import java.util.HashMap;
import java.util.Map;
+import javax.annotation.PostConstruct;
import org.eclipse.jetty.util.security.Password;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.support.SpringBootServletInitializer;
import org.springframework.context.annotation.ImportResource;
+import org.springframework.core.env.Environment;
@SpringBootApplication
@ImportResource({"file:${SERVICE_BEANS}/*.xml"})
public class ChampApplication extends SpringBootServletInitializer {
+ @Autowired
+ private Environment env;
+
public static void main(String[] args) {
String keyStorePassword = System.getProperty("KEY_STORE_PASSWORD");
if (keyStorePassword == null || keyStorePassword.isEmpty()) {
}
Map<String, Object> props = new HashMap<>();
- props.put("server.ssl.key-store-password", Password.deobfuscate(keyStorePassword));
+ String deobfuscatedKeyStorePassword = keyStorePassword.startsWith("OBF:") ? Password.deobfuscate(keyStorePassword) : keyStorePassword;
+ props.put("server.ssl.key-store-password", deobfuscatedKeyStorePassword);
+
+ String trustStoreLocation = System.getProperty("TRUST_STORE_LOCATION");
+ String trustStorePassword = System.getProperty("TRUST_STORE_PASSWORD");
+ if (trustStoreLocation != null && trustStorePassword != null) {
+ trustStorePassword = trustStorePassword.startsWith("OBF:") ? Password.deobfuscate(trustStorePassword) : trustStorePassword;
+ props.put("server.ssl.trust-store", trustStoreLocation);
+ props.put("server.ssl.trust-store-password", trustStorePassword);
+ }
+
+ String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+ if (requireClientAuth == null || requireClientAuth.isEmpty()) {
+ props.put("server.ssl.client-auth", "need");
+ }else {
+ props.put("server.ssl.client-auth",requireClientAuth.equals("true")?"need":"want");
+ }
+
+
new ChampApplication().configure(new SpringApplicationBuilder(ChampApplication.class).properties(props))
.run(args);
}
+
+ /**
+ * Set required trust store system properties using values from application.properties
+ */
+ @PostConstruct
+ public void setSystemProperties() {
+ String trustStorePath = env.getProperty("server.ssl.key-store");
+ if (trustStorePath != null) {
+ String trustStorePassword = env.getProperty("server.ssl.key-store-password");
+
+ if (trustStorePassword != null) {
+ System.setProperty("javax.net.ssl.trustStore", trustStorePath);
+ System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
+ } else {
+ throw new IllegalArgumentException("Env property server.ssl.key-store-password not set");
+ }
+ }
+ }
}