dmaap-bc/src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * org.onap.dmaap
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property.
   6  *
   7  * Modifications Copyright (C) 2019 IBM.
   8  * ================================================================================
   9  * Licensed under the Apache License, Version 2.0 (the "License");
  10  * you may not use this file except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *      http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  * ============LICENSE_END=========================================================
  21  */
  22
  23 package org.onap.dmaap.dbcapi.server;
  24
  25 import com.google.common.collect.Sets;
  26 import java.util.Properties;
  27 import javax.servlet.DispatcherType;
  28 import org.eclipse.jetty.http.HttpVersion;
  29 import org.eclipse.jetty.server.HttpConfiguration;
  30 import org.eclipse.jetty.server.HttpConnectionFactory;
  31 import org.eclipse.jetty.server.SecureRequestCustomizer;
  32 import org.eclipse.jetty.server.Server;
  33 import org.eclipse.jetty.server.ServerConnector;
  34 import org.eclipse.jetty.server.SslConnectionFactory;
  35 import org.eclipse.jetty.servlet.DefaultServlet;
  36 import org.eclipse.jetty.servlet.ServletContextHandler;
  37 import org.eclipse.jetty.servlet.ServletHolder;
  38 import org.eclipse.jetty.util.ssl.SslContextFactory;
  39 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
  40 import org.onap.dmaap.dbcapi.util.DmaapConfig;
  41
  42 /**
  43  * A  Jetty server which supports:
  44  *      - http and https (simultaneously for dev env)
  45  *  - REST API context
  46  *  - static html pages (for documentation).
  47  */
  48 public class JettyServer extends BaseLoggingClass {
  49
  50     private static final CertificateManager certificateManager =
  51         new CertficateManagerFactory(DmaapConfig.getConfig()).initCertificateManager();
  52     private final Server server;
  53
  54
  55     public Server getServer() {
  56         return server;
  57     }
  58
  59     public static CertificateManager getCertificateManager() {
  60         return certificateManager;
  61     }
  62
  63     public JettyServer(Properties params) {
  64
  65         server = new Server();
  66         int httpPort = Integer.parseInt(params.getProperty("IntHttpPort", "80"));
  67         int sslPort = Integer.parseInt(params.getProperty("IntHttpsPort", "443"));
  68         boolean allowHttp = Boolean.parseBoolean(params.getProperty("HttpAllowed", "false"));
  69         serverLogger.info("port params: http=" + httpPort + " https=" + sslPort);
  70         serverLogger.info("allowHttp=" + allowHttp);
  71
  72         // HTTP Server
  73         HttpConfiguration httpConfig = new HttpConfiguration();
  74         httpConfig.setSecureScheme("https");
  75         httpConfig.setSecurePort(sslPort);
  76         httpConfig.setOutputBufferSize(32768);
  77
  78         try (ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig))) {
  79             httpConnector.setPort(httpPort);
  80             httpConnector.setIdleTimeout(30000);
  81
  82             // HTTPS Server
  83             HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
  84             httpsConfig.addCustomizer(new SecureRequestCustomizer());
  85             SslContextFactory sslContextFactory = new SslContextFactory.Server();
  86             sslContextFactory.setWantClientAuth(true);
  87
  88             if ( ! certificateManager.isReady()) {
  89                 serverLogger.error("CertificateManager is not ready.  NOT starting https!");
  90             } else {
  91                 setUpKeystore(sslContextFactory);
  92                 setUpTrustStore(sslContextFactory);
  93
  94
  95                     if (sslPort != 0) {
  96                         try (ServerConnector sslConnector = new ServerConnector(server,
  97                             new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
  98                             new HttpConnectionFactory(httpsConfig))) {
  99                             sslConnector.setPort(sslPort);
 100                             server.addConnector(sslConnector);
 101                             serverLogger.info("Starting sslConnector on port " + sslPort + " for https");
 102                         }
 103                     } else {
 104                         serverLogger.info("NOT starting sslConnector because InHttpsPort param is " + sslPort );
 105                     }
 106             }
 107             if (allowHttp) {
 108                 serverLogger.info("Starting httpConnector on port " + httpPort);
 109                 server.addConnector(httpConnector);
 110             } else {
 111                 serverLogger.info("NOT starting httpConnector because HttpAllowed param is " + allowHttp);
 112             }
 113         }
 114
 115         // Set context for servlet.  This is shared for http and https
 116         ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
 117         context.setContextPath("/");
 118         server.setHandler(context);
 119
 120         ServletHolder jerseyServlet = context
 121             .addServlet(org.glassfish.jersey.servlet.ServletContainer.class, "/webapi/*");
 122         jerseyServlet.setInitOrder(1);
 123         jerseyServlet.setInitParameter("jersey.config.server.provider.packages", "org.onap.dmaap.dbcapi.resources");
 124         jerseyServlet.setInitParameter("javax.ws.rs.Application", "org.onap.dmaap.dbcapi.server.ApplicationConfig");
 125
 126         // also serve up some static pages...
 127         ServletHolder staticServlet = context.addServlet(DefaultServlet.class, "/*");
 128         staticServlet.setInitParameter("resourceBase", "www");
 129         staticServlet.setInitParameter("pathInfoOnly", "true");
 130
 131         registerAuthFilters(context);
 132
 133         try {
 134
 135             serverLogger.info("Starting jetty server");
 136             String unitTest = params.getProperty("UnitTest", "No");
 137             serverLogger.info("UnitTest=" + unitTest);
 138             if (unitTest.equals("No")) {
 139                 server.start();
 140                 server.dumpStdErr();
 141                 server.join();
 142             }
 143         } catch (Exception e) {
 144             errorLogger.error("Exception " + e);
 145         } finally {
 146             server.destroy();
 147         }
 148
 149     }
 150
 151     private void registerAuthFilters(ServletContextHandler context) {
 152         context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthenticationFilter", "/webapi/*",
 153             Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
 154         context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthorizationFilter", "/webapi/*",
 155             Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
 156     }
 157
 158     private void setUpKeystore(SslContextFactory sslContextFactory) {
 159         String keystore = JettyServer.certificateManager.getKeyStoreFile();
 160         logger.info("https Server using keystore at " + keystore);
 161         sslContextFactory.setKeyStorePath(keystore);
 162         sslContextFactory.setKeyStoreType(JettyServer.certificateManager.getKeyStoreType());
 163         sslContextFactory.setKeyStorePassword(JettyServer.certificateManager.getKeyStorePassword());
 164         sslContextFactory.setKeyManagerPassword(JettyServer.certificateManager.getKeyStorePassword());
 165     }
 166
 167     private void setUpTrustStore(SslContextFactory sslContextFactory) {
 168         String truststore = JettyServer.certificateManager.getTrustStoreFile();
 169         logger.info("https Server using truststore at " + truststore);
 170         sslContextFactory.setTrustStorePath(truststore);
 171         sslContextFactory.setTrustStoreType(JettyServer.certificateManager.getTrustStoreType());
 172         sslContextFactory.setTrustStorePassword(JettyServer.certificateManager.getTrustStorePassword());
 173     }
 174 }