update'}" -org.onap.so|actuatorManagementUsers||"{'org.onap.so|actuatorManagementPerm|/manage/*|GET'}" org.onap.so|admin|AAF Namespace Administrators|"{'org.onap.so|access|*|*', 'org.onap.so|certman|local|request,ignoreIPs,showpass'}" -org.onap.so|apihUsers.Read||"{'org.onap.so|apihPerm|/globalhealthcheck|GET', 'org.onap.so|apihPerm|/nodehealthcheck|GET', 'org.onap.so|apihPerm|/onap/so/infra/*|GET'}" -org.onap.so|apihUsers.Write||"{'org.onap.so|apihPerm|/onap/so/infra/*|DELETE', 'org.onap.so|apihPerm|/onap/so/infra/*|GET', 'org.onap.so|apihPerm|/onap/so/infra/*|PATCH', 'org.onap.so|apihPerm|/onap/so/infra/*|POST', 'org.onap.so|apihPerm|/onap/so/infra/*|PUT', 'org.onap.so|apihPerm|/tasks/*|POST'}" org.onap.so|app||"{'org.onap.so|access|*|*'}" -org.onap.so|bpmnUsers.Read||"{'org.onap.so|bpmnPerm|*|GET'}" -org.onap.so|bpmnUsers.Write||"{'org.onap.so|bpmnPerm|*|DELETE', 'org.onap.so|bpmnPerm|*|GET', 'org.onap.so|bpmnPerm|*|POST', 'org.onap.so|bpmnPerm|*|PUT'}" -org.onap.so|catalogDbAdapterUsers.Read||"{'org.onap.so|catalogDbAdapterPerm|*|GET'}" -org.onap.so|catalogDbAdapterUsers.Write||"{'org.onap.so|catalogDbAdapterPerm|*|DELETE', 'org.onap.so|catalogDbAdapterPerm|*|GET', 'org.onap.so|catalogDbAdapterPerm|*|POST', 'org.onap.so|catalogDbAdapterPerm|*|PUT'}" -org.onap.so|monitoringUsers.Read||"{'org.onap.so|monitoringPerm|*|GET'}" -org.onap.so|monitoringUsers.Write||"{'org.onap.so|monitoringPerm|*|GET', 'org.onap.so|monitoringPerm|*|POST'}" -org.onap.so|openStackAdapterUsers.Read||"{'org.onap.so|openStackAdapterPerm|*|GET'}" -org.onap.so|openStackAdapterUsers.Write||"{'org.onap.so|openStackAdapterPerm|*|DELETE', 'org.onap.so|openStackAdapterPerm|*|GET', 'org.onap.so|openStackAdapterPerm|*|POST', 'org.onap.so|openStackAdapterPerm|*|PUT'}" org.onap.so|owner|AAF Namespace Owners|"{'org.onap.so|access|*|read'}" -org.onap.so|requestDbAdapterUsers.Read||"{'org.onap.so|requestDbAdapterPerm|*|GET'}" -org.onap.so|requestDbAdapterUsers.Write||"{'org.onap.so|requestDbAdapterPerm|*|DELETE', 'org.onap.so|requestDbAdapterPerm|*|GET', 'org.onap.so|requestDbAdapterPerm|*|PATCH', 'org.onap.so|requestDbAdapterPerm|*|POST', 'org.onap.so|requestDbAdapterPerm|*|PUT'}" -org.onap.so|sdcControllerUsers.Read||"{'org.onap.so|sdcControllerPerm|*|GET'}" -org.onap.so|sdcControllerUsers.Write||"{'org.onap.so|sdcControllerPerm|*|GET', 'org.onap.so|sdcControllerPerm|*|POST', 'org.onap.so|sdcControllerPerm|*|PUT'}" -org.onap.so|sdncAdapterUsers.Read||"{'org.onap.so|sdncAdapterPerm|*|GET'}" -org.onap.so|sdncAdapterUsers.Write||"{'org.onap.so|sdncAdapterPerm|*|GET', 'org.onap.so|sdncAdapterPerm|*|POST'}" -org.onap.so|vfcAdapterUsers.Read||"{'org.onap.so|vfcAdapterPerm|*|GET'}" -org.onap.so|vfcAdapterUsers.Write||"{'org.onap.so|vfcAdapterPerm|*|GET', 'org.onap.so|vfcAdapterPerm|*|POST'}" -org.onap.so|vnfmAdapterUsers.Read||"{'org.onap.so|vnfmAdapterPerm|*|GET'}" -org.onap.so|vnfmAdapterUsers.Write||"{'org.onap.so|vnfmAdapterPerm|*|GET', 'org.onap.so|vnfmAdapterPerm|*|POST'}" org.onap.vfc|admin|AAF Namespace Administrators|"{'org.onap.vfc|access|*|*'}" org.onap.vfc|owner|AAF Namespace Owners|"{'org.onap.vfc|access|*|read'}" org.onap.vfc|service||"{'org.onap.vfc|access|*|*'}" diff --git a/auth/sample/cass_data/user_role.dat b/auth/sample/cass_data/user_role.dat index 6c4ebdaa..69adbc7e 100644 --- a/auth/sample/cass_data/user_role.dat +++ b/auth/sample/cass_data/user_role.dat @@ -1,349 +1,374 @@ -mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2020-08-18 08:41:56.000+0000|org.onap.aaf-sms|admin -mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2020-08-18 08:41:56.000+0000|org.onap.aaf-sms|owner -mmanager@people.osaaf.org|org.onap.aai.admin|2020-08-18 08:41:56.000+0000|org.onap.aai|admin -mmanager@people.osaaf.org|org.onap.aai.owner|2020-08-18 08:41:56.000+0000|org.onap.aai|owner -mmanager@people.osaaf.org|org.onap.admin|2020-08-18 08:41:56.000+0000|org.onap|admin -mmanager@people.osaaf.org|org.onap.appc.admin|2020-08-18 08:41:56.000+0000|org.onap.appc|admin -mmanager@people.osaaf.org|org.onap.appc.owner|2020-08-18 08:41:56.000+0000|org.onap.appc|owner -mmanager@people.osaaf.org|org.onap.cds.admin|2020-08-18 08:41:56.000+0000|org.onap.cds|admin -mmanager@people.osaaf.org|org.onap.cds.owner|2020-08-18 08:41:56.000+0000|org.onap.cds|owner -mmanager@people.osaaf.org|org.onap.clamp.admin|2020-08-18 08:41:56.000+0000|org.onap.clamp|admin -mmanager@people.osaaf.org|org.onap.clamp.owner|2020-08-18 08:41:56.000+0000|org.onap.clamp|owner -mmanager@people.osaaf.org|org.onap.dcae.admin|2020-08-18 08:41:56.000+0000|org.onap.dcae|admin -mmanager@people.osaaf.org|org.onap.dcae.owner|2020-08-18 08:41:56.000+0000|org.onap.dcae|owner -mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-mm-prov|admin -mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-mm-prov|owner -mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-topic-mgr|admin -mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-topic-mgr|owner -mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc|admin -mmanager@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc.api|Controller -mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc|owner -mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|owner -mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr|admin -mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr|owner -mmanager@people.osaaf.org|org.onap.dmaap-mr.sunil.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr.sunil|owner -mmanager@people.osaaf.org|org.onap.dmaap-mr.test.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr.test|owner -mmanager@people.osaaf.org|org.onap.dmaap.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap|admin -mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123450.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123450|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-1547667570.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547665517.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547665517|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666628.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666628|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666760.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666760|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666950.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666950|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547667031.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547667031|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123456.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-123456|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123457.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-123457|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660509.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660861.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547661011.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662122.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662451.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664813.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664928.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547666068.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.aTopic-1547654909.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTopic-1547654909|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.dgl000.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl000|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|owner -mmanager@people.osaaf.org|org.onap.dmaap.mr.partitionTest-1546033194.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|owner -mmanager@people.osaaf.org|org.onap.dmaap.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap|owner -mmanager@people.osaaf.org|org.onap.holmes.owner|2020-08-18 08:41:56.000+0000|org.onap.holmes|owner -mmanager@people.osaaf.org|org.onap.music.admin|2020-08-18 08:41:56.000+0000|org.onap.music|admin -mmanager@people.osaaf.org|org.onap.music.owner|2020-08-18 08:41:56.000+0000|org.onap.music|owner -mmanager@people.osaaf.org|org.onap.nbi.owner|2020-08-18 08:41:56.000+0000|org.onap.nbi|owner -mmanager@people.osaaf.org|org.onap.ngi.owner|2020-08-18 08:41:56.000+0000|org.onap.ngi|owner -mmanager@people.osaaf.org|org.onap.oof.admin|2020-08-18 08:41:56.000+0000|org.onap.oof|admin -mmanager@people.osaaf.org|org.onap.oof.owner|2020-08-18 08:41:56.000+0000|org.onap.oof|owner -mmanager@people.osaaf.org|org.onap.owner|2020-08-18 08:41:56.000+0000|org.onap|owner -mmanager@people.osaaf.org|org.onap.policy.owner|2020-08-18 08:41:56.000+0000|org.onap.policy|owner -mmanager@people.osaaf.org|org.onap.pomba.admin|2020-08-18 08:41:56.000+0000|org.onap.pomba|admin -mmanager@people.osaaf.org|org.onap.pomba.owner|2020-08-18 08:41:56.000+0000|org.onap.pomba|owner -mmanager@people.osaaf.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -mmanager@people.osaaf.org|org.onap.portal.owner|2020-08-18 08:41:56.000+0000|org.onap.portal|owner -mmanager@people.osaaf.org|org.onap.sdc.admin|2020-08-18 08:41:56.000+0000|org.onap.sdc|admin -mmanager@people.osaaf.org|org.onap.sdc.owner|2020-08-18 08:41:56.000+0000|org.onap.sdc|owner -mmanager@people.osaaf.org|org.onap.sdnc-cds.admin|2020-08-18 08:41:56.000+0000|org.onap.sdnc-cds|admin -mmanager@people.osaaf.org|org.onap.sdnc-cds.owner|2020-08-18 08:41:56.000+0000|org.onap.sdnc-cds|owner -mmanager@people.osaaf.org|org.onap.sdnc.admin|2020-08-18 08:41:56.000+0000|org.onap.sdnc|admin -mmanager@people.osaaf.org|org.onap.sdnc.owner|2020-08-18 08:41:56.000+0000|org.onap.sdnc|owner -mmanager@people.osaaf.org|org.onap.so.admin|2020-08-18 08:41:56.000+0000|org.onap.so|admin -mmanager@people.osaaf.org|org.onap.so.owner|2020-08-18 08:41:56.000+0000|org.onap.so|owner -mmanager@people.osaaf.org|org.onap.vfc.admin|2020-08-18 08:41:56.000+0000|org.onap.vfc|admin -mmanager@people.osaaf.org|org.onap.vfc.owner|2020-08-18 08:41:56.000+0000|org.onap.vfc|owner -mmanager@people.osaaf.org|org.onap.vid.admin|2020-08-18 08:41:56.000+0000|org.onap.vid|admin -mmanager@people.osaaf.org|org.onap.vid.owner|2020-08-18 08:41:56.000+0000|org.onap.vid|owner -mmanager@people.osaaf.org|org.onap.vid1.admin|2020-08-18 08:41:56.000+0000|org.onap.vid1|admin -mmanager@people.osaaf.org|org.onap.vid1.owner|2020-08-18 08:41:56.000+0000|org.onap.vid1|owner -mmanager@people.osaaf.org|org.onap.vid2.admin|2020-08-18 08:41:56.000+0000|org.onap.vid2|admin -mmanager@people.osaaf.org|org.onap.vid2.owner|2020-08-18 08:41:56.000+0000|org.onap.vid2|owner -mmanager@people.osaaf.org|org.osaaf.people.owner|2020-08-18 08:41:56.000+0000|org.osaaf.people|owner -shi@portal.onap.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|view -demo@people.osaaf.org|org.onap.aai.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.aai|Account_Administrator -demo@people.osaaf.org|org.onap.aai.aaiui|2020-08-18 08:41:56.000+0000|org.onap.aai|aaiui -demo@people.osaaf.org|org.onap.aai.resources_readonly|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_readonly -demo@people.osaaf.org|org.onap.aai.traversal_basic|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_basic -demo@people.osaaf.org|org.onap.dcae.pnfPublisher|2020-08-18 08:41:56.000+0000|org.onap.dcae|pnfPublisher -demo@people.osaaf.org|org.onap.dcae.pnfSubscriber|2020-08-18 08:41:56.000+0000|org.onap.dcae|pnfSubscriber -demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc.api|Controller -demo@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher -demo@people.osaaf.org|org.onap.dmaap.mr.create|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|create -demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|destroy -demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher -demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub -demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber -demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub -demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mrtesttopic.pub -demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mrtesttopic.sub -demo@people.osaaf.org|org.onap.dmaap.mr.view|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|view -demo@people.osaaf.org|org.onap.policy.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.policy|Account_Administrator -demo@people.osaaf.org|org.onap.policy.System_Administrator|2020-08-18 08:41:56.000+0000|org.onap.policy|System_Administrator -demo@people.osaaf.org|org.onap.policy.pdpd.admin|2020-08-18 08:41:56.000+0000|org.onap.policy|pdpd.admin -demo@people.osaaf.org|org.onap.policy.pdpx.admin|2020-08-18 08:41:56.000+0000|org.onap.policy|pdpx.admin -demo@people.osaaf.org|org.onap.portal.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.portal|Account_Administrator -demo@people.osaaf.org|org.onap.portal.System_Administrator|2020-08-18 08:41:56.000+0000|org.onap.portal|System_Administrator -demo@people.osaaf.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -demo@people.osaaf.org|org.onap.portal.test.admin|2020-08-18 08:41:56.000+0000|org.onap.portal.test|admin -demo@people.osaaf.org|org.onap.portal.test.owner|2020-08-18 08:41:56.000+0000|org.onap.portal.test|owner -demo@people.osaaf.org|org.onap.portal.test.user1|2020-08-18 08:41:56.000+0000|org.onap.portal.test|user1 -demo@people.osaaf.org|org.onap.sdc.ADMIN|2020-08-18 08:41:56.000+0000|org.onap.sdc|ADMIN -demo@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.sdc|Account_Administrator -demo@people.osaaf.org|org.onap.vid.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.vid|Account_Administrator -demo@people.osaaf.org|org.onap.vid.Demonstration___gNB|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___gNB -demo@people.osaaf.org|org.onap.vid.Demonstration___vCPE|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___vCPE -demo@people.osaaf.org|org.onap.vid.Demonstration___vFWCL|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___vFWCL -demo@people.osaaf.org|org.onap.vid.Demonstration___vFW|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___vFW -demo@people.osaaf.org|org.onap.vid.Demonstration___vIMS|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___vIMS -demo@people.osaaf.org|org.onap.vid.Demonstration___vLB|2020-08-18 08:41:56.000+0000|org.onap.vid|Demonstration___vLB -demo@people.osaaf.org|org.onap.vid.System_Administrator|2020-08-18 08:41:56.000+0000|org.onap.vid|System_Administrator -jh0003@people.osaaf.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -jh0003@people.osaaf.org|org.onap.sdc.ADMIN|2020-08-18 08:41:56.000+0000|org.onap.sdc|ADMIN -jh0003@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-08-18 08:41:56.000+0000|org.onap.sdc|Account_Administrator -cs0008@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -jm0007@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -op0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -gv0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -pm0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -ps0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-08-18 08:41:56.000+0000|org.onap.sdc|TESTOR -aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-08-18 08:41:56.000+0000|org.onap.aaf-sms|admin -aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-08-18 08:41:56.000+0000|org.onap.aai|admin -aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-08-18 08:41:56.000+0000|org.onap.appc|admin -aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-08-18 08:41:56.000+0000|org.onap.appc|apidoc -aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-08-18 08:41:56.000+0000|org.onap.appc|restconf -aaf_admin@people.osaaf.org|org.onap.cds.admin|2020-08-18 08:41:56.000+0000|org.onap.cds|admin -aaf_admin@people.osaaf.org|org.onap.clamp.admin|2020-08-18 08:41:56.000+0000|org.onap.clamp|admin -aaf_admin@people.osaaf.org|org.onap.dcae.admin|2020-08-18 08:41:56.000+0000|org.onap.dcae|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-mm-prov|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-topic-mgr|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc.api|Controller -aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc.api|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-mr.sunil.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr.sunil|admin -aaf_admin@people.osaaf.org|org.onap.dmaap-mr.test.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr.test|admin -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_READY.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_READY|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|admin -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.dgl_ready.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl_ready|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mrtesttopic.sub -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.test1|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|test1 -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-000.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-000|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-001.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-001|owner -aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-002.owner|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-002|owner -aaf_admin@people.osaaf.org|org.onap.holmes.admin|2020-08-18 08:41:56.000+0000|org.onap.holmes|admin -aaf_admin@people.osaaf.org|org.onap.music.admin|2020-08-18 08:41:56.000+0000|org.onap.music|admin -aaf_admin@people.osaaf.org|org.onap.music.owner|2020-08-18 08:41:56.000+0000|org.onap.music|owner -aaf_admin@people.osaaf.org|org.onap.nbi.admin|2020-08-18 08:41:56.000+0000|org.onap.nbi|admin -aaf_admin@people.osaaf.org|org.onap.ngi.admin|2020-08-18 08:41:56.000+0000|org.onap.ngi|admin -aaf_admin@people.osaaf.org|org.onap.oof.admin|2020-08-18 08:41:56.000+0000|org.onap.oof|admin -aaf_admin@people.osaaf.org|org.onap.policy.admin|2020-08-18 08:41:56.000+0000|org.onap.policy|admin -aaf_admin@people.osaaf.org|org.onap.pomba.admin|2020-08-18 08:41:56.000+0000|org.onap.pomba|admin -aaf_admin@people.osaaf.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -aaf_admin@people.osaaf.org|org.onap.sdc.admin|2020-08-18 08:41:56.000+0000|org.onap.sdc|admin -aaf_admin@people.osaaf.org|org.onap.sdnc-cds.admin|2020-08-18 08:41:56.000+0000|org.onap.sdnc-cds|admin -aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2020-08-18 08:41:56.000+0000|org.onap.sdnc|admin -aaf_admin@people.osaaf.org|org.onap.so.admin|2020-08-18 08:41:56.000+0000|org.onap.so|admin -aaf_admin@people.osaaf.org|org.onap.vfc.admin|2020-08-18 08:41:56.000+0000|org.onap.vfc|admin -aaf_admin@people.osaaf.org|org.onap.vid.admin|2020-08-18 08:41:56.000+0000|org.onap.vid|admin -aaf_admin@people.osaaf.org|org.onap.vid1.admin|2020-08-18 08:41:56.000+0000|org.onap.vid1|admin -aaf_admin@people.osaaf.org|org.onap.vid2.admin|2020-08-18 08:41:56.000+0000|org.onap.vid2|admin -aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2020-08-18 08:41:56.000+0000|org.osaaf.aaf|admin -aaf_admin@people.osaaf.org|org.osaaf.people.admin|2020-08-18 08:41:56.000+0000|org.osaaf.people|admin -deployer@people.osaaf.org|org.osaaf.aaf.deploy|2020-08-18 08:41:56.000+0000|org.osaaf.aaf|deploy -portal_admin@people.osaaf.org|org.onap.portal.admin|2020-08-18 08:41:56.000+0000|org.onap.portal|admin -aaf@aaf.osaaf.org|org.admin|2020-08-18 08:41:56.000+0000|org|admin -aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-08-18 08:41:56.000+0000|org.osaaf.aaf|admin -aaf@aaf.osaaf.org|org.osaaf.aaf.service|2020-08-18 08:41:56.000+0000|org.osaaf.aaf|service -aaf@aaf.osaaf.org|org.osaaf.people.admin|2020-08-18 08:41:56.000+0000|org.osaaf.people|admin -osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-08-18 08:41:56.000+0000|org.osaaf.aaf|admin -aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2020-08-18 08:41:56.000+0000|org.onap.aaf-sms|service -clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2020-08-18 08:41:56.000+0000|org.onap.clamp|clds.admin.dev -clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2020-08-18 08:41:56.000+0000|org.onap.clamp|clds.designer.dev -clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2020-08-18 08:41:56.000+0000|org.onap.clamp|clds.vf_filter_all.dev -clamp@clamp.onap.org|org.onap.clamp.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.clamp|seeCerts -clamp@clamp.onap.org|org.onap.clamp.service|2020-08-18 08:41:56.000+0000|org.onap.clamp|service -clamp@clamp.onap.org|org.onap.clampdemo.owner|2020-08-18 08:41:56.000+0000|org.onap.clampdemo|owner -clamp@clamp.onap.org|org.onap.clampdemo.service|2020-08-18 08:41:56.000+0000|org.onap.clampdemo|admin -clamp@clamp.onap.org|org.onap.clamptest.owner|2020-08-18 08:41:56.000+0000|org.onap.clamptest|owner -clamp@clamp.onap.org|org.onap.clamptest.service|2020-08-18 08:41:56.000+0000|org.onap.clamptest|admin -clamp@clamp.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber -clamp@clamp.onap.org|org.onap.dmaap.mr.dgl000.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl000|subscriber -clamp@clamp.osaaf.org|org.onap.clamp.service|2020-08-18 08:41:56.000+0000|org.onap.clamp|service -clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2020-08-18 08:41:56.000+0000|org.onap.clampdemo|owner -clamp@clampdemo.onap.org|org.onap.clampdemo.service|2020-08-18 08:41:56.000+0000|org.onap.clampdemo|admin -clamp@clamptest.onap.org|org.onap.clamptest.owner|2020-08-18 08:41:56.000+0000|org.onap.clamptest|owner -clamp@clamptest.onap.org|org.onap.clamptest.service|2020-08-18 08:41:56.000+0000|org.onap.clamptest|admin -aai@aai.onap.org|org.onap.aai.admin|2020-08-18 08:41:56.000+0000|org.onap.aai|admin -aai@aai.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -appc@appc.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -appc@appc.onap.org|org.onap.appc.admin|2020-08-18 08:41:56.000+0000|org.onap.appc|admin -appc@appc.onap.org|org.onap.appc.odl|2020-08-18 08:41:56.000+0000|org.onap.appc|odl -appc@appc.onap.org|org.onap.appc.service|2020-08-18 08:41:56.000+0000|org.onap.appc|service -dcae@dcae.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -dcae@dcae.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -dcae@dcae.onap.org|org.onap.dcae.pmPublisher|2020-08-18 08:41:56.000+0000|org.onap.dcae|pmPublisher -dcae@dcae.onap.org|org.onap.dcae.pmSubscriber|2020-08-18 08:41:56.000+0000|org.onap.dcae|pmSubscriber -dcae@dcae.onap.org|org.onap.dcae.pnfPublisher|2020-08-18 08:41:56.000+0000|org.onap.dcae|pnfPublisher -dcae@dcae.onap.org|org.onap.dcae.pnfSubscriber|2020-08-18 08:41:56.000+0000|org.onap.dcae|pnfSubscriber -dcae@dcae.onap.org|org.onap.dcae.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.dcae|seeCerts -dcae@dcae.onap.org|org.onap.dmaap-dr.feed.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|feed.admin -dcae@dcae.onap.org|org.onap.dmaap-dr.sub.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|sub.admin -dcae@dcae.onap.org|org.onap.dmaap.mr.PM_MAPPER.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PM_MAPPER|publisher -dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_READY.pub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_READY|pub -dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|sub -dcae@dcae.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber -oof@oof.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -oof@oof.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -oof@oof.onap.org|org.onap.oof.admin|2020-08-18 08:41:56.000+0000|org.onap.oof|admin -oof@oof.onap.org|org.onap.oof.service|2020-08-18 08:41:56.000+0000|org.onap.oof|service -so@so.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -so@so.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -so@so.onap.org|org.onap.appc.service|2020-08-18 08:41:56.000+0000|org.onap.appc|service -so@so.onap.org|org.onap.sdnc.service|2020-08-18 08:41:56.000+0000|org.onap.sdnc|service -so@so.onap.org|org.onap.so.actuatorManagementUsers|2020-08-18 08:41:56.000+0000|org.onap.so|actuatorManagementUsers -so@so.onap.org|org.onap.so.admin|2020-08-18 08:41:56.000+0000|org.onap.so|admin -so@so.onap.org|org.onap.so.apihUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|apihUsers.Read -so@so.onap.org|org.onap.so.apihUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|apihUsers.Write -so@so.onap.org|org.onap.so.app|2020-08-18 08:41:56.000+0000|org.onap.so|app -so@so.onap.org|org.onap.so.bpmnUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|bpmnUsers.Read -so@so.onap.org|org.onap.so.bpmnUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|bpmnUsers.Write -so@so.onap.org|org.onap.so.catalogDbAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|catalogDbAdapterUsers.Read -so@so.onap.org|org.onap.so.catalogDbAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|catalogDbAdapterUsers.Write -so@so.onap.org|org.onap.so.monitoringUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|monitoringUsers.Read -so@so.onap.org|org.onap.so.monitoringUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|monitoringUsers.Write -so@so.onap.org|org.onap.so.openStackAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|openStackAdapterUsers.Read -so@so.onap.org|org.onap.so.openStackAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|openStackAdapterUsers.Write -so@so.onap.org|org.onap.so.requestDbAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|requestDbAdapterUsers.Read -so@so.onap.org|org.onap.so.requestDbAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|requestDbAdapterUsers.Write -so@so.onap.org|org.onap.so.sdcControllerUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|sdcControllerUsers.Read -so@so.onap.org|org.onap.so.sdcControllerUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|sdcControllerUsers.Write -so@so.onap.org|org.onap.so.sdncAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|sdncAdapterUsers.Read -so@so.onap.org|org.onap.so.sdncAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|sdncAdapterUsers.Write -so@so.onap.org|org.onap.so.vfcAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|vfcAdapterUsers.Read -so@so.onap.org|org.onap.so.vfcAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|vfcAdapterUsers.Write -so@so.onap.org|org.onap.so.vnfmAdapterUsers.Read|2020-08-18 08:41:56.000+0000|org.onap.so|vnfmAdapterUsers.Read -so@so.onap.org|org.onap.so.vnfmAdapterUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|vnfmAdapterUsers.Write -sdc@sdc.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -sdc@sdc.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -sdc@sdc.onap.org|org.onap.so.apihUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|apihUsers.Write -sdc@sdc.onap.org|org.onap.so.sdcControllerUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|sdcControllerUsers.Write -sdnc@sdnc.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -sdnc@sdnc.onap.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher -sdnc@sdnc.onap.org|org.onap.dmaap.mr.dgl000.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl000|publisher -sdnc@sdnc.onap.org|org.onap.sdnc.admin|2020-08-18 08:41:56.000+0000|org.onap.sdnc|admin -sdnc@sdnc.onap.org|org.onap.sdnc.service|2020-08-18 08:41:56.000+0000|org.onap.sdnc|service -sdnc-cds@sdnc-cds.onap.org|org.onap.sdnc-cds.service|2020-08-18 08:41:56.000+0000|org.onap.sdnc-cds|service -vfc@vfc.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -vfc@vfc.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -vfc@vfc.onap.org|org.onap.dmaap-mr.Publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap-mr|Publisher -vfc@vfc.onap.org|org.onap.vfc.service|2020-08-18 08:41:56.000+0000|org.onap.vfc|service -policy@policy.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -policy@policy.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -policy@policy.onap.org|org.onap.policy.pdpd.admin|2020-08-18 08:41:56.000+0000|org.onap.policy|pdpd.admin -policy@policy.onap.org|org.onap.policy.pdpx.admin|2020-08-18 08:41:56.000+0000|org.onap.policy|pdpx.admin -policy@policy.onap.org|org.onap.policy.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.policy|seeCerts -pomba@pomba.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -pomba@pomba.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -holmes@holmes.onap.org|org.onap.holmes.service|2020-08-18 08:41:56.000+0000|org.onap.holmes|service -nbi@nbi.onap.org|org.onap.nbi.service|2020-08-18 08:41:56.000+0000|org.onap.nbi|service -music@music.onap.org|org.onap.music.service|2020-08-18 08:41:56.000+0000|org.onap.music|service -vid@vid.onap.org|org.onap.aai.resources_all|2020-08-18 08:41:56.000+0000|org.onap.aai|resources_all -vid@vid.onap.org|org.onap.aai.traversal_advanced|2020-08-18 08:41:56.000+0000|org.onap.aai|traversal_advanced -vid@vid.onap.org|org.onap.so.apihUsers.Write|2020-08-18 08:41:56.000+0000|org.onap.so|apihUsers.Write -vid@vid.onap.org|org.onap.vid.service|2020-08-18 08:41:56.000+0000|org.onap.vid|service -vid1@people.osaaf.org|org.onap.vid.System_Administrator|2020-08-18 08:41:56.000+0000|org.onap.vid|System_Administrator -vid2@people.osaaf.org|org.onap.vid.Standard_User|2020-08-18 08:41:56.000+0000|org.onap.vid|Standard_User -vid2@people.osaaf.org|org.onap.vid.System_Administrator|2020-08-18 08:41:56.000+0000|org.onap.vid|System_Administrator -dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2020-08-18 08:41:56.000+0000|org.onap.dmaap.bc|service -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.api.Controller|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc.api|Controller -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc|seeCerts -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.service|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc|service -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.PM_MAPPER.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PM_MAPPER|admin -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|admin -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.dgl000.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl000|admin -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.mirrormakeragent.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|admin -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-001.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-001|admin -dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-002.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-002|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-bc-topic-mgr.client|2020-08-18 08:41:56.000+0000|org.onap.dmaap-bc-topic-mgr|client -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.feed.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|feed.admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.sub.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|sub.admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_READY.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_READY|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123450.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123450|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123451.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-123451|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-1547667570.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547665517.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547665517|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666628.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666628|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666760.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666760|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666950.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547666950|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547667031.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTest-1547667031|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123456.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-123456|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123457.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-123457|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660509.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660861.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547661011.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662122.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662451.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664813.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664928.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547666068.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTopic-1547654909.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.aTopic-1547654909|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.create|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|create -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.destroy|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|destroy -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.dgl_ready.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.dgl_ready|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mirrormaker.admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mirrormaker.user -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.partitionTest-1546033194.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.topic-000.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.topic-000|admin -dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.view|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|view -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.create|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|create -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.destroy|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|destroy -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mirrormaker.admin -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|mirrormaker.user -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub -dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.view|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|view -dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|seeCerts -dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|admin -dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|seeCerts -dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|admin -dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-08-18 08:41:56.000+0000|org.onap.dmaap-dr|seeCerts -dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2020-08-18 08:41:56.000+0000|org.onap.dmaap.mr|admin +mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|admin +mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|owner +mmanager@people.osaaf.org|org.onap.aai.admin|2020-09-05 12:09:20.000+0000|org.onap.aai|admin +mmanager@people.osaaf.org|org.onap.aai.owner|2020-09-05 12:09:20.000+0000|org.onap.aai|owner +mmanager@people.osaaf.org|org.onap.admin|2020-09-05 12:09:20.000+0000|org.onap|admin +mmanager@people.osaaf.org|org.onap.appc.admin|2020-09-05 12:09:20.000+0000|org.onap.appc|admin +mmanager@people.osaaf.org|org.onap.appc.owner|2020-09-05 12:09:20.000+0000|org.onap.appc|owner +mmanager@people.osaaf.org|org.onap.cds.admin|2020-09-05 12:09:20.000+0000|org.onap.cds|admin +mmanager@people.osaaf.org|org.onap.cds.owner|2020-09-05 12:09:20.000+0000|org.onap.cds|owner +mmanager@people.osaaf.org|org.onap.clamp.admin|2020-09-05 12:09:20.000+0000|org.onap.clamp|admin +mmanager@people.osaaf.org|org.onap.clamp.owner|2020-09-05 12:09:20.000+0000|org.onap.clamp|owner +mmanager@people.osaaf.org|org.onap.dcae.admin|2020-09-05 12:09:20.000+0000|org.onap.dcae|admin +mmanager@people.osaaf.org|org.onap.dcae.owner|2020-09-05 12:09:20.000+0000|org.onap.dcae|owner +mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-mm-prov|admin +mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-mm-prov|owner +mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|admin +mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|owner +mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|admin +mmanager@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|owner +mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|owner +mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|admin +mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|owner +mmanager@people.osaaf.org|org.onap.dmaap-mr.sunil.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.sunil|owner +mmanager@people.osaaf.org|org.onap.dmaap-mr.test.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.test|owner +mmanager@people.osaaf.org|org.onap.dmaap.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap|admin +mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123450.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123450|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-1547667570.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547665517.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547665517|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666628.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666628|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666760.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666760|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666950.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666950|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547667031.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547667031|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123456.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-123456|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123457.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-123457|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660509.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660861.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547661011.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662122.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662451.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664813.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664928.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547666068.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.aTopic-1547654909.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTopic-1547654909|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.dgl000.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl000|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|owner +mmanager@people.osaaf.org|org.onap.dmaap.mr.partitionTest-1546033194.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|owner +mmanager@people.osaaf.org|org.onap.dmaap.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap|owner +mmanager@people.osaaf.org|org.onap.holmes.owner|2020-09-05 12:09:20.000+0000|org.onap.holmes|owner +mmanager@people.osaaf.org|org.onap.music.admin|2020-09-05 12:09:20.000+0000|org.onap.music|admin +mmanager@people.osaaf.org|org.onap.music.owner|2020-09-05 12:09:20.000+0000|org.onap.music|owner +mmanager@people.osaaf.org|org.onap.nbi.owner|2020-09-05 12:09:20.000+0000|org.onap.nbi|owner +mmanager@people.osaaf.org|org.onap.ngi.owner|2020-09-05 12:09:20.000+0000|org.onap.ngi|owner +mmanager@people.osaaf.org|org.onap.oof.admin|2020-09-05 12:09:20.000+0000|org.onap.oof|admin +mmanager@people.osaaf.org|org.onap.oof.owner|2020-09-05 12:09:20.000+0000|org.onap.oof|owner +mmanager@people.osaaf.org|org.onap.owner|2020-09-05 12:09:20.000+0000|org.onap|owner +mmanager@people.osaaf.org|org.onap.policy.owner|2020-09-05 12:09:20.000+0000|org.onap.policy|owner +mmanager@people.osaaf.org|org.onap.pomba.admin|2020-09-05 12:09:20.000+0000|org.onap.pomba|admin +mmanager@people.osaaf.org|org.onap.pomba.owner|2020-09-05 12:09:20.000+0000|org.onap.pomba|owner +mmanager@people.osaaf.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +mmanager@people.osaaf.org|org.onap.portal.owner|2020-09-05 12:09:20.000+0000|org.onap.portal|owner +mmanager@people.osaaf.org|org.onap.sdc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdc|admin +mmanager@people.osaaf.org|org.onap.sdc.owner|2020-09-05 12:09:20.000+0000|org.onap.sdc|owner +mmanager@people.osaaf.org|org.onap.sdnc-cds.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|admin +mmanager@people.osaaf.org|org.onap.sdnc-cds.owner|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|owner +mmanager@people.osaaf.org|org.onap.sdnc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc|admin +mmanager@people.osaaf.org|org.onap.sdnc.owner|2020-09-05 12:09:20.000+0000|org.onap.sdnc|owner +mmanager@people.osaaf.org|org.onap.so.admin|2020-09-05 12:09:20.000+0000|org.onap.so|admin +mmanager@people.osaaf.org|org.onap.so.owner|2020-09-05 12:09:20.000+0000|org.onap.so|owner +mmanager@people.osaaf.org|org.onap.vfc.admin|2020-09-05 12:09:20.000+0000|org.onap.vfc|admin +mmanager@people.osaaf.org|org.onap.vfc.owner|2020-09-05 12:09:20.000+0000|org.onap.vfc|owner +mmanager@people.osaaf.org|org.onap.vid.admin|2020-09-05 12:09:20.000+0000|org.onap.vid|admin +mmanager@people.osaaf.org|org.onap.vid.owner|2020-09-05 12:09:20.000+0000|org.onap.vid|owner +mmanager@people.osaaf.org|org.onap.vid1.admin|2020-09-05 12:09:20.000+0000|org.onap.vid1|admin +mmanager@people.osaaf.org|org.onap.vid1.owner|2020-09-05 12:09:20.000+0000|org.onap.vid1|owner +mmanager@people.osaaf.org|org.onap.vid2.admin|2020-09-05 12:09:20.000+0000|org.onap.vid2|admin +mmanager@people.osaaf.org|org.onap.vid2.owner|2020-09-05 12:09:20.000+0000|org.onap.vid2|owner +mmanager@people.osaaf.org|org.osaaf.people.owner|2020-09-05 12:09:20.000+0000|org.osaaf.people|owner +shi@portal.onap.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|view +demo@people.osaaf.org|org.onap.aai.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.aai|Account_Administrator +demo@people.osaaf.org|org.onap.aai.aaiui|2020-09-05 12:09:20.000+0000|org.onap.aai|aaiui +demo@people.osaaf.org|org.onap.aai.resources_readonly|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_readonly +demo@people.osaaf.org|org.onap.aai.traversal_basic|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_basic +demo@people.osaaf.org|org.onap.dcae.pnfPublisher|2020-09-05 12:09:20.000+0000|org.onap.dcae|pnfPublisher +demo@people.osaaf.org|org.onap.dcae.pnfSubscriber|2020-09-05 12:09:20.000+0000|org.onap.dcae|pnfSubscriber +demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +demo@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher +demo@people.osaaf.org|org.onap.dmaap.mr.create|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|create +demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|destroy +demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher +demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub +demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber +demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub +demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mrtesttopic.pub +demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mrtesttopic.sub +demo@people.osaaf.org|org.onap.dmaap.mr.view|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|view +demo@people.osaaf.org|org.onap.policy.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.policy|Account_Administrator +demo@people.osaaf.org|org.onap.policy.System_Administrator|2020-09-05 12:09:20.000+0000|org.onap.policy|System_Administrator +demo@people.osaaf.org|org.onap.policy.pdpd.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|pdpd.admin +demo@people.osaaf.org|org.onap.policy.pdpx.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|pdpx.admin +demo@people.osaaf.org|org.onap.portal.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.portal|Account_Administrator +demo@people.osaaf.org|org.onap.portal.System_Administrator|2020-09-05 12:09:20.000+0000|org.onap.portal|System_Administrator +demo@people.osaaf.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +demo@people.osaaf.org|org.onap.portal.test.admin|2020-09-05 12:09:20.000+0000|org.onap.portal.test|admin +demo@people.osaaf.org|org.onap.portal.test.owner|2020-09-05 12:09:20.000+0000|org.onap.portal.test|owner +demo@people.osaaf.org|org.onap.portal.test.user1|2020-09-05 12:09:20.000+0000|org.onap.portal.test|user1 +demo@people.osaaf.org|org.onap.sdc.ADMIN|2020-09-05 12:09:20.000+0000|org.onap.sdc|ADMIN +demo@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.sdc|Account_Administrator +demo@people.osaaf.org|org.onap.vid.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.vid|Account_Administrator +demo@people.osaaf.org|org.onap.vid.Demonstration___gNB|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___gNB +demo@people.osaaf.org|org.onap.vid.Demonstration___vCPE|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___vCPE +demo@people.osaaf.org|org.onap.vid.Demonstration___vFWCL|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___vFWCL +demo@people.osaaf.org|org.onap.vid.Demonstration___vFW|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___vFW +demo@people.osaaf.org|org.onap.vid.Demonstration___vIMS|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___vIMS +demo@people.osaaf.org|org.onap.vid.Demonstration___vLB|2020-09-05 12:09:20.000+0000|org.onap.vid|Demonstration___vLB +demo@people.osaaf.org|org.onap.vid.System_Administrator|2020-09-05 12:09:20.000+0000|org.onap.vid|System_Administrator +jh0003@people.osaaf.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +jh0003@people.osaaf.org|org.onap.sdc.ADMIN|2020-09-05 12:09:20.000+0000|org.onap.sdc|ADMIN +jh0003@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-09-05 12:09:20.000+0000|org.onap.sdc|Account_Administrator +cs0008@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +jm0007@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +op0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +gv0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +pm0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +ps0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-09-05 12:09:20.000+0000|org.onap.sdc|TESTOR +aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|admin +aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-09-05 12:09:20.000+0000|org.onap.aai|admin +aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-09-05 12:09:20.000+0000|org.onap.appc|admin +aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-09-05 12:09:20.000+0000|org.onap.appc|apidoc +aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-09-05 12:09:20.000+0000|org.onap.appc|restconf +aaf_admin@people.osaaf.org|org.onap.cds.admin|2020-09-05 12:09:20.000+0000|org.onap.cds|admin +aaf_admin@people.osaaf.org|org.onap.clamp.admin|2020-09-05 12:09:20.000+0000|org.onap.clamp|admin +aaf_admin@people.osaaf.org|org.onap.dcae.admin|2020-09-05 12:09:20.000+0000|org.onap.dcae|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-mm-prov|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-mr.sunil.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.sunil|admin +aaf_admin@people.osaaf.org|org.onap.dmaap-mr.test.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.test|admin +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_READY.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_READY|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.dgl_ready.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl_ready|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mrtesttopic.sub +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.test1|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|test1 +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-000.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-000|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-001.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-001|owner +aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-002.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-002|owner +aaf_admin@people.osaaf.org|org.onap.holmes.admin|2020-09-05 12:09:20.000+0000|org.onap.holmes|admin +aaf_admin@people.osaaf.org|org.onap.music.admin|2020-09-05 12:09:20.000+0000|org.onap.music|admin +aaf_admin@people.osaaf.org|org.onap.music.owner|2020-09-05 12:09:20.000+0000|org.onap.music|owner +aaf_admin@people.osaaf.org|org.onap.nbi.admin|2020-09-05 12:09:20.000+0000|org.onap.nbi|admin +aaf_admin@people.osaaf.org|org.onap.ngi.admin|2020-09-05 12:09:20.000+0000|org.onap.ngi|admin +aaf_admin@people.osaaf.org|org.onap.oof.admin|2020-09-05 12:09:20.000+0000|org.onap.oof|admin +aaf_admin@people.osaaf.org|org.onap.policy.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|admin +aaf_admin@people.osaaf.org|org.onap.pomba.admin|2020-09-05 12:09:20.000+0000|org.onap.pomba|admin +aaf_admin@people.osaaf.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +aaf_admin@people.osaaf.org|org.onap.sdc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdc|admin +aaf_admin@people.osaaf.org|org.onap.sdnc-cds.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|admin +aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc|admin +aaf_admin@people.osaaf.org|org.onap.so.admin|2020-09-05 12:09:20.000+0000|org.onap.so|admin +aaf_admin@people.osaaf.org|org.onap.vfc.admin|2020-09-05 12:09:20.000+0000|org.onap.vfc|admin +aaf_admin@people.osaaf.org|org.onap.vid.admin|2020-09-05 12:09:20.000+0000|org.onap.vid|admin +aaf_admin@people.osaaf.org|org.onap.vid1.admin|2020-09-05 12:09:20.000+0000|org.onap.vid1|admin +aaf_admin@people.osaaf.org|org.onap.vid2.admin|2020-09-05 12:09:20.000+0000|org.onap.vid2|admin +aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|admin +aaf_admin@people.osaaf.org|org.osaaf.people.admin|2020-09-05 12:09:20.000+0000|org.osaaf.people|admin +deployer@people.osaaf.org|org.osaaf.aaf.deploy|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|deploy +portal_admin@people.osaaf.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +aaf@aaf.osaaf.org|org.admin|2020-09-05 12:09:20.000+0000|org|admin +aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|admin +aaf@aaf.osaaf.org|org.osaaf.aaf.service|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|service +aaf@aaf.osaaf.org|org.osaaf.people.admin|2020-09-05 12:09:20.000+0000|org.osaaf.people|admin +osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|admin +aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|service +clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2020-09-05 12:09:20.000+0000|org.onap.clamp|clds.admin.dev +clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2020-09-05 12:09:20.000+0000|org.onap.clamp|clds.designer.dev +clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2020-09-05 12:09:20.000+0000|org.onap.clamp|clds.vf_filter_all.dev +clamp@clamp.onap.org|org.onap.clamp.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.clamp|seeCerts +clamp@clamp.onap.org|org.onap.clamp.service|2020-09-05 12:09:20.000+0000|org.onap.clamp|service +clamp@clamp.onap.org|org.onap.clampdemo.owner|2020-09-05 12:09:20.000+0000|org.onap.clampdemo|owner +clamp@clamp.onap.org|org.onap.clampdemo.service|2020-09-05 12:09:20.000+0000|org.onap.clampdemo|admin +clamp@clamp.onap.org|org.onap.clamptest.owner|2020-09-05 12:09:20.000+0000|org.onap.clamptest|owner +clamp@clamp.onap.org|org.onap.clamptest.service|2020-09-05 12:09:20.000+0000|org.onap.clamptest|admin +clamp@clamp.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber +clamp@clamp.onap.org|org.onap.dmaap.mr.dgl000.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl000|subscriber +clamp@clamp.osaaf.org|org.onap.clamp.service|2020-09-05 12:09:20.000+0000|org.onap.clamp|service +clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2020-09-05 12:09:20.000+0000|org.onap.clampdemo|owner +clamp@clampdemo.onap.org|org.onap.clampdemo.service|2020-09-05 12:09:20.000+0000|org.onap.clampdemo|admin +clamp@clamptest.onap.org|org.onap.clamptest.owner|2020-09-05 12:09:20.000+0000|org.onap.clamptest|owner +clamp@clamptest.onap.org|org.onap.clamptest.service|2020-09-05 12:09:20.000+0000|org.onap.clamptest|admin +aai@aai.onap.org|org.onap.aai.admin|2020-09-05 12:09:20.000+0000|org.onap.aai|admin +aai@aai.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +appc@appc.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +appc@appc.onap.org|org.onap.appc.admin|2020-09-05 12:09:20.000+0000|org.onap.appc|admin +appc@appc.onap.org|org.onap.appc.odl|2020-09-05 12:09:20.000+0000|org.onap.appc|odl +appc@appc.onap.org|org.onap.appc.service|2020-09-05 12:09:20.000+0000|org.onap.appc|service +dcae@dcae.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +dcae@dcae.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +dcae@dcae.onap.org|org.onap.dcae.pmPublisher|2020-09-05 12:09:20.000+0000|org.onap.dcae|pmPublisher +dcae@dcae.onap.org|org.onap.dcae.pmSubscriber|2020-09-05 12:09:20.000+0000|org.onap.dcae|pmSubscriber +dcae@dcae.onap.org|org.onap.dcae.pnfPublisher|2020-09-05 12:09:20.000+0000|org.onap.dcae|pnfPublisher +dcae@dcae.onap.org|org.onap.dcae.pnfSubscriber|2020-09-05 12:09:20.000+0000|org.onap.dcae|pnfSubscriber +dcae@dcae.onap.org|org.onap.dcae.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dcae|seeCerts +dcae@dcae.onap.org|org.onap.dmaap-dr.feed.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|feed.admin +dcae@dcae.onap.org|org.onap.dmaap-dr.sub.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|sub.admin +dcae@dcae.onap.org|org.onap.dmaap.mr.PM_MAPPER.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PM_MAPPER|publisher +dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_READY.pub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_READY|pub +dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|sub +dcae@dcae.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber +oof@oof.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +oof@oof.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +oof@oof.onap.org|org.onap.oof.admin|2020-09-05 12:09:20.000+0000|org.onap.oof|admin +oof@oof.onap.org|org.onap.oof.service|2020-09-05 12:09:20.000+0000|org.onap.oof|service +so@so.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +so@so.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +so@so.onap.org|org.onap.appc.service|2020-09-05 12:09:20.000+0000|org.onap.appc|service +so@so.onap.org|org.onap.sdnc.service|2020-09-05 12:09:20.000+0000|org.onap.sdnc|service +so@so.onap.org|org.onap.so.admin|2020-09-05 12:09:20.000+0000|org.onap.so|admin +so@so.onap.org|org.onap.so.app|2020-09-05 12:09:20.000+0000|org.onap.so|app +sdc@sdc.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +sdc@sdc.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +sdnc@sdnc.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +sdnc@sdnc.onap.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher +sdnc@sdnc.onap.org|org.onap.dmaap.mr.dgl000.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl000|publisher +sdnc@sdnc.onap.org|org.onap.sdnc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc|admin +sdnc@sdnc.onap.org|org.onap.sdnc.service|2020-09-05 12:09:20.000+0000|org.onap.sdnc|service +sdnc-cds@sdnc-cds.onap.org|org.onap.sdnc-cds.service|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|service +vfc@vfc.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +vfc@vfc.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +vfc@vfc.onap.org|org.onap.dmaap-mr.Publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|Publisher +vfc@vfc.onap.org|org.onap.vfc.service|2020-09-05 12:09:20.000+0000|org.onap.vfc|service +policy@policy.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +policy@policy.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +policy@policy.onap.org|org.onap.policy.pdpd.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|pdpd.admin +policy@policy.onap.org|org.onap.policy.pdpx.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|pdpx.admin +policy@policy.onap.org|org.onap.policy.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.policy|seeCerts +pomba@pomba.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +pomba@pomba.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +holmes@holmes.onap.org|org.onap.holmes.service|2020-09-05 12:09:20.000+0000|org.onap.holmes|service +nbi@nbi.onap.org|org.onap.nbi.service|2020-09-05 12:09:20.000+0000|org.onap.nbi|service +music@music.onap.org|org.onap.music.service|2020-09-05 12:09:20.000+0000|org.onap.music|service +vid@vid.onap.org|org.onap.aai.resources_all|2020-09-05 12:09:20.000+0000|org.onap.aai|resources_all +vid@vid.onap.org|org.onap.aai.traversal_advanced|2020-09-05 12:09:20.000+0000|org.onap.aai|traversal_advanced +vid@vid.onap.org|org.onap.vid.service|2020-09-05 12:09:20.000+0000|org.onap.vid|service +vid1@people.osaaf.org|org.onap.vid.System_Administrator|2020-09-05 12:09:20.000+0000|org.onap.vid|System_Administrator +vid2@people.osaaf.org|org.onap.vid.Standard_User|2020-09-05 12:09:20.000+0000|org.onap.vid|Standard_User +vid2@people.osaaf.org|org.onap.vid.System_Administrator|2020-09-05 12:09:20.000+0000|org.onap.vid|System_Administrator +dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2020-09-05 12:09:20.000+0000|org.onap.dmaap.bc|service +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|seeCerts +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.service|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|service +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.PM_MAPPER.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PM_MAPPER|admin +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.dgl000.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl000|admin +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.mirrormakeragent.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|admin +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-001.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-001|admin +dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-002.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-002|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-bc-topic-mgr.client|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|client +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.feed.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|feed.admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.sub.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|sub.admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_READY.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_READY|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123450.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123450|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123451.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-123451|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-1547667570.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547665517.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547665517|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666628.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666628|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666760.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666760|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666950.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547666950|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547667031.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTest-1547667031|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123456.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-123456|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123457.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-123457|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660509.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660861.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547661011.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662122.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662451.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664813.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664928.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547666068.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTopic-1547654909.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.aTopic-1547654909|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.create|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|create +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.destroy|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|destroy +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.dgl_ready.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl_ready|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mirrormaker.admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mirrormaker.user +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.partitionTest-1546033194.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.topic-000.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-000|admin +dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.view|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|view +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.create|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|create +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.destroy|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|destroy +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mirrormaker.admin +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mirrormaker.user +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub +dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.view|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|view +dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|seeCerts +dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin +dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|seeCerts +dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin +dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|seeCerts +dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +portal@portal.onap.org|org.onap.aaf-sms.admin|2020-09-05 12:09:20.000+0000|org.onap.aaf-sms|admin +portal@portal.onap.org|org.onap.aai.admin|2020-09-05 12:09:20.000+0000|org.onap.aai|admin +portal@portal.onap.org|org.onap.appc.admin|2020-09-05 12:09:20.000+0000|org.onap.appc|admin +portal@portal.onap.org|org.onap.appc.apidoc|2020-09-05 12:09:20.000+0000|org.onap.appc|apidoc +portal@portal.onap.org|org.onap.appc.restconf|2020-09-05 12:09:20.000+0000|org.onap.appc|restconf +portal@portal.onap.org|org.onap.cds.admin|2020-09-05 12:09:20.000+0000|org.onap.cds|admin +portal@portal.onap.org|org.onap.clamp.admin|2020-09-05 12:09:20.000+0000|org.onap.clamp|admin +portal@portal.onap.org|org.onap.dcae.admin|2020-09-05 12:09:20.000+0000|org.onap.dcae|admin +portal@portal.onap.org|org.onap.dmaap-bc-mm-prov.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-mm-prov|admin +portal@portal.onap.org|org.onap.dmaap-bc-topic-mgr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc-topic-mgr|admin +portal@portal.onap.org|org.onap.dmaap-bc.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc|admin +portal@portal.onap.org|org.onap.dmaap-bc.api.Controller|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|Controller +portal@portal.onap.org|org.onap.dmaap-bc.api.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-bc.api|admin +portal@portal.onap.org|org.onap.dmaap-dr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-dr|admin +portal@portal.onap.org|org.onap.dmaap-mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr|admin +portal@portal.onap.org|org.onap.dmaap-mr.sunil.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.sunil|admin +portal@portal.onap.org|org.onap.dmaap-mr.test.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap-mr.test|admin +portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner +portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner +portal@portal.onap.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner +portal@portal.onap.org|org.onap.dmaap.mr.PNF_READY.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_READY|owner +portal@portal.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner +portal@portal.onap.org|org.onap.dmaap.mr.admin|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|admin +portal@portal.onap.org|org.onap.dmaap.mr.dgl_ready.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.dgl_ready|owner +portal@portal.onap.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner +portal@portal.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|mrtesttopic.sub +portal@portal.onap.org|org.onap.dmaap.mr.test1|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr|test1 +portal@portal.onap.org|org.onap.dmaap.mr.topic-000.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-000|owner +portal@portal.onap.org|org.onap.dmaap.mr.topic-001.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-001|owner +portal@portal.onap.org|org.onap.dmaap.mr.topic-002.owner|2020-09-05 12:09:20.000+0000|org.onap.dmaap.mr.topic-002|owner +portal@portal.onap.org|org.onap.holmes.admin|2020-09-05 12:09:20.000+0000|org.onap.holmes|admin +portal@portal.onap.org|org.onap.music.admin|2020-09-05 12:09:20.000+0000|org.onap.music|admin +portal@portal.onap.org|org.onap.music.owner|2020-09-05 12:09:20.000+0000|org.onap.music|owner +portal@portal.onap.org|org.onap.nbi.admin|2020-09-05 12:09:20.000+0000|org.onap.nbi|admin +portal@portal.onap.org|org.onap.ngi.admin|2020-09-05 12:09:20.000+0000|org.onap.ngi|admin +portal@portal.onap.org|org.onap.oof.admin|2020-09-05 12:09:20.000+0000|org.onap.oof|admin +portal@portal.onap.org|org.onap.policy.admin|2020-09-05 12:09:20.000+0000|org.onap.policy|admin +portal@portal.onap.org|org.onap.pomba.admin|2020-09-05 12:09:20.000+0000|org.onap.pomba|admin +portal@portal.onap.org|org.onap.portal.admin|2020-09-05 12:09:20.000+0000|org.onap.portal|admin +portal@portal.onap.org|org.onap.sdc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdc|admin +portal@portal.onap.org|org.onap.sdnc-cds.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc-cds|admin +portal@portal.onap.org|org.onap.sdnc.admin|2020-09-05 12:09:20.000+0000|org.onap.sdnc|admin +portal@portal.onap.org|org.onap.so.admin|2020-09-05 12:09:20.000+0000|org.onap.so|admin +portal@portal.onap.org|org.onap.vfc.admin|2020-09-05 12:09:20.000+0000|org.onap.vfc|admin +portal@portal.onap.org|org.onap.vid.admin|2020-09-05 12:09:20.000+0000|org.onap.vid|admin +portal@portal.onap.org|org.onap.vid1.admin|2020-09-05 12:09:20.000+0000|org.onap.vid1|admin +portal@portal.onap.org|org.onap.vid2.admin|2020-09-05 12:09:20.000+0000|org.onap.vid2|admin +portal@portal.onap.org|org.osaaf.aaf.admin|2020-09-05 12:09:20.000+0000|org.osaaf.aaf|admin +portal@portal.onap.org|org.osaaf.people.admin|2020-09-05 12:09:20.000+0000|org.osaaf.people|admin \ No newline at end of file diff --git a/auth/sample/data/sample.identities.dat b/auth/sample/data/sample.identities.dat index 8ca0ae1c..05308059 100644 --- a/auth/sample/data/sample.identities.dat +++ b/auth/sample/data/sample.identities.dat @@ -26,55 +26,55 @@ ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contract iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager # Portal Identities -portal|ONAP Portal Application|PORTAL|ONAP Application|||a|aaf_admin -shi|ONAP SHI Portal Identity|shi|Portal Application|||a|aaf_admin -demo|PORTAL DEMO|demo|PORTAL|DEMO|||e|aaf_admin -jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|||e|aaf_admin -cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|||e|aaf_admin -jm0007|PORTAL TESTER|jm|PORTAL TESTER|||e|aaf_admin -op0001|PORTAL OPS|op|PORTAL OPS|||e|aaf_admin -gv0001|GV PORTAL|gv|PORTAL|||e|aaf_admin -pm0001|PM PORTAL|pm|PORTAL|||e|aaf_admin -gs0001|GS PORTAL|gs|PORTAL|||e|aaf_admin -ps0001|PS PORTAL|ps|PORTAL|||e|aaf_admin +portal|ONAP Portal Application|PORTAL|ONAP Application|314-123-1234|portal@people.osaaf.com|a|aaf_admin +shi|ONAP SHI Portal Identity|shi|Portal Application|314-123-1234|shi@people.osaaf.com|a|aaf_admin +demo|PORTAL DEMO|demo|PORTAL|DEMO|314-123-1234|demo@people.osaaf.com|e|aaf_admin +jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|314-123-1234|jh0003@people.osaaf.com|e|aaf_admin +cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|314-123-1234|cs0008@people.osaaf.com|e|aaf_admin +jm0007|PORTAL TESTER|jm|PORTAL TESTER|314-123-1234|jm0007@people.osaaf.com|e|aaf_admin +op0001|PORTAL OPS|op|PORTAL OPS|314-123-1234|op0001@people.osaaf.com|e|aaf_admin +gv0001|GV PORTAL|gv|PORTAL|314-123-1234|gv0001@people.osaaf.com|e|aaf_admin +pm0001|PM PORTAL|pm|PORTAL|314-123-1234|pm0001@people.osaaf.com|e|aaf_admin +gs0001|GS PORTAL|gs|PORTAL|314-123-1234|gs0001@people.osaaf.com|e|aaf_admin +ps0001|PS PORTAL|ps|PORTAL|314-123-1234|ps0001@people.osaaf.com|e|aaf_admin # AAF Defined Users -aaf_admin|AAF Administrator|Mr AAF|AAF Admin|||e|mmanager -deployer|Deployer|Deployer|Depoyer|||e|aaf_admin +aaf_admin|AAF Administrator|Mr AAF|AAF Admin|314-123-1234|aaf_admin@people.osaaf.com|e|mmanager +deployer|Deployer|Deployer|Depoyer|314-123-1234|deployer@people.osaaf.com|e|aaf_admin # Requested Users -portal_admin|Portal Admin|Portal|Admin|||e|mmanager +portal_admin|Portal Admin|Portal|Admin|314-123-1234|portal_admin@people.osaaf.com|e|mmanager # ONAP App IDs -aaf|AAF Application|AAF|Application|||a|aaf_admin -aaf-sms|AAF SMS Application|AAF SMS|Application|||a|aaf_admin -clamp|ONAP CLAMP Application|CLAMP|Application|||a|mmanager -aai|ONAP AAI Application|AAI|ONAP Application|||a|mmanager -appc|ONAP APPC Application|APPC|ONAP Application|||a|mmanager -dcae|ONAP DCAE Application|CLAMP|ONAP Application|||a|mmanager -oof|ONAP OOF Application|OOF|ONAP Application|||a|mmanager -so|ONAP SO Application|SO|ONAP Application|||a|mmanager -sdc|ONAP SDC Application|SDC|ONAP Application|||a|mmanager -sdnc|ONAP SDNC Application|SDNC|ONAP Application|||a|mmanager -sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|||a|mmanager -vfc|ONAP VFC Application|VNC|ONAP Application|||a|mmanager -policy|ONAP Policy Application|POLICY|ONAP Application|||a|mmanager -pomba|ONAP Pomba Application|POMBA|ONAP Application|||a|mmanager -holmes|ONAP Holmes Application|HOLMES|ONAP Application|||a|mmanager -nbi|ONAP NBI Application|NBI|ONAP Application|||a|mmanager -music|ONAP MUSIC Application|MUSIC|ONAP Application|||a|mmanager +aaf|AAF Application|AAF|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin +aaf-sms|AAF SMS Application|AAF SMS|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin +clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dcae|ONAP DCAE Application|CLAMP|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +oof|ONAP OOF Application|OOF|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +so|ONAP SO Application|SO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdc|ONAP SDC Application|SDC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdnc|ONAP SDNC Application|SDNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vfc|ONAP VFC Application|VNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +policy|ONAP Policy Application|POLICY|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +pomba|ONAP Pomba Application|POMBA|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +holmes|ONAP Holmes Application|HOLMES|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +nbi|ONAP NBI Application|NBI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +music|ONAP MUSIC Application|MUSIC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager # VID Identities -vid|ONAP VID Application|VID|ONAP Application|||a|mmanager -vid1|ONAP VID Application 1|VID 1|ONAP Application|||a|mmanager -vid2|ONAP VID Application 2|VID 2|ONAP Application|||a|mmanager +vid|ONAP VID Application|VID|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vid1|ONAP VID Application 1|VID 1|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +vid2|ONAP VID Application 2|VID 2|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager # DMAAP Identities -dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|||a|mmanager -dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|||a|mmanager -dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|||a|mmanager -dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|||a|mmanager -dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|||a|mmanager -dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|||a|mmanager -dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager +dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager +dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager #deprecate these in El Alto -dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager -#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|||a|mmanager +dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager +#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager diff --git a/auth/unix/.gitignore b/auth/unix/.gitignore new file mode 100644 index 00000000..01d95ac9 --- /dev/null +++ b/auth/unix/.gitignore @@ -0,0 +1,2 @@ +l.props +*.swp diff --git a/auth/unix/firstAsRoot.sh b/auth/unix/firstAsRoot.sh new file mode 100644 index 00000000..8a66130b --- /dev/null +++ b/auth/unix/firstAsRoot.sh @@ -0,0 +1,20 @@ +# +. ./l.props +if [ -z "$1" ]; then + echo "Enter 'user:group' for the directory after creation" + read CHOWN +else + CHOWN="$1" +fi + + +for D in $INSTALL_DIR $ORG_DIR; do + if [ -e $D ]; then + echo "$D already exists" + else + mkdir -p $D + echo "$D created" + fi + echo "Setting Ownership of $D to $CHOWN" + chown $CHOWN $D +done diff --git a/auth/unix/install.sh b/auth/unix/install.sh new file mode 100644 index 00000000..da072bfd --- /dev/null +++ b/auth/unix/install.sh @@ -0,0 +1,308 @@ +#! /bin/sh + +############################## +# STATICALLY Named Properties +# The Batch class to start +BATCH_CLS="${CATCH_CLS:=org.onap.aaf.auth.batch.Batch}" + +############################## +# Initial Setup for AAF, on regular UNIX O/Ss (not Docker) +. ./l.props + +############################## +# Functions + +# SED needs escaped slashes +function escSlash { + echo "${1//\//\\\/}" +} + +function debug { + if [ -n "$DEBUG" ]; then + echo "$*" + fi +} + + +############################## +# TEST if ORG_DIR and INSTALL_DIR are writable by this script +if [ -z "$ORG_DIR" ]; then echo "Shell variable ORG_DIR must be set"; exit 1; fi +if [ -z "$INSTALL_DIR" ]; then echo "Shell variable INSTALL_DIR must be set"; exit 1; fi + +for D in "$ORG_DIR" "$INSTALL_DIR"; do + if [ -w "$D" ]; then + debug "$D is writable by $USER" + else + echo "$D must be writable by $USER to continue..." + echo "You may run 'firstAsRoot.sh :' as root to fix this issue, or fix manually" + exit 1 + fi +done + +# If not set, use HOSTNAME +CASSANDRA_CLUSTERS=${CASSANDRA_CLUSTERS:=$HOSTNAME} +ORIG_NS="org.osaaf.aaf" +ROOT_NS="${ROOT_NS:=$ORIG_NS}" +AAF_ID="${AAF_ID:=aaf@aaf.osaaf.org}" + +############################## +# DEFINES +JAVA_AGENT="-Dcadi_prop_files=$ORG_DIR/local/$ROOT_NS.props org.onap.aaf.cadi.configure.Agent" + +############################## +# Create directory Structure +INSTALL_DIR=${INSTALL_DIR:=/opt/app/aaf} +for D in "" "status" "cass_init" "cass_init/dats"; do + if [ -e "$INSTALL_DIR/$D" ]; then + debug "$INSTALL_DIR/$D exists" + else + mkdir -p "$INSTALL_DIR/$D" + debug "created $INSTALL_DIR/$D " + fi +done + +############################## +# Check for previous install, backup as necessary +if [[ -e $INSTALL_DIR/AAF_VERSION && "$VERSION" = "$(cat $INSTALL_DIR/AAF_VERSION)" ]]; then + echo Current Version +elif [ -e $INSTALL_DIR/lib ]; then + PREV_VER="$(cat $INSTALL_DIR/AAF_VERSION)" + echo Backing up $PREV_VER + if [ -e $INSTALL_DIR/$PREV_VER ]; then + rm -Rf $INSTALL_DIR/$PREV_VER + fi + mkdir $INSTALL_DIR/$PREV_VER + mv $INSTALL_DIR/bin $INSTALL_DIR/lib $INSTALL_DIR/theme $INSTALL_DIR/$PREV_VER + echo "Backed up bin,lib and theme to $INSTALL_DIR/$PREV_VER" +fi + +############################## +# Copy from Compiled Version +cp -Rf ../aaf_$VERSION/* $INSTALL_DIR +echo $VERSION > $INSTALL_DIR/AAF_VERSION + +############################## +# Add Theme links +for D in "$ORG_DIR" "$ORG_DIR/public"; do + if [ -e "$D/theme" ]; then + debug "$D/theme exists" + else + debug "Soft Linking theme $INSTALL_DIR/theme to $D" + ln -s "$INSTALL_DIR/theme" "$D" + fi +done + +############################## +# Copy from Cass Samples +debug "Copying Casssandra Samples to $INSTALL_DIR/cass_init" +cp ../auth-cass/cass_init/*.cql $INSTALL_DIR/cass_init +cp $(ls ../auth-cass/cass_init/*.sh | grep -v push.sh | grep -v restore.sh) $INSTALL_DIR/cass_init + +############################## +# adjust push.sh and restore.sh +BATCH_JAR=$(find .. -name aaf-auth-batch-$VERSION.jar) +if [ -z "$BATCH_JAR" ]; then + if [ -z "$INSTALL_DIR/lib/aaf-auth-batch-$VERSION.jar" ]; then + echo "You need to build the AAF Jars with 'mvn' for $VERSION to continue this configuration" + exit 1 + fi +else + debug "Copying $BATCH_JAR to $INSTALL_DIR/lib" + cp $BATCH_JAR $INSTALL_DIR/lib +fi + +DEF_ORG_JAR=$(find .. -name aaf-auth-deforg-$VERSION.jar | head -1) +if [ -z "$DEF_ORG_JAR" ]; then + echo "You need to build the deforg jar to continue this configuration" + exit 1 +else + echo "Copying $DEF_ORG_JAR to $INSTALL_DIR/lib" + cp $DEF_ORG_JAR $INSTALL_DIR/lib +fi + +# Note: Docker Cass only needs Batch Jar, but AAF on the disk can have only one lib +# so we copy just the Batch jar +for S in push.sh restore.sh; do + debug "Writing Cassandra $INSTALL_DIR/cass_init/$S script with replacements" + sed -e "/CQLSH=.