New Casablanca SSL certs

Change-Id: Ida5e782acda64fba89cc3ea647ce72657565d770
Signed-off-by: dglFromAtt <dgl@research.att.com>
Issue-ID: DMAAP-532

diff --git a/Dockerfile b/Dockerfile
index 491a8d5..b246871 100644 (file)
--- a/Dockerfile
+++ b/Dockerfile
@@ -37,6 +37,8 @@ COPY misc/LocalKey ${insdir}/etc/
 COPY misc/logback.xml ${insdir}/etc/
 COPY misc/dbc-api.jks ${insdir}/etc/keystore
 RUN chmod 600 ${insdir}/etc/keystore
+COPY misc/org.onap.dmaap-bc.trust.jks ${insdir}/etc
+RUN chmod 600 ${insdir}/etc/org.onap.dmaap-bc.trust.jks
 COPY ./version.properties ${insdir}/etc
 COPY misc/opensource.env ${insdir}/misc/
 COPY misc/*.tmpl ${insdir}/misc/

diff --git a/misc/dbc-api.jks b/misc/dbc-api.jks
index 902a747..66142d3 100644 (file)
Binary files a/misc/dbc-api.jks and b/misc/dbc-api.jks differ

diff --git a/misc/dmaapbc.properties.tmpl b/misc/dmaapbc.properties.tmpl
index 414771b..7214497 100644 (file)
--- a/misc/dmaapbc.properties.tmpl
+++ b/misc/dmaapbc.properties.tmpl
@@ -58,11 +58,11 @@ KeyStoreFile:       ${DMAAPBC_KSTOREFILE:-etc/keystore}
 #
 #      The password for the https keystore
 #
-KeyStorePassword:      ${DMAAPBC_KSTOREPASS:-Demolition Artist Floating}
+KeyStorePassword:      ${DMAAPBC_KSTOREPASS:-*j&Z*Ma;.4My4M]W0eB*fal$}
 #
 #      The password for the private key in the https keystore
 #
-KeyPassword:   ${DMAAPBC_PVTKEYPASS:-Demolition Artist Floating}
+KeyPassword:   ${DMAAPBC_PVTKEYPASS:-*j&Z*Ma;.4My4M]W0eB*fal$}
 #
 #      The type of truststore for https
 #
@@ -70,11 +70,11 @@ TrustStoreType:     jks
 #
 #      The path to the truststore for https
 #
-TrustStoreFile:        ${DMAAPBC_TSTOREFILE}
+TrustStoreFile:        ${DMAAPBC_TSTOREFILE:-etc/org.onap.dmaap-bc.trust.jks}
 #
 #      The password for the https truststore
 #
-TrustStorePassword:    ${DMAAPBC_TSTOREPASS:-changeit}
+TrustStorePassword:    ${DMAAPBC_TSTOREPASS:-pi8HuuSbN03MtQQ7(5TcyQ6;}
 #
 #      The path to the file used to trigger an orderly shutdown
 #
@@ -108,7 +108,7 @@ Feed.deleteHandling: ${DMAAPBC_FEED_DELETE:-DeleteOnDR}
 ################################################################################
 # MR Related Properties:
 #
-# ONAP Beijing is a single site deployment.
+# ONAP Beijing and Casablanca are a single site deployment.
 MR.multisite:  false
 #
 #   Value of the CNAME DNS entry which resolves to the primary central MR cluster (when there are more than one central clusters).
@@ -149,6 +149,12 @@ MM.ProvUserPwd: ${DMAAPBC_MMPROV_PWD:-pwdNotSet}
 #      The Role of the MirrorMaker Agent. This is used by MM to sub to provisioning topic
 #
 MM.AgentRole: ${DMAAPBC_MMAGENT_ROLE:-org.onap.dmaapBC.MMagent.agent}
+#################
+#
+# path to cadi.properties
+#
+cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props
+
 #################
 # AAF Properties:
 #
@@ -183,49 +189,29 @@ CredentialCodecKeyfile:   ${DMAAPBC_CODEC_KEYFILE:-etc/LocalKey}
 #
 # URL of AAF environment to use.
 #
-aaf.URL:       ${DMAAPBC_AAF_URL:-https://authentication.simpledemo.onap.org:8095/proxy/}
+aaf.URL:       ${DMAAPBC_AAF_URL:-https://aaf-onap-test.osaaf.org:8095}
 #
 # TopicMgr mechid@namespace
 #
-aaf.TopicMgrUser:      ${DMAAPBC_TOPICMGR_USER:-idNotSet@namespaceNotSet}
+aaf.TopicMgrUser:      ${DMAAPBC_TOPICMGR_USER:-topic_mgr@dmaap-bc.onap.org}
 #
 # TopicMgr password
 # 
-aaf.TopicMgrPassword:  ${DMAAPBC_TOPICMGR_PWD:-pwdNotSet}
+aaf.TopicMgrPassword:  ${DMAAPBC_TOPICMGR_PWD:-enc:l0ScEojNQiiKbbkuM6U1mtnrme69q960}
 #
 # Bus Controller Namespace Admin  mechid@namespace
 #
-aaf.AdminUser: ${DMAAPBC_ADMIN_USER:-idNotSet@namespaceNotSet}
+aaf.AdminUser: ${DMAAPBC_ADMIN_USER:-aaf_admin@people.osaag.org}
 #
 # Bus Controller Namespace Admin password
 #
-aaf.AdminPassword:     ${DMAAPBC_ADMIN_PWD:-pwdNotSet}
-#
-# endof AAF Properties
-#################
-#################
-# PolicyEngine Properties
-#
-# Flag to turn on/off Authentication
-UsePE: ${DMAAPBC_PE_ENABLED:-false}
-#
-# Argument to decisionAttributes.put("AAF_ENVIRONMENT", X); 
-# where X is:  TEST= UAT, PROD = PROD, DEVL = TEST
-#
-PeAafEnvironment: ${DMAAPBC_PE_AAF_ENV:-CSIT}
-PeAafUrl.CSIT:  ${DMAAPBC_AAF_URL:-http://localhost:8095/proxy/}
-PeAafUrl.DEVL:  https://aafdev.onap.org:8095/proxy/
-PeAafUrl.TEST:  https://aafist..onap.org:8095/proxy/
-PeAafUrl.PROD:  https://aafprod.onap.org:8095/proxy/
+aaf.AdminPassword:     ${DMAAPBC_ADMIN_PWD:-demo123456!}
+
 
