Merge pull request #203 from ayyoob/IoTS-1.0.0

Few fixes to configuration changes - reflecting the changes in cdmf authorization
application-manager-new
Ruwan 8 years ago committed by GitHub
commit ac2216a9bf

@ -184,7 +184,7 @@
<include>inputwebsocket.war</include> <include>inputwebsocket.war</include>
<include>outputwebsocket.war</include> <include>outputwebsocket.war</include>
<include>outputui.war</include> <include>outputui.war</include>
<include>secured-outputui.war</include> <include>secured-websocket.war</include>
</includes> </includes>
</fileSet> </fileSet>
<!-- END CEP --> <!-- END CEP -->

@ -17,13 +17,13 @@
# #
#issuer of the JWT #issuer of the JWT
iss=CDMF_DEFAULT_IDP iss=iot_default
TokenEndpoint=https://localhost:${iot.core.https.port}/oauth2/token TokenEndpoint=https://localhost:${iot.core.https.port}/oauth2/token
#audience of JWT claim #audience of JWT claim
#comma seperated values #comma seperated values
aud=JwtIdentityAudience aud=wso2.org/products/iot
#expiration time of JWT (number of minutes from the current time) #expiration time of JWT (number of minutes from the current time)
exp=1000 exp=1000

@ -117,7 +117,8 @@ This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/c
<!--All receiving events/messages will be in this ring buffer. Ring buffer size <!--All receiving events/messages will be in this ring buffer. Ring buffer size
of MQTT inbound event disruptor. Default is set to 32768 (1024 * 32) of MQTT inbound event disruptor. Default is set to 32768 (1024 * 32)
Having a large ring buffer will have a increase memory usage and will improve performance Having a large ring buffer wi
ll have a increase memory usage and will improve performance
and vise versa --> and vise versa -->
<inboundBufferSize>32768</inboundBufferSize> <inboundBufferSize>32768</inboundBufferSize>
@ -171,13 +172,23 @@ This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/c
inherit from org.dna.mqtt.moquette.server.IAutherizer inherit from org.dna.mqtt.moquette.server.IAutherizer
Note: default implementation authorizes against carbon permission with the topic. Note: default implementation authorizes against carbon permission with the topic.
--> -->
<!--connectionPermission is required for a user to connect to broker--> <!--connectionPermission is required for a user to connect to broker
subscriberPermission is needed to subscribe(subriber permission can be more than one)
publisherPermission is needed to publish(publisher permission can be more than one)
-->
<authorizer class="org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.DeviceAccessBasedMQTTAuthorizer"> <authorizer class="org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.DeviceAccessBasedMQTTAuthorizer">
<property name="connectionPermission">/permission/admin/device-mgt/user</property> <!--<property name="connectionPermission">/permission/admin/device-mgt/user</property>-->
<property name="adminPermission">/permission/admin/device-mgt/admin</property> <!--topic subscription permissions which are assigned through grouping-->
<property name="MQTTSubscriberScopeIdentifier">mqtt-subscriber</property> <property name="subscriberPermission">/permission/device-mgt/user/groups/device_events</property>
<property name="MQTTPublisherScopeIdentifier">mqtt-subscriber</property> <!--topic publisher permissions which are assigned through grouping-->
<property name="devicemgtScopeIdentifier">device-mgt</property> <property name="publisherPermission">/permission/device-mgt/user/groups/device_operation</property>
<property name="username">admin</property>
<property name="password">admin</property>
<property name="tokenEndpoint">https://localhost:9443/oauth2</property>
<!--offset time from expiry time to trigger refresh call - seconds -->
<property name="tokenRefreshTimeOffset">100</property>
<property name="deviceMgtServerUrl">https://localhost:9443</property>
</authorizer> </authorizer>
</security> </security>
</mqtt> </mqtt>

@ -839,7 +839,7 @@
</file> </file>
<file> <file>
<source> <source>
src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml src/repository/conf/identity/identity-providers/iot_default.xml
</source> </source>
<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory> <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory>
<filtered>true</filtered> <filtered>true</filtered>
@ -1153,7 +1153,7 @@
</file> </file>
<file> <file>
<source> <source>
src/repository/conf/identity/identity-providers/CDMF_DEFAULT_IDP.xml src/repository/conf/identity/identity-providers/iot_default.xml
</source> </source>
<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory> <outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/identity/identity-providers</outputDirectory>
<filtered>true</filtered> <filtered>true</filtered>
@ -1176,15 +1176,6 @@
<filtered>true</filtered> <filtered>true</filtered>
<fileMode>644</fileMode> <fileMode>644</fileMode>
</file> </file>
<!-- Copying remote-appmanager-config.xml -->
<file>
<source>
../p2-profile-gen/target/wso2carbon-core-${carbon.kernel.version}/repository/conf/etc/device-mgt-scopes.xml
</source>
<outputDirectory>${pom.artifactId}-${pom.version}/repository/conf/etc</outputDirectory>
<filtered>true</filtered>
<fileMode>644</fileMode>
</file>
<!-- Copying devi-appmanager-config.xml --> <!-- Copying devi-appmanager-config.xml -->
<file> <file>
<source> <source>

@ -17,10 +17,10 @@
--> -->
<IdentityProvider> <IdentityProvider>
<IdentityProviderName>CDMF_DEFAULT_IDP</IdentityProviderName> <IdentityProviderName>iot_default</IdentityProviderName>
<DisplayName>CDMF_DEFAULT_IDP</DisplayName> <DisplayName>iot_default</DisplayName>
<IdentityProviderDescription></IdentityProviderDescription> <IdentityProviderDescription></IdentityProviderDescription>
<Alias>JwtIdentityAudience</Alias> <Alias>wso2.org/products/iot</Alias>
<IsPrimary>true</IsPrimary> <IsPrimary>true</IsPrimary>
<IsFederationHub></IsFederationHub> <IsFederationHub></IsFederationHub>
<HomeRealmId></HomeRealmId> <HomeRealmId></HomeRealmId>

@ -149,16 +149,11 @@
<GrantTypeName>iwa:ntlm</GrantTypeName> <GrantTypeName>iwa:ntlm</GrantTypeName>
<GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.iwa.ntlm.NTLMAuthenticationGrantHandler</GrantTypeHandlerImplClass> <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.token.handlers.grant.iwa.ntlm.NTLMAuthenticationGrantHandler</GrantTypeHandlerImplClass>
</SupportedGrantType> </SupportedGrantType>
<SupportedGrantType> <SupportedGrantType>
<GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName> <GrantTypeName>urn:ietf:params:oauth:grant-type:jwt-bearer</GrantTypeName>
<GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtJWTBearerGrantHandler</GrantTypeHandlerImplClass> <GrantTypeHandlerImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler</GrantTypeHandlerImplClass>
<GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDeviceJWTGrantValidator</GrantTypeValidatorImplClass> <GrantTypeValidatorImplClass>org.wso2.carbon.identity.oauth2.grant.jwt.JWTGrantValidator</GrantTypeValidatorImplClass>
</SupportedGrantType> </SupportedGrantType>
<SupportedGrantType>
<GrantTypeName>device-mgt:password</GrantTypeName>
<GrantTypeHandlerImplClass>org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedDeviceMgtPasswordGrantHandler</GrantTypeHandlerImplClass>
<GrantTypeValidatorImplClass>org.wso2.carbon.device.mgt.oauth.extensions.validators.ExtendedDevicePasswordGrantValidator</GrantTypeValidatorImplClass>
</SupportedGrantType>
</SupportedGrantTypes> </SupportedGrantTypes>
<OAuthCallbackHandlers> <OAuthCallbackHandlers>
<OAuthCallbackHandler Class="org.wso2.carbon.device.mgt.oauth.extensions.handlers.DeviceMgtOAuthCallbackHandler"/> <OAuthCallbackHandler Class="org.wso2.carbon.device.mgt.oauth.extensions.handlers.DeviceMgtOAuthCallbackHandler"/>

@ -47,9 +47,6 @@
--> -->
<Listener className="org.wso2.carbon.apimgt.webapp.publisher.lifecycle.listener.APIPublisherLifecycleListener"/> <Listener className="org.wso2.carbon.apimgt.webapp.publisher.lifecycle.listener.APIPublisherLifecycleListener"/>
<!-- Listener responsible for reading device features -->
<Listener className="org.wso2.carbon.device.mgt.extensions.feature.mgt.lifecycle.listener.FeatureManagementLifecycleListener"/>
<!-- WebAppDeploymentLifecycleListener listens to webapp deployment events and adds the custom permissions defined in webapps' <!-- WebAppDeploymentLifecycleListener listens to webapp deployment events and adds the custom permissions defined in webapps'
META-INF/permissions.xml to the permissions/admin section of registry. Given below is a sample of permissions.xml file. META-INF/permissions.xml to the permissions/admin section of registry. Given below is a sample of permissions.xml file.

Loading…
Cancel
Save