X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=datarouter-node%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fnode%2FNodeMain.java;h=988b05ea868dd501d7e6ae1ef01008ccba112b7c;hb=a60d80ff7bfae8a152c950486d9a1877628e13a4;hp=a34bacd03cdee63533de303d36157d28eb7dd447;hpb=e4b20cc6f7c31f48ddd0de5bcd054b09a35cd510;p=dmaap%2Fdatarouter.git diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java index a34bacd0..988b05ea 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java @@ -1,113 +1,225 @@ -/******************************************************************************* - * ============LICENSE_START================================================== - * * org.onap.dmaap - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ - - -package org.onap.dmaap.datarouter.node; - -import org.eclipse.jetty.servlet.*; -import org.eclipse.jetty.util.ssl.*; -import org.eclipse.jetty.server.*; -import org.eclipse.jetty.server.nio.*; -import org.eclipse.jetty.server.ssl.*; -import org.apache.log4j.Logger; - -/** - * The main starting point for the Data Router node - */ -public class NodeMain { - private NodeMain() {} - private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeMain"); - private static class wfconfig implements Runnable { - private NodeConfigManager ncm; - public wfconfig(NodeConfigManager ncm) { - this.ncm = ncm; - } - public synchronized void run() { - notify(); - } - public synchronized void waitforconfig() { - ncm.registerConfigTask(this); - while (!ncm.isConfigured()) { - logger.info("NODE0003 Waiting for Node Configuration"); - try { - wait(); - } catch (Exception e) { - } - } - ncm.deregisterConfigTask(this); - logger.info("NODE0004 Node Configuration Data Received"); - } - } - private static Delivery d; - private static NodeConfigManager ncm; - /** - * Reset the retry timer for a subscription - */ - public static void resetQueue(String subid, String ip) { - d.resetQueue(ncm.getSpoolDir(subid, ip)); - } - /** - * Start the data router. - *

- * The location of the node configuration file can be set using the - * org.onap.dmaap.datarouter.node.ConfigFile system property. By - * default, it is "etc/node.properties". - */ - public static void main(String[] args) throws Exception { - logger.info("NODE0001 Data Router Node Starting"); - IsFrom.setDNSCache(); - ncm = NodeConfigManager.getInstance(); - logger.info("NODE0002 I am " + ncm.getMyName()); - (new wfconfig(ncm)).waitforconfig(); - d = new Delivery(ncm); - LogManager lm = new LogManager(ncm); - Server server = new Server(); - SelectChannelConnector http = new SelectChannelConnector(); - http.setPort(ncm.getHttpPort()); - http.setMaxIdleTime(2000); - http.setRequestHeaderSize(2048); - SslSelectChannelConnector https = new SslSelectChannelConnector(); - https.setPort(ncm.getHttpsPort()); - https.setMaxIdleTime(30000); - https.setRequestHeaderSize(8192); - SslContextFactory cf = https.getSslContextFactory(); - - /**Skip SSLv3 Fixes*/ - cf.addExcludeProtocols("SSLv3"); - logger.info("Excluded protocols node-"+cf.getExcludeProtocols()); - /**End of SSLv3 Fixes*/ - - cf.setKeyStoreType(ncm.getKSType()); - cf.setKeyStorePath(ncm.getKSFile()); - cf.setKeyStorePassword(ncm.getKSPass()); - cf.setKeyManagerPassword(ncm.getKPass()); - server.setConnectors(new Connector[] { http, https }); - ServletContextHandler ctxt = new ServletContextHandler(0); - ctxt.setContextPath("/"); - server.setHandler(ctxt); - ctxt.addServlet(new ServletHolder(new NodeServlet()), "/*"); - logger.info("NODE0005 Data Router Node Activating Service"); - server.start(); - server.join(); - } -} +/******************************************************************************* + * ============LICENSE_START================================================== + * * org.onap.dmaap + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ + +package org.onap.dmaap.datarouter.node; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.IOException; +import java.io.InputStream; +import java.util.EnumSet; +import java.util.Properties; +import javax.servlet.DispatcherType; +import javax.servlet.ServletException; +import org.eclipse.jetty.http.HttpVersion; +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.HttpConfiguration; +import org.eclipse.jetty.server.HttpConnectionFactory; +import org.eclipse.jetty.server.SecureRequestCustomizer; +import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.ServerConnector; +import org.eclipse.jetty.server.SslConnectionFactory; +import org.eclipse.jetty.servlet.FilterHolder; +import org.eclipse.jetty.servlet.ServletContextHandler; +import org.eclipse.jetty.servlet.ServletHolder; +import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.onap.aaf.cadi.PropAccess; + +/** + * The main starting point for the Data Router node. + */ +public class NodeMain { + + private static EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeMain.class); + private static Delivery delivery; + private static NodeConfigManager nodeConfigManager; + + private NodeMain() { + } + + /** + * Reset the retry timer for a subscription. + */ + + static void resetQueue(String subid, String ip) { + delivery.resetQueue(nodeConfigManager.getSpoolDir(subid, ip)); + } + + /** + * Start the data router. + * + *

