diff --git a/.env b/.env
index c2156858..a1a33b4c 100644
--- a/.env
+++ b/.env
@@ -18,4 +18,4 @@ FROMLIBERTY=ibmcom/websphere-liberty:20.0.0.6-kernel-java8-ibmjava-ubi
# Postgres Version
FROMPOSTGRES=postgres:12
-POSTGRESUID=999
\ No newline at end of file
+POSTGRESUID=999
diff --git a/common/config/authOidc/authFilters.xml b/common/config/authOidc/authFilters.xml
index 0da43252..2f740d4b 100644
--- a/common/config/authOidc/authFilters.xml
+++ b/common/config/authOidc/authFilters.xml
@@ -47,7 +47,8 @@
-
+
+
diff --git a/common/config/authOidc/resAdministrators.xml b/common/config/authOidc/resAdministrators.xml
index e8bad496..9a1167f6 100644
--- a/common/config/authOidc/resAdministrators.xml
+++ b/common/config/authOidc/resAdministrators.xml
@@ -1,5 +1,5 @@
-
+
diff --git a/common/config/authOidc/rtsAdministrators.xml b/common/config/authOidc/rtsAdministrators.xml
index 0a92f82a..72a3284b 100644
--- a/common/config/authOidc/rtsAdministrators.xml
+++ b/common/config/authOidc/rtsAdministrators.xml
@@ -1,5 +1,5 @@
-
+
diff --git a/common/config/metering-template.properties b/common/config/metering-template.properties
new file mode 100644
index 00000000..7071a967
--- /dev/null
+++ b/common/config/metering-template.properties
@@ -0,0 +1,16 @@
+### Metering properties ###
+com.ibm.rules.metering.server.url=METERING_SERVER_URL
+# API key to identify the user in IBM Connect to Cloud service
+# Mandatory
+com.ibm.rules.metering.api.key=None
+# Identifier to use to identifier the Decision Center instance
+# Optional: If not specified, the value is automatically computed
+com.ibm.rules.metering.instance.identifier=METERING_INSTANCE_ID
+# Period of time to wait between two usage reports to send to IBM Connect to Cloud service (en milliseconds)
+# Optional: If not specified, the value is 15 minutes
+com.ibm.rules.metering.send.period=METERING_SEND_PERIOD
+# If true, send usages to the IBM Connect to Cloud service
+com.ibm.rules.metering.send.usages=true
+# If true, log usages on the filesystem
+com.ibm.rules.metering.log.usages=true
+### End of metering properties ###
diff --git a/common/script/configureMetering.sh b/common/script/configureMetering.sh
new file mode 100644
index 00000000..35bfb8d0
--- /dev/null
+++ b/common/script/configureMetering.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [ -s "/config/pluginconfig/plugin-configuration.properties" ]
+then
+ echo "Configure metering using /config/pluginconfig/plugin-configuration.properties provided config"
+elif [ -n "$METERING_SERVER_URL" ]
+then
+ echo "Configure metering using /config/metering-template.properties template"
+ echo "Set METERING_SERVER_URL with $METERING_SERVER_URL"
+ sed -i 's|METERING_SERVER_URL|'$METERING_SERVER_URL'|g' /config/metering-template.properties
+ if [ -n "$RELEASE_NAME" ]
+ then
+ echo "Set METERING_INSTANCE_ID with $RELEASE_NAME"
+ sed -i 's|METERING_INSTANCE_ID|'$RELEASE_NAME'|g' /config/metering-template.properties
+ else
+ echo "Set METERING_INSTANCE_ID with $HOSTNAME"
+ sed -i 's|METERING_INSTANCE_ID|'$HOSTNAME'|g' /config/metering-template.properties
+ fi
+
+ if [ -n "$METERING_SEND_PERIOD" ]
+ then
+ echo "Set METERING_SEND_PERIOD with $METERING_SEND_PERIOD milliseconds"
+ sed -i 's|METERING_SEND_PERIOD|'$METERING_SEND_PERIOD'|g' /config/metering-template.properties
+ else
+ echo "Set METERING_SEND_PERIOD with 900000 milliseconds"
+ sed -i 's|METERING_SEND_PERIOD|900000|g' /config/metering-template.properties
+ fi
+
+ mkdir /config/pluginconfig
+ cp /config/metering-template.properties /config/pluginconfig/plugin-configuration.properties
+fi
diff --git a/common/script/configureSwidTag.sh b/common/script/configureSwidTag.sh
index dfdd84a7..04ccad42 100755
--- a/common/script/configureSwidTag.sh
+++ b/common/script/configureSwidTag.sh
@@ -39,22 +39,22 @@ then
removeAllSwidTag ibm.com_IBM_ODM_Server_for_Non-Production-*.swidtag
fi
echo "ODM configuration : remove all DBAMC Swidtag"
- removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4Auto*.swidtag
- removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4Auto_-_Non_Prod*.swidtag
+ removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4BA*.swidtag
+ removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4BA_-_Non_Prod*.swidtag
else
if [ -n "$DEPLOY_FOR_PRODUCTION" ]
then
if [[ "$DEPLOY_FOR_PRODUCTION" =~ "TRUE" ]]
then
echo "DEPLOY_FOR_PRODUCTION is true then DBAMC production configuration : remove DBAMC non production Swidtag"
- removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4Auto_-_Non_Prod-*.swidtag
+ removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4BA_-_Non_Prod-*.swidtag
else
echo "DEPLOY_FOR_PRODUCTION is false then DBAMC non production configuration : remove DBAMC production Swidtag"
- removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4Auto-*.swidtag
+ removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4BA-*.swidtag
fi
else
echo "DEPLOY_FOR_PRODUCTION not set then DBAMC production configuration : remove DBAMC non production Swidtag"
- removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4Auto_-_Non_Prod-*.swidtag
+ removeAllSwidTag ibm.com_Operational_Decision_Manager_Containers_-_CP4BA_-_Non_Prod-*.swidtag
fi
echo "DBAMC configuration : remove all ODM Swidtag"
removeAllSwidTag ibm.com_IBM_ODM_Server*.swidtag
diff --git a/common/script/configureTlsSecurity.sh b/common/script/configureTlsSecurity.sh
old mode 100644
new mode 100755
index e9fa1501..f17cb28a
--- a/common/script/configureTlsSecurity.sh
+++ b/common/script/configureTlsSecurity.sh
@@ -48,25 +48,45 @@ else
fi
# End - Configuration for the TLS security
-if [ -f "/config/security/ldap.jks" ]
+if [ -f "/config/ldap/ldap.jks" ]
then
if [ -n "$LDAP_TRUSTSTORE_PASSWORD" ]
then
- echo "import /config/security/ldap.jks in trustore using provided LDAP truststore password"
+ echo "import /config/ldap/ldap.jks in trustore using provided LDAP truststore password"
else
- echo "import /config/security/ldap.jks in trustore using default LDAP truststore password"
+ echo "import /config/ldap/ldap.jks in trustore using default LDAP truststore password"
LDAP_TRUSTSTORE_PASSWORD=changeit
fi
i=0
- mapfile -t trust_list < <(keytool -list -v -keystore /config/security/ldap.jks -storepass $LDAP_TRUSTSTORE_PASSWORD | grep "Alias name" | awk 'NF>1{print $NF}')
+ mapfile -t trust_list < <(keytool -list -v -keystore /config/ldap/ldap.jks -storepass $LDAP_TRUSTSTORE_PASSWORD | grep "Alias name" | awk 'NF>1{print $NF}')
for trust_file in "${trust_list[@]}"
do
- keytool -changealias -alias ${trust_file} -destalias "LDAP_ALIAS_FOR_ODM_"$i -keystore /config/security/ldap.jks -storepass $LDAP_TRUSTSTORE_PASSWORD
+ keytool -changealias -alias ${trust_file} -destalias "LDAP_ALIAS_FOR_ODM_"$i -keystore /config/ldap/ldap.jks -storepass $LDAP_TRUSTSTORE_PASSWORD
((i=i+1))
done
- keytool -importkeystore -srckeystore /config/security/ldap.jks -destkeystore /config/security/truststore.jks -srcstorepass $LDAP_TRUSTSTORE_PASSWORD -deststorepass $DEFAULT_TRUSTSTORE_PASSWORD
+ keytool -importkeystore -srckeystore /config/ldap/ldap.jks -destkeystore /config/security/truststore.jks -srcstorepass $LDAP_TRUSTSTORE_PASSWORD -deststorepass $DEFAULT_TRUSTSTORE_PASSWORD
else
- echo "no /config/security/ldap.jks file"
+ echo "no /config/ldap/ldap.jks file"
+fi
+
+# This part allow to import a list of PEM certificate in the JVM
+ echo "Importing trusted certificates $dir"
+CERTDIR="/config/security/trusted-cert-volume/"
+if [ -d $CERTDIR ]; then
+ cd $CERTDIR
+ for dir in *; do
+ echo "Importing trusted certificates $dir"
+ if [ -d $dir ]; then
+ if [ -f $dir/tls.crt ]; then
+ # Don't know if we need to delete the Alias. If don't delete it there is an error
+ keytool -delete -alias 0trust_$dir -storepass $DEFAULT_TRUSTSTORE_PASSWORD -keystore /config/security/truststore.jks > /dev/null
+ keytool -import -v -trustcacerts -alias 0trust_$dir -file $dir/tls.crt -keystore /config/security/truststore.jks -storepass $DEFAULT_TRUSTSTORE_PASSWORD -noprompt
+ else
+ echo "Couldn't find certificate $dir/tls.crt skipping this certificate "
+ fi
+ fi
+ done
+ echo "done"
fi
diff --git a/common/script/enableMetering.sh b/common/script/enableMetering.sh
index 35ea190e..d07be04c 100644
--- a/common/script/enableMetering.sh
+++ b/common/script/enableMetering.sh
@@ -5,4 +5,6 @@ then
echo "enable rules metering"
cd /config/apps/DecisionService.war/WEB-INF/classes;
sed -i 's/{pluginClass=HTDS}/{pluginClass=Metering,enable=true},{pluginClass=HTDS}/g' ra.xml
+
+ $SCRIPT/configureMetering.sh
fi
diff --git a/common/script/installPostgres.sh b/common/script/installPostgres.sh
index d210ba6d..d3b2e238 100755
--- a/common/script/installPostgres.sh
+++ b/common/script/installPostgres.sh
@@ -3,5 +3,5 @@
# Install the driver for PostgreSQL
echo "Install the driver for postgreSQL"
cd /tmp
-curl -O -s https://jdbc.postgresql.org/download/postgresql-42.2.16.jar
+curl -O -s https://jdbc.postgresql.org/download/postgresql-42.2.18.jar
mv postgres* /config/resources
diff --git a/decisioncenter/config/jvm.options b/decisioncenter/config/jvm.options
index 25714e8c..4b78437d 100644
--- a/decisioncenter/config/jvm.options
+++ b/decisioncenter/config/jvm.options
@@ -1,4 +1,2 @@
--Djavax.net.ssl.trustStore=/config/security/truststore.jks
--Djavax.net.ssl.trustStorePassword=__TRUSTSTORE_PASSWORD__
-Duser.language=en
-Duser.country=US
diff --git a/decisioncenter/config/new-decisioncenter-configuration.properties b/decisioncenter/config/new-decisioncenter-configuration.properties
index 5c77b755..81ab5d47 100644
--- a/decisioncenter/config/new-decisioncenter-configuration.properties
+++ b/decisioncenter/config/new-decisioncenter-configuration.properties
@@ -33,7 +33,7 @@ system.com.ibm.rules.authentication.scheme=oidc
system.com.ibm.rules.authentication.oidcconfig=OdmOidcProviders.json:OPENID_PROVIDER
# Define the referer whitelist patterns
-system.com.ibm.rules.decisioncenter.referer-whitelist-patterns=OPENID_SERVER_URL/*
