...
First thing that you need is generate the key used in challenge response authentication as follow:
Code Block | ||||
---|---|---|---|---|
| ||||
# keytool -genkey -alias AliasChallengeResponse -keystore myKey.jceks -keypass "YourPassWord" -storepass "YourPassWord" -storetype JCEKS |
...
Currently the alias option from keytool is hard coded and it is used in CryptoUtil class located at: floodlight/src/main/java/org/sdnplatform/sync/internal/util/CryptoUtil.java
Code Block |
---|
...
| ||
public static final String CHALLENGE_RESPONSE_SECRET = "AliasChallengeResponse"; |
Which means that it is necessary to use alias option value as defined by above.
...
After key generation you can test it:
Code Block | ||
---|---|---|
| ||
# keytool -list -alias AliasChallengeResponse -keystore myKey.jceks -storetype JCEKS |
...
Enter keystore password: |
...
AliasChallengeResponse, 24/Mar/2016, PrivateKeyEntry, |
...
Certificate fingerprint (SHA1): A2:1B:49:1B:18:D8:DC:95:CC:9F:C3:33:94:04:39:EE:44:DD:CF:BE |
Code Block | ||||
---|---|---|---|---|
|
...
Code Block | ||||
---|---|---|---|---|
| ||||
org.sdnplatform.sync.internal.SyncManager.authScheme=CHALLENGE_RESPONSE org.sdnplatform.sync.internal.SyncManager.keyStorePath=/etc/floodlight/myKey.jceks org.sdnplatform.sync.internal.SyncManager.dbPath=/var/lib/floodlight/ org.sdnplatform.sync.internal.SyncManager.keyStorePassword=YourPassWord org.sdnplatform.sync.internal.SyncManager.port=6642 org.sdnplatform.sync.internal.SyncManager.thisNodeId=1 org.sdnplatform.sync.internal.SyncManager.persistenceEnabled=FALSE org.sdnplatform.sync.internal.SyncManager.nodes=[\ {"nodeId": 1, "domainId": 1, "hostname": "192.168.1.100", "port": 6642},\ {"nodeId": 2, "domainId": 1, "hostname": "192.168.1.100", "port": 6643}\ ] |
...
To use the sync service, you need create two vars ISyncService and IStoreClient:
private ISyncService syncService;
private IStoreClient<String, String> storeFT;
...