Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added SDK dependency in case of error

...

  1. clone the SDC project:

    Code Block
    git clone http://gerrit.onap.org/r/a/sdc
  2. Under the cloned project go to security-utils.
  3. Run:

    Code Block
    mvn clean install
    • If you get the error message "No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?" try running sudo apt-get install openjdk-8-jdk, then redo the mvn command.

  4. This will generate a security-utils-<version>.jar under the target dir.
  5. Executed the jar with the password you want to generate a hash for:

    Code Block
    java -cp /tmp/security-utils-*.jar org.openecomp.sdc.security.Passwords password
  6. The jar will return the salt and the hash generated by adding the salt to the provided password before hashing it. the response format is <salt>:<hash>
  7. Now that we have the salt we need to create a consumer in SDC.
  8. To create a consumer execute the following curl command towards the SDC backend server:

    Code Block
    curl -X POST -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://<ip of the server you want to accses>:8080/sdc2/rest/v1/consumers/ -d '{"consumerName": '<consumer name>', "consumerSalt": '<salt>',"consumerPassword": '<hash>'}'
  9. The CURL creates the consumer in the SDC DB. from this moment you can access our external API's using the consumer name and the password used for the hash generation.
  10. the hash function is a one way so if you forget the password SDC will not be able to recreate it and you will need to delete the consumer and create a new one.
  11. This information should be added to the API call as a basic authentication header.
  12. You can check if the created user exists by calling:

    Code Block
    curl -X GET -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://localhost:8080/sdc2/rest/v1/consumers/<consumer name>
    HTTP/1.1 200 OK
    Set-Cookie: JSESSIONID=1ahpyqpjjgfblahos4f03qun9;Path=/
    Expires: Thu, 01 Jan 1970 00:00:00 GMT
    Content-Type: application/json;charset=UTF-8
    X-ECOMP-RequestID: 6e47cbde-44e8-4b82-8f17-c6a731bf0081
    Vary: Accept-Encoding, User-Agent
    Content-Length: 268
    Server: Jetty(9.3.12.v20160915)
    
    {"consumerName":"<consumer name>","consumerPassword":"<counsumer hashed password>","consumerSalt":"eaa62d9681d8f803ac05db342e3c9cc0","consumerLastAuthenticationTime":0,"consumerDetailsLastupdatedtime":1481211500749,"lastModfierUserId":"jh0003"}

...