-
Bug
-
Resolution: Done
-
High
-
Dublin Release
-
None
While testing DCAEGEN2-1539 (blueprint and steps provided under jira); VESCollector came up successfully and enabled for https, however basic-auth validation was not correct.
Collector configuration auth.method=basicAuth## Combination of userid,hashPassword encoded pwd list to be supported ## userid and pwd comma separated; pipe delimitation between each pair ## Password is generated by crypt-password library using BCrypt algorithm stored in dcaegen2/sdk package ## or https://nexus.onap.org/#nexus-search;quick~crypt-password header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6
Below are curl o/p from which it appears basic auth is not functioning as expected.
VALID vv770d@pod-onap-01-vjhost:~$ curl -i -u 'sample1:sample1' -X POST -d @fault.txt --header "Content-Type: application/json" https://10.12.5.9:30417/eventListener/v5 -k HTTP/1.1 202 Content-Type: application/json Content-Length: 8 Date: Wed, 29 May 2019 19:42:18 GMT Accepted INVALID vv770d@pod-onap-01-vjhost:~$ curl -i -u 'sample1:sample' -X POST -d @fault.txt --header "Content-Type: application/json" https://10.12.5.9:30417/eventListener/v5 -k HTTP/1.1 202 Content-Type: application/json Content-Length: 8 Date: Wed, 29 May 2019 20:00:52 GMT Accepted INVALID vv770d@pod-onap-01-vjhost:~$ curl -i -u 'sample1:samp' -X POST -d @fault.txt --header "Content-Type: application/json" https://10.12.5.9:30417/eventListener/v5 -k HTTP/1.1 202 Content-Type: application/json Content-Length: 8 Date: Wed, 29 May 2019 20:01:12 GMT
- relates to
-
DCAEGEN2-1101
Collector authentication enhancement
-
- Closed
-