Code Review / dmaap / datarouter.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
update link to upper-constraints.txt
[dmaap/datarouter.git] / datarouter-node / src / main / java / org / onap / dmaap / datarouter / node / NodeServer.java
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java
index 58fe72b..1a29f68 100644 (file)
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java
@@ -22,9 +22,6 @@ package org.onap.dmaap.datarouter.node;
 
 import com.att.eelf.configuration.EELFLogger;
 import com.att.eelf.configuration.EELFManager;
-import java.util.EnumSet;
-import javax.servlet.DispatcherType;
-import javax.servlet.ServletException;
 import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
@@ -33,31 +30,31 @@ import org.eclipse.jetty.server.SecureRequestCustomizer;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.server.SslConnectionFactory;
-import org.eclipse.jetty.servlet.FilterHolder;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.jetbrains.annotations.NotNull;
+import org.onap.dmaap.datarouter.node.delivery.Delivery;
 
 
 public class NodeServer {
 
-    private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class);
+    private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class);
 
     private static Server server;
     private static Delivery delivery;
 
-    private NodeServer(){
-    }
+    private NodeServer(){}
 
-    static Server getServerInstance() {
+    static Server getServerInstance(NodeConfigManager nodeConfigManager) {
         if (server == null) {
-            server = createNodeServer(NodeConfigManager.getInstance());
+            server = createNodeServer(nodeConfigManager);
         }
         return server;
     }
 
     private static Server createNodeServer(NodeConfigManager nodeConfigManager) {
+        eelfLogger.info("NODE0005 Creating new NodeServer");
         server = new Server();
         delivery = new Delivery(nodeConfigManager);
 
@@ -70,47 +67,44 @@ public class NodeServer {
             httpServerConnector.setPort(nodeConfigManager.getHttpPort());
             httpServerConnector.setIdleTimeout(2000);
 
-            SslContextFactory sslContextFactory = getSslContextFactory(nodeConfigManager);
-
-            HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
-            httpsConfiguration.setRequestHeaderSize(8192);
-
-            SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
-            secureRequestCustomizer.setStsMaxAge(2000);
-            secureRequestCustomizer.setStsIncludeSubDomains(true);
-            httpsConfiguration.addCustomizer(secureRequestCustomizer);
-
-            // HTTPS connector
-            try (ServerConnector httpsServerConnector = new ServerConnector(server,
-                new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
-                new HttpConnectionFactory(httpsConfiguration))) {
-
-                httpsServerConnector.setPort(nodeConfigManager.getHttpsPort());
-                httpsServerConnector.setIdleTimeout(3600000);
-                httpsServerConnector.setAcceptQueueSize(2);
-
-                //Context Handler
-                ServletContextHandler servletContextHandler = new ServletContextHandler(0);
-                servletContextHandler.setContextPath("/");
-                servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*");
-
-                //CADI Filter activation check
-                if (nodeConfigManager.getCadiEnabled()) {
-                    try {
-                        servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true,
-                                nodeConfigManager.getNodeAafPropsUtils().getPropAccess())), "/*",
-                            EnumSet.of(DispatcherType.REQUEST));
-                    } catch (ServletException e) {
-                        eelfLogger.error("Failed to add CADI Filter: " + e.getMessage(), e);
-                    }
-                }
-                server.setHandler(servletContextHandler);
-                server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
+            //Context Handler
+            ServletContextHandler servletContextHandler = new ServletContextHandler(0);
+            servletContextHandler.setContextPath("/");
+            servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery, nodeConfigManager)), "/*");
+
+            if (nodeConfigManager.isTlsEnabled()) {
+                initialiseHttpsConnector(nodeConfigManager, httpConfiguration, httpServerConnector);
+            } else {
+                eelfLogger.info("NODE0005 Adding HTTP Connector");
+                server.setConnectors(new Connector[]{httpServerConnector});
             }
+            server.setHandler(servletContextHandler);
         }
         return server;
     }
 
+    private static void initialiseHttpsConnector(NodeConfigManager nodeConfigManager, HttpConfiguration httpConfiguration,
+        ServerConnector httpServerConnector) {
+        HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
+        httpsConfiguration.setRequestHeaderSize(8192);
+
+        SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
+        secureRequestCustomizer.setStsMaxAge(2000);
+        secureRequestCustomizer.setStsIncludeSubDomains(true);
+        httpsConfiguration.addCustomizer(secureRequestCustomizer);
+
+        // HTTPS connector
+        try (ServerConnector httpsServerConnector = new ServerConnector(server,
+            new SslConnectionFactory(getSslContextFactory(), HttpVersion.HTTP_1_1.asString()),
+            new HttpConnectionFactory(httpsConfiguration))) {
+            httpsServerConnector.setPort(nodeConfigManager.getHttpsPort());
+            httpsServerConnector.setIdleTimeout(3600000);
+            httpsServerConnector.setAcceptQueueSize(2);
+            eelfLogger.info("NODE0005 TLS Enabled: Adding HTTP/S Connectors");
+            server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
+        }
+    }
+
     /**
      * Reset the retry timer for a subscription.
      */
@@ -120,12 +114,16 @@ public class NodeServer {
 
 
     @NotNull
-    private static SslContextFactory getSslContextFactory(NodeConfigManager nodeConfigManager) {
-        SslContextFactory sslContextFactory = new SslContextFactory();
-        sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType());
-        sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile());
-        sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass());
-        sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass());
+    private static SslContextFactory.Server getSslContextFactory() {
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        sslContextFactory.setKeyStoreType(NodeConfigManager.getNodeTlsManager().getKeyStoreType());
+        sslContextFactory.setKeyStorePath(NodeConfigManager.getNodeTlsManager().getKeyStorefile());
+        sslContextFactory.setKeyStorePassword(NodeConfigManager.getNodeTlsManager().getKeyStorePassword());
+        sslContextFactory.setKeyManagerPassword(NodeConfigManager.getNodeTlsManager().getKeyManagerPassword());
+
+//        sslContextFactory.setTrustStoreType(NodeConfigManager.getNodeTlsManager().getTrustStoreType());
+//        sslContextFactory.setTrustStorePath(ProvRunner.getAafPropsUtils().getTruststorePathProperty());
+//        sslContextFactory.setTrustStorePassword(ProvRunner.getAafPropsUtils().getTruststorePassProperty());
 
         sslContextFactory.setExcludeCipherSuites(
             "SSL_RSA_WITH_DES_CBC_SHA",
@@ -136,8 +134,8 @@ public class NodeServer {
             "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
             "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
         );
-
         sslContextFactory.addExcludeProtocols("SSLv3");
+        sslContextFactory.setIncludeProtocols(NodeConfigManager.getNodeTlsManager().getEnabledProtocols());
         eelfLogger.info("Unsupported protocols: " + String.join(",", sslContextFactory.getExcludeProtocols()));
         eelfLogger.info("Supported protocols: " + String.join(",", sslContextFactory.getIncludeProtocols()));
         eelfLogger.info("Unsupported ciphers: " + String.join(",", sslContextFactory.getExcludeCipherSuites()));
The Data Routing System project is intended to provide a common framework by which data producers can make data available to data consumers and a way for potential consumers to find feeds with the data they require. The interface to DR is exposed as a RESTful web service known as the DR Publishing and Delivery API