Integrate AAF
Integrate AAF framework into Clamp.
Issue-ID: CLAMP-103
Change-Id: I2ceeb2a85b8b5674e712b3924a96a2bd6fb71d68
Signed-off-by: xg353y <xg353y@intl.att.com>
diff --git a/src/main/resources/META-INF/resources/designer/authenticate.html b/src/main/resources/META-INF/resources/designer/authenticate.html
index a6c2cb8..5429dced 100644
--- a/src/main/resources/META-INF/resources/designer/authenticate.html
+++ b/src/main/resources/META-INF/resources/designer/authenticate.html
@@ -18,7 +18,6 @@
limitations under the License.
============LICENSE_END============================================
===================================================================
-
-->
<style>
.divRow {
@@ -41,20 +40,13 @@
<head>
<title>CLDS</title>
</head>
-<div ng-controller="AuthenticateCtrl">
+<div ng-controller="AuthenticateCtrl" ng-init="authenticate()">
<div id='head'>
<div ng-include="'menu_simplified.html'"></div>
</div>
<div id='main'>
- <div class="divRow"><b>Welcome to Clamp. Please login first.</b></div>
- <div class="divForm">
- <form ng-submit="authenticate()" method="post" autocomplete="off">
- <div class="divFormRow"><label>User Name : <input type="text" ng-model="username" name="username"/> </label></div>
- <div class="divFormRow"><label>Password: <input type="password" ng-model="password" name="password"/> </label></div>
- <div class="divFormRow"><input type="submit" value=" Sign In"/></div>
- </form>
- </div>
+ <div class="divRow"><b>Welcome to Clamp.</b></div>
</div>
</div>
diff --git a/src/main/resources/META-INF/resources/designer/invalid_login.html b/src/main/resources/META-INF/resources/designer/invalid_login.html
index f42be51..5d6e955 100644
--- a/src/main/resources/META-INF/resources/designer/invalid_login.html
+++ b/src/main/resources/META-INF/resources/designer/invalid_login.html
@@ -34,12 +34,7 @@
</head>
<div>
<div class="divRow"><b>Login Failed!</b></div>
- <div class="divRow"><b>Please make sure your login and password are correct.
- If you don't have the login credential, please contact CLAMP administrator.</b></div>
+ <div class="divRow"><b>You are not authorized to access CLAMP UI, please contact CLAMP administrator.</b></div>
<div class="divRow">To login again, please click <a href="/designer/index.html"/>Login</a></div>
</div>
-
-
-
-
diff --git a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
index ac89198..c1a52f9 100644
--- a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
+++ b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
@@ -18,7 +18,7 @@
* limitations under the License.
* ============LICENSE_END============================================
* ===================================================================
- *
+ *
*/
'use strict';
@@ -27,47 +27,27 @@
console.log("//////////AuthenticateCtrl");
$scope.getInclude = function() {
console.log("getInclude011111111");
- var invalidUser = $window.localStorage.getItem("isInvalidUser");
+ var invalidUser = $window.localStorage.getItem("invalidUser");
var isAuth = $window.localStorage.getItem("isAuth");
-
- if (invalidUser != null && invalidUser == 'true') {
- console.log("Authentication failed");
- $window.localStorage.removeItem("isInvalidUser");
- window.location.href = "/designer/invalid_login.html";
- } else if (isAuth == null || isAuth == 'false') {
+ if (invalidUser == 'true')
+ return "invalid_login.html";
+ else if (isAuth == null || isAuth == 'false') {
return "authenticate.html";
}
- // Reassign the login user info, to be used in menu.html
- $rootScope.loginuser = $window.localStorage.getItem("loginuser");
return "utmdashboard.html";
};
$scope.authenticate = function() {
- var username = $scope.username;
- var pass = $scope.password;
- if (!username || !pass) {
- console.log("Invalid username/password");
- $window.localStorage.setItem("isInvalidUser", true);
- return;
- }
- var headers = username ? {
- authorization: "Basic " +
- btoa(username + ":" + pass)
- } : {};
- // send request to a test API with the username/password to verify the authorization
- $http.get('/restservices/clds/v1/user/testUser', {
- headers: headers
+ // send request to a test API for authentication/authorization check
+ $http.get('/restservices/clds/v1/user/getUser', {
}).success(function(data) {
if (data) {
$window.localStorage.setItem("isAuth", true);
- $window.localStorage.setItem("loginuser", $scope.username);
- $rootScope.loginuser = $scope.username;
- } else {
- $window.localStorage.removeItem("isInvalidUser", true);
- }
+ $rootScope.loginuser = data;
+ }
callback && callback();
}).error(function() {
- $window.localStorage.removeItem("isInvalidUser", true);
+ $window.localStorage.setItem("invalidUser", true);
callback && callback();
});
};
diff --git a/src/main/resources/application-noaaf.properties b/src/main/resources/application-noaaf.properties
new file mode 100644
index 0000000..197f003
--- /dev/null
+++ b/src/main/resources/application-noaaf.properties
@@ -0,0 +1,219 @@
+###
+# ============LICENSE_START=======================================================
+# ONAP CLAMP
+# ================================================================================
+# Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
+# reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+# ===================================================================
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+###
+
+info.build.artifact=@project.artifactId@
+info.build.name=@project.name@
+info.build.description=@project.description@
+info.build.version=@project.version@
+### Set the port for HTTP or HTTPS protocol (Controlled by Spring framework, only one at a time).
