From f7c1538d672d6c62cfed5bbac4415f56d587f806 Mon Sep 17 00:00:00 2001
From: Robert Butora <robert.butora@inaf.it>
Date: Tue, 4 Mar 2025 17:50:52 +0100
Subject: [PATCH] docker/authz: db_schema removed from params (authz)
---
README.md | 1 -
.../src/main/java/auth/authz/webapi/AuthZSettings.java | 5 +----
.../servlet/src/main/java/common/webapi/Settings.java | 5 +----
docker/Dockerfile.soda | 2 +-
docker/start-soda.sh | 6 ++----
5 files changed, 5 insertions(+), 14 deletions(-)
diff --git a/README.md b/README.md
index d09fe40..1ce9d02 100644
--- a/README.md
+++ b/README.md
@@ -61,7 +61,6 @@ Configure security:
| **OIDC_CLIENT** | client-id of a Relying party |
| **OIDC_SECRET** | secret of of the client |
| **AUTHZ_DB_URL** | DB where a table with authorization info ('groups' column) can be found |
-| **AUTHZ_DB_SCHEMA** | schema of the authorization table |
| **AUTHZ_DB_USERNAME** | user in the DB with authorization table |
| **AUTHZ_DB_PASSWORD** | password for the DB-user |
diff --git a/data-access/servlet/src/main/java/auth/authz/webapi/AuthZSettings.java b/data-access/servlet/src/main/java/auth/authz/webapi/AuthZSettings.java
index 4b3b982..0ff97a1 100644
--- a/data-access/servlet/src/main/java/auth/authz/webapi/AuthZSettings.java
+++ b/data-access/servlet/src/main/java/auth/authz/webapi/AuthZSettings.java
@@ -14,17 +14,15 @@ class AuthZSettings
public static class DBConn
{
private String uri;
- private String schema;
private String user_name;
private String password;
public String toString()
{
- return uri() + " [" + schema + "] " + user_name + " / " + password + " ";
+ return uri() + " " + user_name;
}
public String uri() { return uri; }
- public String schema() { return schema; }
public String userName() { return user_name; }
public String password() { return password; }
}
@@ -78,7 +76,6 @@ class AuthZSettings
DBConn dbconn = new AuthZSettings.DBConn();
dbconn.uri = properties.getProperty("db_uri", "").strip();
- dbconn.schema = properties.getProperty("db_schema", "").strip();
dbconn.user_name = properties.getProperty("db_user_name", "").strip();
dbconn.password = properties.getProperty("db_password", "").strip();
return dbconn;
diff --git a/data-access/servlet/src/main/java/common/webapi/Settings.java b/data-access/servlet/src/main/java/common/webapi/Settings.java
index c56dc95..3d39183 100644
--- a/data-access/servlet/src/main/java/common/webapi/Settings.java
+++ b/data-access/servlet/src/main/java/common/webapi/Settings.java
@@ -37,13 +37,12 @@ class Settings
public static class DBConn
{
private String uri;
- private String schema;
private String user_name;
private String password;
public String toString()
{
- return uri() + " [" + schema + "] " + user_name + " / " + password + " ";
+ return uri() + " " + user_name;
}
public boolean isDbUriEmpty()
@@ -52,7 +51,6 @@ class Settings
}
public String uri() { return uri; }
- public String schema() { return schema; }
public String userName() { return user_name; }
public String password() { return password; }
}
@@ -144,7 +142,6 @@ class Settings
{
DBConn dbconn = new Settings.DBConn();
dbconn.uri = properties.getProperty("db_uri", "").strip();
- dbconn.schema = properties.getProperty("db_schema", "").strip();
dbconn.user_name = properties.getProperty("db_user_name", "").strip();
dbconn.password = properties.getProperty("db_password", "").strip();
return dbconn;
diff --git a/docker/Dockerfile.soda b/docker/Dockerfile.soda
index 8fe7665..a5ea7c2 100644
--- a/docker/Dockerfile.soda
+++ b/docker/Dockerfile.soda
@@ -61,7 +61,7 @@ COPY deps/context.xml ${WEBAPP_DIR}/META-INF/context.xml
# enable IA2 token filter update
RUN chmod -R a+rwX ${WEBAPP_DIR}/WEB-INF \
- && touch ${WEBAPP_DIR}/WEB-INF/classes/ia2token.properties \
+ && touch ${WEBAPP_DIR}/WEB-INF/classes/auth.properties \
&& touch ${WEBAPP_DIR}/WEB-INF/classes/iamtoken.properties \
&& chmod a+rw ${WEBAPP_DIR}/WEB-INF/classes/*.properties
diff --git a/docker/start-soda.sh b/docker/start-soda.sh
index 3e40904..d6170d2 100755
--- a/docker/start-soda.sh
+++ b/docker/start-soda.sh
@@ -16,7 +16,6 @@ OIDC_CLIENT=${OIDC_CLIENT:-}
OIDC_SECRET=${OIDC_SECRET:-}
AUTHZ_DB_URL=${AUTHZ_DB_URL:-}
-AUTHZ_DB_SCHEMA=${AUTHZ_DB_SCHEMA:-}
AUTHZ_DB_USERNAME=${AUTHZ_DB_USERNAME:-}
AUTHZ_DB_PASSWORD=${AUTHZ_DB_PASSWORD:-}
@@ -46,7 +45,7 @@ fi
if [ -z "$OIDC_RAP_URL" ] || [ -z "$OIDC_GMS_URL" ] || [ -z "$OIDC_CLIENT" ] || [ -z "$OIDC_SECRET" ] \
- [ -z "$AUTHZ_DB_URL" ] || [ -z "$AUTHZ_DB_SCHEMA" ] || [ -z "$AUTHZ_DB_USERNAME" ] || [ -z "$AUTHZ_DB_PASSWORD" ];
+ [ -z "$AUTHZ_DB_URL" ] || [ -z "$AUTHZ_DB_USERNAME" ] || [ -z "$AUTHZ_DB_PASSWORD" ];
then
echo "Some of OIDC_ or AUTHZ_ is not set. All must be set to activate security."
touch $WEBAPP_DIR/WEB-INF/security.node.xml
@@ -61,12 +60,11 @@ else
echo "store_state_on_login_endpoint=true"
echo "scope=openid email profile read:rap"
echo "allow_anonymous_access=true"
- } > $WEBAPP_DIR/WEB-INF/classes/ia2token.properties
+ } > $WEBAPP_DIR/WEB-INF/classes/auth.properties
echo "Config VLKB authorization ..."
{
echo "db_uri=$AUTHZ_DB_URL"
- echo "db_schema=$AUTHZ_DB_SCHEMA"
echo "db_user_name=$AUTHZ_DB_USERNAME"
echo "db_password=$AUTHZ_DB_PASSWORD"
} > $WEBAPP_DIR/WEB-INF/classes/authpolicy.properties
--
GitLab