Versions Compared

Old Version 18

changes.mady.by.user Ganesh Sahu

Saved on

compared with

New Version 19

changes.mady.by.user Ganesh Sahu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

WebPA server components as well as requesting application has to use a autorization token for bearer authentication.  We can either use a basic authorization token or make use of a key server for obtaining a bearer token.

For example, a UI application needs to invoke some Preference setting or to obtain some diagnostics information on behalf of a MSO partner, deviceId, serviceAccountId or combination of the three. It will first obtain or use a pre-defined auth token, set it as a HTTP header and then invoke the GET/SET operation.

Info

In a production environment, webPA server components & requesting applications use SAT as a bearer token for AUTHZ and AUTHN. SAT stands for Service Access Token. As the name implies, it is used by the calling applications to request access to CPE API's. From a implementation point of view, A SAT is a Json Web Token which if shortened to "jwt". It is a base64 encoded strings of pre-defined bytes with 3 distinct parts separated by a period.

However in the standalone setup, we have used basic base64 encoded autherization token because SAT requires access to operator specific key servers. This auth token will be used when configuring different webPA components as well while performing GET/SET requests to the CPE from a 3rd party application.

We can use either of the below 2 methods to generate a basic authorization string.

Code Block
1. Use openssl command to generate the base64 encoded token.
[root@webpa-node1 ~]# openssl enc -base64 <<< "webpa@1234567890"
[OUTPUT] : d2VicGFAMTIzNDU2Nzg5MAo=
2. Use Linux coreutils tools to generate the base64 encoded token
[root@webpa-node1 ~]# echo "webpa@1234567890"|base64
[OUTPUT] : d2VicGFAMTIzNDU2Nzg5MAo=


Talaria configuration

Code Block
title/etc/talaria/talaria.json
{
        "port": 8080,
        "hcport": 8888,
        "pprofport": 9999,
        "discoveryClient": {
                "staticNodes": ["https://localhost:8585" ]
        },

        "log" : {
                "file"      : "talariaLog.log",
                "level"     : "DEBUG",
                "maxSize"   : 5242880,
                "maxBackup" : 3
        }
}

...