### To have only HTTP, keep the lines server.ssl.* commented
### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location
server.port=${clamp.it.tests.https}
-### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port')
-server.ssl.key-store=classpath:https/keystore-test.jks
-server.ssl.key-store-password=testpass
-server.ssl.key-password=testpass
-server.ssl.key-store-type=JKS
+### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port')
+server.ssl.key-store=classpath:clds/aaf/org.onap.clamp.p12
+server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc
+server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc
+server.ssl.key-store-type=PKCS12
+server.ssl.key-alias=clamp@clamp.onap.org
+
+# The key file used to decode the key store and trust store password
+# If not defined, the key store and trust store password will not be decrypted
+clamp.config.keyFile=classpath:clds/aaf/org.onap.clamp.keyfile
+clamp.config.caCerts=classpath:clds/aaf/ssl/ca-certs.pem
+
+## Config part for Client certificates
+server.ssl.client-auth=want
+server.ssl.trust-store=classpath:clds/aaf/truststoreONAPall.jks
+server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ
### In order to be user friendly when HTTPS is enabled,
### you can add another HTTP port that will be automatically redirected to HTTPS
server.servlet.context-path=/
#Modified engine-rest applicationpath
-spring.profiles.active=clamp-default,clamp-default-user
+spring.profiles.active=clamp-default, clamp-aaf-authentication,clamp-ssl-config
+
#clds datasource connection details
-spring.datasource.cldsdb.driverClassName=org.mariadb.jdbc.Driver
-spring.datasource.cldsdb.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647\r
-spring.datasource.cldsdb.username=clds
-spring.datasource.cldsdb.password=4c90a0b48204383f4283448d23e0b885a47237b2a23588e7c4651604f51c1067\r
-spring.datasource.cldsdb.validationQuery=SELECT 1
-spring.datasource.cldsdb.validationQueryTimeout=20000
-spring.datasource.cldsdb.validationInterval=30000
-spring.datasource.cldsdb.testWhileIdle = true
-spring.datasource.cldsdb.minIdle = 0
-spring.datasource.cldsdb.initialSize=0
+spring.datasource.driverClassName=org.mariadb.jdbc.Driver
+spring.datasource.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&retriesAllDown=2147483647&failoverLoopRetries=2147483647
+spring.datasource.username=clds
+spring.datasource.password=sidnnd83K
+spring.datasource.validationQuery=SELECT 1
+spring.datasource.validationQueryTimeout=20000
+spring.datasource.validationInterval=30000
+spring.datasource.testWhileIdle = true
+spring.datasource.minIdle = 0
+spring.datasource.initialSize=0
# Automatically test whether a connection provided is good or not
-spring.datasource.cldsdb.testOnBorrow=true
-spring.datasource.cldsdb.ignoreExceptionOnPreLoad=true
+spring.datasource.testOnBorrow=true
+spring.datasource.ignoreExceptionOnPreLoad=true
camel.springboot.consumer-template-cache-size=1000
camel.springboot.producer-template-cache-size=1000
#com.att.eelf.logging.path=
com.att.eelf.logging.file=logback-default.xml
#The log folder that will be used in logback.xml file
-clamp.config.log.path=log
\ No newline at end of file
+clamp.config.log.path=log
+
+#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case !
+clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
+clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
+clamp.config.security.permission.type.cl.event=org.onap.clamp.clds.cl.event
+clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
+clamp.config.security.permission.type.template=org.onap.clamp.clds.template
+clamp.config.security.permission.type.tosca=org.onap.clamp.clds.tosca
+#This one indicates the type of instances (dev|prod|perf...), this must be set accordingly in clds-users.properties
+clamp.config.security.permission.instance=dev
+clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Principal, org.onap.aaf.cadi.principal.CachedBasicPrincipal
+
+#AAF related parameters
+clamp.config.cadi.cadiLoglevel=DEBUG
+clamp.config.cadi.cadiLatitude=10
+clamp.config.cadi.cadiLongitude=10
+clamp.config.cadi.aafLocateUrl=https://aaf-locate:8095
+clamp.config.cadi.oauthTokenUrl= https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.token:2.1/token
+clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.introspect:2.1/introspect
+clamp.config.cadi.aafEnv=DEV
+clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
+clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
\ No newline at end of file
Code Review / clamp.git / blobdiff