+system.com.ibm.rules.decisioncenter.referer-whitelist-patterns=DC_REFERER_LIST
# Define a list of servers separated by semi colon to add to Decision Center configuration
# format: |||| where
@@ -95,8 +95,6 @@ property.teamserver.includeDebugInfoInRulesetArchive=true
com.ibm.rules.decisioncenter.ldap.sync.users-and-groups=ldap-sync-mode
### End of LDAP Sync properties ###
-
-
### Metering properties ###
# If true, enable the service to collect usages of Decision Center.
diff --git a/decisioncenter/script/jvmOptions.sh b/decisioncenter/script/jvmOptions.sh
deleted file mode 100644
index 62674fe6..00000000
--- a/decisioncenter/script/jvmOptions.sh
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/bin/bash
-
-DEFAULT_KEYSTORE_PASSWORD=changeme
-DEFAULT_TRUSTSTORE_PASSWORD=changeme
-
-if [ -f "/shared/tls/keystore/jks/server.jks" ]
-then
- DEFAULT_KEYSTORE_PASSWORD=changeit
-
- if [ -n "$ROOTCA_KEYSTORE_PASSWORD" ]
- then
- echo "change default keystore password with provided Root CA keystore password"
- DEFAULT_KEYSTORE_PASSWORD=$ROOTCA_KEYSTORE_PASSWORD
- fi
-fi
-
-if [ -f "/shared/tls/truststore/jks/trusts.jks" ]
-then
- DEFAULT_TRUSTSTORE_PASSWORD=changeit
-
- if [ -n "$ROOTCA_TRUSTSTORE_PASSWORD" ]
- then
- echo "change default truststore password with provided Root CA truststore password"
- DEFAULT_TRUSTSTORE_PASSWORD=$ROOTCA_TRUSTSTORE_PASSWORD
- fi
-else
- echo "no file /shared/tls/truststore/jks/trusts.jks"
-fi
-
-# Begin - Configuration for the TLS security
-echo "DC JVM Options : Configure the TLS keystore password"
-if [ -n "$KEYSTORE_PASSWORD" ]
-then
- sed -i 's|__KEYSTORE_PASSWORD__|'$KEYSTORE_PASSWORD'|g' /config/jvm.options
-else
- sed -i 's|__KEYSTORE_PASSWORD__|'$DEFAULT_KEYSTORE_PASSWORD'|g' /config/jvm.options
-fi
-echo "DC JVM Options : Configure the TLS truststore password"
-if [ -n "$TRUSTSTORE_PASSWORD" ]
-then
- sed -i 's|__TRUSTSTORE_PASSWORD__|'$TRUSTSTORE_PASSWORD'|g' /config/jvm.options
-else
- sed -i 's|__TRUSTSTORE_PASSWORD__|'$DEFAULT_TRUSTSTORE_PASSWORD'|g' /config/jvm.options
-fi
-# End - Configuration for the TLS security
diff --git a/decisioncenter/script/rundc.sh b/decisioncenter/script/rundc.sh
index a7f82053..c8265b30 100755
--- a/decisioncenter/script/rundc.sh
+++ b/decisioncenter/script/rundc.sh
@@ -21,8 +21,6 @@ $SCRIPT/updateDatasource.sh
$SCRIPT/configureSwidTag.sh
-$SCRIPT/jvmOptions.sh
-
$SCRIPT/setTimeZone.sh
. $SCRIPT/setUTF8Locale.sh
diff --git a/decisioncenter/script/updateDCConfigurations.sh b/decisioncenter/script/updateDCConfigurations.sh
index f98660da..76279ea4 100644
--- a/decisioncenter/script/updateDCConfigurations.sh
+++ b/decisioncenter/script/updateDCConfigurations.sh
@@ -106,8 +106,32 @@ then
sed -i 's|"OPENID_PROVIDER"|'null'|g' $DC_SERVER_CONFIG
fi
echo "OAuth config : set AUTH_SCHEME to oidc in /config/new-decisioncenter-configuration.properties"
- echo "OAuth config : set OPENID_SERVER_URL to $OPENID_SERVER_URL in /config/new-decisioncenter-configuration.properties"
- sed -i 's|OPENID_SERVER_URL|'$OPENID_SERVER_URL'|g' /config/new-decisioncenter-configuration.properties
+
+
+ if [ -n "$DC_REFERER_LIST" ]
+ then
+ echo "OAuth config : provided DC_REFERER_LIST"
+ else
+ echo "OAuth config : build DC_REFERER_LIST"
+ IFS=','
+ DC_REFERER_LIST=""
+ ALLOWED_DOMAINS_LIST=$(grep OPENID_ALLOWED_DOMAINS /config/authOidc/openIdParameters.properties | sed "s/OPENID_ALLOWED_DOMAINS=//g")
+ read -ra ADDR <<< "${ALLOWED_DOMAINS_LIST}"
+ declare -i j=1
+ for i in "${ADDR[@]}"; do
+ DC_REFERER_LIST=${DC_REFERER_LIST}"https://"$i"/*"
+ if ((j < "${#ADDR[@]}")); then
+ DC_REFERER_LIST=${DC_REFERER_LIST}"__COMMA__"
+ j=j+1
+ fi
+ done
+ fi
+
+ echo "OAuth config : set DC_REFERER_LIST to $DC_REFERER_LIST in /config/new-decisioncenter-configuration.properties"
+ sed -i 's|DC_REFERER_LIST|'$DC_REFERER_LIST'|g' /config/new-decisioncenter-configuration.properties
+ # Issue with DC_REFERER_LIST when built with a comma
+ sed -i 's/__COMMA__/,/g' /config/new-decisioncenter-configuration.properties
+
echo "replace rtsAdministators/rtsConfigManagers/rtsInstallers group in /config/application.xml"
sed -i $'/> $APPS/decisioncenter.war/WEB-INF/classes/config/decisioncenter-configuration.properties
+ elif [ -n "$METERING_SERVER_URL" ]
+ then
+ echo "Set METERING_SERVER_URL with $METERING_SERVER_URL"
+ sed -i 's|METERING_SERVER_URL|'$METERING_SERVER_URL'|g' /config/metering-template.properties
+ if [ -n "$RELEASE_NAME" ]
+ then
+ echo "Set METERING_INSTANCE_ID with $RELEASE_NAME"
+ sed -i 's|METERING_INSTANCE_ID|'$RELEASE_NAME'|g' /config/metering-template.properties
+ else
+ echo "Set METERING_INSTANCE_ID with $HOSTNAME"
+ sed -i 's|METERING_INSTANCE_ID|'$HOSTNAME'|g' /config/metering-template.properties
+ fi
+
+ if [ -n "$METERING_SEND_PERIOD" ]
+ then
+ echo "Set METERING_SEND_PERIOD with $METERING_SEND_PERIOD milliseconds"
+ sed -i 's|METERING_SEND_PERIOD|'$METERING_SEND_PERIOD'|g' /config/metering-template.properties
+ else
+ echo "Set METERING_SEND_PERIOD with 900000 milliseconds"
+ sed -i 's|METERING_SEND_PERIOD|900000|g' /config/metering-template.properties
+ fi
+
+ cat /config/metering-template.properties >> $APPS/decisioncenter.war/WEB-INF/classes/config/decisioncenter-configuration.properties
+ fi
+fi
+
if [ -n "$ODM_CONTEXT_ROOT" ]
then
sed -i 's|http://localhost:9060/decisionmodel|'http://localhost:9060$ODM_CONTEXT_ROOT/decisionmodel'|g' $APPS/decisioncenter.war/WEB-INF/classes/config/decisioncenter-configuration.properties
diff --git a/decisionserver/decisionrunner/config/application.xml b/decisionserver/decisionrunner/config/application.xml
index 1e742231..5a5764dd 100644
--- a/decisionserver/decisionrunner/config/application.xml
+++ b/decisionserver/decisionrunner/config/application.xml
@@ -10,6 +10,9 @@
+
+
+
diff --git a/decisionserver/decisionrunner/script/enableDRMetering.sh b/decisionserver/decisionrunner/script/enableDRMetering.sh
index 69d8ba24..1f760417 100644
--- a/decisionserver/decisionrunner/script/enableDRMetering.sh
+++ b/decisionserver/decisionrunner/script/enableDRMetering.sh
@@ -5,4 +5,6 @@ then
echo "enable rules metering"
cd /config/apps/DecisionRunner.war/WEB-INF/classes;
sed -i 's/{pluginClass=DVS}/{pluginClass=Metering,enable=true},{pluginClass=DVS}/g' ra.xml
+
+ $SCRIPT/configureMetering.sh
fi
diff --git a/decisionserver/decisionserverconsole/config/application.xml b/decisionserver/decisionserverconsole/config/application.xml
index 3a6c315d..b27b2f26 100644
--- a/decisionserver/decisionserverconsole/config/application.xml
+++ b/decisionserver/decisionserverconsole/config/application.xml
@@ -23,7 +23,7 @@
-
+
diff --git a/decisionserver/decisionserverconsole/script/run.sh b/decisionserver/decisionserverconsole/script/run.sh
index 02f5d119..e0df2846 100644
--- a/decisionserver/decisionserverconsole/script/run.sh
+++ b/decisionserver/decisionserverconsole/script/run.sh
@@ -7,6 +7,8 @@ then
$SCRIPT/customStart.sh
fi
+$SCRIPT/enableMetering.sh
+
$SCRIPT/updateDSCConfigurations.sh
$SCRIPT/configureTlsSecurity.sh
@@ -17,8 +19,6 @@ $SCRIPT/updateDatasource.sh
$SCRIPT/updateDSRConfigurations.sh
-$SCRIPT/enableMetering.sh
-
$SCRIPT/configureSwidTag.sh
$SCRIPT/setTimeZone.sh
diff --git a/decisionserver/decisionserverconsole/script/updateDSCConfigurations.sh b/decisionserver/decisionserverconsole/script/updateDSCConfigurations.sh
index 3c2c759a..7f8367ba 100644
--- a/decisionserver/decisionserverconsole/script/updateDSCConfigurations.sh
+++ b/decisionserver/decisionserverconsole/script/updateDSCConfigurations.sh
@@ -6,7 +6,7 @@ if [ -n "$DECISION_SERVICE_URL" ]; then
fi
if [ -f "/config/baiemitterconfig/plugin-configuration.properties" ]; then
- echo "Enable BAI Emitter Plugin"
+ echo "Enable BAI Emitter Plugin"
sed -i 's/{pluginClass=HTDS}/&,{pluginClass=ODMEmitterForBAI}/' ra.xml
fi
diff --git a/decisionserver/decisionserverruntime/config/application.xml b/decisionserver/decisionserverruntime/config/application.xml
index e4cb5fb8..01768fe6 100644
--- a/decisionserver/decisionserverruntime/config/application.xml
+++ b/decisionserver/decisionserverruntime/config/application.xml
@@ -8,7 +8,7 @@
-
+
diff --git a/decisionserver/decisionserverruntime/script/runds.sh b/decisionserver/decisionserverruntime/script/runds.sh
