+ // Request log configuration
+ NCSARequestLog ncsaRequestLog = new NCSARequestLog();
+ ncsaRequestLog.setFilename(provProperties
+ .getProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir")
+ + "/request.log.yyyy_mm_dd");
+ ncsaRequestLog.setFilenameDateFormat("yyyyMMdd");
+ ncsaRequestLog.setRetainDays(90);
+ ncsaRequestLog.setAppend(true);
+ ncsaRequestLog.setExtended(false);
+ ncsaRequestLog.setLogCookies(false);
+ ncsaRequestLog.setLogTimeZone("GMT");
+
+ RequestLogHandler requestLogHandler = new RequestLogHandler();
+ requestLogHandler.setRequestLog(ncsaRequestLog);
+ server.setRequestLog(ncsaRequestLog);
+
+ // HTTP configuration
+ HttpConfiguration httpConfiguration = new HttpConfiguration();
+ httpConfiguration.setSecureScheme("https");
+ httpConfiguration.setSecurePort(httpsPort);
+ httpConfiguration.setOutputBufferSize(32768);
+ httpConfiguration.setRequestHeaderSize(8192);
+ httpConfiguration.setResponseHeaderSize(8192);
+ httpConfiguration.setSendServerVersion(true);
+ httpConfiguration.setSendDateHeader(false);
+
+ try {
+ AafPropsUtils.init(new File(provProperties.getProperty(
+ "org.onap.dmaap.datarouter.provserver.aafprops.path",
+ "/opt/app/osaaf/local/org.onap.dmaap-dr.props")));
+ } catch (IOException e) {
+ intlogger.error("NODE0314 Failed to load AAF props. Exiting", e);
+ exit(1);
+ }
+ aafPropsUtils = AafPropsUtils.getInstance();
+
+ //HTTP Connector
+ HandlerCollection handlerCollection;
+ try (ServerConnector httpServerConnector =
+ new ServerConnector(server, new HttpConnectionFactory(httpConfiguration))) {
+ httpServerConnector.setPort(httpPort);
+ httpServerConnector.setAcceptQueueSize(2);
+ httpServerConnector.setIdleTimeout(300000);
+
+ // SSL Context
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY);
+ sslContextFactory.setKeyStorePath(aafPropsUtils.getKeystorePathProperty());
+ sslContextFactory.setKeyStorePassword(aafPropsUtils.getKeystorePassProperty());
+ sslContextFactory.setKeyManagerPassword(aafPropsUtils.getKeystorePassProperty());
+
+ String truststorePathProperty = aafPropsUtils.getTruststorePathProperty();
+ if (truststorePathProperty != null && truststorePathProperty.length() > 0) {
+ intlogger.info("@@ TS -> " + truststorePathProperty);
+ sslContextFactory.setTrustStoreType(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY);
+ sslContextFactory.setTrustStorePath(truststorePathProperty);
+ sslContextFactory.setTrustStorePassword(aafPropsUtils.getTruststorePassProperty());
+ } else {
+ sslContextFactory.setTrustStorePath(AafPropsUtils.DEFAULT_TRUSTSTORE);
+ sslContextFactory.setTrustStorePassword("changeit");
+ }
+
+ sslContextFactory.setWantClientAuth(true);
+ sslContextFactory.setExcludeCipherSuites(
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ );
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ sslContextFactory.setIncludeProtocols(provProperties.getProperty(
+ "org.onap.dmaap.datarouter.provserver.https.include.protocols",
+ "TLSv1.1|TLSv1.2").trim().split("\\|"));
+
+ intlogger.info("Not supported protocols prov server:-"
+ + String.join(",", sslContextFactory.getExcludeProtocols()));
+ intlogger.info("Supported protocols prov server:-"
+ + String.join(",", sslContextFactory.getIncludeProtocols()));
+ intlogger.info("Not supported ciphers prov server:-"
+ + String.join(",", sslContextFactory.getExcludeCipherSuites()));
+ intlogger.info("Supported ciphers prov server:-"
+ + String.join(",", sslContextFactory.getIncludeCipherSuites()));
+
+ // HTTPS configuration
+ HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
+ httpsConfiguration.setRequestHeaderSize(8192);
+
+ // HTTPS connector
+ try (ServerConnector httpsServerConnector = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(httpsConfiguration))) {
+
+ httpsServerConnector.setPort(httpsPort);
+ httpsServerConnector.setIdleTimeout(30000);
+ httpsServerConnector.setAcceptQueueSize(2);
+
+ // Servlet and Filter configuration
+ ServletContextHandler servletContextHandler = new ServletContextHandler(0);
+ servletContextHandler.setContextPath("/");
+ servletContextHandler.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
+ servletContextHandler.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
+ servletContextHandler.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
+ servletContextHandler.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
+ servletContextHandler.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
+ servletContextHandler.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
+ servletContextHandler.addServlet(new ServletHolder(new GroupServlet()), "/group/*");
+ servletContextHandler.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
+ servletContextHandler.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
+ servletContextHandler.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
+ servletContextHandler.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
+ servletContextHandler.addFilter(new FilterHolder(new ThrottleFilter()),
+ "/publish/*", EnumSet.of(DispatcherType.REQUEST));
+
+ //CADI Filter activation check
+ if (Boolean.parseBoolean(provProperties.getProperty(
+ "org.onap.dmaap.datarouter.provserver.cadi.enabled", "false"))) {
+ servletContextHandler.addFilter(new FilterHolder(new DRProvCadiFilter(true, aafPropsUtils.getPropAccess())),
+ "/*", EnumSet.of(DispatcherType.REQUEST));
+ intlogger.info("PROV0001 AAF CADI Auth enabled for ");
+ }
+
+ ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection();
+ contextHandlerCollection.addHandler(servletContextHandler);
+
+ // Server's Handler collection
+ handlerCollection = new HandlerCollection();
+ handlerCollection.setHandlers(new Handler[]{contextHandlerCollection, new DefaultHandler()});
+ handlerCollection.addHandler(requestLogHandler);
+
+ server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
+ }
+ }
+ server.setHandler(handlerCollection);
+
+ // Daemon to clean up the log directory on a daily basis
+ Timer rolex = new Timer();
+ rolex.scheduleAtFixedRate(new PurgeLogDirTask(), 0, 86400000L); // run once per day
+
+ // Start LogfileLoader
+ LogfileLoader.getLoader();
+
+ try {
+ server.start();
+ intlogger.info("Prov Server started-" + server.getState());
+ } catch (Exception e) {
+ intlogger.error("Jetty failed to start. Exiting: " + e.getMessage(), e);
+ exit(1);
+ }