-#
-# Name of PolicyEngineApi properties file
-PolicyEngineProperties: config/PolicyEngineApi.properties
-#
 # Namespace for URI values for API used to create AAF permissions
 # e.g. if ApiNamespace is X.Y..dmaapBC.api then for URI /topics we create an AAF perm X.Y..dmaapBC.api.topics
-ApiNamespace: ${DMAAPBC_API_NAMESPACE:-org.onap.dmaapBC.api}
+ApiNamespace: ${DMAAPBC_API_NAMESPACE:-org.onap.dmaap-bc.api}
 #
-# endof PolicyEngineProperties
+# endof AAF Properties
 #################
 !EOF

diff --git a/misc/org.onap.dmaap-bc.trust.jks b/misc/org.onap.dmaap-bc.trust.jks
new file mode 100644 (file)
index 0000000..00cc35e
Binary files /dev/null and b/misc/org.onap.dmaap-bc.trust.jks differ

diff --git a/pom.xml b/pom.xml
index bc30ee2..aeb8a3d 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -50,6 +50,13 @@
                   <message>No Snapshots Allowed!</message>
                   <excludes>
                     <exclude>org.onap.dmaap.dbcapi:dbcapi</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-cadi-client</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-misc-env</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-cadi-aaf</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-auth-client</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-cadi-core</exclude>
+                                       <exclude>org.onap.aaf.authz:aaf-misc-rosetta</exclude>
+
                   </excludes>
                 </requireReleaseDeps>
               </rules>
@@ -250,6 +257,13 @@
       <artifactId>jetty-server</artifactId>
       <version>${jettyVersion}</version>
     </dependency>
+        <dependency>
+            <groupId>org.onap.aaf.authz</groupId>
+            <artifactId>aaf-cadi-aaf</artifactId>
+            <version>2.1.2-SNAPSHOT</version>
+            <classifier>full</classifier>
+        </dependency>
+
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
       <artifactId>jetty-servlet</artifactId>
@@ -287,7 +301,7 @@
        <dependency>
                <groupId>org.onap.dmaap.dbcapi</groupId>
                <artifactId>dbcapi</artifactId>
-               <version>1.0.8-SNAPSHOT</version>
+               <version>1.0.12-SNAPSHOT</version>
        </dependency>
   </dependencies>
   <reporting>
@@ -322,7 +336,7 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <jettyVersion>9.3.7.v20160115</jettyVersion>
     <eelf.version>0.0.1</eelf.version>
-    <artifact.version>1.0.13</artifact.version>
+    <artifact.version>1.0.14</artifact.version>
                <!--  SONAR  -->
                 <jacoco.version>0.7.7.201606060606</jacoco.version>
            <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>

diff --git a/version.properties b/version.properties
index 7e97219..e104878 100644 (file)
--- a/version.properties
+++ b/version.properties
@@ -27,7 +27,7 @@
 
 major=1
 minor=0
-patch=13
+patch=14
 base_version=${major}.${minor}.${patch}
 
 # Release must be completed with git revision # in Jenkins