*/s//CQLSH=\"cqlsh -k authz $CASSANDRA_CLUSTERS\"/" \ + -e "/-jar .*full.jar/s//-cp .:$(escSlash $INSTALL_DIR/lib/)* $BATCH_CLS /" \ + ../auth-cass/cass_init/$S > $INSTALL_DIR/cass_init/$S +done + +############################## +# adjust authBatch.props +CHANGES="-e /GUI_URL=.*/s//GUI_URL=https:\/\/$HOSTNAME:8095\/gui/" + +for TAG in "LATITUDE" "LONGITUDE"; do + CHANGES="$CHANGES -e /${TAG,,}=.*/s//cadi_${TAG,,}=${!TAG}/" +done + +CHANGES="$CHANGES -e /aaf_data_dir=.*/s//aaf_data_dir=$(escSlash $ORG_DIR/data)/" + +# Cassandra Properties have dots in them, which cause problems for BASH processing +for TAG in "CASSANDRA_CLUSTERS" "CASSANDRA_CLUSTERS_PORT" "CASSANDRA_CLUSTERS_USER" "CASSANDRA_CLUSTERS_PASSWORD"; do + VALUE="${!TAG}" + if [ ! -z "$VALUE" ]; then + DOTTED="${TAG//_/.}" + NTAG=${DOTTED,,} + CHANGES="$CHANGES -e /${NTAG}=.*/s//${NTAG}=${!TAG}/" + fi +done + +echo "Writing Batch Properties with conversions to $INSTALL_DIR/cass_init/authBatch.props" +debug "Conversions: $CHANGES" +sed $CHANGES ../auth-cass/cass_init/authBatch.props > $INSTALL_DIR/cass_init/authBatch.props + +############################## +# Setup Organizational Data Directories +for D in $ORG_DIR/data $ORG_DIR/local $ORG_DIR/logs $ORG_DIR/public $ORG_DIR/etc $ORG_DIR/bin; do + if [ ! -e $D ]; then + debug "Creating $D" + mkdir -p $D + fi +done + +############################## +# Convert generated bin files to correct ORG DIR +for B in $(ls $INSTALL_DIR/bin | grep -v .bat); do + sed -e "/cadi_prop_files=/s//aaf_log4j_prefix=$ROOT_NS cadi_prop_files=/" \ + -e "/$ORIG_NS/s//$ROOT_NS/g" \ + -e "/$(escSlash /opt/app/osaaf)/s//$(escSlash $ORG_DIR)/g" \ + -e "/^CLASSPATH=.*/s//CLASSPATH=$(escSlash $INSTALL_DIR/lib/)*/" \ + $INSTALL_DIR/bin/$B > $ORG_DIR/bin/$B + chmod u+x $ORG_DIR/bin/$B + debug "Converted generated app $B and placed in $INSTALL_DIR/bin" +done + +############################## +# Create new Initialized Data from ONAP "sample" +if [ "$1" = "sample" ]; then + ############################## + # Copy sample dat files + # (ONAP Samples) + echo "### Copying all ONAP Sample data" + cp ../sample/cass_data/*.dat $INSTALL_DIR/cass_init/dats + + # Scrub data, because it is coming from ONAP Test systems, + # and also, need current dates + echo "### Scrubbing ONAP Sample data" + mkdir -p $INSTALL_DIR/cass_init/data + cp ../sample/data/sample.identities.dat $INSTALL_DIR/cass_init/data + CURR=$(pwd) + cd $INSTALL_DIR/cass_init/dats + bash $CURR/../sample/cass_data/scrub.sh + cd $CURR + rm -Rf $INSTALL_DIR/cass_init/data + + ############################## + # Sample Identities + # Only create if not exists. DO NOT OVERWRITE after that + if [ ! -e $ORG_DIR/data/identities.dat ]; then + cp ../sample/data/sample.identities.dat $ORG_DIR/data/identities.dat + fi + + ############################## + # ONAP Test Certs and p12s + cp ../sample/cert/AAF_RootCA.cer $ORG_DIR/public + for F in $(ls ../sample/cert | grep b64); do + if [ ! -e "$F" ]; then + if [[ $F = "trust"* ]]; then + SUB=public + else + SUB=local + fi + if [[ $F = "demoONAPsigner"* ]]; then + FILENAME="$ROOT_NS.signer.p12" + else + FILENAME="${F/.b64/}" + fi + base64 -d ../sample/cert/$F > $ORG_DIR/$SUB/$FILENAME + fi + done + + if [ ! -e "$ORG_DIR/CA" ]; then + cp -Rf ../../conf/CA $ORG_DIR + fi + + FILE="$ORG_DIR/local/$ROOT_NS.p12" + if [ ! -e $FILE ]; then + echo "Bootstrap Creation of Keystore from Signer" + cd $ORG_DIR/CA + + # Redo all of this after Dublin + export cadi_x509_issuers="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" + export signer_subj="/CN=intermediateCA_9/OU=OSAAF/O=ONAP/C=US" + bash bootstrap.sh $ORG_DIR/local/$ROOT_NS.signer.p12 'something easy' + cp aaf.bootstrap.p12 $FILE + + cd - +# if [ -n "$CADI_X509_ISSUERS" ]; then +# CADI_X509_ISSUERS="$CADI_X509_ISSUERS:" +# fi +# BOOT_ISSUER="$(cat aaf.bootstrap.issuer)" +# CADI_X509_ISSUERS="$CADI_X509_ISSUERS$BOOT_ISSUER" +# +# I=${BOOT_ISSUER##CN=};I=${I%%,*} +# CM_CA_PASS="something easy" +# CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,$LOCAL/$ROOT_NS.signer.p12;aaf_intermediate_9;enc:" +# CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer" +# echo "Generated ONAP Test AAF certs" + fi + + ############################## + # Initial Properties + debug "Create Initial Properties" + if [ ! -e $ORG_DIR/local/$ROOT_NS.props ]; then + for F in $(ls ../sample/local/$ORIG_NS.*); do + NEWFILE="$ORG_DIR/local/${F/*$ORIG_NS./$ROOT_NS.}" + sed -e "/$ORIG_NS/s//$ROOT_NS/g" \ + $F > $NEWFILE + debug "Created $NEWFILE" + done + for D in public etc logs; do + for F in $(ls ../sample/$D); do + NEWFILE="$ORG_DIR/$D/${F/*$ORIG_NS./$ROOT_NS.}" + sed -e "/$(escSlash /opt/app/osaaf)/s//$(escSlash $ORG_DIR)/g" \ + -e "/$ORIG_NS/s//$ROOT_NS/g" \ + ../sample/$D/$F > $NEWFILE + echo "Created $NEWFILE" + done + done + + ############################## + # Set Cassandra Variables + CHANGES="" + for TAG in "CASSANDRA_CLUSTERS" "CASSANDRA_CLUSTERS_PORT" "CASSANDRA_CLUSTERS_USER" "CASSANDRA_CLUSTERS_PASSWORD"; do + VALUE="${!TAG}" + if [ ! -z "$VALUE" ]; then + DOTTED="${TAG//_/.}" + NTAG=${DOTTED,,} + CHANGES="$CHANGES -e /${NTAG}=.*/s//${NTAG}=${!TAG}/" + fi + done + mv $ORG_DIR/local/$ROOT_NS.cassandra.props $ORG_DIR/local/$ROOT_NS.cassandra.props.backup + sed $CHANGES $ORG_DIR/local/$ROOT_NS.cassandra.props.backup > $ORG_DIR/local/$ROOT_NS.cassandra.props + + ############################## + # CADI Config Tool + + # Change references to /opt/app/osaaf to ORG_DIR + sed -e "/$(escSlash /opt/app/osaaf)/s//$(escSlash $ORG_DIR)/g" \ + -e "/$ORIG_NS/s//$ROOT_NS/" \ + -e "/$ORIG_AAF_ID/s//$AAF_ID/" \ + ../sample/local/aaf.props > _temp.props + + java -cp $INSTALL_DIR/lib/\* $JAVA_AGENT config \ + $AAF_ID \ + aaf_root_ns=$ROOT_NS \ + cadi_etc_dir=$ORG_DIR/local \ + cadi_latitude=${LATITUDE} \ + cadi_longitude=${LONGITUDE} \ + aaf_data_dir=$ORG_DIR/data \ + aaf_locate_url=${AAF_LOCATE_URL:=https://$HOSTNAME:8095} \ + cadi_prop_files=_temp.props:../sample/local/initialConfig.props + rm _temp.props + fi + +fi + diff --git a/auth/unix/l.props.init b/auth/unix/l.props.init new file mode 100644 index 00000000..c9726ded --- /dev/null +++ b/auth/unix/l.props.init @@ -0,0 +1,24 @@ +# Properties about your machine +ROOT_NS=org.test.aaf +AAF_ID=aaf@aaf.test.org +ORG_DIR=/opt/app/test +INSTALL_DIR=/opt/app/aaf +ORG_DIR=/opt/app/osaaf +VERSION=2.1.20-SNAPSHOT + +# Add Debugging Messages +# DEBUG=true + +# If you need a Locator URL that isn't this HOSTNAME, then set here +# AAF_LOCATE_URL=https://:8095 + +# Note: If you do not know your machine's GPS Coord, http://bing.com/maps shows by directory +LATITUDE=38.0 +LONGITUDE=-90.0 + +# CASSANDRA - Assumes out-of-the-box Passwords until changed, or adding CADI Security +#CASSANDRA_CLUSTERS= +CASSANDRA_CLUSTERS_PORT=9042 +CASSANDRA_CLUSTERS_USER=cassandra +CASSANDRA_CLUSTERS_PASSWORD=cassandra + diff --git a/cadi/aaf/.gitignore b/cadi/aaf/.gitignore index 1bcf2ef5..13a38bef 100644 --- a/cadi/aaf/.gitignore +++ b/cadi/aaf/.gitignore @@ -3,3 +3,4 @@ /target/ /.project /tokens/ +/.checkstyle diff --git a/cadi/aaf/pom.xml b/cadi/aaf/pom.xml index 5d277be5..5077ddb9 100644 --- a/cadi/aaf/pom.xml +++ b/cadi/aaf/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.authz cadiparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. diff --git a/cadi/aaf/src/assemble/cadi-aaf.xml b/cadi/aaf/src/assemble/cadi-aaf.xml index 63741ffa..64bc8eec 100644 --- a/cadi/aaf/src/assemble/cadi-aaf.xml +++ b/cadi/aaf/src/assemble/cadi-aaf.xml @@ -12,16 +12,6 @@ true compile - - org.onap.aaf.authz:aaf-auth-client - org.onap.aaf.authz:aaf-cadi-aaf - org.onap.aaf.authz:aaf-cadi-core - org.onap.aaf.authz:aaf-cadi-client - org.onap.aaf.authz:aaf-misc-env - org.onap.aaf.authz:aaf-misc-rosetta - javax.xml.bind:jaxb-api - org.glassfish.jaxb:jaxb-runtime - diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java index 0b1238ab..6301ac3c 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java @@ -83,6 +83,7 @@ public class TestConnectivity { SecuritySetter ss = si.defSS; permTest(locator,ss); + basicAuthTest(locator,ss); } else { ///////// print(true,"Test Connections driven by AAFLocator"); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java index c48e35f4..e16782fa 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java @@ -22,13 +22,19 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.io.IOException; +import java.net.URI; +import java.util.ArrayList; +import java.util.List; import org.onap.aaf.cadi.AbsUserCache; +import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CachedPrincipal; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.User; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.locator.SingleEndpointLocator; import org.onap.aaf.cadi.lur.ConfigPrincipal; import aaf.v2_0.CredRequest; @@ -103,7 +109,7 @@ public class AAFAuthn extends AbsUserCache { } } - AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.cleanInterval); + AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.userExpires); // Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch // Statement switch(cp.revalidate(state)) { @@ -111,13 +117,13 @@ public class AAFAuthn extends AbsUserCache { if (usr!=null) { usr.principal = cp; } else { - addUser(new User(cp,con.timeout)); + addUser(new User(cp,con.userExpires)); } return null; case INACCESSIBLE: return "AAF Inaccessible"; case UNVALIDATED: - addUser(new User(user,bytes,con.timeout)); + addUser(new User(user,bytes,con.userExpires)); return "user/pass combo invalid for " + user; case DENIED: return "AAF denies API for " + user; @@ -137,32 +143,50 @@ public class AAFAuthn extends AbsUserCache { } public Resp revalidate(Object state) { - try { - Miss missed = missed(getName(),getCred()); - if (missed==null || missed.mayContinue()) { - CredRequest cr = new CredRequest(); - cr.setId(getName()); - cr.setPassword(new String(getCred())); - Future fp = con.client().readPost("/authn/validate", con.credReqDF, cr); - //Rcli client = con.client().forUser(con.basicAuth(getName(), new String(getCred()))); - //Future fp = client.read( - // "/authn/basicAuth", - // "text/plain" - // ); - if (fp.get(con.timeout)) { - expires = System.currentTimeMillis() + timeToLive; - addUser(new User(this, expires)); - return Resp.REVALIDATED; + int maxRetries = 15; + try { // these SHOULD be an AAFConHttp and a AAFLocator or SingleEndpointLocator objects, but put in a try to be safe + AAFConHttp forceCastCon = (AAFConHttp) con; + if (forceCastCon.hman().loc instanceof SingleEndpointLocator) { + maxRetries = 1; // we cannot retry the single LGW gateway! + } else { + AAFLocator forceCastLoc = (AAFLocator) forceCastCon.hman().loc; + maxRetries = forceCastLoc.maxIters(); + } + } catch (Exception e) { + access.log(Access.Level.DEBUG, e); + } + List attemptedUris = new ArrayList<>(); + URI thisUri = null; + for (int retries = 0;; retries++) { + try { + Miss missed = missed(getName(), getCred()); + if (missed == null || missed.mayContinue()) { + Rcli client = con.clientIgnoreAlreadyAttempted(attemptedUris).forUser(con.basicAuth(getName(), new String(getCred()))); + thisUri = client.getURI(); + Future fp = client.read( + "/authn/basicAuth", + "text/plain" + ); + if (fp.get(con.timeout)) { + expires = System.currentTimeMillis() + timeToLive; + addUser(new User(this, timeToLive)); + return Resp.REVALIDATED; + } else { + addMiss(getName(), getCred()); + return Resp.UNVALIDATED; + } } else { - addMiss(getName(), getCred()); return Resp.UNVALIDATED; } - } else { - return Resp.UNVALIDATED; + } catch (Exception e) { + if (thisUri != null) { + attemptedUris.add(thisUri); + } + con.access.log(e); + if (retries > maxRetries) { + return Resp.INACCESSIBLE; + } } - } catch (Exception e) { - con.access.log(e); - return Resp.INACCESSIBLE; } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index 7c315e1a..98303092 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -23,6 +23,7 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.net.URI; import java.net.UnknownHostException; +import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -181,8 +182,7 @@ public abstract class AAFCon implements Connector { usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based app=FQI.reverseDomain(si.defSS.getID()); - //TODO Get Realm from AAF - realm="people.osaaf.org"; + realm = access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm()); env = new RosettaEnv(); permsDF = env.newDataFactory(Perms.class); @@ -266,6 +266,24 @@ public abstract class AAFCon implements Connector { } + /** + * Use this call to get the appropriate client based on configuration (HTTP, future), + * ignoring those already attempted, using the default api version + * + * @param attemptedClients + * @return + * @throws CadiException + */ + public Rcli clientIgnoreAlreadyAttempted(List attemptedClients) throws CadiException { + Rcli client = rclient(attemptedClients, si.defSS); + client.apiVersion(apiVersion) + .readTimeout(connTimeout); + clients.put(apiVersion, client); + + return client; + } + + public RosettaEnv env() { return env; } @@ -337,6 +355,8 @@ public abstract class AAFCon implements Connector { protected abstract Rcli rclient(URI uri, SecuritySetter ss) throws CadiException; + protected abstract Rcli rclient(List uris, SecuritySetter ss) throws CadiException; + public abstract Rcli rclient(Locator loc, SecuritySetter ss) throws CadiException; public Rcli client(Locator locator) throws CadiException { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java index 7ccf3e60..84ef788c 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java @@ -24,6 +24,7 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.io.IOException; import java.net.HttpURLConnection; import java.net.URI; +import java.util.List; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CadiException; @@ -136,6 +137,34 @@ public class AAFConHttp extends AAFCon { } } + protected Rcli rclient(List ignoredURIs, SecuritySetter ss) throws CadiException { + if (hman.loc==null) { + throw new CadiException("No Locator set in AAFConHttp"); + } + try { + if (ignoredURIs.isEmpty()) { + return new HRcli(hman, hman.loc.best(), ss); + } else { + Item item = hman.loc.first(); + HRcli currentClient = new HRcli(hman, item, ss); + + item = hman.loc.next(item); + + while (item != null) { + if (!ignoredURIs.contains(currentClient.getURI())) { + break; + } else { + currentClient = new HRcli(hman, item, ss); + } + item = hman.loc.next(item); + } + return currentClient; + } + } catch (Exception e) { + throw new CadiException(e); + } + } + @Override public Rcli rclient(Locator loc, SecuritySetter ss) throws CadiException { try { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java index 8b91c74a..01a540b4 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java @@ -61,7 +61,7 @@ import aaf.v2_0.Perms; * */ public class AAFLurPerm extends AbsAAFLur { - private static final String ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR = "org.osaaf.cadi.oauth.OAuth2Lur"; + private static final String ORG_ONAP_AAF_CADI_OAUTH_OAUTH_2_LUR = "org.onap.aaf.cadi.oauth.OAuth2Lur"; /** * Need to be able to transmutate a Principal into either Person or AppID, which are the only ones accepted at this @@ -87,14 +87,14 @@ public class AAFLurPerm extends AbsAAFLur { private void attachOAuth2(AAFCon con) throws APIException { String oauth2_url; - Class tmcls = Config.loadClass(access,"org.osaaf.cadi.oauth.TokenMgr"); + Class tmcls = Config.loadClass(access,"org.onap.aaf.cadi.oauth.TokenMgr"); if (tmcls!=null) { if ((oauth2_url = con.access.getProperty(Config.CADI_OAUTH2_URL,null))!=null) { try { Constructor tmconst = tmcls.getConstructor(AAFCon.class,String.class); Object tokMangr = tmconst.newInstance(con,oauth2_url); @SuppressWarnings("unchecked") - Class oa2cls = (Class)Config.loadClass(access,ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR); + Class oa2cls = (Class)Config.loadClass(access, ORG_ONAP_AAF_CADI_OAUTH_OAUTH_2_LUR); Constructor oa2const = oa2cls.getConstructor(tmcls); Lur oa2 = oa2const.newInstance(tokMangr); setPreemptiveLur(oa2); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java index 74f0916d..db606a50 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java @@ -128,6 +128,12 @@ public class Agent { public static void main(String[] args) { int exitCode = 0; doExit = true; + for (String arg: args) { + if ("-noexit".equalsIgnoreCase(arg)) { + doExit = false; + } + } + if (args.length>0 && "cadi".equals(args[0])) { String[] newArgs = new String[args.length-1]; System.arraycopy(args, 1, newArgs, 0, newArgs.length); @@ -184,11 +190,16 @@ public class Agent { } if(access==null) { + boolean createOutsideForLoop = false; for(Entry es : System.getProperties().entrySet()) { if(Config.CADI_PROP_FILES.equals(es.getKey())) { - access = new PropAccess(); + createOutsideForLoop = true; + break; } } + if(createOutsideForLoop) { + access = new PropAccess(); + } } // When using Config file, check if Cred Exists, and if not, work with Deployer. @@ -221,6 +232,7 @@ public class Agent { } } + if (aafsso!=null && aafsso.loginOnly()) { aafsso.setLogDefault(); aafsso.writeFiles(); @@ -230,9 +242,7 @@ public class Agent { Deque cmds = new ArrayDeque(); for (String p : args) { int eq; - if ("-noexit".equalsIgnoreCase(p)) { - doExit = false; - } else if ((eq=p.indexOf('=')) < 0) { + if ((eq=p.indexOf('=')) < 0) { cmds.add(p); } else { access.setProperty(p.substring(0,eq), p.substring(eq+1)); @@ -299,49 +309,44 @@ public class Agent { } - String cmd = cmds.removeFirst(); switch(cmd) { case "place": - placeCerts(trans,aafcon(access),cmds); + exitCode = placeCerts(trans,aafcon(access),cmds); break; case "create": - createArtifact(trans, aafcon(access),cmds); + exitCode = createArtifact(trans, aafcon(access),cmds); break; case "read": - readArtifact(trans, aafcon(access), cmds); + exitCode = readArtifact(trans, aafcon(access), cmds); break; case "copy": - copyArtifact(trans, aafcon(access), cmds); + exitCode = copyArtifact(trans, aafcon(access), cmds); break; case "update": - updateArtifact(trans, aafcon(access), cmds); + exitCode = updateArtifact(trans, aafcon(access), cmds); break; case "delete": - deleteArtifact(trans, aafcon(access), cmds); + exitCode = deleteArtifact(trans, aafcon(access), cmds); break; case "showpass": - showPass(trans, aafcon(access), cmds); + exitCode = showPass(trans, aafcon(access), cmds); break; case "keypairgen": - keypairGen(trans, access, cmds); + exitCode = keypairGen(trans, access, cmds); break; case "config": - config(trans,access,args,cmds); + exitCode = config(trans,access,args,cmds); break; case "validate": - validate(access); + exitCode = validate(access); break; case "check": - try { - exitCode = check(trans,aafcon(access),cmds); - } catch (Exception e) { - exitCode = 1; - throw e; - } + exitCode = check(trans,aafcon(access),cmds); break; default: AAFSSO.cons.printf("Unknown command \"%s\"\n", cmd); + break; } } finally { StringBuilder sb = new StringBuilder(); @@ -356,9 +361,10 @@ public class Agent { } } catch (Exception e) { e.printStackTrace(); + exitCode = 1; } } - if (exitCode != 0 && doExit) { + if (doExit) { System.exit(exitCode); } } @@ -478,7 +484,8 @@ public class Agent { return Split.split(',', machines); } - private static void createArtifact(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + private static int createArtifact(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; final String mechID = fqi(cmds); final String machine = machine(cmds); @@ -506,18 +513,20 @@ public class Agent { arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30"))); arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", ""))); - TimeTaken tt = trans.start("Create Artifact", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Create Artifact", Env.REMOTE); try { Future future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts); if (future.get(TIMEOUT)) { - trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine()); + transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine()); + success = true; } else { - trans.error().printf("Call to AAF Certman failed, %s", + transitiveInfo.error().printf("Call to AAF Certman failed, %s", errMsg.toMsg(future)); } } finally { tt.done(); } + return success ? 0 : 1; } private static String toNotification(String notification) { @@ -531,19 +540,27 @@ public class Agent { return notification; } - - private static void readArtifact(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit cocde for shell + * @throws Exception + */ + private static int readArtifact(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { String mechID = fqi(cmds); String machine = machine(cmds); + boolean success = false; - TimeTaken tt = trans.start("Read Artifact", Env.SUB); + TimeTaken tt = transitiveInfo.start("Read Artifact", Env.SUB); try { Future future = aafcon.client(CM_VER) - .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + trans.getProperty("oauth_token")); + .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + transitiveInfo.getProperty("oauth_token")); if (future.get(TIMEOUT)) { - boolean printed = false; - for (Artifact a : future.value.getArtifact()) { + List artifacts = future.value.getArtifact(); + for (Artifact a : artifacts) { AAFSSO.cons.printf("AppID: %s\n",a.getMechid()); AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor()); AAFSSO.cons.printf("Machine: %s\n",a.getMachine()); @@ -561,64 +578,83 @@ public class Agent { AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser()); AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays()); AAFSSO.cons.printf("Notification %s\n",a.getNotification()); - printed = true; } - if (!printed) { + if (artifacts.isEmpty()) { AAFSSO.cons.printf("Artifact for %s %s does not exist\n", mechID, machine); + } else { + success = true; } } else { - trans.error().log(errMsg.toMsg(future)); + transitiveInfo.error().log(errMsg.toMsg(future)); } } finally { tt.done(); } + return success ? 0 : 1; } - private static void copyArtifact(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int copyArtifact(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; String mechID = fqi(cmds); String machine = machine(cmds); String[] newmachs = machines(cmds); if (machine==null || newmachs == null) { - trans.error().log("No machines listed to copy to"); + transitiveInfo.error().log("No machines listed to copy to"); } else { - TimeTaken tt = trans.start("Copy Artifact", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Copy Artifact", Env.REMOTE); try { Future future = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); if (future.get(TIMEOUT)) { - boolean printed = false; for (Artifact a : future.value.getArtifact()) { for (String m : newmachs) { a.setMachine(m); Future fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value); if (fup.get(TIMEOUT)) { - trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m); + transitiveInfo.info().printf("Copy of %s %s successful to %s",mechID,machine,m); + success = true; } else { - trans.error().printf("Call to AAF Certman failed, %s", + transitiveInfo.error().printf("Call to AAF Certman failed, %s", errMsg.toMsg(fup)); } - - printed = true; } } - if (!printed) { + if (!success) { AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine); } } else { - trans.error().log(errMsg.toMsg(future)); + transitiveInfo.error().log(errMsg.toMsg(future)); } } finally { tt.done(); } } + return success ? 