+### (See below for the parameter 'server.http.port' if you want to have both enabled)
+### To have only HTTP, keep the lines server.ssl.* commented
+### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location
+#server.port=8080
+### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port')
+#server.ssl.key-store=file:/tmp/mykey.jks
+#server.ssl.key-store-password=pass
+#server.ssl.key-password=pass
+
+### In order to be user friendly when HTTPS is enabled,
+### you can add another HTTP port that will be automatically redirected to HTTPS
+### by enabling this parameter (server.http.port) and set it to another port (80 or 8080, 8090, etc ...)
+#server.http-to-https-redirection.port=8090
+
+### HTTP Example:
+###--------------
+server.port=8080
+
+
+### HTTP (Redirected to HTTPS) and HTTPS Example:
+### --------------------------------------------
+### server.port=8443 <-- The HTTPS port
+### server.ssl.key-store=file:/tmp/mykey.jks
+### server.ssl.key-store-password=mypass
+### server.ssl.key-password=mypass
+### server.http-to-https-redirection.port=8080
+
+server.contextPath=/
+#Modified engine-rest applicationpath
+spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller
+
+#The max number of active threads in this pool
+server.tomcat.max-threads=200
+#The minimum number of threads always kept alive
+server.tomcat.min-Spare-Threads=25
+#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
+server.tomcat.max-idle-time=60000
+server.tomcat.clientAuth=want
+#Servlet context parameters
+server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
+
+camel.springboot.consumer-template-cache-size=1000
+camel.springboot.producer-template-cache-size=1000
+camel.springboot.jmx-enabled=false
+camel.defaultthreadpool.poolsize=10
+camel.defaultthreadpool.maxpoolsize=20
+camel.defaultthreadpool.maxqueuesize=1000
+camel.defaultthreadpool.keepaliveTime=60
+camel.defaultthreadpool.rejectpolicy=CallerRuns
+#camel.springboot.xmlRoutes = false
+camel.springboot.xmlRoutes=classpath:/clds/camel/*.xml
+#camel.springboot.typeConversion = false
+
+#clds datasource connection details
+spring.datasource.cldsdb.driverClassName=org.mariadb.jdbc.Driver
+spring.datasource.cldsdb.url=jdbc:mariadb:sequential://localhost:${docker.mariadb.port.host}/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
+spring.datasource.cldsdb.username=clds
+spring.datasource.cldsdb.password=4c90a0b48204383f4283448d23e0b885a47237b2a23588e7c4651604f51c1067
+spring.datasource.cldsdb.validationQuery=SELECT 1
+spring.datasource.cldsdb.validationQueryTimeout=20000
+spring.datasource.cldsdb.validationInterval=30000
+spring.datasource.cldsdb.testWhileIdle = true
+spring.datasource.cldsdb.minIdle = 0
+spring.datasource.cldsdb.initialSize=0
+# Automatically test whether a connection provided is good or not
+spring.datasource.cldsdb.testOnBorrow=true
+spring.datasource.cldsdb.ignoreExceptionOnPreLoad=true
+
+#Async Executor default Parameters
+async.core.pool.size=10
+async.max.pool.size=20
+async.queue.capacity=500
+
+clamp.config.files.cldsPolicyConfig=classpath:/clds/clds-policy-config.properties
+clamp.config.files.cldsUsers=classpath:/clds/clds-users.json
+clamp.config.files.globalProperties=classpath:/clds/templates/globalProperties.json
+clamp.config.files.sdcController=classpath:/clds/sdc-controllers-config.json
+
+# Properties for Clamp
+# DCAE request build properties
+#
