target
bin
.metadata/
+.idea/
+**/*.iml
+*/logs/
integrity-audit/sql/generatedCreateIA.ddl
integrity-audit/sql/generatedDropIA.ddl
integrity-audit/sql/iaTest.mv.db
public interface HttpServletServerFactory {
/**
- * builds an http server with support for servlets
+ * builds an http or https server with support for servlets
*
* @param name name
+ * @param https use secured http over tls connection
* @param host binding host
* @param port port
* @param contextPath server base path
* @return http server
* @throws IllegalArgumentException when invalid parameters are provided
*/
- public HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ HttpServletServer build(String name, boolean https, String host, int port, String contextPath, boolean swagger,
boolean managed);
+ /**
+ * builds an http server with support for servlets
+ *
+ * @param name name
+ * @param host binding host
+ * @param port port
+ * @param contextPath server base path
+ * @param swagger enable swagger documentation
+ * @param managed is it managed by infrastructure
+ * @return http server
+ * @throws IllegalArgumentException when invalid parameters are provided
+ */
+ HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ boolean managed);
+
/**
* list of http servers per properties
*
* @return list of http servers
* @throws IllegalArgumentException when invalid parameters are provided
*/
- public List<HttpServletServer> build(Properties properties);
+ List<HttpServletServer> build(Properties properties);
/**
* gets a server based on the port
* @param port port
* @return http server
*/
- public HttpServletServer get(int port);
+ HttpServletServer get(int port);
/**
* provides an inventory of servers
*
* @return inventory of servers
*/
- public List<HttpServletServer> inventory();
+ List<HttpServletServer> inventory();
/**
* destroys server bound to a port
*
* @param port
*/
- public void destroy(int port);
+ void destroy(int port);
/**
* destroys the factory and therefore all servers
*/
- public void destroy();
+ void destroy();
}
protected HashMap<Integer, HttpServletServer> servers = new HashMap<>();
@Override
- public synchronized HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ public synchronized HttpServletServer build(String name, boolean https, String host, int port, String contextPath, boolean swagger,
boolean managed) {
if (servers.containsKey(port)) {
return servers.get(port);
}
- JettyJerseyServer server = new JettyJerseyServer(name, host, port, contextPath, swagger);
+ JettyJerseyServer server = new JettyJerseyServer(name, https, host, port, contextPath, swagger);
if (managed) {
servers.put(port, server);
}
return server;
}
+ @Override
+ public synchronized HttpServletServer build(String name, String host, int port, String contextPath,
+ boolean swagger, boolean managed) {
+ return build(name, false, host, port, contextPath, swagger, managed);
+ }
+
+
@Override
public synchronized List<HttpServletServer> build(Properties properties) {
swagger = Boolean.parseBoolean(swaggerString);
}
- HttpServletServer service = build(serviceName, hostName, servicePort, contextUriPath, swagger, managed);
+ String httpsString = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
+ + serviceName + PolicyEndPointProperties.PROPERTY_HTTP_HTTPS_SUFFIX);
+ boolean https = false;
+ if (httpsString != null && !httpsString.isEmpty()) {
+ https = Boolean.parseBoolean(httpsString);
+ }
+
+ HttpServletServer service = build(serviceName, https, hostName, servicePort, contextUriPath, swagger, managed);
if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) {
service.setBasicAuthentication(userName, password, authUriPath);
}
* Constructor
*
* @param name name
+ * @param https enable https?
* @param host host server host
* @param port port server port
* @param swagger support swagger?
*
* @throws IllegalArgumentException in invalid arguments are provided
*/
- public JettyJerseyServer(String name, String host, int port, String contextPath, boolean swagger) {
+ public JettyJerseyServer(String name, boolean https, String host, int port, String contextPath, boolean swagger) {
- super(name, host, port, contextPath);
+ super(name, https, host, port, contextPath);
if (swagger) {
this.swaggerId = "swagger-" + this.port;
- attachSwaggerServlet();
+ attachSwaggerServlet(https);
}
}
/**
* attaches a swagger initialization servlet
*/
- protected void attachSwaggerServlet() {
+ protected void attachSwaggerServlet(boolean https) {
ServletHolder swaggerServlet = context.addServlet(JerseyJaxrsConfig.class, "/");
}
swaggerServlet.setInitParameter(SWAGGER_API_BASEPATH,
- "http://" + hostname + ":" + this.connector.getPort() + "/");
+ ((https) ? "https://" : "http://") + hostname + ":" + this.connector.getPort() + "/");
swaggerServlet.setInitParameter(SWAGGER_CONTEXT_ID, swaggerId);
swaggerServlet.setInitParameter(SWAGGER_SCANNER_ID, swaggerId);
swaggerServlet.setInitParameter(SWAGGER_PRETTY_PRINT, "true");
* ============LICENSE_START=======================================================
* ONAP
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.Slf4jRequestLog;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.onap.policy.common.endpoints.http.server.HttpServletServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
*/
public abstract class JettyServletServer implements HttpServletServer, Runnable {
+ /**
+ * Keystore/Truststore system property names
+ */
+ public static final String SYSTEM_KEYSTORE_PROPERTY_NAME = "javax.net.ssl.keyStore";
+ public static final String SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME = "javax.net.ssl.keyStorePassword";
+ public static final String SYSTEM_TRUSTSTORE_PROPERTY_NAME = "javax.net.ssl.trustStore";
+ public static final String SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME = "javax.net.ssl.trustStorePassword";
+
/**
* Logger
*/
*
* @throws IllegalArgumentException if invalid parameters are passed in
*/
- public JettyServletServer(String name, String host, int port, String contextPath) {
+ public JettyServletServer(String name, boolean https, String host, int port, String contextPath) {
String srvName = name;
String srvHost = host;
String ctxtPath = contextPath;
srvName = "http-" + port;
}
- if (port <= 0 && port >= 65535) {
+ if (port <= 0 || port >= 65535) {
throw new IllegalArgumentException("Invalid Port provided: " + port);
}
this.jettyServer = new Server();
this.jettyServer.setRequestLog(new Slf4jRequestLog());
- this.connector = new ServerConnector(this.jettyServer);
+ if (https)
+ this.connector = httpsConnector();
+ else
+ this.connector = httpConnector();
+
this.connector.setName(srvName);
this.connector.setReuseAddress(true);
this.connector.setPort(port);
this.jettyServer.setHandler(context);
}
+ public JettyServletServer(String name, String host, int port, String contextPath) {
+ this(name, false, host, port, contextPath);
+ }
+
+ public ServerConnector httpsConnector() {
+ SslContextFactory sslContextFactory = new SslContextFactory();
+
+ String keyStore = System.getProperty(SYSTEM_KEYSTORE_PROPERTY_NAME);
+ if (keyStore != null) {
+ sslContextFactory.setKeyStorePath(keyStore);
+
+ String ksPassword = System.getProperty(SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME);
+ if (ksPassword != null)
+ sslContextFactory.setKeyStorePassword(ksPassword);
+ }
+
+ String trustStore = System.getProperty(SYSTEM_TRUSTSTORE_PROPERTY_NAME);
+ if (trustStore != null) {
+ sslContextFactory.setTrustStorePath(trustStore);
+
+ String tsPassword = System.getProperty(SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME);
+ if (tsPassword != null)
+ sslContextFactory.setTrustStorePassword(tsPassword);
+ }
+
+ HttpConfiguration https = new HttpConfiguration();
+ https.addCustomizer(new SecureRequestCustomizer());
+
+ return new ServerConnector(jettyServer, sslContextFactory, new HttpConnectionFactory(https));
+ }
+
+ public ServerConnector httpConnector() {
+ return new ServerConnector(this.jettyServer);
+ }
+
@Override
public void setBasicAuthentication(String user, String password, String servletPath) {
String srvltPath = servletPath;
/*-
* ============LICENSE_START=======================================================
- * policy-endpoints
+ * ONAP
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import org.junit.Test;
import org.onap.policy.common.endpoints.http.client.HttpClient;
import org.onap.policy.common.endpoints.http.server.HttpServletServer;
+import org.onap.policy.common.endpoints.http.server.internal.JettyJerseyServer;
import org.onap.policy.common.endpoints.properties.PolicyEndPointProperties;
import org.onap.policy.common.utils.network.NetworkUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class HttpClientTest {
+ private static final Logger logger = LoggerFactory.getLogger(HttpClientTest.class);
- private static Logger logger = LoggerFactory.getLogger(HttpClientTest.class);
+ private static final HashMap<String, String> savedValuesMap = new HashMap<>();
@BeforeClass
public static void setUp() throws InterruptedException, IOException {
logger.info("-- setup() --");
- /* echo server */
+ /* echo server - http + no auth */
final HttpServletServer echoServerNoAuth =