0 : 1; } - private static void updateArtifact(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int updateArtifact(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; String mechID = fqi(cmds); String machine = machine(cmds); - TimeTaken tt = trans.start("Update Artifact", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Update Artifact", Env.REMOTE); try { Future fread = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); @@ -663,45 +699,65 @@ public class Agent { } else { Future fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts); if (fup.get(TIMEOUT)) { - trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine); + transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",mechID,machine); + success = true; } else { - trans.error().printf("Call to AAF Certman failed, %s", + transitiveInfo.error().printf("Call to AAF Certman failed, %s", errMsg.toMsg(fup)); } } } else { - trans.error().printf("Call to AAF Certman failed, %s %s, %s", + transitiveInfo.error().printf("Call to AAF Certman failed, %s %s, %s", errMsg.toMsg(fread),mechID,machine); } } finally { tt.done(); } + return success ? 0 : 1; } - private static void deleteArtifact(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int deleteArtifact(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; String mechid = fqi(cmds); String machine = machine(cmds); - TimeTaken tt = trans.start("Delete Artifact", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Delete Artifact", Env.REMOTE); try { Future future = aafcon.client(CM_VER) .delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" ); if (future.get(TIMEOUT)) { - trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine); + transitiveInfo.info().printf("Call to AAF Certman successful %s, %s",mechid,machine); + success = true; } else { - trans.error().printf("Call to AAF Certman failed, %s %s, %s", + transitiveInfo.error().printf("Call to AAF Certman failed, %s %s, %s", errMsg.toMsg(future),mechid,machine); } } finally { tt.done(); } + return success ? 0 : 1; } - - private static boolean placeCerts(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { - boolean rv = false; + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int placeCerts(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; String mechID = fqi(cmds); String machine = machine(cmds); String[] fqdns = Split.split(':', machine); @@ -711,10 +767,15 @@ public class Agent { machine = fqdns[1]; } else { key = machine; - fqdns = machines(cmds); + if(cmds.size()>0) { + fqdns = machines(cmds); + } else { + // make sure machine is also in SANS + fqdns = new String[] {machine}; + } } - TimeTaken tt = trans.start("Place Artifact", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Place Artifact", Env.REMOTE); try { Future acf = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+key, artifactsDF); @@ -741,38 +802,44 @@ public class Agent { for (String type : a.getType()) { PlaceArtifact pa = placeArtifact.get(type); if (pa!=null) { - if (rv = pa.place(trans, capi, a,machine)) { - notifyPlaced(a,rv); - } + pa.place(transitiveInfo, capi, a,machine); + success = true; } } // Cover for the above multiple pass possibilities with some static Data, then clear per Artifact } else { - trans.error().log(errMsg.toMsg(f)); + transitiveInfo.error().log(errMsg.toMsg(f)); } } else { - trans.error().log("You must be OS User \"" + a.getOsUser() +"\" to place Certificates on this box"); + transitiveInfo.error().log("You must be OS User \"" + a.getOsUser() +"\" to place Certificates on this box"); } } } PropHolder.writeAll(); } else { - trans.error().log(errMsg.toMsg(acf)); + transitiveInfo.error().log(errMsg.toMsg(acf)); } } finally { tt.done(); } - return rv; + return success ? 0 : 1; } - private static void notifyPlaced(Artifact a, boolean rv) { - } - private static void showPass(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int showPass(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { + boolean success = false; String mechID = fqi(cmds); String machine = machine(cmds); - TimeTaken tt = trans.start("Show Password", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Show Password", Env.REMOTE); try { Future acf = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); @@ -794,7 +861,7 @@ public class Agent { if (pf.get(TIMEOUT)) { allowed = true; } else { - trans.error().log(errMsg.toMsg(pf)); + transitiveInfo.error().log(errMsg.toMsg(pf)); } } if (allowed) { @@ -823,23 +890,34 @@ public class Agent { System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString())); } } + success = true; } else { - trans.error().printf("%s.keyfile must exist to read passwords for %s on %s", + transitiveInfo.error().printf("%s.keyfile must exist to read passwords for %s on %s", f.getAbsolutePath(),a.getMechid(), a.getMachine()); } } } } } else { - trans.error().log(errMsg.toMsg(acf)); + transitiveInfo.error().log(errMsg.toMsg(acf)); } } finally { tt.done(); } + return success ? 0 : 1; } - private static void keypairGen(final Trans trans, final PropAccess access, final Deque cmds) throws IOException { + + /** + * + * @param transitiveInfo + * @param aafcon + * @param cmds + * @return exit code for shell + * @throws IOException + */ + private static int keypairGen(final Trans transitiveInfo, final PropAccess access, final Deque cmds) throws IOException { final String fqi = fqi(cmds); final String ns = FQI.reverseDomain(fqi); File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory @@ -849,21 +927,32 @@ public class Agent { String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath()); if (!"Y".equalsIgnoreCase(line)) { System.out.println("Canceling..."); - return; + return 0; } } - KeyPair kp = Factory.generateKeyPair(trans); - ArtifactDir.write(f, Chmod.to400, Factory.toString(trans, kp.getPrivate())); + KeyPair kp = Factory.generateKeyPair(transitiveInfo); + ArtifactDir.write(f, Chmod.to400, Factory.toString(transitiveInfo, kp.getPrivate())); System.out.printf("Wrote %s\n", f.getCanonicalFile()); f=new File(dir,ns+".pubkey"); - ArtifactDir.write(f, Chmod.to644, Factory.toString(trans, kp.getPublic())); + ArtifactDir.write(f, Chmod.to644, Factory.toString(transitiveInfo, kp.getPublic())); System.out.printf("Wrote %s\n", f.getCanonicalFile()); + return 0; } - private static void config(Trans trans, PropAccess propAccess, String[] args, Deque cmds) throws Exception { - TimeTaken tt = trans.start("Get Configuration", Env.REMOTE); + /** + * + * @param transitiveInfo + * @param propAccess + * @param args + * @param cmds + * @return exit code for shell + * @throws Exception + */ + private static int config(Trans transitiveInfo, PropAccess propAccess, String[] args, Deque cmds) throws Exception { + boolean success = true; + TimeTaken tt = transitiveInfo.start("Get Configuration", Env.REMOTE); try { final String fqi = fqi(cmds); Artifact arti = new Artifact(); @@ -881,7 +970,7 @@ public class Agent { app.add(Config.CADI_PROP_FILES, loc.getPath()+':'+cred.getPath()); for (String tag : LOC_TAGS) { - loc.add(tag, getProperty(propAccess, trans, false, tag, "%s: ",tag)); + loc.add(tag, getProperty(propAccess, transitiveInfo, false, tag, "%s: ",tag)); } String keyfile = cred.getKeyPath(); @@ -1001,7 +1090,7 @@ public class Agent { } else { aafcon = aafcon(propAccess); if (aafcon!=null) { // get Properties from Remote AAF - for (Props props : aafProps(trans,aafcon,getProperty(propAccess,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: "),fqi)) { + for (Props props : aafProps(transitiveInfo,aafcon,getProperty(propAccess,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: "),fqi)) { PropHolder ph = CRED_TAGS.contains(props.getTag())?cred:app; if(props.getTag().endsWith("_password")) { ph.addEnc(props.getTag(), props.getValue()); @@ -1018,29 +1107,39 @@ public class Agent { } finally { tt.done(); } + return success ? 0 : 1; } - public static List aafProps(Trans trans, AAFCon aafcon, String locator, String fqi) throws CadiException, APIException, LocatorException { + public static List aafProps(Trans transitiveInfo, AAFCon aafcon, String locator, String fqi) throws CadiException, APIException, LocatorException { Future acf = aafcon.client(new SingleEndpointLocator(locator)) .read("/configure/"+fqi+"/aaf", configDF); if (acf.get(TIMEOUT)) { return acf.value.getProps(); } else if (acf.code()==401){ - trans.error().log("Bad Password sent to AAF"); + transitiveInfo.error().log("Bad Password sent to AAF"); } else if (acf.code()==404){ - trans.error().log("This version of AAF does not support remote Properties"); + transitiveInfo.error().log("This version of AAF does not support remote Properties"); } else { - trans.error().log(errMsg.toMsg(acf)); + transitiveInfo.error().log(errMsg.toMsg(acf)); } return new ArrayList<>(); } - private static void validate(final PropAccess pa) throws LocatorException, CadiException, APIException { + /** + * + * @param pa + * @return exit code for shell + * @throws LocatorException + * @throws CadiException + * @throws APIException + */ + private static int validate(final PropAccess pa) throws LocatorException, CadiException, APIException { System.out.println("Validating Configuration..."); final AAFCon aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC(pa)); - aafcon.best(new Retryable() { + return aafcon.best(new Retryable() { @Override - public Void code(Rcli client) throws CadiException, ConnectException, APIException { + public Integer code(Rcli client) throws CadiException, ConnectException, APIException { + boolean success = false; Future fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF); if (fc.get(aafcon.timeout)) { System.out.print("Success connecting to "); @@ -1055,10 +1154,11 @@ public class Agent { System.out.print('|'); System.out.println(p.getAction()); } + success = true; } else { System.err.println("Error: " + fc.code() + ' ' + fc.body()); } - return null; + return success ? 0 : 1; } }); } @@ -1066,23 +1166,23 @@ public class Agent { /** * Check returns Error Codes, so that Scripts can know what to do * - * 0 - Check Complete, nothing to do - * 1 - General Error - * 2 - Error for specific Artifact - read check.msg - * 10 - Certificate Updated - check.msg is email content + *
    0 - Check Complete, nothing to do
+ *
    1 - General Error
+ *
    2 - Error for specific Artifact - read check.msg
+ *
    10 - Certificate Updated - check.msg is email content
* - * @param trans + * @param transitiveInfo * @param aafcon * @param cmds * @return * @throws Exception */ - private static int check(Trans trans, AAFCon aafcon, Deque cmds) throws Exception { + private static int check(Trans transitiveInfo, AAFCon aafcon, Deque cmds) throws Exception { int exitCode=1; String mechID = fqi(cmds); String machine = machine(cmds); - TimeTaken tt = trans.start("Check Certificate", Env.REMOTE); + TimeTaken tt = transitiveInfo.start("Check Certificate", Env.REMOTE); try { Future acf = aafcon.client(CM_VER) @@ -1109,15 +1209,15 @@ public class Agent { String prop; File f; - if ((prop=trans.getProperty(Config.CADI_KEYFILE))==null || + if ((prop=transitiveInfo.getProperty(Config.CADI_KEYFILE))==null || !(f=new File(prop)).exists()) { - trans.error().printf("Keyfile must exist to check Certificates for %s on %s", + transitiveInfo.error().printf("Keyfile must exist to check Certificates for %s on %s", a.getMechid(), a.getMachine()); } else { - String ksf = trans.getProperty(Config.CADI_KEYSTORE); - String ksps = trans.getProperty(Config.CADI_KEYSTORE_PASSWORD); + String ksf = transitiveInfo.getProperty(Config.CADI_KEYSTORE); + String ksps = transitiveInfo.getProperty(Config.CADI_KEYSTORE_PASSWORD); if (ksf==null || ksps == null) { - trans.error().printf("Properties %s and %s must exist to check Certificates for %s on %s", + transitiveInfo.error().printf("Properties %s and %s must exist to check Certificates for %s on %s", Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine()); } else { Symm symm = ArtifactDir.getSymm(f); @@ -1136,7 +1236,7 @@ public class Agent { if (cert==null) { msg = String.format("X509Certificate does not exist for %s on %s in %s", a.getMechid(), a.getMachine(), ksf); - trans.error().log(msg); + transitiveInfo.error().log(msg); exitCode = 2; } else { GregorianCalendar renew = new GregorianCalendar(); @@ -1145,14 +1245,14 @@ public class Agent { if (renew.after(now)) { msg = String.format("X509Certificate for %s on %s has been checked on %s. It expires on %s; it will not be renewed until %s.\n", a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew)); - trans.info().log(msg); + transitiveInfo.info().log(msg); exitCode = 0; // OK } else { - trans.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n", + transitiveInfo.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n", a.getMechid(), a.getMachine(),cert.getNotAfter()); cmds.offerLast(mechID); cmds.offerLast(machine); - if (placeCerts(trans,aafcon,cmds)) { + if (placeCerts(transitiveInfo,aafcon,cmds) == 0) { msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n", a.getMechid(), a.getMachine()); exitCode = 10; // Refreshed @@ -1178,7 +1278,7 @@ public class Agent { } } } else { - trans.error().log(errMsg.toMsg(acf)); + transitiveInfo.error().log(errMsg.toMsg(acf)); exitCode=1; } } finally { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java index febe01e2..c92edfb0 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java @@ -28,5 +28,14 @@ import org.onap.aaf.cadi.CadiException; import org.onap.aaf.misc.env.Trans; public interface PlaceArtifact { - public boolean place(Trans trans, CertInfo cert, Artifact arti, String machine) throws CadiException; + /** + * + * @param transientInfo of the caller + * @param certificateInfo describing the certificate + * @param artifact + * @param machineName + * @return if successful, true, otherwise false + * @throws CadiException + */ + public boolean place(Trans transientInfo, CertInfo certificateInfo, Artifact artifact, String machineName) throws CadiException; } diff --git a/cadi/client/.gitignore b/cadi/client/.gitignore index 6028f0a5..112dedb3 100644 --- a/cadi/client/.gitignore +++ b/cadi/client/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/cadi/client/pom.xml b/cadi/client/pom.xml index 8217f646..1ecc96ae 100644 --- a/cadi/client/pom.xml +++ b/cadi/client/pom.xml @@ -22,7 +22,7 @@ org.onap.aaf.authz cadiparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java index c7b2605f..199276bc 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java @@ -47,7 +47,6 @@ import org.onap.aaf.misc.env.Data; import org.onap.aaf.misc.env.Data.TYPE; import org.onap.aaf.misc.env.util.Pool.Pooled; import org.onap.aaf.misc.rosetta.env.RosettaDF; - /** * Low Level Http Client Mechanism. Chances are, you want the high level "HRcli" * for Rosetta Object Translation @@ -395,9 +394,9 @@ public class HClient implements EClient { is = huc.getInputStream(); // reuse Buffers Pooled pbuff = Rcli.buffPool.get(); - try { + try { while ((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); + os.write(pbuff.content,0,read); } } finally { pbuff.done(); @@ -411,9 +410,9 @@ public class HClient implements EClient { if (is!=null) { errContent = new StringBuilder(); Pooled pbuff = Rcli.buffPool.get(); - try { + try { while ((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); + os.write(pbuff.content,0,read); } } finally { pbuff.done(); diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java index 862868f0..e9e9708f 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java @@ -25,12 +25,20 @@ import java.net.URISyntaxException; import java.util.Date; import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.config.SecurityInfoC; public class SingleEndpointLocator implements SizedLocator { private final URI uri; private final static Item item = new Item() {}; private Date noRetryUntil; + /** + * New constructor that works with the Config.loadLocator function + */ + public SingleEndpointLocator(final SecurityInfoC sec, final URI uri) throws LocatorException { + this.uri = uri; + } + public SingleEndpointLocator(final URI uri) { this.uri = uri; } diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java index 77213e6a..69632e57 100644 --- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java +++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java @@ -22,6 +22,7 @@ package org.onap.aaf.cadi.locator.test; import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.anyOf; import static org.junit.Assert.assertThat; import static org.junit.Assert.fail; @@ -58,9 +59,9 @@ public class JU_DNSLocator { item = dl.best(); uri = dl.get(item); - assertThat(uri.toString(), is("https://localhost:8100")); + assertThat(uri.toString(), anyOf(is("https://localhost:8100"), is("https://127.0.0.1:8100"))); item = dl.best(); - assertThat(uri.toString(), is("https://localhost:8100")); + assertThat(uri.toString(), anyOf(is("https://localhost:8100"), is("https://127.0.0.1:8100"))); assertThat(dl.hasItems(), is(true)); for (item = dl.first(); item != null; item = dl.next(item)) { diff --git a/cadi/core/.gitignore b/cadi/core/.gitignore index 6028f0a5..112dedb3 100644 --- a/cadi/core/.gitignore +++ b/cadi/core/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/cadi/core/pom.xml b/cadi/core/pom.xml index 36e54093..1dc419aa 100644 --- a/cadi/core/pom.xml +++ b/cadi/core/pom.xml @@ -16,7 +16,7 @@ org.onap.aaf.authz cadiparent .. - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT 4.0.0 diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java index 26c33c84..3827aed0 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java @@ -25,6 +25,12 @@ import java.nio.ByteBuffer; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +/** + * + * + * @author Jonathan + * + */ public class Hash { private static char hexDigit[] = "0123456789abcdef".toCharArray(); @@ -149,6 +155,10 @@ public class Hash { return compare; } + /** + * @param ba + * @return + */ public static String toHexNo0x(byte[] ba) { StringBuilder sb = new StringBuilder(); for (byte b : ba) { @@ -158,6 +168,10 @@ public class Hash { return sb.toString(); } + /** + * @param ba + * @return + */ public static String toHex(byte[] ba) { StringBuilder sb = new StringBuilder("0x"); for (byte b : ba) { @@ -177,14 +191,17 @@ public class Hash { } - public static byte[] fromHex(String s) throws CadiException{ - if (!s.startsWith("0x")) { - throw new CadiException("HexString must start with \"0x\""); - } - boolean high = true; - int c; + public static byte[] fromHex(String s) { + if(!s.startsWith("0x")) { + return fromHexNo0x(s); + } byte b; - byte[] ba = new byte[(s.length()-2)/2]; + int c; + byte[] ba; + int extra = s.length()%2; // odd requires extra + ba = new byte[(s.length()-2)/2 + extra]; + boolean high = extra==0; + int idx; for (int i=2;i=0x41 && c<=0x46) { b=(byte)(c-0x37); } else { - throw new CadiException("Invalid char '" + c + "' in HexString"); + return null; } - idx = (i-2)/2; + idx = (i-2+extra)/2; if (high) { ba[idx]=(byte)(b<<4); high = false; @@ -208,7 +225,7 @@ public class Hash { } return ba; } - + /** * Does not expect to start with "0x" * if Any Character doesn't match, it returns null; @@ -217,23 +234,16 @@ public class Hash { * @return */ public static byte[] fromHexNo0x(String s) { - int c; byte b; + int c; byte[] ba; - boolean high; - int start; - if (s.length()%2==0) { - ba = new byte[s.length()/2]; - high=true; - start=0; - } else { - ba = new byte[(s.length()/2)+1]; - high = false; - start=1; - } + int extra = s.length()%2; // odd requires extra byte to store + ba = new byte[(s.length())/2 + extra]; + boolean high = extra==0; + int idx; - for (int i=start;i=0x30 && c<=0x39) { b=(byte)(c-0x30); } else if (c>=0x61 && c<=0x66) { @@ -243,7 +253,7 @@ public class Hash { } else { return null; } - idx = i/2; + idx = (i+extra)/2; if (high) { ba[idx]=(byte)(b<<4); high = false; @@ -254,5 +264,4 @@ public class Hash { } return ba; } - } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 2bea195e..c4e80cfc 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -62,8 +62,8 @@ import org.onap.aaf.cadi.util.FixURIinfo; import org.onap.aaf.cadi.util.Split; /** - * Create a Consistent Configuration mechanism, even when configuration styles are as vastly different as - * Properties vs JavaBeans vs FilterConfigs... + * Create a Consistent Configuration mechanism, even when configuration styles + * are as vastly different as Properties vs JavaBeans vs FilterConfigs... * * @author Jonathan * @@ -71,18 +71,19 @@ import org.onap.aaf.cadi.util.Split; public class Config { private static final String AAF_V2_0 = "org.onap.aaf.cadi.aaf.v2_0"; - private static final String AAF_V2_0_AAFCON = AAF_V2_0+".AAFCon"; - private static final String AAF_V2_0_AAF_LUR_PERM = AAF_V2_0+".AAFLurPerm"; - public static final String AAF_V2_0_AAF_CON_HTTP = AAF_V2_0+".AAFConHttp"; + private static final String AAF_V2_0_AAFCON = AAF_V2_0 + ".AAFCon"; + private static final String AAF_V2_0_AAF_LUR_PERM = AAF_V2_0 + ".AAFLurPerm"; + public static final String AAF_V2_0_AAF_CON_HTTP = AAF_V2_0 + ".AAFConHttp"; private static final String OAUTH = "org.onap.auth.oauth"; - private static final String OAUTH_TOKEN_MGR = OAUTH+".TokenMgr"; - private static final String OAUTH_HTTP_TAF = OAUTH+".OAuth2HttpTaf"; - private static final String OAUTH_DIRECT_TAF = OAUTH+".OAuthDirectTAF"; + private static final String OAUTH_TOKEN_MGR = OAUTH + ".TokenMgr"; + private static final String OAUTH_HTTP_TAF = OAUTH + ".OAuth2HttpTaf"; + private static final String OAUTH_DIRECT_TAF = OAUTH + ".OAuthDirectTAF"; public static final String UTF_8 = "UTF-8"; // Property Names associated with configurations. - // As of 1.0.2, these have had the dots removed so as to be compatible with JavaBean style + // As of 1.0.2, these have had the dots removed so as to be compatible with + // JavaBean style // configurations as well as property list style. public static final String HOSTNAME = "hostname"; public static final String CADI_PROP_FILES = "cadi_prop_files"; // Additional Properties files (separate with ;) @@ -90,9 +91,9 @@ public class Config { public static final String CADI_LOGDIR = "cadi_log_dir"; public static final String CADI_ETCDIR = "cadi_etc_dir"; public static final String CADI_LOGNAME = "cadi_logname"; -// public static final String CADI_LOGFMT="cad_logging_format"; -// public static final String CADI_LOGFMT_UTC="UTC"; -// public static final String CADI_LOGFMT_ISO8601="ISO-8601"; + // public static final String CADI_LOGFMT="cad_logging_format"; + // public static final String CADI_LOGFMT_UTC="UTC"; + // public static final String CADI_LOGFMT_ISO8601="ISO-8601"; public static final String CADI_KEYFILE = "cadi_keyfile"; public static final String CADI_KEYSTORE = "cadi_keystore"; public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password"; @@ -102,13 +103,13 @@ public class Config { public static final String CADI_LATITUDE = "cadi_latitude"; public static final String CADI_LONGITUDE = "cadi_longitude"; - public static final String CADI_KEY_PASSWORD = "cadi_key_password"; public static final String CADI_TRUSTSTORE = "cadi_truststore"; public static final String CADI_TRUSTSTORE_PASSWORD = "cadi_truststore_password"; public static final String CADI_X509_ISSUERS = "cadi_x509_issuers"; - public static final String CADI_TRUST_MASKS="cadi_trust_masks"; - public static final String CADI_TRUST_PERM="cadi_trust_perm"; // IDs with this perm can utilize the "AS " user concept + public static final String CADI_TRUST_MASKS = "cadi_trust_masks"; + public static final String CADI_TRUST_PERM = "cadi_trust_perm"; // IDs with this perm can utilize the "AS " user + // concept public static final String CADI_PROTOCOLS = "cadi_protocols"; public static final String CADI_NOAUTHN = "cadi_noauthn"; public static final String CADI_LOC_LIST = "cadi_loc_list"; @@ -122,54 +123,56 @@ public class Config { public static final String CADI_USER_CHAIN_TAG = "cadi_user_chain"; public static final String CADI_USER_CHAIN = "USER_CHAIN"; - public static final String CADI_OAUTH2_URL="cadi_oauth2_url"; + public static final String CADI_OAUTH2_URL = "cadi_oauth2_url"; public static final String CADI_TOKEN_DIR = "cadi_token_dir"; public static final String HTTPS_PROTOCOLS = "https.protocols"; - public static final String HTTPS_CLIENT_PROTOCOLS="jdk.tls.client.protocols"; + public static final String HTTPS_CLIENT_PROTOCOLS = "jdk.tls.client.protocols"; public static final String HTTPS_PROTOCOLS_DEFAULT = "TLSv1.1,TLSv1.2"; public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites"; - public static final String HTTPS_CIPHER_SUITES_DEFAULT="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + public static final String HTTPS_CIPHER_SUITES_DEFAULT = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA," + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA," + "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; - public static final String LOCALHOST_ALLOW = "localhost_allow"; public static final String LOCALHOST_DENY = "localhost_deny"; - public static final String BASIC_REALM = "basic_realm"; // what is sent to the client - public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel + public static final String BASIC_REALM = "basic_realm"; // what is sent to the client + public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel public static final String USERS = "local_users"; public static final String