datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvServer.java

   1 /*
   2  * ============LICENSE_START=======================================================
   3  *  Copyright (C) 2019 Nordix Foundation.
   4  * ================================================================================
   5  * Licensed under the Apache License, Version 2.0 (the "License");
   6  * you may not use this file except in compliance with the License.
   7  * You may obtain a copy of the License at
   8  *
   9  *      http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  *
  17  * SPDX-License-Identifier: Apache-2.0
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.dmaap.datarouter.provisioning;
  22
  23 import com.att.eelf.configuration.EELFLogger;
  24 import com.att.eelf.configuration.EELFManager;
  25 import java.security.Security;
  26 import java.util.Properties;
  27 import org.eclipse.jetty.http.HttpVersion;
  28 import org.eclipse.jetty.server.Connector;
  29 import org.eclipse.jetty.server.CustomRequestLog;
  30 import org.eclipse.jetty.server.Handler;
  31 import org.eclipse.jetty.server.HttpConfiguration;
  32 import org.eclipse.jetty.server.HttpConnectionFactory;
  33 import org.eclipse.jetty.server.Server;
  34 import org.eclipse.jetty.server.ServerConnector;
  35 import org.eclipse.jetty.server.SslConnectionFactory;
  36 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
  37 import org.eclipse.jetty.server.handler.DefaultHandler;
  38 import org.eclipse.jetty.server.handler.HandlerCollection;
  39 import org.eclipse.jetty.server.handler.RequestLogHandler;
  40 import org.eclipse.jetty.servlet.ServletContextHandler;
  41 import org.eclipse.jetty.servlet.ServletHolder;
  42 import org.eclipse.jetty.util.ssl.SslContextFactory;
  43 import org.eclipse.jetty.util.thread.QueuedThreadPool;
  44 import org.jetbrains.annotations.NotNull;
  45 import org.onap.dmaap.datarouter.provisioning.utils.AafPropsUtils;
  46
  47
  48 public class ProvServer {
  49
  50     public static final EELFLogger intlogger = EELFManager.getInstance().getLogger("InternalLog");
  51
  52     private static Server server;
  53
  54     private ProvServer() {
  55     }
  56
  57     static Server getServerInstance() {
  58         if (server == null) {
  59             server = createProvServer(ProvRunner.getProvProperties());
  60         }
  61         return server;
  62     }
  63
  64     private static Server createProvServer(Properties provProps) {
  65         Security.setProperty("networkaddress.cache.ttl", "4");
  66         QueuedThreadPool queuedThreadPool = getQueuedThreadPool();
  67
  68         server = new Server(queuedThreadPool);
  69         server.setStopAtShutdown(true);
  70         server.setStopTimeout(5000);
  71         server.setDumpAfterStart(false);
  72         server.setDumpBeforeStop(false);
  73
  74         HttpConfiguration httpConfiguration = getHttpConfiguration();
  75
  76         //HTTP Connector
  77         try (ServerConnector httpServerConnector = new ServerConnector(server,
  78             new HttpConnectionFactory(httpConfiguration))) {
  79             httpServerConnector.setPort(Integer.parseInt(provProps.getProperty(
  80                 "org.onap.dmaap.datarouter.provserver.http.port", "80")));
  81             httpServerConnector.setAcceptQueueSize(2);
  82             httpServerConnector.setIdleTimeout(30000);
  83
  84             ServletContextHandler servletContextHandler = getServletContextHandler(provProps);
  85             ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection();
  86             contextHandlerCollection.addHandler(servletContextHandler);
  87
  88             CustomRequestLog customRequestLog = getCustomRequestLog(provProps);
  89             RequestLogHandler requestLogHandler = new RequestLogHandler();
  90             requestLogHandler.setRequestLog(customRequestLog);
  91
  92             server.setRequestLog(customRequestLog);
  93
  94             // Server's Handler collection
  95             HandlerCollection handlerCollection = new HandlerCollection();
  96             handlerCollection.setHandlers(new Handler[]{contextHandlerCollection, new DefaultHandler()});
  97             handlerCollection.addHandler(requestLogHandler);
  98
  99             if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
 100                 // HTTPS configuration
 101                 int httpsPort = Integer.parseInt(
 102                     provProps.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "443"));
 103                 httpConfiguration.setSecureScheme("https");
 104                 httpConfiguration.setSecurePort(httpsPort);
 105                 HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
 106                 httpsConfiguration.setRequestHeaderSize(8192);
 107                 // HTTPS connector
 108                 try (ServerConnector httpsServerConnector = new ServerConnector(server,
 109                     new SslConnectionFactory(getSslContextFactory(provProps), HttpVersion.HTTP_1_1.asString()),
 110                     new HttpConnectionFactory(httpsConfiguration))) {
 111                     httpsServerConnector.setPort(httpsPort);
 112                     httpsServerConnector.setIdleTimeout(30000);
 113                     httpsServerConnector.setAcceptQueueSize(2);
 114                     server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
 115                 }
 116             } else {
 117                 server.setConnectors(new Connector[]{httpServerConnector});
 118             }
 119             server.setHandler(handlerCollection);
 120         }
 121         return server;
 122     }
 123
 124     @NotNull
 125     private static QueuedThreadPool getQueuedThreadPool() {
 126         // Server's thread pool
 127         QueuedThreadPool queuedThreadPool = new QueuedThreadPool();
 128         queuedThreadPool.setMinThreads(10);
 129         queuedThreadPool.setMaxThreads(200);
 130         queuedThreadPool.setDetailedDump(false);
 131         return queuedThreadPool;
 132     }
 133
 134     @NotNull
 135     private static SslContextFactory.Server getSslContextFactory(Properties provProps) {
 136         SslContextFactory sslContextFactory = new SslContextFactory.Server();
 137         sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY);
 138         sslContextFactory.setKeyStorePath(ProvRunner.getAafPropsUtils().getKeystorePathProperty());
 139         sslContextFactory.setKeyStorePassword(ProvRunner.getAafPropsUtils().getKeystorePassProperty());
 140         sslContextFactory.setKeyManagerPassword(ProvRunner.getAafPropsUtils().getKeystorePassProperty());
 141
 142         sslContextFactory.setTrustStoreType(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY);
 143         sslContextFactory.setTrustStorePath(ProvRunner.getAafPropsUtils().getTruststorePathProperty());
 144         sslContextFactory.setTrustStorePassword(ProvRunner.getAafPropsUtils().getTruststorePassProperty());
 145
 146         sslContextFactory.setExcludeCipherSuites(
 147             "SSL_RSA_WITH_DES_CBC_SHA",
 148             "SSL_DHE_RSA_WITH_DES_CBC_SHA",
 149             "SSL_DHE_DSS_WITH_DES_CBC_SHA",
 150             "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
 151             "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
 152             "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
 153             "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
 154         );
 155         sslContextFactory.addExcludeProtocols("SSLv3");
 156         sslContextFactory.setIncludeProtocols(provProps.getProperty(
 157             "org.onap.dmaap.datarouter.provserver.https.include.protocols",
 158             "TLSv1.1|TLSv1.2").trim().split("\\|"));
 159
 160         intlogger.info("Unsupported protocols: " + String.join(",", sslContextFactory.getExcludeProtocols()));
 161         intlogger.info("Supported protocols: " + String.join(",", sslContextFactory.getIncludeProtocols()));
 162         intlogger.info("Unsupported ciphers: " + String.join(",", sslContextFactory.getExcludeCipherSuites()));
 163         intlogger.info("Supported ciphers: " + String.join(",", sslContextFactory.getIncludeCipherSuites()));
 164
 165         return (SslContextFactory.Server) sslContextFactory;
 166     }
 167
 168     @NotNull
 169     private static CustomRequestLog getCustomRequestLog(Properties provProps) {
 170         String filename = provProps.getProperty(
 171             "org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd";
 172         String format = "yyyyMMdd";
 173         return new CustomRequestLog(filename, format);
 174     }
 175
 176     @NotNull
 177     private static HttpConfiguration getHttpConfiguration() {
 178         HttpConfiguration httpConfiguration = new HttpConfiguration();
 179         httpConfiguration.setOutputBufferSize(32768);
 180         httpConfiguration.setRequestHeaderSize(8192);
 181         httpConfiguration.setResponseHeaderSize(8192);
 182         httpConfiguration.setSendServerVersion(true);
 183         httpConfiguration.setSendDateHeader(false);
 184         return httpConfiguration;
 185     }
 186
 187     @NotNull
 188     private static ServletContextHandler getServletContextHandler(Properties provProps) {
 189         ServletContextHandler servletContextHandler = new ServletContextHandler(0);
 190         servletContextHandler.setContextPath("/");
 191         servletContextHandler.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
 192         servletContextHandler.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
 193         servletContextHandler.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
 194         servletContextHandler.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
 195         servletContextHandler.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
 196         servletContextHandler.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
 197         servletContextHandler.addServlet(new ServletHolder(new GroupServlet()), "/group/*");
 198         servletContextHandler.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
 199         servletContextHandler.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
 200         servletContextHandler.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
 201         servletContextHandler.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
 202         return servletContextHandler;
 203     }
 204 }