index 57d2fb8a..b4e497a0 100755
--- a/decisionserver/decisionserverruntime/script/runds.sh
+++ b/decisionserver/decisionserverruntime/script/runds.sh
@@ -7,14 +7,14 @@ then
$SCRIPT/customStart.sh
fi
+$SCRIPT/enableMetering.sh
+
$SCRIPT/updateDSRConfigurations.sh
$SCRIPT/configureTcpipNotification.sh
$SCRIPT/configureTlsSecurity.sh
-$SCRIPT/enableMetering.sh
-
$SCRIPT/configureDatabase.sh
$SCRIPT/updateDatasource.sh
diff --git a/decisionserver/decisionserverruntime/script/updateDSRConfigurations.sh b/decisionserver/decisionserverruntime/script/updateDSRConfigurations.sh
index 6411740e..c81c64b6 100755
--- a/decisionserver/decisionserverruntime/script/updateDSRConfigurations.sh
+++ b/decisionserver/decisionserverruntime/script/updateDSRConfigurations.sh
@@ -119,6 +119,14 @@ fi
if [ -f "/config/baiemitterconfig/plugin-configuration.properties" ]; then
echo "Enable BAI Emitter Plugin"
sed -i 's/{pluginClass=HTDS}/&,{pluginClass=ODMEmitterForBAI}/' ra.xml;
+ if [ -f "/config/pluginconfig/plugin-configuration.properties" ]; then
+ echo "concat BAI Emitter and Metering plugins"
+ cat /config/baiemitterconfig/plugin-configuration.properties >> /config/pluginconfig/plugin-configuration.properties
+ else
+ echo "create plugin directory /config/pluginconfig"
+ mkdir /config/pluginconfig
+ cp /config/baiemitterconfig/plugin-configuration.properties /config/pluginconfig/plugin-configuration.properties
+ fi
fi
if [ -f "/config/baiemitterconfig/krb5.conf" ]; then
diff --git a/iam/SampleXOM.zip b/iam/SampleXOM.zip
new file mode 100644
index 00000000..f8aeffc8
Binary files /dev/null and b/iam/SampleXOM.zip differ
diff --git a/iam/executeApiTests.sh b/iam/executeApiTests.sh
new file mode 100755
index 00000000..a697a0bc
--- /dev/null
+++ b/iam/executeApiTests.sh
@@ -0,0 +1,80 @@
+#!/bin/sh
+
+# The script invokes ODM APIs using a bearer header (or BA) passed as parameter
+
+# odmhost=https://9.171.58.116:9843
+odm_dc_host=https://localhost:9643
+odm_dsc_host=https://localhost:9843
+odm_dr_host=https://localhost:9743
+odm_dsr_host=https://localhost:9943
+
+AUTH="Authorization: Bearer $1"
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dsc_host}/res/api/ruleapps?count=true
+echo Response:
+curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" \
+ -H "$AUTH" \
+ ${odm_dsc_host}/res/api/ruleapps?count=true
+echo ""
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dsc_host}/res/auth?ping=pong
+echo Response:
+curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" \
+ -H "$AUTH" \
+ ${odm_dsc_host}/res/auth?ping=pong
+echo ""
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dc_host}/decisioncenter-api/v1/about
+echo Response:
+curl -k \
+ -H "$AUTH" \
+ ${odm_dc_host}/decisioncenter-api/v1/about 2>&1
+echo ""
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dc_host}/decisioncenter-api/v1/decisionservices
+echo Response:
+curl -k \
+ -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" \
+ -H "$AUTH" \
+ ${odm_dc_host}/decisioncenter-api/v1/decisionservices 2>&1
+echo ""
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dr_host}/DecisionRunner/serverinfo
+echo Response:
+curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" \
+ -H "$AUTH" \
+ ${odm_dr_host}/DecisionRunner/serverinfo
+echo ""
+
+echo ---------------------------------------------------------------------
+echo Deploying XOM and the ruleapp...
+curl -k -H "Content-Type: application/octet-stream" \
+ -H "$AUTH" \
+ --data-binary "@/Users/mathiasmouly/testOkta/SampleXOM.zip" \
+ ${odm_dsc_host}/res/api/v1/xoms/SampleXOM.zip
+
+curl -k -H "Content-Type: application/octet-stream" \
+ -H "$AUTH" \
+ --data-binary "@/Users/mathiasmouly/testOkta/ruleApp_DeploySample_1.0.jar" \
+ ${odm_dsc_host}/res/api/v1/ruleapps
+
+echo ---------------------------------------------------------------------
+echo Invoking: ${odm_dsr_host}/DecisionService/rest/DeploySample/1.0/MainOperation/1.0
+echo Response:
+curl -k -H "Content-Type: application/json" \
+ -H "$AUTH" \
+ -d @- "${odm_dsr_host}/DecisionService/rest/DeploySample/1.0/MainOperation/1.0" <<+++
+{
+ "__DecisionID__": "string",
+ "DomainSample": {
+ "astr": "string",
+ "bstr": "string"
+ }
+}
++++
+echo
diff --git a/iam/iamclient-list.sh b/iam/iamclient-list.sh
index c8edc364..7d2242d5 100755
--- a/iam/iamclient-list.sh
+++ b/iam/iamclient-list.sh
@@ -1,7 +1,7 @@
#!/bin/sh
export admin_username=oauthadmin
-export admin_password=WscBdFZrQNABICXwqzAjsnrPqnqGmUP1
+export admin_password=1k1KE0U3qOfeNVnR9kajp22zQud0Byat
export registration_url=https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idauth/oidc/endpoint/OP/registration
export OIDC_CLIENT_ID=iamclient4odm
diff --git a/iam/iamclient-update.sh b/iam/iamclient-update.sh
index 196e3fd1..63c76dce 100755
--- a/iam/iamclient-update.sh
+++ b/iam/iamclient-update.sh
@@ -1,7 +1,7 @@
#!/bin/sh
export admin_username=oauthadmin
-export admin_password=WscBdFZrQNABICXwqzAjsnrPqnqGmUP1
+export admin_password=1k1KE0U3qOfeNVnR9kajp22zQud0Byat
export registration_url=https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idauth/oidc/endpoint/OP/registration
export client_name=iamclient4odm
export client_secret=iamsecret4odm
diff --git a/iam/management-ingress-chain.pem b/iam/management-ingress-chain.pem
index e73d40fb..0e3cae6d 100644
--- a/iam/management-ingress-chain.pem
+++ b/iam/management-ingress-chain.pem
@@ -1,6 +1,6 @@
-----BEGIN CERTIFICATE-----
-MIIDcDCCAligAwIBAgIQBIh70Y/tX7etyF11bgQL7jANBgkqhkiG9w0BAQsFADAzMRUwEwYDVQQKEwxjZXJ0LW1hbmFnZXIxGjAYBgNVBAMTEWNzLWNhLWNlcnRpZmljYXRlMB4XDTIwMTAyODE4NTAwNloXDTIxMTAyODE4NTAwNlowNDEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMRswGQYDVQQDExJtYW5hZ2VtZW50LWluZ3Jlc3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdD9/caytrM8gip7gRSnKtrnEwLHo3GrzUCaFRUmT1NaVbmaY1yct9PYzti6im34C7ztyl0fR+wteREp2HVvrDF68h7Af/tpIGPIWKVNLePN3IFzCtMjvBF8hbzSyPHGtb2efbzDdmIVdtSBs7QlhHQeoG547T1yBHxeGswDCl43Qa1N5yTVnegjMcCHVkZFr7R9mug1AitXOMgjjqqAQCCYY5OE2edQ5uuEOh78m/SIIKGa4cIMl1IH2d24rV3s8GSl2N7wAVHPd4oq1PhtHMlDjdiZaDxRlARbmn8f8ZSVDVCYI9eW3ML9XLY6M1WXdY5D2HjkLYFCxtegjcCKD3AgMBAAGjfzB9MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMEgGA1UdEQRBMD+CEm1hbmFnZW1lbnQtaW5ncmVzc4IpY3AtY29uc29sZS5hcHBzLm9jcDQ2MWRiYS5jcC5meXJlLmlibS5jb20wDQYJKoZIhvcNAQELBQADggEBAAce5jL631G/oF6zOKTXxUnnkAIj+g7eC7LiByfZLJmVodv4BuqAOt4MFQkwix0sO86wbKlQLamyX2TlprkceVhS87UxsmuLh8oFb0b3fqdHnkambvWHfMY2BaD3pfFad5+RkcDWTkbbWyn8iHlZedobiG/kLrkQP/aaOsWbgL7VqNK47cnMJeWJvafYMFQtyx4oafkjI5t8mBfZsEMKmLTeq4C2HpoeoKcN8HUS/yN9xLiproncwXLGRX52ZiancDfqZRjQBnWyPRzZcvreP/7q8f7jX1vdM4/n/934uE2d5/ES2sTTzG3UrNqHPpXYsMEhBVVk1Y/JSfuUmsT5Qm4=
+MIIDcTCCAlmgAwIBAgIRAMPhMAPFJJ9hQr0RY9Bic04wDQYJKoZIhvcNAQELBQAwMzEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMRowGAYDVQQDExFjcy1jYS1jZXJ0aWZpY2F0ZTAeFw0yMDEyMDQxODAyNDdaFw0yMTEyMDQxODAyNDdaMDQxFTATBgNVBAoTDGNlcnQtbWFuYWdlcjEbMBkGA1UEAxMSbWFuYWdlbWVudC1pbmdyZXNzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EulB98b2+oi/kZhUTAGD2TL4+FogxnkmU02U4u11fAntH/5ofRoWtUTXnO5c73t7gW5TFdomvadUgjY4OLjidpQKBI+mtk48Bl2tLPfUfHVfCeBF5a1X5q+Da2IH0OtWhmXeNRn1UqVw4NVddF32hQnRqiS4gldubEFq0TMFTXFqQ6MWWjHQrUGC5f6rhsrtyc0IKoq6+d4CPihiaanra2QX6Dd8qIwjcTgQam6lJHGMkCdELzc8Z5CWHIpCV+KwDWpcXsZxtFYTB5O6xhbwNbypUaBqNGtZyjDCqJ4iLzIP+iu26679x1cVhVE0Kwsw4siUWeKXrLXTA1+4/DqFwIDAQABo38wfTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADBIBgNVHREEQTA/ghJtYW5hZ2VtZW50LWluZ3Jlc3OCKWNwLWNvbnNvbGUuYXBwcy5vY3A0NjFkYmEuY3AuZnlyZS5pYm0uY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCqBJcc+UVK1tu6giBQhOnvVTkzahktJeyEKVj0MV1piQ1ck0sGDldrKaLWAWoKlO4jZEnpjrAJiGmM2YCmkksAhoYnvISRldzS7D9YoBRBfSCUmn/tBfbw8a8liMTHHXh8q0AXXaZqRTBr7kWD1oMCYixEQcfxgVbk2aM8dKTD/B4wqcHMX6RuEsomOQeAV0ioOhFVn7+j3T+Rck8F5F1qZ9M8D9rHpSg5KP9Sj92egYtXOvtUKjp2yrhWY6mL8L3I9VVGnjao2CuAoPkK9Cx9G7PwPc9gIQzLRbJdxanRGunoZ+2f3ASqukN+GMtaYFdbUoBkjoyUx9MEdCWRqdOG
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIDMTCCAhmgAwIBAgIQelTnPx1UM8pzef2p5Dp5IzANBgkqhkiG9w0BAQsFADAzMRUwEwYDVQQKEwxjZXJ0LW1hbmFnZXIxGjAYBgNVBAMTEWNzLWNhLWNlcnRpZmljYXRlMB4XDTIwMTAyODE4NDczOFoXDTIxMDEyNjE4NDczOFowMzEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMRowGAYDVQQDExFjcy1jYS1jZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWJS4sPE8+0QKUZ1pMZvunpBaGixwOLerNVjnwrBjB80wgaieypTiCIVumvCcj3WfRVB30et9vYVruUoG0abzjM5anfCIhQaPjOVEOgVQfD62RTh56V6Pv2WKtr3lRUOktLeJxf5Z5myggPCBPvOXufqXhBU//nHWZD3Jp6TrGEbSI4N8ApFpiSamJAklkIiQ+XtTdqZrdR6estDfqPRbEJuyh31R7DzBAg5NFkSSihp8TQpsq48357vS1B9jC1eSSPXVTFEe+sDRItU5Jw3GOIqyF4RqEn8UKxhI4p+GwnPQxJ6KVP6EKUWeoobjcFp6BxbTHKSbz5Ml1h0594gnUCAwEAAaNBMD8wDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB/wQFMAMBAf8wHAYDVR0RBBUwE4IRY3MtY2EtY2VydGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBAKFR8B6+AwxPJX1aY1iFw9gpHO6uKxMoHOPZMU0oUWRrf0uRoXquJGSzTBDkcnFJvdF3dW+kuDQ32sg22RK1FgdZap8SzS5kWYDjuFWopZHJxPRy7UDpeX88rlLSNgvF9UTAsC3zk3XJdv1lkiIyhIilWc4+naROrFnNdk3V5yh7+zbe2Qu1v9eTsvNDAQuSLmnbactoHr4gi5ENiBifrM3npmQ/bPIbxW1ttTd7+phChcAYhrS7vPTXzrkQm1w9Nk5tLjbEvJKjsS6VblqoVDa0xER6FgmFG6JDXoWbkqybB8tkyB4bEeZTUNLfu3iDIjHL5GwieN7OV0xQF6Jfb/o=
+MIIDMTCCAhmgAwIBAgIQSMFVkrZ/xeZmYGUGveXIlDANBgkqhkiG9w0BAQsFADAzMRUwEwYDVQQKEwxjZXJ0LW1hbmFnZXIxGjAYBgNVBAMTEWNzLWNhLWNlcnRpZmljYXRlMB4XDTIwMTEyMDEzMzczN1oXDTIxMDIxODEzMzczN1owMzEVMBMGA1UEChMMY2VydC1tYW5hZ2VyMRowGAYDVQQDExFjcy1jYS1jZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALRBTUGjO4PR0VX3hxVrs6Pu6dJswKkoQ6Rzkt2wRcqvHWWVinVEFT6g7bPR8kyMGjHvOKVGx8yUTfaqGxgVOR9A/nJyivsvmyxyoSFIWIbp/78w5jzStA/Je2xHgb+YKrJ7j+fLGrOqWbYHKYNlYcwa8jey8YVL/TDuNV2+5/VvvGeXCQ5OKdTtwK/pHYue2U2xoLWAhx5c7lBJkH2W+HZn8nwtkN0f5nmOmtPr6WTwsXbiWCO4tuvq0OQZ2a4MMguo9xCVQjrGB0XJ46lj4Mnf0PWPP7NBHIfmtUWp/1xKSfYklETzaBVs9+goDT3BCozSHPeJk6JmSLAgXcIWiJ8CAwEAAaNBMD8wDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB/wQFMAMBAf8wHAYDVR0RBBUwE4IRY3MtY2EtY2VydGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBAKhS5j37cV38duQOha/NffHeZgtX9DCmct+tmbfawgrVxRaIFtuPy0ODq4K+nw1bY6H+f4yi/h1drwvSMb7PXizMcrZLP8lbvHzgphoCaDInfAqCXyMii7t2hbfZ5O/GxjmiQaCkCa9CVbaqb4NvJK4v0YnMwAgMaP39d8zJbcXlrH5M9FZZUhrqWTDHASZAoKKRaQvAHW5n9pueKI0vqgvR5zBHB7lCvRi0MBebhURF7bicO4i4LXPorG92K4odax4CsUDoypUyKVDnDqGWQMv9bVaZBdRwFMQ3Mg69euRyr/1AssYzm9dNUjcQ1QCBGEAHgZCyrGsPm9ekb7nxw44=
-----END CERTIFICATE-----
diff --git a/iam/openIdWebSecurity.xml b/iam/openIdWebSecurity.xml
index fe441b92..704b9e06 100644
--- a/iam/openIdWebSecurity.xml
+++ b/iam/openIdWebSecurity.xml
@@ -7,10 +7,10 @@
signatureAlgorithm="RS256" inboundPropagation="supported"
authorizationEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/authorize"
tokenEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/token"
- jwkEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/oidc/endpoint/OP/jwk"
+ jwkEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/jwk"
realmIdentifier="customRealm"
realmName="customRealm"
- issuerIdentifier="https://127.0.0.1:443/idauth/oidc/endpoint/OP"
+ issuerIdentifier="https://127.0.0.1:443/idauth/oidc/endpoint/OP,https://mycluster.icp:9443/oidc/token"
groupIdentifier="groups"
validationEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/introspect"/>
@@ -21,8 +21,8 @@
signatureAlgorithm="RS256" inboundPropagation="required"
authorizationEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/authorize"
tokenEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/token"
- jwkEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/oidc/endpoint/OP/jwk"
- issuerIdentifier="https://127.0.0.1:443/idauth/oidc/endpoint/OP"
+ jwkEndpointUrl="https://cp-console.apps.ocp461dba.cp.fyre.ibm.com/idprovider/v1/auth/jwk"
+ issuerIdentifier="https://127.0.0.1:443/idauth/oidc/endpoint/OP,https://mycluster.icp:9443/oidc/token"
realmIdentifier="customRealm"
realmName="customRealm"
groupIdentifier="groups"
diff --git a/iam/ruleApp_DeploySample_1.0.jar b/iam/ruleApp_DeploySample_1.0.jar
new file mode 100644
index 00000000..de18c460
Binary files /dev/null and b/iam/ruleApp_DeploySample_1.0.jar differ
diff --git a/iam/truststore.jks b/iam/truststore.jks
index 17c24754..23447561 100644
Binary files a/iam/truststore.jks and b/iam/truststore.jks differ
diff --git a/odm-standalone.yml b/odm-standalone.yml
index 42be9b91..18ee4daf 100644
--- a/odm-standalone.yml
+++ b/odm-standalone.yml
@@ -25,5 +25,6 @@ services:
- 9453:9453
# Uncomment this line to persist your data. Note that on OSX you need to share this
# current directory in the Preference menu -> File Sharing menu.
- # volumes:
+ volumes:
# - ./h2data:/config/dbdata/
+ - ./plugin-configuration.properties:/config/baiemitterconfig/plugin-configuration.properties
diff --git a/odm-ums.yml b/odm-ums.yml
index a97badee..ab5f3aad 100755
--- a/odm-ums.yml
+++ b/odm-ums.yml
@@ -48,7 +48,7 @@ services:
- OPENID_PROVIDER=ums
- OPENID_CLIENT_ID=umsclient4odm
- OPENID_CLIENT_SECRET=umssecret4odm
- - OPENID_ALLOWED_DOMAINS=fr.eurolabs.ibm.com
+ - OPENID_ALLOWED_DOMAINS=odmdev09r.fr.eurolabs.ibm.com:9665,fr.eurolabs.ibm.com
volumes:
- ${PWD}/ums/webSecurity.xml:/config/auth/webSecurity.xml
- ${PWD}/ums/keystore.jks:/config/security/keystore.jks
@@ -81,7 +81,7 @@ services:
- OPENID_PROVIDER=ums
- OPENID_CLIENT_ID=umsclient4odm
- OPENID_CLIENT_SECRET=umssecret4odm
- - OPENID_ALLOWED_DOMAINS=fr.eurolabs.ibm.com
+ - OPENID_ALLOWED_DOMAINS=odmdev09r.fr.eurolabs.ibm.com:9665,fr.eurolabs.ibm.com
volumes:
- ${PWD}/ums/webSecurity.xml:/config/auth/webSecurity.xml
- ${PWD}/ums/keystore.jks:/config/security/keystore.jks
@@ -115,7 +115,7 @@ services:
- OPENID_PROVIDER=ums
- OPENID_CLIENT_ID=umsclient4odm
- OPENID_CLIENT_SECRET=umssecret4odm
- - OPENID_ALLOWED_DOMAINS=fr.eurolabs.ibm.com
+ - OPENID_ALLOWED_DOMAINS=odmdev09r.fr.eurolabs.ibm.com:9665,fr.eurolabs.ibm.com
volumes:
- ${PWD}/ums/webSecurity.xml:/config/auth/webSecurity.xml
- ${PWD}/ums/keystore.jks:/config/security/keystore.jks
@@ -150,7 +150,7 @@ services:
- OPENID_PROVIDER=ums
- OPENID_CLIENT_ID=umsclient4odm
- OPENID_CLIENT_SECRET=umssecret4odm
- - OPENID_ALLOWED_DOMAINS=fr.eurolabs.ibm.com
+ - OPENID_ALLOWED_DOMAINS=odmdev09r.fr.eurolabs.ibm.com:9665,fr.eurolabs.ibm.com
volumes:
- ${PWD}/ums/webSecurity.xml:/config/auth/webSecurity.xml
- ${PWD}/ums/keystore.jks:/config/security/keystore.jks
diff --git a/standalone/script/runserver.sh b/standalone/script/runserver.sh
index 1307e06a..2b2fd220 100755
--- a/standalone/script/runserver.sh
+++ b/standalone/script/runserver.sh
@@ -5,6 +5,8 @@ set -e
${SCRIPT}/checkLicense.sh
+$SCRIPT/enableMetering.sh
+
if [ ! -f /config/initializeddb.flag ] ; then
if [ "$SAMPLE" = "true" ] ; then
engineJarFile=$(ls ${APPS}/*/WEB-INF/lib/*engine*.jar | sed -n 1p)
@@ -30,6 +32,14 @@ if [ ! -f /config/initialized.flag ] ; then
if [ -f "/config/baiemitterconfig/plugin-configuration.properties" ]; then
echo "Enable BAI Emitter Plugin"
sed -i 's/{pluginClass=HTDS}/&,{pluginClass=ODMEmitterForBAI}/' ra.xml;
+ if [ -f "/config/pluginconfig/plugin-configuration.properties" ]; then
+ echo "concat BAI Emitter and Metering plugins"
+ cat /config/baiemitterconfig/plugin-configuration.properties >> /config/pluginconfig/plugin-configuration.properties
+ else
+ echo "create plugin directory /config/pluginconfig"
+ mkdir /config/pluginconfig
+ cp /config/baiemitterconfig/plugin-configuration.properties /config/pluginconfig/plugin-configuration.properties
+ fi
fi
touch /config/initialized.flag
@@ -56,8 +66,6 @@ else
sed -i 's|RELEASE_NAME|'$HOSTNAME'|g' /config/httpSession.xml
fi
-$SCRIPT/enableMetering.sh
-
$SCRIPT/configureDatabase.sh h2
$SCRIPT/updateDatasource.sh
diff --git a/ums/openIdParameters.properties b/ums/openIdParameters.properties
index 9598014d..3c9847d4 100644
--- a/ums/openIdParameters.properties
+++ b/ums/openIdParameters.properties
@@ -7,4 +7,4 @@ OPENID_CLIENT_ID=umsclient4odm
OPENID_CLIENT_SECRET=umssecret4odm
OPENID_TOKEN_FORMAT=NON-JWT
OPENID_LOGOUT_URL=https://odmdev09r.fr.eurolabs.ibm.com:9665/oidc/endpoint/ums/logout
-OPENID_ALLOWED_DOMAINS=fr.eurolabs.ibm.com
+OPENID_ALLOWED_DOMAINS=odmdev09r.fr.eurolabs.ibm.com:9665,fr.eurolabs.ibm.com