PROPS="${PROPS} -DCONFIG_HOME=${CONFIG_HOME}"
PROPS="${PROPS} -Dtosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json"
PROPS="${PROPS} -DKEY_STORE_PASSWORD=${KEY_STORE_PASSWORD}"
+if [ ! -z "$REQUIRE_CLIENT_AUTH" ]; then
+ PROPS="$PROPS -Dserver.ssl.client-auth=${REQUIRE_CLIENT_AUTH}"
+fi
+
JVM_MAX_HEAP=${MAX_HEAP:-1024}
exec java -Xmx${JVM_MAX_HEAP}m ${PROPS} -jar ${APP_HOME}/babel.jar
package org.onap.aai.babel;
-import java.util.HashMap;
+import com.google.common.collect.ImmutableMap;
import org.eclipse.jetty.util.security.Password;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* Spring Boot Initialization.
- *
+ *
* @param args
- * main args
+ * main args (expected to be null)
*/
public static void main(String[] args) {
String keyStorePassword = System.getProperty("KEY_STORE_PASSWORD");
if (keyStorePassword == null || keyStorePassword.isEmpty()) {
- throw new IllegalArgumentException("Env property KEY_STORE_PASSWORD not set");
+ throw new IllegalArgumentException("Mandatory property KEY_STORE_PASSWORD not set");
}
- HashMap<String, Object> props = new HashMap<>();
- String decryptedValue = keyStorePassword.startsWith(Password.__OBFUSCATE) ? //
- Password.deobfuscate(keyStorePassword) : keyStorePassword;
- props.put("server.ssl.key-store-password", decryptedValue);
+ ImmutableMap<String, Object> defaults =
+ ImmutableMap.of("server.ssl.key-store-password", new Password(keyStorePassword).toString());
- String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
- props.put("server.ssl.client-auth",
- Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
-
- context = new BabelApplication()
- .configure(new SpringApplicationBuilder(BabelApplication.class).properties(props)).run(args);
+ context = new BabelApplication() //
+ .configure(new SpringApplicationBuilder(BabelApplication.class).properties(defaults)) //
+ .run(args);
}
public static void exit() {
* ============LICENSE_START=======================================================
* org.onap.aai
* ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017-2018 European Software Marketing Ltd.
+ * Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2017-2019 European Software Marketing Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* limitations under the License.
* ============LICENSE_END=========================================================
*/
+
package org.onap.aai.babel.request;
import java.util.Optional;
* If the correlation ID contains the symbol : then this character and any trailing characters are removed. This
* allows for an incrementing numeric sequence where there are multiple HTTP requests for a single transaction.
*
- * @return the normalsed UUID used for correlating transactions across components, or else null (if no ID is set)
+ * @return the normalized UUID used for correlating transactions across components, or else null (if no ID is set)
*/
public String getCorrelationId() {
// If the request ID is missing, use the transaction ID (if present)
server.port=9516
server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
+server.ssl.client-auth=need
server.contextPath=/services/babel-service
BabelApplication.main(new String[] {});
}
+ /**
+ * This test asserts that if the KEY_STORE_PASSWORD System Property is set (and is not empty) then the value is
+ * passed to Jetty, debobfuscated, and used to open the key store, even if the resulting password value is actually
+ * an empty string.
+ */
+ @Test
+ public void testApplicationWithBlankObfuscatedKeyStorePassword() {
+ // Note that "OBF:" is correctly deobfuscated and results in an empty string.
+ System.setProperty("KEY_STORE_PASSWORD", "OBF:");
+ final CauseMatcher expectedCause = new CauseMatcher(IOException.class, "password was incorrect");
+ expectedEx.expectCause(expectedCause);
+ BabelApplication.main(new String[] {});
+ }
+
private static class CauseMatcher extends TypeSafeMatcher<Throwable> {
private final Class<? extends Throwable> type;
Code Review / aai / babel.git / commitdiff