+clamp.config.dcae.template=classpath:/clds/templates/dcae-template.json
+clamp.config.dcae.decode.service_ids=classpath:/clds/templates/dcae-decode-service_ids.json
+clamp.config.dcae.deployment.template=classpath:/clds/templates/dcae-deployment-template.json
+#
+# SDC request blueprint properties
+#
+clamp.config.sdc.template=classpath:/clds/templates/sdc-template.json
+clamp.config.sdc.decode.service_ids=classpath:/clds/templates/sdc-decode-service_ids.json
+#
+#
+# Configuration Settings for Policy Engine Components
+clamp.config.policy.pdpUrl1=http://policy.api.simpledemo.onap.org:8081/pdp/ , testpdp, alpha123
+clamp.config.policy.pdpUrl2=http://policy.api.simpledemo.onap.org:8081/pdp/ , testpdp, alpha123
+clamp.config.policy.papUrl=http://policy.api.simpledemo.onap.org:8081/pap/ , testpap, alpha123
+clamp.config.policy.notificationType=websocket
+clamp.config.policy.notificationUebServers=localhost
+clamp.config.policy.notificationTopic=
+clamp.config.policy.clientId=myclientid
+# base64 encoding
+
+clamp.config.policy.clientKey=5CE79532B3A2CB4D132FC0C04BF916A7
+#DEVL for development
+#TEST for Test environments
+#PROD for prod environments
+clamp.config.policy.policyEnvironment=TEST
+# General Policy request properties
+#
+clamp.config.policy.onap.name=DCAE
+clamp.config.policy.pdp.group=default
+clamp.config.policy.ms.type=MicroService
+clamp.config.policy.ms.policyNamePrefix=Config_MS_
+clamp.config.policy.op.policyNamePrefix=Config_BRMS_Param_
+clamp.config.policy.base.policyNamePrefix=Config_
+clamp.config.policy.op.type=BRMS_Param
+
+
+# TCA MicroService Policy request build properties
+#
+clamp.config.tca.policyid.prefix=DCAE.Config_
+clamp.config.tca.policy.template=classpath:/clds/templates/tca-policy-template.json
+clamp.config.tca.template=classpath:/clds/templates/tca-template.json
+clamp.config.tca.thresholds.template=classpath:/clds/templates/tca-thresholds-template.json
+
+#
+#
+# Operational Policy request build properties
+#
+clamp.config.op.policyDescription=from clds
+# default
+clamp.config.op.templateName=ClosedLoopvUSP
+clamp.config.op.operationTopic=APPC-CL
+clamp.config.op.notificationTopic=POLICY-CL-MGT
+clamp.config.op.controller=amsterdam
+clamp.config.op.policy.appc=APPC
+# by service: vSCP
+clamp.config.op.templateName.vSCP=ClosedLoopTemplate
+clamp.config.op.controller.vSCP=1607-f5fw
+clamp.config.op.eNodeB.templateName=ClosedLoopControlName
+clamp.config.op.eNodeB.operationTopic=com.onap.sdnr.RanCLRequest-v00
+clamp.config.op.eNodeB.notificationTopic=com.onap-policy.IST-ENODEB-CL
+clamp.config.op.eNodeB.controller=amsterdam
+clamp.config.op.eNodeB.recipe=classpath:/clds/templates/op-eNodeB-recipe.json
+clamp.config.op.eNodeB.timeWindow=35
+clamp.config.op.eNodeB.limit=2
+clamp.config.op.eNodeB.period=10s
+#
+# Sdc service properties
+clamp.config.sdc.catalog.url=http://sdc.api.simpledemo.onap.org:8080/sdc/v1/catalog/
+clamp.config.sdc.hostUrl=http://sdc.api.simpledemo.onap.org:8080
+clamp.config.sdc.serviceUrl=http://sdc.api.simpledemo.onap.org:8080/sdc/v1/catalog/services
+clamp.config.sdc.serviceUsername=clamp
+clamp.config.sdc.servicePassword=b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981
+clamp.config.sdc.artifactLabel=blueprintclampcockpit
+clamp.config.sdc.sdcX-InstanceID=CLAMP
+clamp.config.sdc.artifactType=DCAE_INVENTORY_BLUEPRINT
+clamp.config.sdc.locationArtifactLabel=locationclampcockpit