GROUPS = "local_groups"; public static final String WRITE_TO = "local_writeto"; // dump RBAC to local file in Tomcat Style (some apps use) - public static final String OAUTH_CLIENT_ID="client_id"; - public static final String OAUTH_CLIENT_SECRET="client_secret"; + public static final String OAUTH_CLIENT_ID = "client_id"; + public static final String OAUTH_CLIENT_SECRET = "client_secret"; public static final String AAF_ENV = "aaf_env"; public static final String AAF_ROOT_NS = "aaf_root_ns"; public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf"; public static final String AAF_ROOT_COMPANY = "aaf_root_company"; /** - * Use Config.getAAFLocateUrl(access) to get correct property in/out of container + * Use Config.getAAFLocateUrl(access) to get correct property in/out of + * container */ - public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator + public static final String AAF_LOCATE_URL = "aaf_locate_url"; // URL for AAF locator public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables. public static final String AAF_DEFAULT_API_VERSION = "2.1"; - public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version"; + public static final String AAF_DEPLOYED_VERSION = "aaf_deployed_version"; public static final String AAF_API_VERSION = "aaf_api_version"; - public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration + public static final String AAF_URL = "aaf_url"; // URL for AAF... Use to trigger AAF configuration public static final String AAF_LOCATOR_CLASS = "aaf_locator_class"; - // AAF Locator Entries are ADDITIONAL entries, which also gives the Property ability + // AAF Locator Entries are ADDITIONAL entries, which also gives the Property + // ability // to set these entries manually // example: adding a K8S name like "oom" // this will allow Registrations to pick up // locator_ns.oom for onap's "OOM" based k8s entries, etc. - public static final String AAF_LOCATOR_CONTAINER="aaf_locator_container"; - // An ID for another Container, to be used to avoid picking up the wrong internal info + public static final String AAF_LOCATOR_CONTAINER = "aaf_locator_container"; + // An ID for another Container, to be used to avoid picking up the wrong + // internal info // for another container. public static final String AAF_LOCATOR_CONTAINER_ID = "aaf_locator_container_id"; public static final String AAF_LOCATOR_CONTAINER_NS = "aaf_locator_container_ns"; @@ -186,8 +189,8 @@ public class Config { // AAF Service will write to the Audit Log if a past due AAF stored Password // is being used within # of days specified. - public static final String AAF_CRED_WARN_DAYS="aaf_cred_warn_days"; - public static final String AAF_CRED_WARN_DAYS_DFT="7"; + public static final String AAF_CRED_WARN_DAYS = "aaf_cred_warn_days"; + public static final String AAF_CRED_WARN_DAYS_DFT = "7"; public static final String AAF_APPID = "aaf_id"; public static final String AAF_APPPASS = "aaf_password"; @@ -202,6 +205,8 @@ public class Config { // Default Classes: These are for Class loading to avoid direct compile links public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf"; public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator"; + public static final String AAF_LOCATOR_CLASS_SINGLE = "org.onap.aaf.cadi.locator.SingleEndpointLocator"; + public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur"; public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf"; public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon"; @@ -218,23 +223,25 @@ public class Config { public static final String AAF_HIGH_COUNT = "aaf_high_count"; public static final String AAF_HIGH_COUNT_DEF = "1000"; // Default is 1000 entries public static final String AAF_PERM_MAP = "aaf_perm_map"; -// public static final String AAF_COMPONENT = "aaf_component"; + // public static final String AAF_COMPONENT = "aaf_component"; public static final String AAF_CERT_IDS = "aaf_cert_ids"; public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only. public static final String AAF_URL_OAUTH = "aaf_url_oauth"; - public static final String AAF_URL_GUI="aaf_url_gui"; - public static final String AAF_URL_FS="aaf_url_fs"; + public static final String AAF_URL_GUI = "aaf_url_gui"; + public static final String AAF_URL_FS = "aaf_url_fs"; public static final String AAF_URL_CM = "aaf_url_cm"; - public static final String AAF_URL_CM_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:"+AAF_DEFAULT_API_VERSION; + public static final String AAF_URL_CM_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_API_VERSION; public static final String AAF_URL_HELLO = "aaf_url_hello"; public static final String CM_TRUSTED_CAS = "cm_trusted_cas"; - // let NS Owners choose with .certman aaf ignoreIPs" to ignoreIP Check for Configs + // let NS Owners choose with .certman aaf ignoreIPs" to ignoreIP Check for + // Configs // Probably only want to allow in a DEV Env. - public static final String CM_ALLOW_IGNORE_IPS="cm_allow_ignore_ips"; - // Docker doesn't have a default DNS. The property turns off IP Checking of DNSs before creating. - public static final String CM_ALWAYS_IGNORE_IPS="cm_always_ignore_ips"; + public static final String CM_ALLOW_IGNORE_IPS = "cm_allow_ignore_ips"; + // Docker doesn't have a default DNS. The property turns off IP Checking of DNSs + // before creating. + public static final String CM_ALWAYS_IGNORE_IPS = "cm_always_ignore_ips"; public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern"; public static final String PATHFILTER_STACK = "pathfilter_stack"; @@ -243,7 +250,7 @@ public class Config { // This one should go unpublic public static final String AAF_DEFAULT_REALM = "aaf_default_realm"; - private static String defaultRealm="none"; + private static String defaultRealm = "people.osaaf.org"; public static final String AAF_DOMAIN_SUPPORT = "aaf_domain_support"; public static final String AAF_DOMAIN_SUPPORT_DEF = ".com:.org"; @@ -257,22 +264,18 @@ public class Config { public static final String AAF_ALT_CLIENT_ID = "aaf_alt_oauth2_client_id"; public static final String AAF_ALT_CLIENT_SECRET = "aaf_alt_oauth2_client_secret"; public static final String AAF_OAUTH2_HELLO_URL = "aaf_oauth2_hello_url"; - - - + public static void setDefaultRealm(Access access) { try { - defaultRealm = logProp(access,Config.AAF_DEFAULT_REALM, - logProp(access,Config.BASIC_REALM, - logProp(access,HOSTNAME,InetAddress.getLocalHost().getHostName()) - ) - ); + defaultRealm = logProp(access, Config.AAF_DEFAULT_REALM, logProp(access, Config.BASIC_REALM, + logProp(access, HOSTNAME, InetAddress.getLocalHost().getHostName()))); } catch (UnknownHostException e) { - access.log(Level.INIT, "Unable to determine Hostname",e); + access.log(Level.INIT, "Unable to determine Hostname", e); } } - public static HttpTaf configHttpTaf(Connector con, SecurityInfoC si, TrustChecker tc, CredVal up, Lur lur, Object ... additionalTafLurs) throws CadiException, LocatorException { + public static HttpTaf configHttpTaf(Connector con, SecurityInfoC si, TrustChecker tc, CredVal up, + Lur lur, Object... additionalTafLurs) throws CadiException, LocatorException { Access access = si.access; RegistrationPropHolder rph; try { @@ -283,9 +286,9 @@ public class Config { ///////////////////////////////////////////////////// // Setup AAFCon for any following ///////////////////////////////////////////////////// - Class aafConClass = loadClass(access,CADI_AAF_CON_DEF); + Class aafConClass = loadClass(access, CADI_AAF_CON_DEF); Object aafcon = null; - if (con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) { + if (con != null && aafConClass != null && aafConClass.isAssignableFrom(con.getClass())) { aafcon = con; } else if (lur != null) { Field f; @@ -297,25 +300,26 @@ public class Config { } } - boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs); - // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL - String aafURL = logProp(rph, AAF_URL,null); - if (!hasDirectAAF && aafcon==null && aafURL!=null) { + boolean hasDirectAAF = hasDirect("DirectAAFLur", additionalTafLurs); + // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL + String aafURL = logProp(rph, AAF_URL, null); + if (!hasDirectAAF && aafcon == null && aafURL != null) { aafcon = loadAAFConnector(si, aafURL); } HttpTaf taf; - // Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, etc) - String hostname = logProp(access, HOSTNAME,null); - if (hostname==null) { + // Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, + // etc) + String hostname = logProp(access, HOSTNAME, null); + if (hostname == null) { try { hostname = InetAddress.getLocalHost().getHostName(); } catch (UnknownHostException e1) { - throw new CadiException("Unable to determine Hostname",e1); + throw new CadiException("Unable to determine Hostname", e1); } } - access.log(Level.INIT, "Hostname set to",hostname); + access.log(Level.INIT, "Hostname set to", hostname); // Get appropriate TAFs ArrayList> htlist = new ArrayList<>(); @@ -324,126 +328,148 @@ public class Config { // Note: how IPs and IDs are added are up to service type. // They call "DenialOfServiceTaf.denyIP(String) or denyID(String) ///////////////////////////////////////////////////// - htlist.add(new Priori(new DenialOfServiceTaf(access),0)); + htlist.add(new Priori(new DenialOfServiceTaf(access), 0)); ///////////////////////////////////////////////////// // Configure Client Cert TAF ///////////////////////////////////////////////////// X509Taf x509TAF = null; - String truststore = logProp(access, CADI_TRUSTSTORE,null); - if (truststore!=null) { - String truststorePwd = access.getProperty(CADI_TRUSTSTORE_PASSWORD,null); - if (truststorePwd!=null) { + String truststore = logProp(access, CADI_TRUSTSTORE, null); + if (truststore != null) { + String truststorePwd = access.getProperty(CADI_TRUSTSTORE_PASSWORD, null); + if (truststorePwd != null) { if (truststorePwd.startsWith(Symm.ENC)) { try { - access.decrypt(truststorePwd,false); + access.decrypt(truststorePwd, false); } catch (IOException e) { - throw new CadiException(CADI_TRUSTSTORE_PASSWORD + " cannot be decrypted",e); + throw new CadiException(CADI_TRUSTSTORE_PASSWORD + " cannot be decrypted", e); } } try { - x509TAF=new X509Taf(access,lur); - htlist.add(new Priori(x509TAF,10)); - access.log(Level.INIT,"Certificate Authorization enabled"); + x509TAF = new X509Taf(access, lur); + htlist.add(new Priori(x509TAF, 10)); + access.log(Level.INIT, "Certificate Authorization enabled"); } catch (SecurityException | IllegalArgumentException e) { - access.log(Level.INIT,"AAFListedCertIdentity cannot be instantiated. Certificate Authorization is now disabled",e); + access.log(Level.INIT, + "AAFListedCertIdentity cannot be instantiated. Certificate Authorization is now disabled", + e); } catch (CertificateException e) { - access.log(Level.INIT,"Certificate Authorization failed, it is disabled",e); + access.log(Level.INIT, "Certificate Authorization failed, it is disabled", e); } catch (NoSuchAlgorithmException e) { - access.log(Level.INIT,"Certificate Authorization failed, wrong Security Algorithm",e); + access.log(Level.INIT, "Certificate Authorization failed, wrong Security Algorithm", e); } } } else { - access.log(Level.INIT,"Certificate Authorization not enabled"); + access.log(Level.INIT, "Certificate Authorization not enabled"); } ///////////////////////////////////////////////////// // Configure Basic Auth (local content) ///////////////////////////////////////////////////// boolean hasOAuthDirectTAF = hasDirect("DirectOAuthTAF", additionalTafLurs); - String basicRealm = logProp(access, BASIC_REALM,null); - String aafCleanup = logProp(access, AAF_USER_EXPIRES,AAF_USER_EXPIRES_DEF); // Default is 10 mins + String basicRealm = logProp(access, BASIC_REALM, null); + String aafCleanup = logProp(access, AAF_USER_EXPIRES, AAF_USER_EXPIRES_DEF); // Default is 10 mins long userExp = Long.parseLong(aafCleanup); - boolean basicWarn = "TRUE".equals(access.getProperty(BASIC_WARN,"FALSE")); + boolean basicWarn = "TRUE".equals(access.getProperty(BASIC_WARN, "FALSE")); if (!hasDirectAAF) { - HttpTaf aaftaf=null; + HttpTaf aaftaf = null; if (!hasOAuthDirectTAF) { - if (basicRealm!=null) { + if (basicRealm != null) { @SuppressWarnings("unchecked") - Class obasicCls = (Class)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF); - if (obasicCls!=null) { + Class obasicCls = (Class) loadClass(access, CADI_OBASIC_HTTP_TAF_DEF); + if (obasicCls != null) { try { - String tokenurl = logProp(rph,Config.AAF_OAUTH2_TOKEN_URL, null); - String introspecturl = logProp(rph,Config.AAF_OAUTH2_INTROSPECT_URL, null); - if (tokenurl==null || introspecturl==null) { - access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled."); + String tokenurl = logProp(rph, Config.AAF_OAUTH2_TOKEN_URL, null); + String introspecturl = logProp(rph, Config.AAF_OAUTH2_INTROSPECT_URL, null); + if (tokenurl == null || introspecturl == null) { + access.log(Level.INIT, + "Both tokenurl and introspecturl are required. Oauth Authorization is disabled."); + } else { + // try to construct the TAF instance. Try without the CredVal first (original code), change + // to try with a CredVal paramater if it fails as the newer ONAP code contains this in the OBasicHttpTaf constructor + System.out.println("TokenURL="+ tokenurl + "; IntrospectURL="+introspecturl); + Constructor obasicConst = null; + try { + obasicConst = obasicCls.getConstructor(PropAccess.class, String.class, + String.class, String.class); + htlist.add(new Priori( + obasicConst.newInstance(access, basicRealm, tokenurl, introspecturl), 20)); + } catch (Exception e) { + obasicConst = obasicCls.getConstructor(PropAccess.class, CredVal.class, String.class, String.class, String.class); + htlist.add(new Priori( + obasicConst.newInstance(access, up, basicRealm, tokenurl, introspecturl), 20)); + } + + access.log(Level.INIT, "Oauth supported Basic Authorization is enabled"); } - Constructor obasicConst = obasicCls.getConstructor(PropAccess.class,String.class, String.class, String.class); - htlist.add(new Priori(obasicConst.newInstance(access,basicRealm,tokenurl,introspecturl),20)); - access.log(Level.INIT,"Oauth supported Basic Authorization is enabled"); - } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + } catch (NoSuchMethodException | SecurityException | InstantiationException + | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { access.log(Level.INIT, e); } - } else if (up!=null) { - access.log(Level.INIT,"Basic Authorization is enabled using realm",basicRealm); + } else if (up != null) { + access.log(Level.INIT, "Basic Authorization is enabled using realm", basicRealm); // Allow warning about insecure channel to be turned off if (!basicWarn) { access.log(Level.INIT, "WARNING! The basicWarn property has been set to false.", - " There will be no additional warning if Basic Auth is used on an insecure channel"); + " There will be no additional warning if Basic Auth is used on an insecure channel"); } BasicHttpTaf bht = new BasicHttpTaf(access, up, basicRealm, userExp, basicWarn); for (Object o : additionalTafLurs) { if (o instanceof CredValDomain) { - bht.add((CredValDomain)o); + bht.add((CredValDomain) o); } } - if (x509TAF!=null) { + if (x509TAF != null) { x509TAF.add(bht); } - htlist.add(new Priori(bht,20)); - access.log(Level.INIT,"Basic Authorization is enabled"); + htlist.add(new Priori(bht, 20)); + access.log(Level.INIT, "Basic Authorization is enabled"); } } else { - access.log(Level.INIT,"Local Basic Authorization is disabled. Enable by setting basicRealm="); + access.log(Level.INIT, + "Local Basic Authorization is disabled. Enable by setting basicRealm="); } ///////////////////////////////////////////////////// // Configure AAF Driven Basic Auth ///////////////////////////////////////////////////// - if (aafcon==null) { - access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF"); - } else if (aafURL==null) { - access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF"); + if (aafcon == null) { + access.log(Level.INIT, "AAF Connection (AAFcon) is null. Cannot create an AAF TAF"); + } else if (aafURL == null) { + access.log(Level.INIT, "No AAF URL in properties, Cannot create an AAF TAF"); } else {// There's an AAF_URL... try to configure an AAF - String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF); + String aafTafClassName = logProp(access, AAF_TAF_CLASS, AAF_TAF_CLASS_DEF); // Only 2.0 available at this time if (AAF_TAF_CLASS_DEF.equals(aafTafClassName)) { try { - Class aafTafClass = loadClass(access,aafTafClassName); - if (aafTafClass!=null) { - Constructor cstr = aafTafClass.getConstructor(Connector.class,boolean.class,AbsUserCache.class); - if (cstr!=null) { + Class aafTafClass = loadClass(access, aafTafClassName); + if (aafTafClass != null) { + Constructor cstr = aafTafClass.getConstructor(Connector.class, boolean.class, + AbsUserCache.class); + if (cstr != null) { if (lur instanceof AbsUserCache) { - aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn,lur); + aaftaf = (HttpTaf) cstr.newInstance(aafcon, basicWarn, lur); } else { - cstr = aafTafClass.getConstructor(Connector.class,boolean.class); - if (cstr!=null) { - aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn); + cstr = aafTafClass.getConstructor(Connector.class, boolean.class); + if (cstr != null) { + aaftaf = (HttpTaf) cstr.newInstance(aafcon, basicWarn); } } - if (aaftaf==null) { - access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured"); + if (aaftaf == null) { + access.log(Level.INIT, "ERROR! AAF TAF Failed construction. NOT Configured"); } else { - access.log(Level.INIT,"AAF TAF Configured to ",aafURL); + access.log(Level.INIT, "AAF TAF Configured to ", aafURL); // Note: will add later, after all others configured } } } else { - access.log(Level.INIT, "There is no AAF TAF class available: %s. AAF TAF not configured.",aafTafClassName); + access.log(Level.INIT, + "There is no AAF TAF class available: %s. AAF TAF not configured.", + aafTafClassName); } } catch (Exception e) { - access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured",e); + access.log(Level.INIT, "ERROR! AAF TAF Failed construction. NOT Configured", e); } } } @@ -453,7 +479,7 @@ public class Config { // Configure OAuth TAF ///////////////////////////////////////////////////// if (!hasOAuthDirectTAF) { - String oauthTokenUrl = logProp(rph,Config.AAF_OAUTH2_TOKEN_URL,null); + String oauthTokenUrl = logProp(rph, Config.AAF_OAUTH2_TOKEN_URL, null); Class oadtClss; try { oadtClss = Class.forName(OAUTH_DIRECT_TAF); @@ -461,34 +487,38 @@ public class Config { oadtClss = null; access.log(Level.DEBUG, e1); } - if (additionalTafLurs!=null && additionalTafLurs.length>0 && (oadtClss!=null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) { - htlist.add(new Priori((HttpTaf)additionalTafLurs[0],30)); - String[] array= new String[additionalTafLurs.length-1]; - if (array.length>0) { + if (additionalTafLurs != null && additionalTafLurs.length > 0 + && (oadtClss != null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) { + htlist.add(new Priori((HttpTaf) additionalTafLurs[0], 30)); + String[] array = new String[additionalTafLurs.length - 1]; + if (array.length > 0) { System.arraycopy(htlist, 1, array, 0, array.length); } additionalTafLurs = array; - access.log(Level.INIT,"OAuth2 Direct is enabled"); - } else if (oauthTokenUrl!=null) { - String oauthIntrospectUrl = logProp(rph,Config.AAF_OAUTH2_INTROSPECT_URL,null); + access.log(Level.INIT, "OAuth2 Direct is enabled"); + } else if (oauthTokenUrl != null) { + String oauthIntrospectUrl = logProp(rph, Config.AAF_OAUTH2_INTROSPECT_URL, null); @SuppressWarnings("unchecked") - Class oaTCls = (Class)loadClass(access,OAUTH_HTTP_TAF); - if (oaTCls!=null) { + Class oaTCls = (Class) loadClass(access, OAUTH_HTTP_TAF); + if (oaTCls != null) { Class oaTTmgrCls = loadClass(access, OAUTH_TOKEN_MGR); - if (oaTTmgrCls!=null) { + if (oaTTmgrCls != null) { try { - Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance",PropAccess.class,String.class,String.class); - Object oaTTmgr = oaTTmgrGI.invoke(null /*this is static method*/,access,oauthTokenUrl,oauthIntrospectUrl); - Constructor oaTConst = oaTCls.getConstructor(Access.class,oaTTmgrCls); - htlist.add(new Priori(oaTConst.newInstance(access,oaTTmgr),30)); - access.log(Level.INIT,"OAuth2 TAF is enabled"); - } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | InstantiationException e) { - access.log(Level.INIT,"OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled",e); + Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance", PropAccess.class, String.class, + String.class); + Object oaTTmgr = oaTTmgrGI.invoke(null /* this is static method */, access, + oauthTokenUrl, oauthIntrospectUrl); + Constructor oaTConst = oaTCls.getConstructor(Access.class, oaTTmgrCls); + htlist.add(new Priori(oaTConst.newInstance(access, oaTTmgr), 30)); + access.log(Level.INIT, "OAuth2 TAF is enabled"); + } catch (NoSuchMethodException | SecurityException | IllegalAccessException + | IllegalArgumentException | InvocationTargetException | InstantiationException e) { + access.log(Level.INIT, "OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled", e); } } } } else { - access.log(Level.INIT,"OAuth TAF is not configured"); + access.log(Level.INIT, "OAuth TAF is not configured"); } } @@ -496,30 +526,30 @@ public class Config { // Adding BasicAuth (AAF) last, after other primary Cookie Based // Needs to be before Cert... see below ///////////////////////////////////////////////////// - if (aaftaf!=null) { - htlist.add(new Priori(aaftaf,40)); + if (aaftaf != null) { + htlist.add(new Priori(aaftaf, 40)); } } ///////////////////////////////////////////////////// // Any Additional Tafs passed in Constructor ///////////////////////////////////////////////////// - if (additionalTafLurs!=null) { - int i=0; + if (additionalTafLurs != null) { + int i = 0; for (Object additional : additionalTafLurs) { if (additional instanceof BasicHttpTaf) { - BasicHttpTaf ht = (BasicHttpTaf)additional; + BasicHttpTaf ht = (BasicHttpTaf) additional; for (Object cv : additionalTafLurs) { if (cv instanceof CredValDomain) { - ht.add((CredValDomain)cv); - access.printf(Level.INIT,"%s Authentication is enabled",cv); + ht.add((CredValDomain) cv); + access.printf(Level.INIT, "%s Authentication is enabled", cv); } } - htlist.add(new Priori(ht,50+i++)); + htlist.add(new Priori(ht, 50 + i++)); } else if (additional instanceof HttpTaf) { - HttpTaf ht = (HttpTaf)additional; - htlist.add(new Priori(ht,50+i++)); - access.printf(Level.INIT,"%s Authentication is enabled",additional.getClass().getSimpleName()); + HttpTaf ht = (HttpTaf) additional; + htlist.add(new Priori(ht, 50 + i++)); + access.printf(Level.INIT, "%s Authentication is enabled", additional.getClass().getSimpleName()); } else if (hasOAuthDirectTAF) { Class daupCls; try { @@ -529,18 +559,21 @@ public class Config { access.log(Level.INIT, e); } if (daupCls != null && additional.getClass().isAssignableFrom(daupCls)) { - htlist.add(new Priori(new BasicHttpTaf(access, (CredVal)additional , basicRealm, userExp, basicWarn),50+i++)); - access.printf(Level.INIT,"Direct BasicAuth Authentication is enabled",additional.getClass().getSimpleName()); + htlist.add(new Priori( + new BasicHttpTaf(access, (CredVal) additional, basicRealm, userExp, basicWarn), + 50 + i++)); + access.printf(Level.INIT, "Direct BasicAuth Authentication is enabled", + additional.getClass().getSimpleName()); } } } } // Add BasicAuth, if any, to x509Taf - if (x509TAF!=null) { - for ( Priori ht : htlist) { + if (x509TAF != null) { + for (Priori ht : htlist) { if (ht.t instanceof BasicHttpTaf) { - x509TAF.add((BasicHttpTaf)ht.t); + x509TAF.add((BasicHttpTaf) ht.t); } } } @@ -553,15 +586,15 @@ public class Config { ///////////////////////////////////////////////////// // Create EpiTaf from configured TAFs ///////////////////////////////////////////////////// - if (htlist.size()==1) { + if (htlist.size() == 1) { // just return the one taf = htlist.get(0).t; } else { Collections.sort(htlist); HttpTaf[] htarray = new HttpTaf[htlist.size()]; - int i=-1; + int i = -1; StringBuilder sb = new StringBuilder("Tafs processed in this order:\n"); - for(Priori pht : htlist) { + for (Priori pht : htlist) { htarray[++i] = pht.t; sb.append(" "); sb.append(pht.t.getClass().getName()); @@ -573,9 +606,9 @@ public class Config { Locator locator = loadLocator(si, aafURL); - taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null + taf = new HttpEpiTaf(access, locator, tc, htarray); // ok to pass locator == null String level = logProp(access, CADI_LOGLEVEL, null); - if (level!