X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fserver%2FJettyServer.java;h=52d7570d9c6ec17e07ab058c6f710368ffbf0951;hb=729c50b19a0fc8e475ff56cf1c7c7324e8715ba8;hp=7457ce982a96113bff15e9135b0cb3a63b47c21e;hpb=a1cd1d8a7509316e32248e82222d4f5c7debeb46;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java index 7457ce9..52d7570 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java +++ b/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java @@ -23,15 +23,21 @@ package org.onap.dmaap.dbcapi.server; import com.google.common.collect.Sets; +import java.util.Properties; import javax.servlet.DispatcherType; -import org.eclipse.jetty.server.*; +import org.eclipse.jetty.http.HttpVersion; +import org.eclipse.jetty.server.HttpConfiguration; +import org.eclipse.jetty.server.HttpConnectionFactory; +import org.eclipse.jetty.server.SecureRequestCustomizer; +import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.ServerConnector; +import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.servlet.DefaultServlet; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.onap.dmaap.dbcapi.logging.BaseLoggingClass; - -import java.util.Properties; +import org.onap.dmaap.dbcapi.util.DmaapConfig; /** * A Jetty server which supports: @@ -41,63 +47,68 @@ import java.util.Properties; */ public class JettyServer extends BaseLoggingClass { - private Server server; + private static final CertificateManager certificateManager = + new CertficateManagerFactory(DmaapConfig.getConfig()).initCertificateManager(); + private final Server server; public Server getServer() { return server; } - public JettyServer(Properties params) throws Exception { + public static CertificateManager getCertificateManager() { + return certificateManager; + } + + public JettyServer(Properties params) { server = new Server(); - int httpPort = Integer.valueOf(params.getProperty("IntHttpPort", "80")); - int sslPort = Integer.valueOf(params.getProperty("IntHttpsPort", "443")); - boolean allowHttp = Boolean.valueOf(params.getProperty("HttpAllowed", "false")); + int httpPort = Integer.parseInt(params.getProperty("IntHttpPort", "80")); + int sslPort = Integer.parseInt(params.getProperty("IntHttpsPort", "443")); + boolean allowHttp = Boolean.parseBoolean(params.getProperty("HttpAllowed", "false")); serverLogger.info("port params: http=" + httpPort + " https=" + sslPort); serverLogger.info("allowHttp=" + allowHttp); // HTTP Server - HttpConfiguration http_config = new HttpConfiguration(); - http_config.setSecureScheme("https"); - http_config.setSecurePort(sslPort); - http_config.setOutputBufferSize(32768); + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setSecureScheme("https"); + httpConfig.setSecurePort(sslPort); + httpConfig.setOutputBufferSize(32768); - try (ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(http_config))) { + try (ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig))) { httpConnector.setPort(httpPort); httpConnector.setIdleTimeout(30000); // HTTPS Server - - HttpConfiguration https_config = new HttpConfiguration(http_config); - https_config.addCustomizer(new SecureRequestCustomizer()); - SslContextFactory sslContextFactory = new SslContextFactory(); + HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); + httpsConfig.addCustomizer(new SecureRequestCustomizer()); + SslContextFactory sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setWantClientAuth(true); - setUpKeystore(params, sslContextFactory); - setUpTrustStore(params, sslContextFactory); - - if (sslPort != 0) { - try (ServerConnector sslConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, "http/1.1"), - new HttpConnectionFactory(https_config))) { - sslConnector.setPort(sslPort); - if (allowHttp) { - logger.info("Starting httpConnector on port " + httpPort); - logger.info("Starting sslConnector on port " + sslPort + " for https"); - server.setConnectors(new Connector[]{httpConnector, sslConnector}); - } else { - logger.info("NOT starting httpConnector because HttpAllowed param is " + allowHttp); - logger.info("Starting sslConnector on port " + sslPort + " for https"); - server.setConnectors(new Connector[]{sslConnector}); - } - } + if ( ! certificateManager.isReady()) { + serverLogger.error("CertificateManager is not ready. NOT starting https!"); + } else { + setUpKeystore(sslContextFactory); + setUpTrustStore(sslContextFactory); + + + if (sslPort != 0) { + try (ServerConnector sslConnector = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfig))) { + sslConnector.setPort(sslPort); + server.addConnector(sslConnector); + serverLogger.info("Starting sslConnector on port " + sslPort + " for https"); + } + } else { + serverLogger.info("NOT starting sslConnector because InHttpsPort param is " + sslPort ); + } + } + if (allowHttp) { + serverLogger.info("Starting httpConnector on port " + httpPort); + server.addConnector(httpConnector); } else { - serverLogger.info("NOT starting sslConnector on port " + sslPort + " for https"); - if (allowHttp) { - serverLogger.info("Starting httpConnector on port " + httpPort); - server.setConnectors(new Connector[]{httpConnector}); - } + serverLogger.info("NOT starting httpConnector because HttpAllowed param is " + allowHttp); } } @@ -122,9 +133,9 @@ public class JettyServer extends BaseLoggingClass { try { serverLogger.info("Starting jetty server"); - String unit_test = params.getProperty("UnitTest", "No"); - serverLogger.info("UnitTest=" + unit_test); - if (unit_test.equals("No")) { + String unitTest = params.getProperty("UnitTest", "No"); + serverLogger.info("UnitTest=" + unitTest); + if (unitTest.equals("No")) { server.start(); server.dumpStdErr(); server.join(); @@ -144,19 +155,20 @@ public class JettyServer extends BaseLoggingClass { Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class)); } - private void setUpKeystore(Properties params, SslContextFactory sslContextFactory) { - String keystore = params.getProperty("KeyStoreFile", "etc/keystore"); + private void setUpKeystore(SslContextFactory sslContextFactory) { + String keystore = JettyServer.certificateManager.getKeyStoreFile(); logger.info("https Server using keystore at " + keystore); sslContextFactory.setKeyStorePath(keystore); - sslContextFactory.setKeyStorePassword(params.getProperty("KeyStorePassword", "changeit")); - sslContextFactory.setKeyManagerPassword(params.getProperty("KeyPassword", "changeit")); + sslContextFactory.setKeyStoreType(JettyServer.certificateManager.getKeyStoreType()); + sslContextFactory.setKeyStorePassword(JettyServer.certificateManager.getKeyStorePassword()); + sslContextFactory.setKeyManagerPassword(JettyServer.certificateManager.getKeyStorePassword()); } - private void setUpTrustStore(Properties params, SslContextFactory sslContextFactory) { - String truststore = params.getProperty("TrustStoreFile", "etc/org.onap.dmaap-bc.trust.jks"); + private void setUpTrustStore(SslContextFactory sslContextFactory) { + String truststore = JettyServer.certificateManager.getTrustStoreFile(); logger.info("https Server using truststore at " + truststore); sslContextFactory.setTrustStorePath(truststore); - sslContextFactory.setTrustStoreType(params.getProperty("TrustStoreType", "jks")); - sslContextFactory.setTrustStorePassword(params.getProperty("TrustStorePassword", "changeit")); + sslContextFactory.setTrustStoreType(JettyServer.certificateManager.getTrustStoreType()); + sslContextFactory.setTrustStorePassword(JettyServer.certificateManager.getTrustStorePassword()); } }