HttpServletServer.factory.build("echo", "localhost", 6666, "/", false, true);
throw new IllegalStateException("cannot connect to port " + echoServerNoAuth.getPort());
}
- /* no auth echo server */
+ String keyStoreSystemProperty = System.getProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME);
+ if (keyStoreSystemProperty != null) {
+ savedValuesMap.put(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME, keyStoreSystemProperty);
+ }
+
+ String keyStorePasswordSystemProperty = System.getProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME);
+ if (keyStorePasswordSystemProperty != null) {
+ savedValuesMap.put(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME, keyStorePasswordSystemProperty);
+ }
+
+ String trustStoreSystemProperty = System.getProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME);
+ if (trustStoreSystemProperty != null) {
+ savedValuesMap
+ .put(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME, trustStoreSystemProperty);
+ }
+
+ String trustStorePasswordSystemProperty = System.getProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME);
+ if (trustStorePasswordSystemProperty != null) {
+ savedValuesMap
+ .put(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME, trustStorePasswordSystemProperty);
+ }
+
+ System.setProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME, "src/test/resources/keystore-test");
+ System.setProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME, "kstest");
+
+ System.setProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME, "src/test/resources/keystore-test");
+ System.setProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME, "kstest");
+
+ /* echo server - https + basic auth */
final HttpServletServer echoServerAuth =
- HttpServletServer.factory.build("echo", "localhost", 6667, "/", false, true);
+ HttpServletServer.factory.build("echo", true, "localhost", 6667, "/", false, true);
echoServerAuth.setBasicAuthentication("x", "y", null);
echoServerAuth.addServletPackage("/*", HttpClientTest.class.getPackage().getName());
echoServerAuth.waitedStart(5000);
HttpServletServer.factory.destroy();
HttpClient.factory.destroy();
+
+ if (savedValuesMap.containsKey(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME)) {
+ System.setProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME, savedValuesMap.get(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME));
+ savedValuesMap.remove(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME);
+ } else {
+ System.clearProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PROPERTY_NAME);
+ }
+
+ if (savedValuesMap.containsKey(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME)) {
+ System.setProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME, savedValuesMap.get(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME));
+ savedValuesMap.remove(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME);
+ } else {
+ System.clearProperty(JettyJerseyServer.SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME);
+ }
+
+ if (savedValuesMap.containsKey(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME)) {
+ System.setProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME, savedValuesMap.get(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME));
+ savedValuesMap.remove(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME);
+ } else {
+ System.clearProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PROPERTY_NAME);
+ }
+
+ if (savedValuesMap.containsKey(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME)) {
+ System.setProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME, savedValuesMap.get(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME));
+ savedValuesMap.remove(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME);
+ } else {
+ System.clearProperty(JettyJerseyServer.SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME);
+ }
+
+
}
@Test
public void testHttpAuthClient() throws Exception {
logger.info("-- testHttpAuthClient() --");
- final HttpClient client = HttpClient.factory.build("testHttpAuthClient", false, false, "localhost", 6667,
+ final HttpClient client = HttpClient.factory.build("testHttpAuthClient", true, true,"localhost", 6667,
"junit/echo", "x", "y", true);
final Response response = client.get("hello");
final String body = HttpClient.getBody(response, String.class);
public void testHttpAuthClient401() throws Exception {
logger.info("-- testHttpAuthClient401() --");
- final HttpClient client = HttpClient.factory.build("testHttpAuthClient401", false, false, "localhost", 6667,
+ final HttpClient client = HttpClient.factory.build("testHttpAuthClient401", true, true, "localhost", 6667,
"junit/echo", null, null, true);
final Response response = client.get("hello");
assertTrue(response.getStatus() == 401);
/*-
* ============LICENSE_START=======================================================
- * policy-endpoints
+ * ONAP
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
public void testMultipleServers() throws Exception {
logger.info("-- testMultipleServers() --");
- HttpServletServer server1 = HttpServletServer.factory.build("echo-1", "localhost", 5688, "/", true, true);
+ HttpServletServer server1 = HttpServletServer.factory.build("echo-1", false,"localhost", 5688, "/", true, true);
server1.addServletPackage("/*", this.getClass().getPackage().getName());
server1.waitedStart(5000);
Code Review / policy / common.git / commitdiff