+clamp.config.sdc.locationArtifactType=DCAE_INVENTORY_JSON
+clamp.config.sdc.InstanceID=X-ECOMP-InstanceID
+clamp.config.sdc.header.requestId = X-ECOMP-RequestID
+#
+clamp.config.sdc.csarFolder = /tmp/sdc-controllers
+clamp.config.sdc.blueprint.parser.mapping = classpath:/clds/blueprint-parser-mapping.json
+#
+clamp.config.ui.location.default=classpath:/clds/templates/ui-location-default.json
+clamp.config.ui.alarm.default=classpath:/clds/templates/ui-alarm-default.json
+#
+# if action.test.override is true, then any action will be marked as test=true (even if incoming action request had test=false); otherwise, test flag will be unchanged on the action request
+clamp.config.action.test.override=false
+# if action.insert.test.event is true, then insert event even if the action is set to test
+clamp.config.action.insert.test.event=false
+clamp.config.clds.service.cache.invalidate.after.seconds=120
+
+#DCAE Inventory Url Properties
+clamp.config.dcae.inventory.url=http://dcae.api.simpledemo.onap.org:8080
+clamp.config.dcae.intentory.retry.interval=10000
+clamp.config.dcae.intentory.retry.limit=3
+
+#DCAE Dispatcher Url Properties
+clamp.config.dcae.dispatcher.url=http://dcae.api.simpledemo.onap.org:8080
+clamp.config.dcae.header.requestId = X-ECOMP-RequestID
+
+clamp.config.security.permission.instance=dev
+
+#AAF related parameters
+clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
+clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
+clamp.config.security.permission.type.cl.event=org.onap.clds.cl.event
+clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
+clamp.config.security.permission.type.template=org.onap.clamp.clds.template
+
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 179553d..fd61bad 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -30,7 +30,7 @@
### (See below for the parameter 'server.http.port' if you want to have both enabled)
### To have only HTTP, keep the lines server.ssl.* commented
### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location
-server.port=8080
+### server.port=8080
### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port')
#server.ssl.key-store=file:/tmp/mykey.jks
#server.ssl.key-store-password=pass
@@ -54,15 +54,21 @@
### HTTP (Redirected to HTTPS) and HTTPS Example:
### --------------------------------------------
-### server.port=8443 <-- The HTTPS port
-### server.ssl.key-store=file:/tmp/mykey.jks
-### server.ssl.key-store-password=mypass
-### server.ssl.key-password=mypass
-### server.http-to-https-redirection.port=8090 <-- The HTTP port
+server.port=8443
+server.ssl.client-auth=want
+server.ssl.key-store=file:/opt/clamp/config/clamp@clamp.onap.org.p12
+server.ssl.key-store-password=China in the Spring
+server.ssl.key-password=China in the Spring
+server.ssl.key-store-type=PKCS12
+server.ssl.trust=/opt/clamp/config/truststoreONAP.p12
+server.ssl.trust-pass=changeit
+server.ssl.trust-type=PKCS12
+server.ssl.key-alias=clamp@clamp.onap.org
+server.http-to-https-redirection.port=8080
server.contextPath=/
#Modified engine-rest applicationpath
-spring.profiles.active=clamp-default,clamp-spring-authentication,clamp-sdc-controller
+spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller
#The max number of active threads in this pool
server.tomcat.max-threads=200
@@ -208,10 +214,24 @@
clamp.config.dcae.header.requestId = X-ECOMP-RequestID
#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case !
