Gitiles
Code Review Sign In
gerrit.nordix.org / onap / policy / engine / 76088485005347db7495a735fffa650ddd479c50^! / . / ONAP-PDP-REST / xacml.pdp.properties
commit76088485005347db7495a735fffa650ddd479c50[log] [tgz]
authorMichael Mokry <michael.mokry@att.com>Tue Oct 30 16:51:57 2018 -0500
committerMichael Mokry <michael.mokry@att.com>Fri Nov 02 20:04:37 2018 +0000
tree12688e4b4a75446c3f2a0a21da987d5a19aa240a
parent45f5559fd72ea7cc0ed9932ee617ac19d8569769 [diff] [blame]
Modified to make AAF configurable in policy/engine

Added property to enable or disable AAF
Added logic to the code to check the property and use old authentication
logic to authenticate the user rather than AAF if disabled.

Fixed license issue
Modified cadi_truststore_password value to use proper variable
Added comment to local development enviroment properties file
Modified test resources to fix Junit failures

Change-Id: I962895154716092c9cc0bc6c48f6419f3b5900fe
Issue-ID: POLICY-1217
Signed-off-by: Michael Mokry <michael.mokry@att.com>
(cherry picked from commit 6accdc2ae0340ed84a59c739bd345ced2ff323c5)

diff --git a/ONAP-PDP-REST/xacml.pdp.properties b/ONAP-PDP-REST/xacml.pdp.properties
index 57e1d70..a707678 100644
--- a/ONAP-PDP-REST/xacml.pdp.properties
+++ b/ONAP-PDP-REST/xacml.pdp.properties

@@ -19,7 +19,7 @@
 ###
 
 # Default XACML Properties File for PDP RESTful servlet
-#
+# NOTE:  All properties in this file are for local development environments only.
 # Standard API Factories
 #
 xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
@@ -165,12 +165,34 @@
 
 # this can be DEVL, TEST, PROD 
 ENVIRONMENT=DEVL
-xacml.rest.pep.idfile = client.properties
+xacml.rest.pep.idfile=client.properties
 
-#AAF Policy Name space
-#Not Mandatory for Open Onap
-policy.aaf.namespace = 
-policy.aaf.resource = 
+
+#AAF cadi properties
+enable_aaf=false
+policy.aaf.namespace=org.onap.policy
+policy.aaf.root.permission=org.onap.policy.pdpx
+cm_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.cm:2.1
+cadi_latitude=38.000
+cadi.longitude=72.000
+cadi_alias=policy@policy.onap.org
+cadi_loglevel=DEBUG
+cadi_keyfile=/media/sf_SourceTree/gerrit-pe/engine/packages/base/src/files/etc/ssl/aaf-cadi.keyfile
+cadi_protocols=TLSv1.1,TLSv1.2
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US
+cadi_keystore=/media/sf_SourceTree/gerrit-pe/engine/packages/base/src/files/etc/ssl/policy-keystore
+cadi_keystore_password=Pol1cy_0nap
+cadi_truststore=/media/sf_SourceTree/gerrit-pe/engine/packages/base/src/files/etc/ssl/policy-truststore
+cadi_truststore_password=Pol1cy_0nap
+aaf_env=DEV
+aaf_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.service:2.1
+aaf_fqdn=aaf-onap-test.osaaf.org
+aaf_oauth2_introspect_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.token:2.1/token
+fs_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.fs.2.1
+gui_url=https://aaf-onap-test.osaaf.org:8095/AAF_NS.gui.2.1
+
+
 # Decision Response settings. 
 # can be either PERMIT or DENY. 
 decision.indeterminate.response=PERMIT
\ No newline at end of file