Auto-detect secure HTTP in the idmtool script
This enables auto-detection of secure HTTP (SSL, TLS) through taking a peek
into org.ops4j.pax.web.cfg. If HTTPS is enabled, then it is preferred over
HTTP. This behavior can still be overridden through the use of the
"--target-host" option during idmtool script invocation. The script attempts
to use the specified HTTPS port from the pax web config. If no such port is
specified (perfectly valid), then the default port, 8443, is utilized. If
HTTPS is not enabled, then HTTP is used.
The value in this is that controllers should run HTTPS on Northbound RESTCONF,
and currently to make this script work with an HTTPS controller the
--target-host option needs to be specified. This makes administering a
controller with HTTPS harder and there are more steps to remember. If anything,
a product should aim to make security easier so it is actually utilized.
Again, if a more advanced configuration is needed, the "--target-host" will
override the default behavior. This simply enforces best security practices
as default, falling back on insecure options if needed.
Change-Id: I544a23d0266cef90cab01f28c8bb970ffcc9ddb6
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Code Review / aaa.git / commit