Versions Compared

Old Version 4

changes.mady.by.user Matthew Davis

Saved on

compared with

New Version Current

changes.mady.by.user Michael Lando

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. clone the SDC project:

    Code Block
    git clone http://gerrit.onap.org/r/sdc
  2. Under the cloned project go to security-utils.

  3. Run:

    Code Block
    mvn clean install
    • If you get the error message "No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?" try running sudo apt-get install openjdk-8-jdk, then redo the mvn command.

  4. This will generate a security-utils-<version>.jar under the target dir.

  5. Executed the jar with the password you want to generate a hash for:

    Code Block
    java -cp /tmp/security-utils-*.jar org.openecomp.sdc.security.Passwords password


In beijing relase please use  security-utils-*-jar-with-dependencies.jar
  6. The jar will return the salt and the hash generated by adding the salt to the provided password before hashing it. the response format is <salt>:<hash>
  7. Now that we have the salt we need to create a consumer in SDC.

  8. To create a consumer execute the following curl command towards the SDC backend server:

    Code Block
    curl -X POST -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://<ip of the server you want to accses>:8080/sdc2/rest/v1/consumers/ -d '{"consumerName": '<consumer name>', "consumerSalt": '<salt>',"consumerPassword": '<hash>'}'
  9. The CURL creates the consumer in the SDC DB. from this moment you can access our external API's using the consumer name and the password used for the hash generation.
  10. the hash function is a one way so if you forget the password SDC will not be able to recreate it and you will need to delete the consumer and create a new one.
  11. This information should be added to the API call as a basic authentication header.

  12. You can check if the created user exists by calling:

    Code Block
    curl -X GET -i -H "Accept: application/json; charset=UTF-8" -H "Content-Type: application/json" -H "USER_ID: jh0003" http://localhost:8080/sdc2/rest/v1/consumers/<consumer name>
HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=1ahpyqpjjgfblahos4f03qun9;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/json;charset=UTF-8
X-ECOMP-RequestID: 6e47cbde-44e8-4b82-8f17-c6a731bf0081
Vary: Accept-Encoding, User-Agent
Content-Length: 268
Server: Jetty(9.3.12.v20160915)

{"consumerName":"<consumer name>","consumerPassword":"<counsumer hashed password>","consumerSalt":"eaa62d9681d8f803ac05db342e3c9cc0","consumerLastAuthenticationTime":0,"consumerDetailsLastupdatedtime":1481211500749,"lastModfierUserId":"jh0003"}

...