Uploaded image for project: 'Policy Framework'
  1. Policy Framework
  2. POLICY-913 policy/engine CADI (AAF) Integration
  3. POLICY-993

PAP CADI (AAF) Integration

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Won't Do
    • Icon: Medium Medium
    • Casablanca Release
    • None
    • None
    • Policy Casablanca - 4, Policy Casablanca - 6

      • console, pdp-x, pdp-d, and consul machine users must be pre-provisioned in AAF.    These users, and appropriate roles, and permissions, should be added to the org.onap.policy.pap namespace.   AAF must be pre-configured with these permissions for demo automated installation purposes.
      • Policy components: consolepdp-x, and pdp-d should use client certificate authentication preferably (no consul).
      • console, pdp-x, pdp-d, and consul processes should use the existing HTTP Basic Authentication mechanisms when talking to the pap component.  When using client certificates, the authentication credentials will be used for authorization requests to AAF.
      • When AAF is not available in a lab deployment, console,pdp-x, and pdp-d should default to use existing authentication mechanisms.
      • pap should use the AAF CADI Framework client libraries to interact with AAF.
      • pap should talk to AAF using HTTPS Client Certificates based authentication to perform.   The pap client certificate must be stored in the pap keystore to present it to AAF.

            mmokry mmokry
            mmokry mmokry
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: