2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property.
7 * Modifications Copyright (C) 2019 IBM.
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
23 package org.onap.dmaap.dbcapi.server;
25 import com.google.common.collect.Sets;
26 import java.util.Properties;
27 import javax.servlet.DispatcherType;
28 import org.eclipse.jetty.http.HttpVersion;
29 import org.eclipse.jetty.server.HttpConfiguration;
30 import org.eclipse.jetty.server.HttpConnectionFactory;
31 import org.eclipse.jetty.server.SecureRequestCustomizer;
32 import org.eclipse.jetty.server.Server;
33 import org.eclipse.jetty.server.ServerConnector;
34 import org.eclipse.jetty.server.SslConnectionFactory;
35 import org.eclipse.jetty.servlet.DefaultServlet;
36 import org.eclipse.jetty.servlet.ServletContextHandler;
37 import org.eclipse.jetty.servlet.ServletHolder;
38 import org.eclipse.jetty.util.ssl.SslContextFactory;
39 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
40 import org.onap.dmaap.dbcapi.util.DmaapConfig;
43 * A Jetty server which supports:
44 * - http and https (simultaneously for dev env)
46 * - static html pages (for documentation).
48 public class JettyServer extends BaseLoggingClass {
50 private static final CertificateManager certificateManager =
51 new CertficateManagerFactory(DmaapConfig.getConfig()).initCertificateManager();
52 private final Server server;
55 public Server getServer() {
59 public static CertificateManager getCertificateManager() {
60 return certificateManager;
63 public JettyServer(Properties params) {
65 server = new Server();
66 int httpPort = Integer.parseInt(params.getProperty("IntHttpPort", "80"));
67 int sslPort = Integer.parseInt(params.getProperty("IntHttpsPort", "443"));
68 boolean allowHttp = Boolean.parseBoolean(params.getProperty("HttpAllowed", "false"));
69 serverLogger.info("port params: http=" + httpPort + " https=" + sslPort);
70 serverLogger.info("allowHttp=" + allowHttp);
73 HttpConfiguration httpConfig = new HttpConfiguration();
74 httpConfig.setSecureScheme("https");
75 httpConfig.setSecurePort(sslPort);
76 httpConfig.setOutputBufferSize(32768);
78 try (ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig))) {
79 httpConnector.setPort(httpPort);
80 httpConnector.setIdleTimeout(30000);
83 HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
84 httpsConfig.addCustomizer(new SecureRequestCustomizer());
85 SslContextFactory sslContextFactory = new SslContextFactory.Server();
86 sslContextFactory.setWantClientAuth(true);
88 if ( ! certificateManager.isReady()) {
89 serverLogger.error("CertificateManager is not ready. NOT starting https!");
91 setUpKeystore(sslContextFactory);
92 setUpTrustStore(sslContextFactory);
96 try (ServerConnector sslConnector = new ServerConnector(server,
97 new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
98 new HttpConnectionFactory(httpsConfig))) {
99 sslConnector.setPort(sslPort);
100 server.addConnector(sslConnector);
101 serverLogger.info("Starting sslConnector on port " + sslPort + " for https");
104 serverLogger.info("NOT starting sslConnector because InHttpsPort param is " + sslPort );
108 serverLogger.info("Starting httpConnector on port " + httpPort);
109 server.addConnector(httpConnector);
111 serverLogger.info("NOT starting httpConnector because HttpAllowed param is " + allowHttp);
115 // Set context for servlet. This is shared for http and https
116 ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
117 context.setContextPath("/");
118 server.setHandler(context);
120 ServletHolder jerseyServlet = context
121 .addServlet(org.glassfish.jersey.servlet.ServletContainer.class, "/webapi/*");
122 jerseyServlet.setInitOrder(1);
123 jerseyServlet.setInitParameter("jersey.config.server.provider.packages", "org.onap.dmaap.dbcapi.resources");
124 jerseyServlet.setInitParameter("javax.ws.rs.Application", "org.onap.dmaap.dbcapi.server.ApplicationConfig");
126 // also serve up some static pages...
127 ServletHolder staticServlet = context.addServlet(DefaultServlet.class, "/*");
128 staticServlet.setInitParameter("resourceBase", "www");
129 staticServlet.setInitParameter("pathInfoOnly", "true");
131 registerAuthFilters(context);
135 serverLogger.info("Starting jetty server");
136 String unitTest = params.getProperty("UnitTest", "No");
137 serverLogger.info("UnitTest=" + unitTest);
138 if (unitTest.equals("No")) {
143 } catch (Exception e) {
144 errorLogger.error("Exception " + e);
151 private void registerAuthFilters(ServletContextHandler context) {
152 context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthenticationFilter", "/webapi/*",
153 Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
154 context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthorizationFilter", "/webapi/*",
155 Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
158 private void setUpKeystore(SslContextFactory sslContextFactory) {
159 String keystore = JettyServer.certificateManager.getKeyStoreFile();
160 logger.info("https Server using keystore at " + keystore);
161 sslContextFactory.setKeyStorePath(keystore);
162 sslContextFactory.setKeyStoreType(JettyServer.certificateManager.getKeyStoreType());
163 sslContextFactory.setKeyStorePassword(JettyServer.certificateManager.getKeyStorePassword());
164 sslContextFactory.setKeyManagerPassword(JettyServer.certificateManager.getKeyStorePassword());
167 private void setUpTrustStore(SslContextFactory sslContextFactory) {
168 String truststore = JettyServer.certificateManager.getTrustStoreFile();
169 logger.info("https Server using truststore at " + truststore);
170 sslContextFactory.setTrustStorePath(truststore);
171 sslContextFactory.setTrustStoreType(JettyServer.certificateManager.getTrustStoreType());
172 sslContextFactory.setTrustStorePassword(JettyServer.certificateManager.getTrustStorePassword());