-clamp.config.security.permission.type.cl=permission-type-cl
-clamp.config.security.permission.type.cl.manage=permission-type-cl-manage
-clamp.config.security.permission.type.cl.event=permission-type-cl-event
-clamp.config.security.permission.type.filter.vf=permission-type-filter-vf
-clamp.config.security.permission.type.template=permission-type-template
+clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
+clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
+clamp.config.security.permission.type.cl.event=org.onap.clds.cl.event
+clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
+clamp.config.security.permission.type.template=org.onap.clamp.clds.template
#This one indicates the type of instances (dev|prod|perf...), this must be set accordingly in clds-users.properties
clamp.config.security.permission.instance=dev
+
+#AAF related parameters
+clamp.config.cadi.keyFile=/opt/clamp/config/org.onap.clamp.keyfile
+clamp.config.cadi.cadiLoglevel=INFO
+clamp.config.cadi.cadiLatitude=37.78187
+clamp.config.cadi.cadiLongitude=-122.26147
+clamp.config.cadi.aafLocateUrl=https://aaf-onap-beijing-test.osaaf.org
+clamp.config.cadi.cadiKeystorePassword=enc:V_kq_EwDNb4itWp_lYfDGXIWJzemHGkhkZOxAQI9IHs
+clamp.config.cadi.cadiTruststorePassword=enc:Mj0YQqNCUKbKq2lPp1kTFQWeqLxaBXKNwd5F1yB1ukf
+#clamp.config.cadi.oauthTokenUrl=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+#clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+clamp.config.cadi.aafEnv=DEV
+clamp.config.cadi.aafUrl=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+clamp.config.cadi.cadiX509Issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
diff --git a/src/main/resources/clds/aaf/clamp@clamp.onap.org.p12 b/src/main/resources/clds/aaf/clamp@clamp.onap.org.p12
new file mode 100644
index 0000000..bf3de7a
--- /dev/null
+++ b/src/main/resources/clds/aaf/clamp@clamp.onap.org.p12
Binary files differ
diff --git a/src/main/resources/clds/aaf/org.onap.clamp.keyfile b/src/main/resources/clds/aaf/org.onap.clamp.keyfile
new file mode 100644
index 0000000..45cdcb6
--- /dev/null
+++ b/src/main/resources/clds/aaf/org.onap.clamp.keyfile
@@ -0,0 +1,27 @@
+HTQLJHUg5Du0VM7wHY5cBMTgupk6ujhSoAgx5BTHp9wt9CoWvD72ScIciyldEH9R2QZIL9ZvpVo0
+h2o-hSQueaVjPcIFUhVIl4HWmNC6I2YAlNkwy3VMl1g9otKaOTgo3ChsFUVq7ACIrcr2977wo4B_
+FeHa0lInuaLoEjHMP1fszTWYBBx9oY3K9s-9MQQyCo6bFV-4L733sPeE60j20FWoygUwvIqxp3Pc
+Bmnm1AtcrhGH0elqDg9qNjmnmC3gxZaGpGiclaEds_lVu57RIXwtTHgYyMbJzfP-Ziq3T7i8d-h3
+JZThj1l9JvDLYm2z0BEXuQ3Owvn4m98cWB9P5esJOKYEvsfIGK_Fd6uT04fzkeDT1wNV4-Swuorr
+ymZQxnvHbUAp91NJEa3EtWTuBxNeoqV0cw97WkAYn95pgjH4ZVhBdczclS-EStFJyYOHtTRAs1A_
+8i36GiuUPHn3KolkRF2GvtZfwNj5AYfcUKhqULJ-T_is2KKYnGwQ2iaItX2852o4zlzkMXFMkt5C
+qbsDmrU7F5zxn4HG6yShW5sIXgAcS9cyIs8IFgHtkYauDJlKZWynhzqibh3-bzPyfFmreTHxQ-Av
+Lgp5sAtf1B9_1feVyE78bmQ3IMtxE-YkV8RYPDJzKw0nIdjce7j89azNq_as5JMfCCHSlYcKRs8O
+Nrh8gXYun28iUL_kwEUWK0WohPgwQBb46_Hkc6a0aSYbuFA_7qgprPB9wmAlHtuqnCAb2vk8GT-h
+07DB6yPGgzE-OgXUzLIWHXVzPO6SjOg3ifYpCRigOsNqkV1paBBOzje7dn2RnpgaRJS3zupTMnqF
+g5N9qCgubxRlII626-Dc_i5X1OAWPzJK8UZPuxRAg3YVJNHluB3O0Q2Uo14RkO3a2Tn_Ce9XoTUJ
+Jqi_qZWytIB9sHMNM7KvcRxGedLqd_230O3zV7rTa4Up0BFoMyHmnf2SZu96x_Yz_n_AWhiaALvE
+ON_nTxPEOHfEfrNzo7pCwIaI5gM6eu_S24aZTf4L-5tekqH7l1PEbKr2QP4XfTZBN4FgNExgGpzG
