...
clone the SDC project:
Code Block git clone http://gerrit.onap.org/r/sdc
- Under the cloned project go to security-utils.
Run:
Code Block mvn clean install
- If you get the error message "No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?" try running
sudo apt-get install openjdk-8-jdk
, then redo themvn
command.
- If you get the error message "No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?" try running
- This will generate a security-utils-<version>.jar under the
target
dir. Executed the jar with the password you want to generate a hash for:
Code Block java -cp /tmp/security-utils-*.jar org.openecomp.sdc.security.Passwords password In beijing relase please use security-utils-*-jar-with-dependencies.jar
- The jar will return the salt and the hash generated by adding the salt to the provided password before hashing it. the response format is <salt>:<hash>
- Now that we have the salt we need to create a consumer in SDC.
To create a consumer execute the following curl command towards the SDC backend server:
Code Block curl -X POST -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://<ip of the server you want to accses>:8080/sdc2/rest/v1/consumers/ -d '{"consumerName": '<consumer name>', "consumerSalt": '<salt>',"consumerPassword": '<hash>'}'
- The CURL creates the consumer in the SDC DB. from this moment you can access our external API's using the consumer name and the password used for the hash generation.
- the hash function is a one way so if you forget the password SDC will not be able to recreate it and you will need to delete the consumer and create a new one.
- This information should be added to the API call as a basic authentication header.
You can check if the created user exists by calling:
Code Block curl -X GET -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://localhost:8080/sdc2/rest/v1/consumers/<consumer name> HTTP/1.1 200 OK Set-Cookie: JSESSIONID=1ahpyqpjjgfblahos4f03qun9;Path=/ Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: application/json;charset=UTF-8 X-ECOMP-RequestID: 6e47cbde-44e8-4b82-8f17-c6a731bf0081 Vary: Accept-Encoding, User-Agent Content-Length: 268 Server: Jetty(9.3.12.v20160915) {"consumerName":"<consumer name>","consumerPassword":"<counsumer hashed password>","consumerSalt":"eaa62d9681d8f803ac05db342e3c9cc0","consumerLastAuthenticationTime":0,"consumerDetailsLastupdatedtime":1481211500749,"lastModfierUserId":"jh0003"}
...