-/*******************************************************************************\r
- * ============LICENSE_START==================================================\r
- * * org.onap.dmaap\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-\r
-\r
-package org.onap.dmaap.datarouter.node;\r
-\r
-import org.eclipse.jetty.servlet.*;\r
-import org.eclipse.jetty.util.ssl.*;\r
-import org.eclipse.jetty.server.*;\r
-import org.eclipse.jetty.server.nio.*;\r
-import org.eclipse.jetty.server.ssl.*;\r
-import org.apache.log4j.Logger;\r
-\r
-/**\r
- * The main starting point for the Data Router node\r
- */\r
-public class NodeMain {\r
- private NodeMain() {}\r
- private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeMain");\r
- private static class wfconfig implements Runnable {\r
- private NodeConfigManager ncm;\r
- public wfconfig(NodeConfigManager ncm) {\r
- this.ncm = ncm;\r
- }\r
- public synchronized void run() {\r
- notify();\r
- }\r
- public synchronized void waitforconfig() {\r
- ncm.registerConfigTask(this);\r
- while (!ncm.isConfigured()) {\r
- logger.info("NODE0003 Waiting for Node Configuration");\r
- try {\r
- wait();\r
- } catch (Exception e) {\r
- }\r
- }\r
- ncm.deregisterConfigTask(this);\r
- logger.info("NODE0004 Node Configuration Data Received");\r
- }\r
- }\r
- private static Delivery d;\r
- private static NodeConfigManager ncm;\r
- /**\r
- * Reset the retry timer for a subscription\r
- */\r
- public static void resetQueue(String subid, String ip) {\r
- d.resetQueue(ncm.getSpoolDir(subid, ip));\r
- }\r
- /**\r
- * Start the data router.\r
- * <p>\r
- * The location of the node configuration file can be set using the\r
- * org.onap.dmaap.datarouter.node.ConfigFile system property. By\r
- * default, it is "etc/node.properties".\r
- */\r
- public static void main(String[] args) throws Exception {\r
- logger.info("NODE0001 Data Router Node Starting");\r
- IsFrom.setDNSCache();\r
- ncm = NodeConfigManager.getInstance();\r
- logger.info("NODE0002 I am " + ncm.getMyName());\r
- (new wfconfig(ncm)).waitforconfig();\r
- d = new Delivery(ncm);\r
- LogManager lm = new LogManager(ncm);\r
- Server server = new Server();\r
- SelectChannelConnector http = new SelectChannelConnector();\r
- http.setPort(ncm.getHttpPort());\r
- http.setMaxIdleTime(2000);\r
- http.setRequestHeaderSize(2048);\r
- SslSelectChannelConnector https = new SslSelectChannelConnector();\r
- https.setPort(ncm.getHttpsPort());\r
- https.setMaxIdleTime(30000);\r
- https.setRequestHeaderSize(8192);\r
- SslContextFactory cf = https.getSslContextFactory();\r
- \r
- /**Skip SSLv3 Fixes*/\r
- cf.addExcludeProtocols("SSLv3");\r
- logger.info("Excluded protocols node-"+cf.getExcludeProtocols());\r
- /**End of SSLv3 Fixes*/\r
-\r
- cf.setKeyStoreType(ncm.getKSType());\r
- cf.setKeyStorePath(ncm.getKSFile());\r
- cf.setKeyStorePassword(ncm.getKSPass());\r
- cf.setKeyManagerPassword(ncm.getKPass());\r
- server.setConnectors(new Connector[] { http, https });\r
- ServletContextHandler ctxt = new ServletContextHandler(0);\r
- ctxt.setContextPath("/");\r
- server.setHandler(ctxt);\r
- ctxt.addServlet(new ServletHolder(new NodeServlet()), "/*");\r
- logger.info("NODE0005 Data Router Node Activating Service");\r
- server.start();\r
- server.join();\r
- }\r
-}\r
+/*******************************************************************************
+ * ============LICENSE_START==================================================
+ * * org.onap.dmaap
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+
+package org.onap.dmaap.datarouter.node;
+
+import org.apache.log4j.Logger;
+import org.eclipse.jetty.http.HttpVersion;
+import org.eclipse.jetty.server.*;
+import org.eclipse.jetty.servlet.FilterHolder;
+import org.eclipse.jetty.servlet.ServletContextHandler;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.onap.aaf.cadi.PropAccess;
+
+import javax.servlet.DispatcherType;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.EnumSet;
+import java.util.Properties;
+
+/**
+ * The main starting point for the Data Router node
+ */
+public class NodeMain {
+
+ private NodeMain() {
+ }
+
+ private static Logger nodeMainLogger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeMain");
+
+ class Inner {
+ InputStream getCadiProps() {
+ InputStream in = null;
+ try {
+ in = getClass().getClassLoader().getResourceAsStream("drNodeCadi.properties");
+ } catch (Exception e) {
+ nodeMainLogger.error("Exception in Inner.getCadiProps() method " + e.getMessage());
+ }
+ return in;
+ }
+ }
+
+ private static class WaitForConfig implements Runnable {
+
+ private NodeConfigManager localNodeConfigManager;
+
+ WaitForConfig(NodeConfigManager ncm) {
+ this.localNodeConfigManager = ncm;
+ }
+
+ public synchronized void run() {
+ notify();
+ }
+
+ synchronized void waitForConfig() {
+ localNodeConfigManager.registerConfigTask(this);
+ while (!localNodeConfigManager.isConfigured()) {
+ nodeMainLogger.info("NODE0003 Waiting for Node Configuration");
+ try {
+ wait();
+ } catch (Exception exception) {
+ nodeMainLogger
+ .debug("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(),
+ exception);
+ }
+ }
+ localNodeConfigManager.deregisterConfigTask(this);
+ nodeMainLogger.info("NODE0004 Node Configuration Data Received");
+ }
+ }
+
+ private static Delivery delivery;
+ private static NodeConfigManager nodeConfigManager;
+
+ /**
+ * Reset the retry timer for a subscription
+ */
+ static void resetQueue(String subid, String ip) {
+ delivery.resetQueue(nodeConfigManager.getSpoolDir(subid, ip));
+ }
+
+ /**
+ * Start the data router.
