X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=datarouter-prov%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fprovisioning%2FProxyServlet.java;h=86b583a5cbb6d6c933ad346171cd629411d5177f;hb=HEAD;hp=e47f9fbbc56873fe3c7304026a8715edebc85b4f;hpb=b10c179229cea56e36a2fb9b6f2c17baf0d83f13;p=dmaap%2Fdatarouter.git
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
index e47f9fbb..86b583a5 100755
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java
@@ -26,21 +26,15 @@ package org.onap.dmaap.datarouter.provisioning;
import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
+import jakarta.servlet.ServletConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
import java.util.Collections;
import java.util.List;
-import java.util.Properties;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
@@ -48,12 +42,13 @@ import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.entity.BasicHttpEntity;
import org.apache.http.impl.client.AbstractHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;
-import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask;
import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities;
/**
@@ -65,6 +60,7 @@ import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities;
* @version $Id: ProxyServlet.java,v 1.3 2014/03/24 18:47:10 eby Exp $
*/
@SuppressWarnings("serial")
+
public class ProxyServlet extends BaseServlet {
private boolean inited = false;
@@ -78,27 +74,14 @@ public class ProxyServlet extends BaseServlet {
public void init(ServletConfig config) throws ServletException {
super.init(config);
try {
- // Set up keystore
- Properties props = (new DB()).getProperties();
- String type = props.getProperty(Main.KEYSTORE_TYPE_PROPERTY, "jks");
- String store = props.getProperty(Main.KEYSTORE_PATH_PROPERTY);
- String pass = props.getProperty(Main.KEYSTORE_PASS_PROPERTY);
- KeyStore keyStore = readStore(store, pass, type);
-
- store = props.getProperty(Main.TRUSTSTORE_PATH_PROPERTY);
- pass = props.getProperty(Main.TRUSTSTORE_PASS_PROPERTY);
- if (store == null || store.length() == 0) {
- store = Main.DEFAULT_TRUSTSTORE;
- pass = "changeit";
+ if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
+ SSLSocketFactory socketFactory = ProvRunner.getProvTlsManager().getSslSocketFactory();
+ socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+ sch = new Scheme("https", 443, socketFactory);
+ } else {
+ PlainSocketFactory socketFactory = new PlainSocketFactory();
+ sch = new Scheme("http", 80, socketFactory);
}
- KeyStore trustStore = readStore(store, pass, KeyStore.getDefaultType());
-
- // We are connecting with the node name, but the certificate will have the CNAME
- // So we need to accept a non-matching certificate name
- SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore,
- props.getProperty(Main.KEYSTORE_PASS_PROPERTY), trustStore);
- socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
- sch = new Scheme("https", 443, socketFactory);
inited = true;
} catch (Exception e) {
intlogger.error("ProxyServlet.init: " + e.getMessage(), e);
@@ -106,18 +89,6 @@ public class ProxyServlet extends BaseServlet {
intlogger.info("ProxyServlet: inited = " + inited);
}
- private KeyStore readStore(String store, String pass, String type) throws KeyStoreException {
- KeyStore ks = KeyStore.getInstance(type);
- try (FileInputStream instream = new FileInputStream(new File(store))) {
- ks.load(instream, pass.toCharArray());
- } catch (FileNotFoundException fileNotFoundException) {
- intlogger.error("ProxyServlet.readStore: " + fileNotFoundException.getMessage(), fileNotFoundException);
- } catch (Exception x) {
- intlogger.error("READING TRUSTSTORE: " + x);
- }
- return ks;
- }
-
/**
* Return true if the requester has NOT set the noproxy CGI variable. If they have, this indicates
* they want to forcibly turn the proxy off.
@@ -126,10 +97,10 @@ public class ProxyServlet extends BaseServlet {
* @return true or false
*/
boolean isProxyOK(final HttpServletRequest req) {
- String t = req.getQueryString();
- if (t != null) {
- t = t.replaceAll("&", "&");
- for (String s : t.split("&")) {
+ String str = req.getQueryString();
+ if (str != null) {
+ str = str.replaceAll("&", "&");
+ for (String s : str.split("&")) {
if ("noproxy".equals(s) || s.startsWith("noproxy=")) {
return false;
}
@@ -272,9 +243,9 @@ public class ProxyServlet extends BaseServlet {
StringBuilder sb = new StringBuilder("https://");
sb.append(URLUtilities.getPeerPodName());
sb.append(req.getRequestURI());
- String q = req.getQueryString();
- if (q != null) {
- sb.append("?").append(q);
+ String query = req.getQueryString();
+ if (query != null) {
+ sb.append("?").append(query);
}
return sb.toString();
}