Uploaded image for project: 'Data Movement as a Platform'
  1. Data Movement as a Platform
  2. DMAAP-1016 [DR] DR provisioning AAF integration
  3. DMAAP-1019

[DR] Update DR code and unit tests with AAF integration

XMLWordPrintable

    • DMAAP-Dub-07-(02/22-03/21), DMAAP-Dub-08-(03/22-04/04)

      1. Add the latest AAF Cadi Jar to pom.xml( org.onap.aaf.authz:aaf-cadi-aaf ) .
      2. Register the CADI Filter servlet org.onap.aaf.cadi.filter.CadiFilter. (authenticate the user and returns the user role in the HttpRequest) .
      3. After successful authentication, CADI filter binds the user role in the request. Use the role in the request to grant the access to a resource (ex :  req.isUserInRole(role) ) .
      4. Use the Basic Auth Header to pass the AAF credentials in the request. Client certificate can be used to authenticate the user instead of the Basic Auth header.

      You may combine  3 and 4 by creating a servlet that over rides the CADI filter. If you don’t want to use the CADI filter , you can use the AAF API to authenticate the user and fetch the roles.

      Create / Update unit tests..

            Unassigned Unassigned
            efiacor efiacor
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: