ATNA over TLS with Spring Boot

[Dmytro Rud]

Hi

Does anybody have a working example of a Spring Boot configuration for sending ATNA records over TLS?

Thanks and best regards

Dmytro

[Sunil BK]

Hello community

any update on this matter?

Kind Regards
Sunil

[Christian Ohr]

Back from Connectathon. Will look at it next week.

Christian

--
You received this message because you are subscribed to the Google Groups "ipf-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ipf-user+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Christian Ohr]

OK, as Dmytro already has noted, the config parameters have been misspelled in the docs (with dots instead of hyphens). 

In addition, in the IpfFhirAutoConfiguration (and all other IPF Spring Boot autoconfigs), the AuditorTLSConfig and the actual Auditor beans are only initialized if ipf.atna.auditor.enabled is set to true, while the actual audits are only written if ipf.atna.auditor-enabled is set to true. Argh.

To make a long story short: for the time being, set both ipf.atna.auditor-enabled and ipf.atna.auditor.enabled to true.

This will be fixed with https://github.com/oehf/ipf/issues/153.

A valid set of properties in yml-format should look like this:

ipf:
  atna:
    auditor-enabled: true

// ignored after #153 is fixed

    auditor.enabled: true

    audit-repository-host: arr.somewhere.com
    audit-repository-port: 1234
    audit-repository-transport: TLS
    audit-enterprise-site-id: mysite
    audit-queue-class: org.openhealthtools.ihe.atna.auditor.queue.AsynchronousAuditQueue
    security-domain-name: mydomain

When starting up with a keystore/truststore configured with -Djavax.net...., TLS is configured correctly:

2017-04-10 16:28:58.463  INFO 4404 --- [           main] o.o.i.a.c.SecurityContextInitializer     : SecurityContext module org.openhealthtools.ihe.atna.nodeauth initialized

2017-04-10 16:28:58.465  INFO 4404 --- [           main] o.o.i.a.c.SecurityContextInitializer     : SecurityContext module org.openhealthtools.ihe.atna.auditor initialized

2017-04-10 16:28:58.542  INFO 4404 --- [           main] o.o.ihe.atna.auditor.AuditorTLSConfig    : ATNA uses TLS, setting up Security Domain

2017-04-10 16:28:58.665  INFO 4404 --- [           main] o.o.ihe.atna.auditor.AuditorTLSConfig    : Registered atna://arr.somewhere.com:1234 for domain 

cheers

Christian

[Sunil BK]

Somehow I still did not manage to get a proper messge.

2017-05-11 18:23:33.970  INFO 3191 --- [  restartedMain] o.o.i.a.c.SecurityContextInitializer     : SecurityContext module org.openhealthtools.ihe.atna.nodeauth initialized
2017-05-11 18:23:33.976  INFO 3191 --- [  restartedMain] o.o.i.a.c.SecurityContextInitializer     : SecurityContext module org.openhealthtools.ihe.atna.auditor initialized
2017-05-11 18:26:13.007  INFO 3191 --- [  restartedMain] o.o.ihe.atna.auditor.AuditorTLSConfig    : ATNA uses TLS, setting up Security Domain
2017-05-11 18:26:13.054  INFO 3191 --- [  restartedMain] o.o.ihe.atna.auditor.AuditorTLSConfig    : Registered atna://localhost:6514 for domain

my application properties file:
ipf.atna.auditor-enabled=true
ipf.atna.audit-enterprise-site-id=ATNATEST
ipf.atna.audit-queue-class=org.openhealthtools.ihe.atna.auditor.queue.AsynchronousAuditQueue
ipf.atna.audit-repository-transport=TLS
ipf.atna.audit-repository-host=localhost
ipf.atna.audit-repository-port=6514

Although my output is quite the same as yours.

When I try to debug I can see that UDP Protocoll is ussed instead.

What am I missing here?

--

You received this message because you are subscribed to the Google Groups "ipf-user" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ipf-user+unsubscribe@googlegroups.com.