### # ============LICENSE_START======================================================= # ONAP Policy Engine # ================================================================================ # Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= ### # Default XACML Properties File for PDP RESTful servlet # # Standard API Factories # xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory # NOT USED SEE BELOW xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory # # AT&T PDP Implementation Factories # xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory xacml.att.functionDefinitionFactory=org.onap.policy.xacml.custom.OnapFunctionDefinitionFactory # NOT USED SEE BELOW xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory # creteUpdate Policy Implementation Class details. createUpdatePolicy.impl.className=org.onap.policy.pdp.rest.api.services.CreateUpdatePolicyServiceImpl # AAF Implementation class details aafClient.impl.className=org.onap.policy.utils.AAFPolicyClientImpl # # AT&T RESTful PDP Implementation Factories # xacml.pipFinderFactory=org.onap.policy.pdp.rest.impl.XACMLPdpPIPFinderFactory xacml.att.policyFinderFactory=org.onap.policy.pdp.rest.XACMLPdpPolicyFinderFactory # # When set to true, this flag tells the StdPolicyFinderFactory to combined all the root policy files into # into one PolicySet and use the given Policy Algorithm. # xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides # # PDP RESTful API properties # # Set this to the address or list of addresses where the XACML-PAP-REST servlet is running # http://localhost:9090/pap/ xacml.rest.pap.urls=${{REST_PAP_URL}} #if multiple paps exist, the xacml.rest.pap.url can be removed and they can be defined like this: #xacml.rest.pap.urls=http://localhost:9090/pap/,http://localhost:9091/pap/ # # Give the running PDP an ID for the PAP. The url that its running as is a good choice. # The PAP identifies PDP's using the URL of the PDP. # xacml.rest.pdp.id=${{REST_PDP_ID}} # # Give the JMX port number used for the PDP xacml.jmx.port=${{TOMCAT_JMX_PORT}} # # Notification Properties # Notifcation type: websocket, ueb or dmaap... if left blank websocket is the default NOTIFICATION_TYPE=${{PDP_NOTIFICATION_TYPE}} NOTIFICATION_SERVERS=${{PDP_UEB_CLUSTER}} NOTIFICATION_TOPIC=${{PDP_UEB_TOPIC}} NOTIFICATION_DELAY=${{PDP_UEB_DELAY}} UEB_API_KEY=${{PDP_UEB_API_KEY}} UEB_API_SECRET=${{PDP_UEB_API_SECRET}} DMAAP_AAF_LOGIN=${{PDP_DMAAP_AAF_LOGIN}} DMAAP_AAF_PASSWORD=${{PDP_DMAAP_AAF_PASSWORD}} # # Set the directory where the PDP holds its Policy Cache and PIP Configuration # xacml.rest.pdp.config=${{REST_PDP_CONFIG}} xacml.rest.pdp.webapps=${{REST_PDP_WEBAPPS}} # # Initialize register with PAP servlet # xacml.rest.pdp.register=${{REST_PDP_REGISTER}} # # Sleep period in seconds between register attempts # xacml.rest.pdp.register.sleep=${{REST_PDP_REGISTER_SLEEP}} # # number of attempts to register. -1 means keep trying forever. # xacml.rest.pdp.register.retries=${{REST_PDP_REGISTER_RETRIES}} # # max number of bytes in a POST of a XML/JSON request # xacml.rest.pdp.maxcontent=${{REST_PDP_MAXCONTENT}} # # Set UserID here xacml.rest.pdp.userid=${{PDP_HTTP_USER_ID}} # Set Password here xacml.rest.pdp.password=${{PDP_HTTP_PASSWORD}} # id PAP xacml.rest.pap.userid=${{PDP_PAP_PDP_HTTP_USER_ID}} # pass PAP xacml.rest.pap.password=${{PDP_PAP_PDP_HTTP_PASSWORD}} # Delay for Notifications Don't change this. Value in milliSec. xacml.rest.notification.delay=30 # Client interval to ping notification service. CLIENT_INTERVAL=15000 # Request Buffer Size. REQUEST_BUFFER_SIZE=50 #***Properties for IntegrityMonitor integration defined in XACMLRestProperties.java*** #The name of the PDP. Must be unique across the system xacml.rest.pdp.resource.name=${{resource_name}} #***Properties for IntegrityMonitor integration defined in IntegrityMonitorProperties.java*** site_name=${{site_name}} node_type=${{node_type}} dependency_groups=${{dependency_groups}} fp_monitor_interval=${{fp_monitor_interval}} failed_counter_threshold=${{failed_counter_threshold}} test_trans_interval=${{test_trans_interval}} write_fpc_interval=${{write_fpc_interval}} max_fpc_update_interval=${{max_fpc_update_interval}} test_via_jmx=${{test_via_jmx}} #database properties needed by IntegrityMonitor javax.persistence.jdbc.driver=${{JDBC_DRIVER}} javax.persistence.jdbc.url=${{JDBC_URL}} javax.persistence.jdbc.user=${{JDBC_USER}} javax.persistence.jdbc.password=${{JDBC_PASSWORD}} # Environment should be Set either DEV, TEST or PROD ENVIRONMENT=${{ENVIRONMENT}} xacml.rest.pep.idfile = client.properties #AAF cadi properties enable_aaf=false policy.aaf.namespace = ${{AAF_NAMESPACE}} policy.aaf.root.permission=${{AAF_NAMESPACE}}.pdpx cm_url=https://${{AAF_HOST}}:8095/AAF_NS.cm:2.1 cadi_latitude=38.000 cadi.longitude=72.000 cadi_alias=policy@policy.onap.org cadi_loglevel=DEBUG cadi_keyfile=${{POLICY_HOME}}/etc/ssl/aaf-cadi.keyfile cadi_protocols=TLSv1.1,TLSv1.2 cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US cadi_keystore=${{POLICY_HOME}}/etc/ssl/policy-keystore cadi_keystore_password=${{KEYSTORE_PASSWD}} cadi_key_password=${{KEYSTORE_PASSWD}} cadi_truststore=${{POLICY_HOME}}/etc/ssl/policy-truststore cadi_truststore_password=${{TRUSTSTORE_PASSWD}} aaf_env=DEV aaf_url=https://${{AAF_HOST}}:8095/AAF_NS.service:2.1 aaf_fqdn=${{AAF_HOST}} aaf_oauth2_introspect_url=https://${{AAF_HOST}}:8095/AAF_NS.introspect:2.1/introspect aaf_oauth2_token_url=https://${{AAF_HOST}}:8095/AAF_NS.token:2.1/token fs_url=https://${{AAF_HOST}}:8095/AAF_NS.fs.2.1 gui_url=https://${{AAF_HOST}}:8095/AAF_NS.gui.2.1 # Decision Response settings. # can be either PERMIT or DENY. decision.indeterminate.response=${{DECISION_INDETERMINATE_RESPONSE}} msToscaModel.home=${{REST_PDP_WEBAPPS}} # AES key for password encryption in config files #org.onap.policy.encryption.aes.key=12345678901234567890123456789012