X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fclient%2FMrTopicConnection.java;h=0a5f91a6ad3ac8aa4d26372c6747c1def79b71f0;hb=e1d69b3467917291b39c915929bda63f52773e83;hp=492037c6807592cef5fcd088913e578ec21c16c6;hpb=fbcfeaab1d5ef0cecb0c4212b8ec9088d2408e38;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java index 492037c..0a5f91a 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java +++ b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java @@ -3,6 +3,8 @@ * org.onap.dmaap * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * + * Modifications Copyright (C) 2019 IBM. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,8 +31,10 @@ import java.net.ProtocolException; import java.net.URL; import java.net.HttpURLConnection; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSession; import org.apache.commons.codec.binary.Base64; import org.onap.dmaap.dbcapi.logging.BaseLoggingClass; @@ -46,14 +50,15 @@ public class MrTopicConnection extends BaseLoggingClass { private String mmProvCred; private String unit_test; - private boolean useAAF; - + private String authMethod; + private boolean hostnameVerify; public MrTopicConnection(String user, String pwd ) { mmProvCred = new String( user + ":" + pwd ); DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig(); unit_test = p.getProperty( "UnitTest", "No" ); - useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false")); + authMethod = p.getProperty("MR.authentication", "none"); + hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true")); } public boolean makeTopicConnection( MR_Cluster cluster, String topic, String overrideFqdn ) { @@ -63,19 +68,34 @@ public class MrTopicConnection extends BaseLoggingClass { topicURL = cluster.getTopicProtocol() + "://" + fqdn + ":" + cluster.getTopicPort() + "/events/" + topic ; - if ( cluster.getTopicProtocol().equals( "https")) { + if ( "https".equals(cluster.getTopicProtocol())) { return makeSecureConnection( topicURL ); } return makeConnection( topicURL ); } + private boolean makeSecureConnection( String pURL ) { logger.info( "makeConnection to " + pURL ); - + try { + HostnameVerifier hostnameVerifier = new HostnameVerifier() { + @Override + public boolean verify( String hostname, SSLSession session ) { + return true; + } + + }; + + URL u = new URL( pURL ); - uc = (HttpsURLConnection) u.openConnection(); + uc = (HttpsURLConnection) u.openConnection(); uc.setInstanceFollowRedirects(false); + if ( ! hostnameVerify ) { + HttpsURLConnection ucs = (HttpsURLConnection) uc; + ucs.setHostnameVerifier(hostnameVerifier); + } + logger.info( "open connection to " + pURL ); return(true); } catch (Exception e) { @@ -126,9 +146,11 @@ public class MrTopicConnection extends BaseLoggingClass { try { byte[] postData = postMessage.getBytes(); logger.info( "post fields=" + postMessage ); - if ( useAAF ) { + if ( authMethod.equalsIgnoreCase("basicAuth") ) { uc.setRequestProperty("Authorization", auth); logger.info( "Authenticating with " + auth ); + } else if ( authMethod.equalsIgnoreCase("cert")) { + logger.error( "MR.authentication set for client certificate. Not supported yet."); } uc.setRequestMethod("POST"); uc.setRequestProperty("Content-Type", "application/json");