=null) { + if (level != null) { access.setLogLevel(Level.valueOf(level)); } } @@ -586,26 +619,27 @@ public class Config { public static String logProp(RegistrationPropHolder rph, String tag, String def) { String rv = rph.access().getProperty(tag, def); if (rv == null) { - rph.access().log(Level.INIT,tag,"is not explicitly set"); + rph.access().log(Level.INIT, tag, "is not explicitly set"); } else { - rv = rph.replacements("Config.logProp",rv, null, null); - rph.access().log(Level.INIT,tag,"is set to",rv); + rv = rph.replacements("Config.logProp", rv, null, null); + rph.access().log(Level.INIT, tag, "is set to", rv); } return rv; } - public static String logProp(Access access,String tag, String def) { + public static String logProp(Access access, String tag, String def) { String rv = access.getProperty(tag, def); if (rv == null) { - access.log(Level.INIT,tag,"is not explicitly set"); + access.log(Level.INIT, tag, "is not explicitly set"); } else { - access.log(Level.INIT,tag,"is set to",rv); + access.log(Level.INIT, tag, "is set to", rv); } return rv; } - public static Lur configLur(SecurityInfoC si, Connector con, Object ... additionalTafLurs) throws CadiException { + public static Lur configLur(SecurityInfoC si, Connector con, Object... additionalTafLurs) + throws CadiException { Access access = si.access; RegistrationPropHolder rph; try { @@ -620,18 +654,18 @@ public class Config { // Configure a Local Property Based RBAC/LUR ///////////////////////////////////////////////////// try { - String users = access.getProperty(USERS,null); - String groups = access.getProperty(GROUPS,null); + String users = access.getProperty(USERS, null); + String groups = access.getProperty(GROUPS, null); - if (groups!=null || users!=null) { - LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption. - lurs.add(new Priori(ll,10)); + if (groups != null || users != null) { + LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption. + lurs.add(new Priori(ll, 10)); - String writeto = access.getProperty(WRITE_TO,null); - if (writeto!=null) { + String writeto = access.getProperty(WRITE_TO, null); + if (writeto != null) { String msg = UsersDump.updateUsers(writeto, ll); - if (msg!=null) { - access.log(Level.INIT,"ERROR! Error Updating ",writeto,"with roles and users:",msg); + if (msg != null) { + access.log(Level.INIT, "ERROR! Error Updating ", writeto, "with roles and users:", msg); } } } @@ -642,83 +676,86 @@ public class Config { ///////////////////////////////////////////////////// // Configure the OAuth Lur (if any) ///////////////////////////////////////////////////// - String tokenUrl = logProp(rph,AAF_OAUTH2_TOKEN_URL, null); - String introspectUrl = logProp(rph,AAF_OAUTH2_INTROSPECT_URL, null); - if (tokenUrl!=null && introspectUrl !=null) { + String tokenUrl = logProp(rph, AAF_OAUTH2_TOKEN_URL, null); + String introspectUrl = logProp(rph, AAF_OAUTH2_INTROSPECT_URL, null); + if (tokenUrl != null && introspectUrl != null) { try { Class olurCls = loadClass(access, CADI_OLUR_CLASS_DEF); - if (olurCls!=null) { - Constructor olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class); - Lur olur = (Lur)olurCnst.newInstance(access,tokenUrl,introspectUrl); - lurs.add(new Priori(olur,20)); + if (olurCls != null) { + Constructor olurCnst = olurCls.getConstructor(PropAccess.class, String.class, String.class); + Lur olur = (Lur) olurCnst.newInstance(access, tokenUrl, introspectUrl); + lurs.add(new Priori(olur, 20)); access.log(Level.INIT, "OAuth2 LUR enabled"); } else { - access.log(Level.INIT,"AAF/OAuth LUR plugin is not available."); + access.log(Level.INIT, "AAF/OAuth LUR plugin is not available."); } - } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException + | IllegalArgumentException | InvocationTargetException e) { String msg = e.getMessage(); - if (msg==null && e.getCause()!=null) { + if (msg == null && e.getCause() != null) { msg = e.getCause().getMessage(); } - access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg,e); + access.log(Level.INIT, "AAF/OAuth LUR is not instantiated.", msg, e); } } else { access.log(Level.INIT, "OAuth2 Lur disabled"); } - if (con!=null) { // try to reutilize connector - lurs.add(new Priori(con.newLur(),30)); + if (con != null) { // try to reutilize connector + lurs.add(new Priori(con.newLur(), 30)); } else { ///////////////////////////////////////////////////// // Configure the AAF Lur (if any) ///////////////////////////////////////////////////// - String aafURL = logProp(rph,AAF_URL,null); // Trigger Property - String aafEnv = access.getProperty(AAF_ENV,null); - if (aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL + String aafURL = logProp(rph, AAF_URL, null); // Trigger Property + String aafEnv = access.getProperty(AAF_ENV, null); + if (aafEnv == null && aafURL != null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL int ec = aafURL.indexOf("envContext="); - if (ec>0) { + if (ec > 0) { ec += 11; // length of envContext= int slash = aafURL.indexOf('/', ec); - if (slash>0) { + if (slash > 0) { aafEnv = aafURL.substring(ec, slash); - ((PropAccess)access).setProperty(AAF_ENV, aafEnv); - access.printf(Level.INIT, "Setting aafEnv to %s from aaf_url value",aafEnv); + ((PropAccess) access).setProperty(AAF_ENV, aafEnv); + access.printf(Level.INIT, "Setting aafEnv to %s from aaf_url value", aafEnv); } } } // Don't configure AAF if it is using DirectAccess - if (!hasDirect("DirectAAFLur",additionalTafLurs)) { - if (aafURL==null) { - access.log(Level.INIT,"No AAF LUR properties, AAF will not be loaded"); + if (!hasDirect("DirectAAFLur", additionalTafLurs)) { + if (aafURL == null) { + access.log(Level.INIT, "No AAF LUR properties, AAF will not be loaded"); } else {// There's an AAF_URL... try to configure an AAF - String aafLurClassStr = logProp(access,AAF_LUR_CLASS,AAF_V2_0_AAF_LUR_PERM); - ////////////AAF Lur 2.0 ///////////// - if (aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) { + String aafLurClassStr = logProp(access, AAF_LUR_CLASS, AAF_V2_0_AAF_LUR_PERM); + //////////// AAF Lur 2.0 ///////////// + if (aafLurClassStr != null && aafLurClassStr.startsWith(AAF_V2_0)) { try { Object aafcon = loadAAFConnector(si, aafURL); - if (aafcon==null) { - access.log(Level.INIT,"AAF LUR class,",aafLurClassStr,"cannot be constructed without valid AAFCon object."); + if (aafcon == null) { + access.log(Level.INIT, "AAF LUR class,", aafLurClassStr, + "cannot be constructed without valid AAFCon object."); } else { Class aafAbsAAFCon = loadClass(access, AAF_V2_0_AAFCON); - if (aafAbsAAFCon!=null) { + if (aafAbsAAFCon != null) { Method mNewLur = aafAbsAAFCon.getMethod("newLur"); Object aaflur = mNewLur.invoke(aafcon); - if (aaflur==null) { - access.log(Level.INIT,"ERROR! AAF LUR Failed construction. NOT Configured"); + if (aaflur == null) { + access.log(Level.INIT, "ERROR! AAF LUR Failed construction. NOT Configured"); } else { - access.log(Level.INIT,"AAF LUR Configured to ",aafURL); - lurs.add(new Priori((Lur)aaflur,40)); - String debugIDs = logProp(access,Config.AAF_DEBUG_IDS, null); - if (debugIDs !=null && aaflur instanceof CachingLur) { - ((CachingLur)aaflur).setDebug(debugIDs); + access.log(Level.INIT, "AAF LUR Configured to ", aafURL); + lurs.add(new Priori((Lur) aaflur, 40)); + String debugIDs = logProp(access, Config.AAF_DEBUG_IDS, null); + if (debugIDs != null && aaflur instanceof CachingLur) { + ((CachingLur) aaflur).setDebug(debugIDs); } } } } } catch (Exception e) { - access.log(e,"AAF LUR class,",aafLurClassStr,"could not be constructed with given Constructors."); + access.log(e, "AAF LUR class,", aafLurClassStr, + "could not be constructed with given Constructors."); } } } @@ -728,11 +765,11 @@ public class Config { ///////////////////////////////////////////////////// // Any Additional passed in Constructor ///////////////////////////////////////////////////// - if (additionalTafLurs!=null) { - int i=0; + if (additionalTafLurs != null) { + int i = 0; for (Object additional : additionalTafLurs) { if (additional instanceof Lur) { - lurs.add(new Priori((Lur)additional,50+i++)); + lurs.add(new Priori((Lur) additional, 50 + i++)); access.log(Level.INIT, additional); } } @@ -746,9 +783,9 @@ public class Config { ///////////////////////////////////////////////////// // Return a Lur based on how many there are... ///////////////////////////////////////////////////// - switch(lurs.size()) { + switch (lurs.size()) { case 0: - access.log(Level.INIT,"WARNING! No CADI LURs configured"); + access.log(Level.INIT, "WARNING! No CADI LURs configured"); // Return a NULL Lur that does nothing. return new NullLur(); case 1: @@ -757,9 +794,9 @@ public class Config { // Multiple Lurs, use EpiLUR to handle Collections.sort(lurs); Lur[] la = new Lur[lurs.size()]; - int i=-1; + int i = -1; StringBuilder sb = new StringBuilder("Lurs processed in this order:\n"); - for(Priori pht : lurs) { + for (Priori pht : lurs) { la[++i] = pht.t; sb.append(" "); sb.append(pht.t.getClass().getName()); @@ -773,7 +810,7 @@ public class Config { } private static boolean hasDirect(String simpleClassName, Object[] additionalTafLurs) { - if (additionalTafLurs!=null) { + if (additionalTafLurs != null) { for (Object tf : additionalTafLurs) { if (tf.getClass().getSimpleName().equals(simpleClassName)) { return true; @@ -784,13 +821,13 @@ public class Config { } @SuppressWarnings("unchecked") - public static Object loadAAFConnector(SecurityInfoC si, String aafURL) { + public static Object loadAAFConnector(SecurityInfoC si, String aafURL) { Access access = si.access; Object aafcon = null; Class aafConClass = null; try { - if (aafURL!=null) { + if (aafURL != null) { String aafConnector = access.getProperty(AAF_CONNECTOR_CLASS, AAF_V2_0_AAF_CON_HTTP); if (AAF_V2_0_AAF_CON_HTTP.equals(aafConnector)) { aafConClass = loadClass(access, AAF_V2_0_AAF_CON_HTTP); @@ -801,7 +838,7 @@ public class Config { if (pc.equals(Access.class)) { lo.add(access); } else if (pc.equals(Locator.class)) { - lo.add(loadLocator((SecurityInfoC)si, aafURL)); + lo.add(loadLocator((SecurityInfoC) si, aafURL)); } } if (c.getParameterTypes().length != lo.size()) { @@ -835,7 +872,7 @@ public class Config { } public static Class loadClass(Access access, String className) { - Class cls=null; + Class cls = null; try { cls = access.classLoader().loadClass(className); } catch (ClassNotFoundException cnfe) { @@ -851,60 +888,72 @@ public class Config { } @SuppressWarnings("unchecked") - public static Locator loadLocator(SecurityInfoC si, final String _url) throws LocatorException { + public static Locator loadLocator(SecurityInfoC si, final String _url) + throws LocatorException { Access access = si.access; Locator locator = null; - if (_url==null) { - access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled"); + if (_url == null) { + access.log(Level.INIT, "No URL passed to 'loadLocator'. Disabled"); } else { try { Class aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator"); - Method aalMth = aalCls.getMethod("create", String.class,String.class); + Method aalMth = aalCls.getMethod("create", String.class, String.class); int colon = _url.lastIndexOf(':'); - if(colon>=0) { - int slash = _url.indexOf('/',colon); + if (colon >= 0) { + int slash = _url.indexOf('/', colon); String version; - if(slash<0) { - version = _url.substring(colon+1); + if (slash < 0) { + version = _url.substring(colon + 1); } else { - version = _url.substring(colon+1,slash); + version = _url.substring(colon + 1, slash); } - slash = _url.lastIndexOf('/',colon); - if(slash>=0) { - Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version); - return (Locator)aal; + slash = _url.lastIndexOf('/', colon); + if (slash >= 0) { + Object aal = aalMth.invoke(null/* static */, _url.substring(slash + 1, colon), version); + return (Locator) aal; } } - } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException + | IllegalArgumentException | InvocationTargetException e) { String msg; char quote; - if(e.getCause()!=null) { - msg=e.getCause().getMessage(); - quote='"'; + if (e.getCause() != null) { + msg = e.getCause().getMessage(); + quote = '"'; } else { msg = "-"; - quote=' '; + quote = ' '; } - access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote); + access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ", + quote, msg, quote); } -// String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS."); -// String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); + // String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS."); + // String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); String url; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - url = rph.replacements("Config.loadLocator",_url, null, null); - access.printf(Level.INFO, "loadLocator URL is %s",url); + rph = new RegistrationPropHolder(access, 0); + url = rph.replacements("Config.loadLocator", _url, null, null); + access.printf(Level.INFO, "loadLocator URL is %s", url); } catch (UnknownHostException | CadiException e1) { throw new LocatorException(e1); } - String aaf_locator_class; - if(_url.equals(url) && !url.contains("/locate/")) { - aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator"; - } else { + /** + * Simplify logic - if we have a URL with /locate/ in it, we use the default locator. + * If we have an explicitly set locator from configuration, we use that one. + * Otherwise we fall back to the SingleEndpointLocator, basically default normal HTTP client behavior. + */ + String aaf_locator_class = null; + if (url.contains("/locate/")) { aaf_locator_class = AAF_LOCATOR_CLASS_DEF; + } else if (si.access.getProperty(Config.AAF_LOCATOR_CLASS, null) != null) { + aaf_locator_class = si.access.getProperty(Config.AAF_LOCATOR_CLASS, null); + } + if (aaf_locator_class == null) { + aaf_locator_class = Config.AAF_LOCATOR_CLASS_SINGLE; } + try { Class lcls = loadClass(access,aaf_locator_class); if (lcls==null) { @@ -925,9 +974,9 @@ public class Config { int port = fui.getPort(); String portS = port<0?"":(":"+port); - access.log(Level.INFO, "AAFLocator enabled using " + locatorURI.getScheme() +"://"+fui.getHost() + portS); + access.log(Level.INFO, "AAFLocator [" + locator.getClass().getSimpleName() + "] enabled using " + locatorURI.getScheme() +"://"+fui.getHost() + portS); } else { - access.log(Level.INFO, "AAFLocator enabled using preloaded " + locator.getClass().getSimpleName()); + access.log(Level.INFO, "AAFLocator [" + locator.getClass().getSimpleName() + "] enabled using " + url); } } catch (InvocationTargetException e) { if (e.getTargetException() instanceof LocatorException) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java index a2f168a1..31785795 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java @@ -263,6 +263,7 @@ public class CadiFilter implements Filter { float code=0f, validate=0f; String user = "n/a"; String tag = ""; + TafResp tresp = null; try { HttpServletRequest hreq = (HttpServletRequest)request; if (noAuthn(hreq)) { @@ -272,7 +273,7 @@ public class CadiFilter implements Filter { } else { HttpServletResponse hresp = (HttpServletResponse)response; startValidate=System.nanoTime(); - TafResp tresp = httpChecker.validate(hreq, hresp, hreq); + tresp = httpChecker.validate(hreq, hresp, hreq); validate = Timing.millis(startValidate); if (tresp.isAuthenticated()==RESP.IS_AUTHENTICATED) { user = tresp.getPrincipal().personalName(); @@ -288,9 +289,15 @@ public class CadiFilter implements Filter { } catch (ClassCastException e) { throw new ServletException("CadiFilter expects Servlet to be an HTTP Servlet",e); } finally { - access.printf(Level.WARN, "Trans: user=%s[%s],ip=%s,ms=%f,validate=%f,code=%f", - user,tag,request.getRemoteAddr(), - Timing.millis(startAll),validate,code); + if (tresp != null) { + access.printf(Level.INFO, "Trans: user=%s[%s],ip=%s,ms=%f,validate=%f,code=%f,result=%s", + user,tag,request.getRemoteAddr(), + Timing.millis(startAll),validate,code,tresp.isAuthenticated().toString()); + } else { + access.printf(Level.INFO, "Trans: user=%s[%s],ip=%s,ms=%f,validate=%f,code=%f,result=FAIL", + user,tag,request.getRemoteAddr(), + Timing.millis(startAll),validate,code); + } } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java index 3943cdcd..ff282ba9 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java @@ -46,6 +46,15 @@ public class FixURIinfo { } else { host = auth; port = uri.getPort(); + if (port < 1) { + if ("http".equals(uri.getScheme())) { + port = 80; + } else if ("https".equals(uri.getScheme())) { + port = 443; + } else { + throw new RuntimeException ("Invalid scheme provided for URI " + uri); + } + } } auth=null; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Log.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Log.java new file mode 100644 index 00000000..af334e9a --- /dev/null +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Log.java @@ -0,0 +1,37 @@ +/** + * ============LICENSE_START==================================================== + * Log + * =========================================================================== + * Copyright (c) May 11, 2020 Gathman Systems. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + */ +package org.onap.aaf.cadi.util; + +/** + * A basic log interface used to Facade into Log Libraries used locally. + * + * @author Jonathan + * + */ +public interface Log { + enum Type {debug,info,warn,error,trace}; + public void log(Log.Type type, Object ... o); + + public final static Log NULL = new Log() { + @Override + public void log(Log.Type type, Object ... o) { + } + }; +} \ No newline at end of file diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java index 72d09bfe..6980e0aa 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java @@ -65,7 +65,12 @@ public class Pool { * This is a constant which specified the default maximum number of unused * objects to be held at any given time. */ - private static final int MAX_RANGE = 6; // safety + public static final int MAX_RANGE = 6; // safety + + /** + * Maximum objects, in use or waiting + */ + public static final int MAX_OBJECTS = 20; // assumption for thread /** * only Simple List needed. @@ -76,21 +81,30 @@ public class Pool { private LinkedList> list; /** - * keep track of how many elements exist, to avoid asking list. + * keep track of how many elements are currently available to use, to avoid asking list. */ private int count; - + /** - * Spares are those Object that are primed and ready to go. + * how many objects have been asked for, but not returned or tossed */ - private int spares; - + private int used; + /** * Actual MAX number of spares allowed to hang around. Can be set to * something besides the default MAX_RANGE. */ private int max_range = MAX_RANGE; + /** + * Actual MAX number of Objects both in use, or waiting. + * This does not actually affect the Pool, because the objects, once they leave the pool, are not known until + * they are put back with done (offer). It only affects the "overLimit()" function. + * + * Important... this information is only valid if PooledObjects call "done()" or "toss()". + */ + private int max_objects = MAX_OBJECTS; + /** * The Creator for this particular pool. It must work for type T. */ @@ -105,7 +119,7 @@ public class Pool { * @param creator */ public Pool(Creator creator) { - count = spares = 0; + count = used = 0; this.creator = creator; list = new LinkedList<>(); logger = Log.NULL; @@ -117,29 +131,44 @@ public class Pool { */ public void setLogger(Log logger) { this.logger = logger; + // Also reset existing Pooled objects + for(Pooled p : list) { + if(p.content instanceof LogAware) { + ((LogAware)p.content).setLog(logger); + } else { + break; + } + } } - public void log(Object ...objects) { - logger.log(objects); + public void log(Log.Type type, Object ...objects) { + logger.log(type,objects); } /** * Preallocate a certain number of T Objects. Useful for services so that * the first transactions don't get hit with all the Object creation costs - * + * + * It is assumed that priming also means that it is the minimum desired available resources. Therefore, + * max_range is set to prime, if less than current max_range, if it is default. + * * @param lt * @param prime * @throws CadiException */ - public void prime(int prime) throws CadiException { + public Pool prime(int prime) throws CadiException { + if(max_range == MAX_RANGE && prime pt = new Pooled(creator.create(), this); synchronized (list) { list.addFirst(pt); ++count; + ++used; } } - + return this; } /** @@ -147,19 +176,22 @@ public class Pool { * down all Allocated objects cleanly for exiting. It is also a good method * for removing objects when, for instance, all Objects are invalid because * of broken connections, etc. + * + * Use in conjunction with setMaxRange to no longer store objects, i.e. + * + * pool.setMaxRange(0).drain(); */ - public void drain() { - synchronized (list) { - for (int i = 0; i < list.size(); ++i) { - Pooled pt = list.remove(); - creator.destroy(pt.content); - logger.log("Pool drained ", creator.toString()); - } - count = spares = 0; - } - + public synchronized void drain() { + while(list.size()>0) { + Pooled pt = list.remove(); + --used; + String name = pt.content.toString(); + creator.destroy(pt.content); + logger.log(Log.Type.debug,"Pool destroyed", name); + } + count = 0; } - + /** * This is the essential function for Pool. Get an Object "T" inside a * "Pooled" object. If there is a spare Object, then use it. If not, then @@ -181,21 +213,14 @@ public class Pool { public Pooled get() throws CadiException { Pooled pt; synchronized (list) { - if (list.isEmpty()) { - pt = null; - } else { - pt = list.removeLast(); - --count; - creator.reuse(pt.content); - } + pt = list.pollLast(); } if (pt == null) { - if (spares < max_range) - ++spares; pt = new Pooled(creator.create(), this); + ++used; } else { - if (spares > 1) - --spares; + --count; + creator.reuse(pt.content); } return pt; } @@ -235,19 +260,31 @@ public class Pool { * @return */ // Used only by Pooled - private boolean offer(Pooled used) { - if (count < spares) { + private boolean offer(Pooled usedP) { + if (count < max_range) { synchronized (list) { - list.addFirst(used); + list.addFirst(usedP); ++count; } - logger.log("Pool recovered ", creator); + logger.log(Log.Type.trace,"Pool recovered ", creator); } else { - logger.log("Pool destroyed ", creator); - creator.destroy(used.content); + destroy(usedP.content); } return false; } + + /** + * Destroy, using Creator's specific semantics, the Object, and decrement "used" + * + * @param t + */ + private void destroy(T t) { + creator.destroy(t); + synchronized (list) { + --used; + } + logger.log(Log.Type.debug,"Pool destroyed ", creator); + } /** * The Creator Interface give the Pool the ability to Create, Destroy and @@ -268,15 +305,17 @@ public class Pool { public void reuse(T t); } - public interface Log { - public void log(Object ... o); - - public final static Log NULL = new Log() { - @Override - public void log(Object ... o) { - } - }; + /** + * Pooled Classes can be "Log Aware", which means they can tie into the same + * Logging element that the Pool is using. To do this, the Object must implement "LogAware" + * + * @author Jonathan + * + */ + public interface LogAware { + public void setLog(Log log); } + /** * The "Pooled" class is the transient class that wraps the actual Object * T for API use/ It gives the ability to return ("done()", or "toss()") the @@ -309,8 +348,10 @@ public class Pool { */ public Pooled(T t, Pool pool) { content = t; + if(t instanceof LogAware) { + ((LogAware)t).setLog(pool.logger); + } this.pool = pool; - } /** @@ -338,7 +379,7 @@ public class Pool { */ public void toss() { if (pool != null) { - pool.creator.destroy(content); + pool.destroy(content); } // Don't allow finalize to put it back in. pool = null; @@ -356,17 +397,30 @@ public class Pool { pool = null; } } + + @Override + public String toString() { + return content.toString(); + } } /** - * Get the maximum number of spare objects allowed at any moment + * Set a Max Range for numbers of spare objects waiting to be used. + * + * No negative numbers are allowed + * + * Use in conjunction with drain to no longer store objects, i.e. + * + * pool.setMaxRange(0).drain(); * * @return */ - public int getMaxRange() { - return max_range; + public Pool setMaxRange(int max_range) { + // Do not allow negative numbers + this.max_range = Math.max(0, max_range); + return this; } - + /** * Set a Max Range for numbers of spare objects waiting to be used. * @@ -374,9 +428,26 @@ public class Pool { * * @return */ - public void setMaxRange(int max_range) { + public Pool setMaxObjects(int max_objects) { // Do not allow negative numbers - this.max_range = Math.max(0, max_range); + this.max_objects = Math.max(0, max_objects); + return this; } + /** + * return whether objects in use or waiting are beyond max allowed + * + * Pool does not actually stop new creations, but allows this to be used by + * other entities to limit number of creations of expensive Objects, like + * Thread Pooling + * + */ + public boolean tooManyObjects() { + return used > max_objects; + } + + public String toString() { + return String.format("Pool: count(%d), used(%d), max_range(%d), max_objects(%d)", + count, used,max_range,max_objects); + } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java index 86a12ca0..c8067def 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java @@ -56,12 +56,12 @@ public class JU_UsersDump { " \n" + " \n" + " \n" + - " \n" + - " \n" + - " \n" + - " \n" + + " \n" + + " \n" + + " \n" + + " \n" + " \n" + - " \n" + + " \n" + "\n"; private final static String groups = "myname:groupA,groupB"; diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java index c3e5cb67..24ceba46 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java @@ -90,7 +90,7 @@ public class JU_LocalLur { lur = new LocalLur(access, "user1%" + encrypted, null); info = lur.dumpInfo(); assertThat(info.size(), is(1)); - assertThat(info.get(0).user, is("user1@none")); + assertThat(info.get(0).user, is("user1@people.osaaf.org")); lur.clearAll(); assertThat(lur.dumpInfo().size(), is(0)); diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java index 05abc7ed..0395830e 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java @@ -22,15 +22,17 @@ package org.onap.aaf.cadi.test; -import org.junit.Test; -import org.onap.aaf.cadi.CadiException; -import org.onap.aaf.cadi.Hash; - -import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.not; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; import org.junit.BeforeClass; - -import static org.hamcrest.CoreMatchers.