Methods to Connect
- If you are a Servlet in a Container, use CADI Framework with AAF Plugin. It’s very easy, and includes BasicAuth for Services.
- Java Technologies
- Technologies using Servlet Filters
- DME2 (and other Servlet Containers) can use Servlet Filters
- Any WebApp can plug in CADI as a Servlet Filter
- Jetty can attach a Servlet Filter with Code, or as WebApp
- Tomcat 7 has a “Valve” plugin, which is similar and supported
- Use the AAFLur Code directly (shown)
- All Java Technologies utilize Configuration to set what Security elements are required
- example: Global Login can be turned on/off, AAF Client needs information to connect to AAF Service
- There are several specialty cases, which AAF can work with, including embedding all properties in a Web.xml, but the essentials needed are:
- CADI Jars
- cadi.properties file (configured the same for all technologies)
- Encrypt passwords with included CADI technology, so that there are no Clear Text Passwords in Config Files (ASPR)
- See CADI Deployment on how to perform this with several different technologies.
- AAF Restfully (see RESTFul APIS)
...
cadi.properties Template
Code Block | ||
---|---|---|
| ||
# This is a normal Java Properties File
# Comments are with Pound Signs at beginning of lines,
# and multi-line expression of properties can be obtained by backslash at end of line
#hostname=
cadi_loglevel=WARN
cadi_keyfile=conf/keyfile
# Configure AAF
aaf_url=http://172.18.0.2:8101
#if you are running aaf service from a docker image you have to use aaf service IP and port number
aaf_id=<yourAPPID>@onap.org
aaf_password=enc:<encrypt>
aaf_dme_timeout=5000
# Note, User Expires for not Unit Test should be something like 900000 (15 mins) default is 10 mins
# 15 seconds is so that Unit Tests don't delay compiles, etc
aaf_user_expires=15000
# High count... Rough top number of objects held in Cache per cycle. If high is reached, more are
# recycled next time. Depending on Memory usage, 2000 is probably decent. 1000 is default
aaf_high_count=100
|
How to create CADI Keyfile & Encrypt Password
...