Versions Compared

Old Version 6

changes.mady.by.user Sai Gandham

Saved on

compared with

New Version Current

changes.mady.by.user Sai Gandham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Methods to Connect

  • If you are a Servlet in a Container, use CADI Framework with AAF Plugin. It’s very easy, and includes BasicAuth for Services.
  • Java Technologies
  • Technologies using Servlet Filters
  • DME2 (and other Servlet Containers) can use Servlet Filters
  • Any WebApp can plug in CADI as a Servlet Filter
  • Jetty can attach a Servlet Filter with Code, or as WebApp
  • Tomcat 7 has a “Valve” plugin, which is similar and supported
  • Use the AAFLur Code directly (shown)
  • All Java Technologies utilize Configuration to set what Security elements are required
  • example: Global Login can be turned on/off, AAF Client needs information to connect to AAF Service
  • There are several specialty cases, which AAF can work with, including embedding all properties in a Web.xml, but the essentials needed are:
  • CADI Jars
  • cadi.properties file (configured the same for all technologies)
  • Encrypt passwords with included CADI technology, so that there are no Clear Text Passwords in Config Files (ASPR)
  • See CADI Deployment on how to perform this with several different technologies.
  • AAF Restfully (see RESTFul APIS)

IMPORTANT: If Direct RESTFul API is used, then it is the Client’s responsibility to Cache and avoid making an AAF Service Calls too often Example: A Tool like Cassandra will ask for Authentication hundreds of times a second for the same identity during a transaction. Calling the AAF Service for each would be slow for the client, and wasteful of Network and AAF Service Capacities. Rogue Clients can and will be denied access to AAF.

cadi.properties Template

Code Block
languagetext
# This is a normal Java Properties File
# Comments are with Pound Signs at beginning of lines,
# and multi-line expression of properties can be obtained by backslash at end of line
#hostname=


cadi_loglevel=WARN
cadi_keyfile=conf/keyfile


# Configure AAF
aaf_url=http://172.18.0.2:8101
#if you are running aaf service from a docker image you have to use aaf service IP and port number
aaf_id=<yourAPPID>@onap.org
aaf_password=enc:<encrypt>

aaf_dme_timeout=5000
# Note, User Expires for not Unit Test should be something like 900000 (15 mins) default is 10 mins
# 15 seconds is so that Unit Tests don't delay compiles, etc
aaf_user_expires=15000
# High count... Rough top number of objects held in Cache per cycle.  If high is reached, more are
# recycled next time.  Depending on Memory usage, 2000 is probably decent.  1000 is default
aaf_high_count=100

...