*; +import org.junit.Test; +import org.onap.aaf.cadi.Hash; public class JU_Hash { // Some common test vectors @@ -63,7 +65,7 @@ public class JU_Hash { private String numbersDec = "1234567890"; private String numbersHex = "0x31323334353637383930"; private String numbersHexNo0x = "31323334353637383930"; - + @SuppressWarnings("unused") @BeforeClass public static void getCoverage() { @@ -179,22 +181,11 @@ public class JU_Hash { assertEquals(lowersDec, new String(Hash.fromHex(lowersHex))); assertEquals(numbersDec, new String(Hash.fromHex(numbersHex))); - try { - // This string doesn't begin with "0x" - Hash.fromHex("0X65"); - fail("Should have thrown CadiException"); - } catch (CadiException e) { - assertEquals("HexString must start with \"0x\"", e.getMessage()); - } + // This string doesn't begin with "0x" + assertNull(Hash.fromHex("0X65")); - try { // This string has invalid hex characters - Hash.fromHex("0xQ"); - fail("Should have thrown CadiException"); - } catch (CadiException e) { - // 81 is dec(Q) - assertEquals("Invalid char '81' in HexString", e.getMessage()); - } + assertNull(Hash.fromHex("0xQ")); } @Test @@ -203,16 +194,32 @@ public class JU_Hash { assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x1))); assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x2))); assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x2))); - assertEquals(numbersDec, new String(Hash.fromHexNo0x(numbersHexNo0x))); byte[] output = Hash.fromHexNo0x("ABC"); - assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xB0}), new String(output)); + assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xBC}), new String(output)); assertNull(Hash.fromHexNo0x("~~")); } -// -// @Test -// public void aaf_941() throws Exception { -// // User notes: From reported error "aaf" not coded right -// -// -// } + + @Test + public void aaf_941() throws Exception { + // User notes: From reported error "aaf" not coded right for odd digits + // Note: In the original concept, this isn't a valid Hex digit. It has to do with whether to assume an initial + // char of "0" if left out. + + String sample = "aaf"; + byte[] bytes = Hash.fromHexNo0x(sample); + String back = Hash.toHexNo0x(bytes); + // Note: We don't presume to know that someone left off leading 0 on start. + assertEquals("0aaf", back); + + sample = "0x0aaf"; + bytes = Hash.fromHex(sample); + back = Hash.toHex(bytes); + assertEquals(sample, back); + + // Assumed leading zero. Note, we ALWAYS translate back with leading zero. + bytes = Hash.fromHex("0xaaf"); + back = Hash.toHex(bytes); + assertEquals(sample, back); + + } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java index 230c6b3b..b38a7914 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java @@ -29,13 +29,12 @@ import java.util.List; import static org.hamcrest.CoreMatchers.*; import org.junit.*; import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.util.Log; import org.onap.aaf.cadi.util.Pool; import org.onap.aaf.cadi.util.Pool.*; public class JU_Pool { - private StringBuilder sb = new StringBuilder(); - private class IntegerCreator implements Creator { private int current = 0; @@ -59,59 +58,147 @@ public class JU_Pool { } } + // Used for CustomLogger Testing + private StringBuilder sb = new StringBuilder(); + private class CustomLogger implements Log { @Override - public void log(Object... o) { + public void log(Log.Type type, Object... o) { for (Object item : o) { sb.append(item.toString()); } } } + /** + * Enter variable amount in this order + * + * count, used, max_range, max_objects + * @param intPool + * @param ints + */ + private void check(Pool intPool, int ... ints) { + String rpt = intPool.toString(); + // Fallthrough on purpose, to process only the ints entered, but in the right order. + switch(ints.length) { + case 4: + assertTrue(rpt.contains(String.format("max_objects(%d)", ints[3]))); + case 3: + assertTrue(rpt.contains(String.format("max_range(%d)", ints[2]))); + case 2: + assertTrue(rpt.contains(String.format("used(%d)", ints[1]))); + case 1: + assertTrue(rpt.contains(String.format("count(%d)", ints[0]))); + } + } + + @Test + public void settings() throws CadiException { + Pool intPool = new Pool(new IntegerCreator()); + check(intPool,0,0,Pool.MAX_RANGE,Pool.MAX_OBJECTS); + + // Check MaxObjects, min is 0 + intPool.setMaxObjects(-10); + check(intPool,0,0,Pool.MAX_RANGE,0); + + intPool.setMaxObjects(10); + check(intPool,0,0,Pool.MAX_RANGE,10); + + // Check MaxRange, min is 0 + intPool.setMaxRange(-10); + check(intPool,0,0,0,10); + + intPool.setMaxRange(2); + check(intPool,0,0,2,10); + + // Validate Priming + intPool.prime(3); + check(intPool,3,3,2,10); + + // Drain + intPool.drain(); + check(intPool,0,0,2,10); + } + @Test - public void getTest() throws CadiException { - Pool intPool = new Pool(new IntegerCreator()); - - List> gotten = new ArrayList<>(); - for (int i = 0; i < 10; i++) { - gotten.add(intPool.get()); - assertThat(gotten.get(i).content, is(i)); - } - - gotten.get(9).done(); - gotten.set(9, intPool.get()); - assertThat(gotten.get(9).content, is(9)); - - for (int i = 0; i < 10; i++) { - gotten.get(i).done(); - } - - for (int i = 0; i < 10; i++) { - gotten.set(i, intPool.get()); - if (i < 5) { - assertThat(gotten.get(i).content, is(i)); - } else { - assertThat(gotten.get(i).content, is(i + 5)); - } - } - - for (int i = 0; i < 10; i++) { - gotten.get(i).toss(); - // Coverage calls - gotten.get(i).toss(); - gotten.get(i).done(); - - // only set some objects to null -> this is for the finalize coverage test - if (i < 5) { - gotten.set(i, null); - } - } - - // Coverage of finalize() - System.gc(); + public void range() throws CadiException { + Pool intPool = new Pool(new IntegerCreator()); + intPool.setMaxRange(2); + check(intPool,0,0,2); + + // Prime + intPool.prime(3); + check(intPool,3,3,2); + + // Using 3 leaves count (in Pool) and Used (by System) 3 + List> using = new ArrayList<>(); + for(int i=0;i<3;++i) { + using.add(intPool.get()); + } + check(intPool,0,3,2); + + // Using 3 more creates more Objects, and uses immediately + for(int i=0;i<3;++i) { + using.add(intPool.get()); + } + check(intPool,0,6,2); + + // Clean out all Objects in possession, but there are 6 Objects not returned yet. + intPool.drain(); + check(intPool,0,6,2); + + // Returning Objects + for(Pooled i : using) { + i.done(); + } + + // Since Range is 2, keep only 2, and destroy the rest + check(intPool,2,2,2); + + // Shutdown (helpful for stopping Services) involves turning off range + intPool.setMaxRange(0).drain(); + check(intPool,0,0,0); } - + @Test + public void tooManyObjects() throws CadiException { + /* + * It should be noted that "tooManyObjects" isn't enforced by the Pool, because Objects are not + * tracked (other than used) once they leave the pool. + * + * It is information that using entities, like Thread Pools, can use to limit creations of expensive objects + */ + Pool intPool = new Pool(new IntegerCreator()); + intPool.setMaxObjects(10).setMaxRange(2); + check(intPool,0,0,2,10); + + assertFalse(intPool.tooManyObjects()); + + // Obtain up to maxium Objects + List> using = new ArrayList<>(); + for(int i=0;i<10;++i) { + using.add(intPool.get()); + } + + check(intPool,0,10,2,10); + assertFalse(intPool.tooManyObjects()); + + using.add(intPool.get()); + check(intPool,0,11,2,10); + assertTrue(intPool.tooManyObjects()); + + // Returning Objects + for(Pooled i : using) { + i.done(); + } + + // Returning Objects puts Pool back in range + check(intPool,2,2,2,10); + assertFalse(intPool.tooManyObjects()); + + } + + @Test public void bulkTest() throws CadiException { Pool intPool = new Pool(new IntegerCreator()); @@ -135,24 +222,15 @@ public class JU_Pool { } - @Test - public void setMaxTest() { - Pool intPool = new Pool(new IntegerCreator()); - intPool.setMaxRange(10); - assertThat(intPool.getMaxRange(), is(10)); - intPool.setMaxRange(-10); - assertThat(intPool.getMaxRange(), is(0)); - } - @Test public void loggingTest() { Pool intPool = new Pool(new IntegerCreator()); // Log to Log.NULL for coverage - intPool.log("Test log output"); + intPool.log(Log.Type.info,"Test log output"); intPool.setLogger(new CustomLogger()); - intPool.log("Test log output"); + intPool.log(Log.Type.info,"Test log output"); assertThat(sb.toString(), is("Test log output")); } diff --git a/cadi/oauth-enduser/.gitignore b/cadi/oauth-enduser/.gitignore index c14293bc..be5b0b05 100644 --- a/cadi/oauth-enduser/.gitignore +++ b/cadi/oauth-enduser/.gitignore @@ -3,3 +3,4 @@ /target/ /.project tokens/ +/.checkstyle diff --git a/cadi/oauth-enduser/pom.xml b/cadi/oauth-enduser/pom.xml index be68eb97..a9a2207f 100644 --- a/cadi/oauth-enduser/pom.xml +++ b/cadi/oauth-enduser/pom.xml @@ -25,7 +25,7 @@ org.onap.aaf.authz cadiparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. @@ -168,15 +168,6 @@ - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - diff --git a/cadi/pom.xml b/cadi/pom.xml index d023218b..ba74e929 100644 --- a/cadi/pom.xml +++ b/cadi/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.authz parent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT cadiparent AAF CADI Parent (Code, Access, Data, Identity) @@ -172,16 +172,6 @@ 2.5.5 - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/cadi/servlet-sample/.gitignore b/cadi/servlet-sample/.gitignore index 2c21dc69..afeea2b0 100644 --- a/cadi/servlet-sample/.gitignore +++ b/cadi/servlet-sample/.gitignore @@ -6,3 +6,4 @@ /logs/ /run/ /caditest.war +/.checkstyle diff --git a/cadi/servlet-sample/pom.xml b/cadi/servlet-sample/pom.xml index 2b41d92f..c2f3982f 100644 --- a/cadi/servlet-sample/pom.xml +++ b/cadi/servlet-sample/pom.xml @@ -4,7 +4,7 @@ org.onap.aaf.authz cadiparent .. - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT 4.0.0 CADI Servlet Sample (Test Only) diff --git a/conf/CA/deploy.sh b/conf/CA/deploy.sh new file mode 100644 index 00000000..031f9575 --- /dev/null +++ b/conf/CA/deploy.sh @@ -0,0 +1,38 @@ +# SED needs escaped slashes +function escSlash { + echo "${1//\//\\\/}" +} + +NS="$(cat ns.aaf)" +DEPLOY_DIR=${PWD/\/CA/} +read -p "AAF Config Directory: [$DEPLOY_DIR]: " input +DEPLOY_DIR=${input:-$DEPLOY_DIR} + +echo "Deploying to $DEPLOY_DIR" + +APP_NAME="${DEPLOY_DIR##*/}" +CA_CRT="CA_${APP_NAME^^}.crt" +cp -v certs/ca.crt $DEPLOY_DIR/public/$CA_CRT +sed -i.bak \ + -e "/cm_public_dir=.*/s//cm_public_dir=$(escSlash $DEPLOY_DIR/public)/" \ + -e "/cm_trust_cas=.*/s//cm_trust_cas=${CA_CRT}/" \ + $DEPLOY_DIR/etc/org.osaaf.aaf.cm.props + +INT_DIR="intermediate_$(cat intermediate.serial)" + +cp -v $INT_DIR/certs/ca.crt $DEPLOY_DIR/public/${APP_NAME^^}_SIGNER.crt +SIGNER=${NS}.signer.p12 +cp -v $INT_DIR/aaf_$INT_DIR.p12 $DEPLOY_DIR/local/${SIGNER} + +CADI="java -jar /opt/app/aaf/lib/aaf-cadi-core-*.jar" +KEYFILE="$DEPLOY_DIR/local/org.osaaf.aaf.keyfile" +if [ ! -f "$KEYFILE" ]; then + echo $CADI keygen $KEYFILE +fi + +echo "Enter Issuer Key Password " +read -s ISSUER_PASS +ISSUER_PASS=$($CADI digest "$ISSUER_PASS" $KEYFILE) +sed -i.bak \ + -e "/cm_ca.local=.*/s//cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,$(escSlash $DEPLOY_DIR/local/$SIGNER);aaf_$INT_DIR;enc:$ISSUER_PASS/" \ + $DEPLOY_DIR/local/org.osaaf.aaf.cm.ca.props diff --git a/docs/conf.py b/docs/conf.py index 8f40e8b8..5371015c 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -12,4 +12,4 @@ intersphinx_mapping = {} html_last_updated_fmt = '%d-%b-%y %H:%M' def setup(app): - app.add_stylesheet("css/ribbon_onap.css") + app.add_stylesheet("css/ribbon.css") diff --git a/docs/index.rst b/docs/index.rst index dde20666..677359a7 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,6 +1,7 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright © 2017 AT&T Intellectual Property. All rights reserved. +.. _master_index: AAF - Application Authorization Framework ================================================== diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst index 09125a89..2cbd1b6e 100644 --- a/docs/sections/release-notes.rst +++ b/docs/sections/release-notes.rst @@ -1,10 +1,55 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 .. Copyright © 2017 AT&T Intellectual Property. All rights reserved. +.. _release_notes: Release Notes ============= +Version: 2.1.23 (Frankfurt Maintenance, 6.0.0) +---------------------------------- +:Release Date: 2020-08-17 + +Note : there is no new containers for this release as this was fixed by a patch in OOM repo (using Certinitializer to override certificates in container) + +**Bug Fixes** + - `AAF-1159 `_ Certificate expired for AAF-SMS + - 'AAF-1175 `_ Certificate between CertService client and CertService server has expired + +**Known Issues - solve in Guilin** + + - `AAF-1087 `_ AAF init containers init with exit 0 even if failing + +Version: 2.1.23 (Frankfurt, 6.0.0) +--------------------------------------------- + +:Release Date: 2020-06-05 + +**New Features** +Certificate Management Protocol Version 2 (CMPv2) support was added to retrieve X.509 certificates from servers which supports CMPv2 over HTTP. SDNC as first ONAP component was integrated to enroll certificate from CMPv2 server to protect traffic between SDNC and Network Functions (xNFs). +More details about CMPv2 support in ONAP can be found on a dedicated page. + + +**Bug Fixes** + - `AAF-383 `_ AAF aaf-sms chart should use nodePortPrefix variable + - `AAF-783 `_ Consul container is outdated + - `AAF-784 `_ Vault container is outdated + - `AAF-1102 `_ Pods still run as root + +**Known Issues - solve in Guilin** + - `AAF-1087 `_ AAF init containers init with exit 0 even if failing + +Version: 2.1.15 (El Alto Maintenance, 5.0.2) +-------------------------------------------- + +:Release Date: 2020-08-24 + +Note : there is no new containers for this release as this was fixed by a patch in OOM repo (mounting replacement certificates through oom) + +**Bug Fixes** + + - `AAF-1159 `_ Certificate expired for AAF-SMS + Version: 2.1.15 (El Alto, 5.0.1) --------------------------------------------- diff --git a/misc/env/.gitignore b/misc/env/.gitignore index 6028f0a5..112dedb3 100644 --- a/misc/env/.gitignore +++ b/misc/env/.gitignore @@ -2,3 +2,4 @@ /.settings/ /target/ /.project +/.checkstyle diff --git a/misc/env/pom.xml b/misc/env/pom.xml index f432fce2..58ba3642 100644 --- a/misc/env/pom.xml +++ b/misc/env/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.authz miscparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. @@ -137,16 +137,6 @@ 2.5.5 - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/misc/env/src/main/java/org/onap/aaf/misc/env/impl/BasicEnv.java b/misc/env/src/main/java/org/onap/aaf/misc/env/impl/BasicEnv.java index e65f4e85..8128856c 100644 --- a/misc/env/src/main/java/org/onap/aaf/misc/env/impl/BasicEnv.java +++ b/misc/env/src/main/java/org/onap/aaf/misc/env/impl/BasicEnv.java @@ -102,40 +102,61 @@ public class BasicEnv extends StoreImpl implements EnvJAXB, TransCreate org.onap.aaf.authz miscparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. @@ -137,16 +137,6 @@ 2.5.5 - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/misc/pom.xml b/misc/pom.xml index 3d182c4a..1c475ce4 100644 --- a/misc/pom.xml +++ b/misc/pom.xml @@ -25,7 +25,7 @@ org.onap.aaf.authz parent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT miscparent AAF Misc Parent @@ -72,7 +72,8 @@ junit junit test - + + @@ -139,16 +140,6 @@ 2.5.5 - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/misc/rosetta/.gitignore b/misc/rosetta/.gitignore index b373f319..2cb0d891 100644 --- a/misc/rosetta/.gitignore +++ b/misc/rosetta/.gitignore @@ -3,3 +3,4 @@ /.settings/ /logs/ /.project +/.checkstyle diff --git a/misc/rosetta/pom.xml b/misc/rosetta/pom.xml index 2f3ea41d..b0625333 100644 --- a/misc/rosetta/pom.xml +++ b/misc/rosetta/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.authz miscparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. @@ -156,15 +156,6 @@ maven-assembly-plugin - - org.apache.maven.plugins - maven-deploy-plugin - - false - - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/misc/xgen/.gitignore b/misc/xgen/.gitignore index 75472cfd..f9f0c1b0 100644 --- a/misc/xgen/.gitignore +++ b/misc/xgen/.gitignore @@ -2,3 +2,4 @@ /.classpath /.settings/ /.project +/.checkstyle diff --git a/misc/xgen/pom.xml b/misc/xgen/pom.xml index 83a4ad3c..8de93549 100644 --- a/misc/xgen/pom.xml +++ b/misc/xgen/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.authz miscparent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT .. @@ -77,7 +77,7 @@ org.onap.aaf.authz aaf-misc-env ${project.version} - + @@ -136,15 +136,6 @@ 2.5.5 - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.1 - - false - - - org.apache.maven.plugins maven-dependency-plugin diff --git a/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/Section.java b/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/Section.java index 9f1f2a38..fb429b3b 100644 --- a/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/Section.java +++ b/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/Section.java @@ -48,11 +48,11 @@ public class Section> { } public void forward(Writer w) throws IOException { - w.write(forward); + w.write(forward); } public void back(Writer w) throws IOException { - w.write(backward); + w.write(backward); } public String toString() { diff --git a/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/XGen.java b/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/XGen.java index b68ad6e5..258715e1 100644 --- a/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/XGen.java +++ b/misc/xgen/src/main/java/org/onap/aaf/misc/xgen/XGen.java @@ -151,7 +151,9 @@ public class XGen> { @SuppressWarnings("unchecked") public RT text(String txt) { - forward.append(txt); + if(txt!=null) { + forward.append(txt); + } return (RT)this; } @@ -182,8 +184,12 @@ public class XGen> { for (int i=0;i"); + forward.println(""); incr("html",attrib); return this; } diff --git a/pom.xml b/pom.xml index 897b4e42..9edf385c 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ 4.0.0 org.onap.aaf.authz parent - 2.1.17-SNAPSHOT + 2.7.4-SNAPSHOT aaf-authz pom @@ -34,7 +34,7 @@ Frankfurt working Version --> - 3.0.0-SNAPSHOT + 3.0.1 @@ -68,13 +68,6 @@ - - org.apache.maven.plugins - maven-deploy-plugin - - true - - org.sonarsource.scanner.maven sonar-maven-plugin diff --git a/releases/2.1.17-container.yaml b/releases/2.1.17-container.yaml new file mode 100644 index 00000000..cad72caf --- /dev/null +++ b/releases/2.1.17-container.yaml @@ -0,0 +1,17 @@ +distribution_type: 'container' +container_release_tag: '2.1.17' +project: 'aaf-authz' +container_pull_registry: nexus3.onap.org:10003 +container_push_registry: nexus3.onap.org:10002 +ref: 'add60903781f8bb4cbe59555bf79181cb5f73b8c' +containers: + - name: 'aaf/aaf_base' + version: '2.1.17-SNAPSHOT' + - name: 'aaf/aaf_core' + version: '2.1.17-SNAPSHOT' + - name: 'aaf/aaf_config' + version: '2.1.17-SNAPSHOT' + - name: 'aaf/aaf_agent' + version: '2.1.17-SNAPSHOT' + - name: 'aaf/aaf_hello' + version: '2.1.17-SNAPSHOT' diff --git a/releases/2.1.17.yaml b/releases/2.1.17.yaml new file mode 100644 index 00000000..fc936fd5 --- /dev/null +++ b/releases/2.1.17.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.1.17' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/271/' diff --git a/releases/2.1.18-container.yaml b/releases/2.1.18-container.yaml new file mode 100644 index 00000000..72f2bf79 --- /dev/null +++ b/releases/2.1.18-container.yaml @@ -0,0 +1,19 @@ +distribution_type: 'container' +container_release_tag: '2.1.18' +project: 'aaf-authz' +container_pull_registry: nexus3.onap.org:10003 +container_push_registry: nexus3.onap.org:10002 +ref: '28d2e7a6daa59749f6fefa302840943961c3ba9e' +containers: + - name: 'aaf/aaf_cass' + version: '2.1.18-SNAPSHOT' + - name: 'aaf/aaf_base' + version: '2.1.18-SNAPSHOT' + - name: 'aaf/aaf_core' + version: '2.1.18-SNAPSHOT' + - name: 'aaf/aaf_config' + version: '2.1.18-SNAPSHOT' + - name: 'aaf/aaf_agent' + version: '2.1.18-SNAPSHOT' + - name: 'aaf/aaf_hello' + version: '2.1.18-SNAPSHOT' diff --git a/releases/2.1.18.yaml b/releases/2.1.18.yaml new file mode 100644 index 00000000..e571cf00 --- /dev/null +++ b/releases/2.1.18.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.1.18' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/288/' diff --git a/releases/2.1.19-container.yaml b/releases/2.1.19-container.yaml new file mode 100644 index 00000000..49ba794b --- /dev/null +++ b/releases/2.1.19-container.yaml @@ -0,0 +1,19 @@ +distribution_type: 'container' +container_release_tag: '2.1.19' +project: 'aaf-authz' +container_pull_registry: nexus3.onap.org:10003 +container_push_registry: nexus3.onap.org:10002 +ref: 'eeb50d3b600eb5c781c53cb6f9519e503e22ca6d' +containers: + - name: 'aaf/aaf_cass' + version: '2.1.19-SNAPSHOT' + - name: 'aaf/aaf_base' + version: '2.1.19-SNAPSHOT' + - name: 'aaf/aaf_core' + version: '2.1.19-SNAPSHOT' + - name: 'aaf/aaf_config' + version: '2.1.19-SNAPSHOT' + - name: 'aaf/aaf_agent' + version: '2.1.19-SNAPSHOT' + - name: 'aaf/aaf_hello' + version: '2.1.19-SNAPSHOT' diff --git a/releases/2.1.19.yaml b/releases/2.1.19.yaml new file mode 100644 index 00000000..15643c71 --- /dev/null +++ b/releases/2.1.19.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.1.19' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/304/' diff --git a/releases/2.1.20-container.yaml b/releases/2.1.20-container.yaml new file mode 100644 index 00000000..be51e33a --- /dev/null +++ b/releases/2.1.20-container.yaml @@ -0,0 +1,19 @@ +distribution_type: 'container' +container_release_tag: '2.1.20' +project: 'aaf-authz' +container_pull_registry: nexus3.onap.org:10003 +container_push_registry: nexus3.onap.org:10002 +ref: '96bf6a2771dfe992fb27bd6361d191d83b6ff605' +containers: + - name: 'aaf/aaf_cass' + version: '2.1.20-SNAPSHOT' + - name: 'aaf/aaf_base' + version: '2.1.20-SNAPSHOT' + - name: 'aaf/aaf_core' + version: '2.1.20-SNAPSHOT' + - name: 'aaf/aaf_config' + version: '2.1.20-SNAPSHOT' + - name: 'aaf/aaf_agent' + version: '2.1.20-SNAPSHOT' + - name: 'aaf/aaf_hello' + version: '2.1.20-SNAPSHOT' diff --git a/releases/2.1.20.yaml b/releases/2.1.20.yaml new file mode 100644 index 00000000..a08b3f08 --- /dev/null +++ b/releases/2.1.20.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.1.20' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/344/' diff --git a/releases/2.1.21.yaml b/releases/2.1.21.yaml new file mode 100644 index 00000000..e89fc4d5 --- /dev/null +++ b/releases/2.1.21.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.1.21' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/350/' diff --git a/releases/2.7.0.yaml b/releases/2.7.0.yaml new file mode 100644 index 00000000..9cea6b4c --- /dev/null +++ b/releases/2.7.0.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.7.0' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/448/' diff --git a/releases/2.7.1.yaml b/releases/2.7.1.yaml new file mode 100644 index 00000000..008a8066 --- /dev/null +++ b/releases/2.7.1.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.7.1' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/482/' diff --git a/releases/2.7.2.yaml b/releases/2.7.2.yaml new file mode 100644 index 00000000..eb2e65c6 --- /dev/null +++ b/releases/2.7.2.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.7.2' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/506/' diff --git a/releases/2.7.3.yaml b/releases/2.7.3.yaml new file mode 100644 index 00000000..075f5c04 --- /dev/null +++ b/releases/2.7.3.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.7.3' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/512/' diff --git a/releases/2.7.4.yaml b/releases/2.7.4.yaml new file mode 100644 index 00000000..41a61887 --- /dev/null +++ b/releases/2.7.4.yaml @@ -0,0 +1,4 @@ +distribution_type: 'maven' +version: '2.7.4' +project: 'aaf-authz' +log_dir: 'aaf-authz-maven-stage-master/540/' diff --git a/version.properties b/version.properties index de52dc04..9575b61b 100644 --- a/version.properties +++ b/version.properties @@ -24,10 +24,10 @@ # Note that these variables cannot be structured (e.g. : version.release or version.snapshot etc... ) # because they are used in Jenkins, whose plug-in doesn't support -# This TAG 2.1.17-SNAPSHOT is here to help remember to change this file. Keep it up to date with the following "real" entries: +# This TAG 2.7.0-SNAPSHOT is here to help remember to change this file. Keep it up to date with the following "real" entries: major=2 -minor=1 -patch=17 +minor=7 +patch=4 base_version=${major}.${minor}.${patch}