The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.properties + * system property. By default, it is "/opt/app/datartr/etc/node.properties". + */ + public static void main(String[] args) throws Exception { + nodeMainLogger.debug("NODE0001 Data Router Node Starting"); + IsFrom.setDNSCache(); + nodeConfigManager = NodeConfigManager.getInstance(); + nodeMainLogger.debug("NODE0002 I am " + nodeConfigManager.getMyName()); + (new WaitForConfig(nodeConfigManager)).waitForConfig(); + delivery = new Delivery(nodeConfigManager); + new LogManager(nodeConfigManager); + + Server server = new Server(); + + // HTTP configuration + HttpConfiguration httpConfiguration = new HttpConfiguration(); + httpConfiguration.setRequestHeaderSize(2048); + + // HTTP connector + try (ServerConnector httpServerConnector = new ServerConnector(server, + new HttpConnectionFactory(httpConfiguration))) { + httpServerConnector.setPort(nodeConfigManager.getHttpPort()); + httpServerConnector.setIdleTimeout(2000); + + // HTTPS configuration + SslContextFactory sslContextFactory = new SslContextFactory(); + sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType()); + sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile()); + sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass()); + sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass()); + + //SP-6: Fixes for SDV scan to exclude/remove DES/3DES + // ciphers are taken care by upgrading jdk in descriptor.xml + sslContextFactory.setExcludeCipherSuites( + "SSL_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_DSS_WITH_DES_CBC_SHA", + "SSL_RSA_EXPORT_WITH_RC4_40_MD5", + "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" + ); + + sslContextFactory.addExcludeProtocols("SSLv3"); + sslContextFactory.setIncludeProtocols(nodeConfigManager.getEnabledprotocols()); + nodeMainLogger.debug("NODE00004 Unsupported protocols node server:-" + + String.join(",", sslContextFactory.getExcludeProtocols())); + nodeMainLogger.debug("NODE00004 Supported protocols node server:-" + + String.join(",", sslContextFactory.getIncludeProtocols())); + nodeMainLogger.debug("NODE00004 Unsupported ciphers node server:-" + + String.join(",", sslContextFactory.getExcludeCipherSuites())); + + HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); + httpsConfiguration.setRequestHeaderSize(8192); + + SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer(); + secureRequestCustomizer.setStsMaxAge(2000); + secureRequestCustomizer.setStsIncludeSubDomains(true); + httpsConfiguration.addCustomizer(secureRequestCustomizer); + + // HTTPS connector + try (ServerConnector httpsServerConnector = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfiguration))) { + + httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); + httpsServerConnector.setIdleTimeout(3600000); + httpsServerConnector.setAcceptQueueSize(2); + + //Context Handler + ServletContextHandler servletContextHandler = new ServletContextHandler(0); + servletContextHandler.setContextPath("/"); + servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*"); + + //CADI Filter activation check + if (nodeConfigManager.getCadiEnabled()) { + enableCadi(servletContextHandler); + } + + server.setHandler(servletContextHandler); + server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + } + } + + try { + server.start(); + nodeMainLogger.debug("NODE00006 Node Server started-" + server.getState()); + } catch (Exception e) { + nodeMainLogger.error("NODE00006 Jetty failed to start. Reporting will we unavailable: " + + e.getMessage(), e); + } + server.join(); + nodeMainLogger.debug("NODE00007 Node Server joined - " + server.getState()); + } + + private static void enableCadi(ServletContextHandler servletContextHandler) throws ServletException { + Properties cadiProperties = new Properties(); + try { + Inner obj = new NodeMain().new Inner(); + InputStream in = obj.getCadiProps(); + cadiProperties.load(in); + } catch (IOException e1) { + nodeMainLogger + .error("NODE00005 Exception in NodeMain.Main() loading CADI properties " + e1.getMessage(), e1); + } + cadiProperties.setProperty("aaf_locate_url", nodeConfigManager.getAafURL()); + nodeMainLogger.debug("NODE00005 aaf_url set to - " + cadiProperties.getProperty("aaf_url")); + + PropAccess access = new PropAccess(cadiProperties); + servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, access)), "/*", EnumSet + .of(DispatcherType.REQUEST)); + } + + private static class WaitForConfig implements Runnable { + + private NodeConfigManager localNodeConfigManager; + + WaitForConfig(NodeConfigManager ncm) { + this.localNodeConfigManager = ncm; + } + + public synchronized void run() { + notify(); + } + + synchronized void waitForConfig() { + localNodeConfigManager.registerConfigTask(this); + while (!localNodeConfigManager.isConfigured()) { + nodeMainLogger.debug("NODE0003 Waiting for Node Configuration"); + try { + wait(); + } catch (Exception exception) { + nodeMainLogger + .error("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(), + exception); + } + } + localNodeConfigManager.deregisterConfigTask(this); + nodeMainLogger.debug("NODE0004 Node Configuration Data Received"); + } + } + + class Inner { + + InputStream getCadiProps() { + InputStream in = null; + try { + in = getClass().getClassLoader().getResourceAsStream("drNodeCadi.properties"); + } catch (Exception e) { + nodeMainLogger.error("Exception in Inner.getCadiProps() method ", e); + } + return in; + } + } +}