+the3zv4k7hJeWe7GbtMmnZXIQUJkZVTHBwqvHkqtN9cBWpihCNVmI3zKq6Bsy6Us0SDZ686kpeVS
+s9eyrzj6uLPE65mQxCpoMt6G4HSjzMqA3HOX_7ixBBhtdVi5-X7NeTigr-uaZg67yP3cSikfFf9w
+dyFuMjg29jtlaTNzOov8HFrcLq01N3fpwDkSU_2TmLndU-FMat78CMCLW5QuS1KF3hC9T8wzKWS_
+WHK2oMA3SqWyqnj_cE_T4Ql_VKL3nkvf_bzTvLso_BWodUw2A-eO-1qjtCHp3nnTdSVH06E3_eRH
+BuKWEt0MLyNpm88OD0tgOC3fn7casioynQLoFatta5nlQfj4nsAXj2bD6CrohtDhjOKXqHxDU6s7
+adtNoBGyEK5FKy3HtHMC7KXsK_6wbYUluz93nCNMok696HIHojNUydGFqfr2HluQTi0S3uHnD_pS
+-QM8DbsFi8oIztn6Er4CFFJQ-tUuDyX6ahfY5gWLqCgRM7RzrkoHY7b4vkHxZTBLZlPGWfRtG0vc
+GTSqIRNI2Z_Zte5-wW7T9vfFVBsArF0SJWOrlUqf7fGN1_2H9B9aIpLEMaHF7EEp1OP6_SNnfuhB
+K31EFy0VW0eGnLezpd3HT540kznub7h_m6phZaqeZJxsle9jHEOS7qDc3T6s1hZ7DLK2Ej5RFuq8
+5LA9Cj5VrdejKMZKZJwmyWylLe224RyY4gDa0MB_lDAeC-YFdY2ClymYRJmclFFSWf7X1j5beQve
+xGbsXJaWZcJpahpFu4RR-kOOyZBLPsdiyOZ7PGXz83l35NiXabmRapgjve1t7NFSuRluafihc0Lg
+GKoz_-3YAFJmh4Z3bcCsz1WhCUYqzWyDsnZiD7sMQT7Oyje7RqzoxBZs5Ke1_0jtpgFrc7BcqHG7
+WpwJr6hg53o3BpWcUEopBomhbdxiDSLxZmDrePy9LDC7YNk_7-gVKIc7dZDMgw6kSRR330p0
\ No newline at end of file
diff --git a/src/main/resources/clds/aaf/truststoreONAP.p12 b/src/main/resources/clds/aaf/truststoreONAP.p12
new file mode 100644
index 0000000..d01e856
--- /dev/null
+++ b/src/main/resources/clds/aaf/truststoreONAP.p12
Binary files differ
diff --git a/src/main/resources/clds/clds-users.json b/src/main/resources/clds/clds-users.json
index 8be08e1..18ab7d3 100644
--- a/src/main/resources/clds/clds-users.json
+++ b/src/main/resources/clds/clds-users.json
@@ -3,11 +3,12 @@
"password":"$2a$10$H/e21kl04Dw9C978CHuM7OewyMGUN5WGzAAx7SgIaR4ix8.wTcssi",
"permissions":
[
- "permission-type-cl|dev|read",
- "permission-type-cl|dev|update",
- "permission-type-cl-manage|dev|*",
- "permission-type-filter-vf|dev|*",
- "permission-type-template|dev|read"
+ "org.onap.clamp.clds.cl|dev|read",
+ "org.onap.clamp.clds.cl|dev|update",
+ "org.onap.clamp.clds.cl.manage|dev|*",
+ "org.onap.clamp.clds.filter.vf|dev|*",
+ "org.onap.clamp.clds.template|dev|read",
+ "org.onap.clamp.clds.template|dev|update"
]
},
{
@@ -15,12 +16,12 @@
"password":"$2a$10$H/e21kl04Dw9C978CHuM7OewyMGUN5WGzAAx7SgIaR4ix8.wTcssi",
"permissions":
[
- "permission-type-cl|dev|read",
- "permission-type-cl|dev|update",
- "permission-type-cl-manage|dev|*",
- "permission-type-filter-vf|dev|*",
- "permission-type-template|dev|read",
- "permission-type-template|dev|update"
+ "org.onap.clamp.clds.cl|dev|read",
+ "org.onap.clamp.clds.cl|dev|update",
+ "org.onap.clamp.clds.cl.manage|dev|*",
+ "org.onap.clamp.clds.filter.vf|dev|*",
+ "org.onap.clamp.clds.template|dev|read",
+ "org.onap.clamp.clds.template|dev|update"
]
}
]
diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml
index 22206fe..e15e0dd 100644
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -126,7 +126,13 @@
<queueSize>256</queueSize>
<appender-ref ref="SECURITY" />
</appender>
-
+ <!-- AAF related loggers -->
+ <logger name="org.onap.aaf" level="INFO" additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.apache.catalina.core" level="INFO" additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
<!-- CLDS related loggers -->
<logger name="org.onap.clamp.clds" level="INFO" additivity="true">
<appender-ref ref="ERROR" />