+ * <p>
+ * The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.properties system
+ * property. By default, it is "/opt/app/datartr/etc/node.properties".
+ */
+ public static void main(String[] args) throws Exception {
+ nodeMainLogger.info("NODE0001 Data Router Node Starting");
+ IsFrom.setDNSCache();
+ nodeConfigManager = NodeConfigManager.getInstance();
+ nodeMainLogger.info("NODE0002 I am " + nodeConfigManager.getMyName());
+ (new WaitForConfig(nodeConfigManager)).waitForConfig();
+ delivery = new Delivery(nodeConfigManager);
+ new LogManager(nodeConfigManager);
+
+ Server server = new Server();
+
+ // HTTP configuration
+ HttpConfiguration httpConfiguration = new HttpConfiguration();
+ httpConfiguration.setRequestHeaderSize(2048);
+
+ // HTTP connector
+ try (ServerConnector httpServerConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfiguration))) {
+ httpServerConnector.setPort(nodeConfigManager.getHttpPort());
+ httpServerConnector.setIdleTimeout(2000);
+
+ // HTTPS configuration
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType());
+ sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile());
+ sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass());
+ sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass());
+
+ //SP-6 : Fixes for SDV scan to exclude/remove DES/3DES ciphers are taken care by upgrading jdk in descriptor.xml
+ sslContextFactory.setExcludeCipherSuites(
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ );
+
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ sslContextFactory.setIncludeProtocols(nodeConfigManager.getEnabledprotocols());
+ nodeMainLogger.info("NODE00004 Unsupported protocols node server:-" + String.join(",", sslContextFactory.getExcludeProtocols()));
+ nodeMainLogger.info("NODE00004 Supported protocols node server:-" + String.join(",", sslContextFactory.getIncludeProtocols()));
+ nodeMainLogger.info("NODE00004 Unsupported ciphers node server:-" + String.join(",", sslContextFactory.getExcludeCipherSuites()));
+
+ HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
+ httpsConfiguration.setRequestHeaderSize(8192);
+
+ SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
+ secureRequestCustomizer.setStsMaxAge(2000);
+ secureRequestCustomizer.setStsIncludeSubDomains(true);
+ httpsConfiguration.addCustomizer(secureRequestCustomizer);
+
+ // HTTPS connector
+ try (ServerConnector httpsServerConnector = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(httpsConfiguration))) {
+
+ httpsServerConnector.setPort(nodeConfigManager.getHttpsPort());
+ httpsServerConnector.setIdleTimeout(3600000);
+ httpsServerConnector.setAcceptQueueSize(2);
+
+ //Context Handler
+ ServletContextHandler servletContextHandler = new ServletContextHandler(0);
+ servletContextHandler.setContextPath("/");
+ servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*");
+
+ //CADI Filter activation check
+ if (nodeConfigManager.getCadiEnabeld()) {
+ Properties cadiProperties = new Properties();
+ try {
+ Inner obj = new NodeMain().new Inner();
+ InputStream in = obj.getCadiProps();
+ cadiProperties.load(in);
+ } catch (IOException e1) {
+ nodeMainLogger.error("NODE00005 Exception in NodeMain.Main() loading CADI properties " + e1.getMessage());
+ }
+ cadiProperties.setProperty("aaf_locate_url", nodeConfigManager.getAafURL());
+ nodeMainLogger.info("NODE00005 aaf_url set to - " + cadiProperties.getProperty("aaf_url"));
+
+ PropAccess access = new PropAccess(cadiProperties);
+ servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, access)), "/*", EnumSet.of(DispatcherType.REQUEST));
+ }
+
+ server.setHandler(servletContextHandler);
+ server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
+ }
+ }
+
+ try {
+ server.start();
+ nodeMainLogger.info("NODE00006 Node Server started-" + server.getState());
+ } catch (Exception e) {
+ nodeMainLogger.info("NODE00006 Jetty failed to start. Reporting will we unavailable", e);
+ }
+ server.join();
+ nodeMainLogger.info("NODE00007 Node Server joined - " + server.getState());
+ }
+}