X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fclient%2FMrTopicConnection.java;h=0a5f91a6ad3ac8aa4d26372c6747c1def79b71f0;hb=e1d69b3467917291b39c915929bda63f52773e83;hp=18fdeba2af75b39414e4a910ce45f2b6859d2e0a;hpb=1c6b5fa580c9b82e17b710dbc4cf9bbce57eb5bc;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java index 18fdeba..0a5f91a 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java +++ b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java @@ -3,6 +3,8 @@ * org.onap.dmaap * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * + * Modifications Copyright (C) 2019 IBM. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,11 +31,12 @@ import java.net.ProtocolException; import java.net.URL; import java.net.HttpURLConnection; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSession; import org.apache.commons.codec.binary.Base64; -import org.apache.log4j.Logger; import org.onap.dmaap.dbcapi.logging.BaseLoggingClass; import org.onap.dmaap.dbcapi.model.ApiError; import org.onap.dmaap.dbcapi.model.MR_Cluster; @@ -47,14 +50,15 @@ public class MrTopicConnection extends BaseLoggingClass { private String mmProvCred; private String unit_test; - private boolean useAAF; - + private String authMethod; + private boolean hostnameVerify; public MrTopicConnection(String user, String pwd ) { mmProvCred = new String( user + ":" + pwd ); DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig(); unit_test = p.getProperty( "UnitTest", "No" ); - useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false")); + authMethod = p.getProperty("MR.authentication", "none"); + hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true")); } public boolean makeTopicConnection( MR_Cluster cluster, String topic, String overrideFqdn ) { @@ -64,24 +68,39 @@ public class MrTopicConnection extends BaseLoggingClass { topicURL = cluster.getTopicProtocol() + "://" + fqdn + ":" + cluster.getTopicPort() + "/events/" + topic ; - if ( cluster.getTopicProtocol().equals( "https")) { + if ( "https".equals(cluster.getTopicProtocol())) { return makeSecureConnection( topicURL ); } return makeConnection( topicURL ); } + private boolean makeSecureConnection( String pURL ) { logger.info( "makeConnection to " + pURL ); - + try { + HostnameVerifier hostnameVerifier = new HostnameVerifier() { + @Override + public boolean verify( String hostname, SSLSession session ) { + return true; + } + + }; + + URL u = new URL( pURL ); - uc = (HttpsURLConnection) u.openConnection(); + uc = (HttpsURLConnection) u.openConnection(); uc.setInstanceFollowRedirects(false); + if ( ! hostnameVerify ) { + HttpsURLConnection ucs = (HttpsURLConnection) uc; + ucs.setHostnameVerifier(hostnameVerifier); + } + logger.info( "open connection to " + pURL ); return(true); } catch (Exception e) { logger.error("Unexpected error during openConnection of " + pURL ); - e.printStackTrace(); + logger.error("Error", e);; return(false); } @@ -97,7 +116,7 @@ public class MrTopicConnection extends BaseLoggingClass { return(true); } catch (Exception e) { logger.error("Unexpected error during openConnection of " + pURL ); - e.printStackTrace(); + logger.error("error", e); return(false); } @@ -127,9 +146,11 @@ public class MrTopicConnection extends BaseLoggingClass { try { byte[] postData = postMessage.getBytes(); logger.info( "post fields=" + postMessage ); - if ( useAAF ) { + if ( authMethod.equalsIgnoreCase("basicAuth") ) { uc.setRequestProperty("Authorization", auth); logger.info( "Authenticating with " + auth ); + } else if ( authMethod.equalsIgnoreCase("cert")) { + logger.error( "MR.authentication set for client certificate. Not supported yet."); } uc.setRequestMethod("POST"); uc.setRequestProperty("Content-Type", "application/json"); @@ -147,13 +168,10 @@ public class MrTopicConnection extends BaseLoggingClass { } catch (ProtocolException pe) { // Rcvd error instead of 100-Continue - try { - // work around glitch in Java 1.7.0.21 and likely others - // without this, Java will connect multiple times to the server to run the same request - uc.setDoOutput(false); - } catch (Exception e) { - } + callSetDoOutputOnError(); + } catch ( SSLException se ) { + logger.error("Error", se); response.setCode(500); response.setMessage( se.getMessage()); return response; @@ -194,16 +212,28 @@ public class MrTopicConnection extends BaseLoggingClass { response.setCode(500); response.setMessage( "Unable to read response"); logger.warn( response.getMessage() ); - e.printStackTrace(); + logger.error("Error", e); } } finally { try { uc.disconnect(); - } catch ( Exception e ) {} + } catch ( Exception e ) { + logger.error("Error", e); + } } return response; } + + public void callSetDoOutputOnError() { + try { + // work around glitch in Java 1.7.0.21 and likely others + // without this, Java will connect multiple times to the server to run the same request + uc.setDoOutput(false); + } catch (Exception e) { + logger.error("Error", e); + } + } }