package org.onap.dmaap.datarouter.node;
-import java.util.Arrays;
-import org.apache.log4j.Logger;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import java.util.EnumSet;
+import javax.servlet.DispatcherType;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
+import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.ssl.SslContextFactory;
/**
- * The main starting point for the Data Router node
+ * The main starting point for the Data Router node.
*/
public class NodeMain {
- private NodeMain() {
- }
-
- private static Logger nodeMainLogger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeMain");
-
- private static class WaitForConfig implements Runnable {
-
- private NodeConfigManager localNodeConfigManager;
-
- WaitForConfig(NodeConfigManager ncm) {
- this.localNodeConfigManager = ncm;
- }
-
- public synchronized void run() {
- notify();
- }
-
- synchronized void waitForConfig() {
- localNodeConfigManager.registerConfigTask(this);
- while (!localNodeConfigManager.isConfigured()) {
- nodeMainLogger.info("NODE0003 Waiting for Node Configuration");
- try {
- wait();
- } catch (Exception exception) {
- nodeMainLogger
- .debug("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(),
- exception);
- }
- }
- localNodeConfigManager.deregisterConfigTask(this);
- nodeMainLogger.info("NODE0004 Node Configuration Data Received");
- }
- }
-
+ private static EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeMain.class);
private static Delivery delivery;
private static NodeConfigManager nodeConfigManager;
+ private NodeMain() {
+ }
+
/**
- * Reset the retry timer for a subscription
+ * Reset the retry timer for a subscription.
*/
+
static void resetQueue(String subid, String ip) {
delivery.resetQueue(nodeConfigManager.getSpoolDir(subid, ip));
}
/**
* Start the data router.
- * <p>
- * The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.ConfigFile system
- * property. By default, it is "etc/node.properties".
+ *
+ * <p>The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.properties
+ * system property. By default, it is "/opt/app/datartr/etc/node.properties".
*/
public static void main(String[] args) throws Exception {
- nodeMainLogger.info("NODE0001 Data Router Node Starting");
+ nodeMainLogger.debug("NODE0001 Data Router Node Starting");
IsFrom.setDNSCache();
nodeConfigManager = NodeConfigManager.getInstance();
- nodeMainLogger.info("NODE0002 I am " + nodeConfigManager.getMyName());
+ nodeMainLogger.debug("NODE0002 I am " + nodeConfigManager.getMyName());
(new WaitForConfig(nodeConfigManager)).waitForConfig();
delivery = new Delivery(nodeConfigManager);
new LogManager(nodeConfigManager);
+
Server server = new Server();
+
// HTTP configuration
HttpConfiguration httpConfiguration = new HttpConfiguration();
httpConfiguration.setRequestHeaderSize(2048);
// HTTP connector
- ServletContextHandler ctxt;
try (ServerConnector httpServerConnector = new ServerConnector(server,
- new HttpConnectionFactory(httpConfiguration))) {
+ new HttpConnectionFactory(httpConfiguration))) {
httpServerConnector.setPort(nodeConfigManager.getHttpPort());
httpServerConnector.setIdleTimeout(2000);
sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile());
sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass());
sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass());
- /* Skip SSLv3 Fixes */
+
+ //SP-6: Fixes for SDV scan to exclude/remove DES/3DES
+ // ciphers are taken care by upgrading jdk in descriptor.xml
+ sslContextFactory.setExcludeCipherSuites(
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ );
+
sslContextFactory.addExcludeProtocols("SSLv3");
- nodeMainLogger.info("Excluded protocols node-" + Arrays.toString(sslContextFactory.getExcludeProtocols()));
- /* End of SSLv3 Fixes */
+ sslContextFactory.setIncludeProtocols(nodeConfigManager.getEnabledprotocols());
+ nodeMainLogger.debug("NODE00004 Unsupported protocols node server:-"
+ + String.join(",", sslContextFactory.getExcludeProtocols()));
+ nodeMainLogger.debug("NODE00004 Supported protocols node server:-"
+ + String.join(",", sslContextFactory.getIncludeProtocols()));
+ nodeMainLogger.debug("NODE00004 Unsupported ciphers node server:-"
+ + String.join(",", sslContextFactory.getExcludeCipherSuites()));
HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
httpsConfiguration.setRequestHeaderSize(8192);
// HTTPS connector
try (ServerConnector httpsServerConnector = new ServerConnector(server,
- new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
- new HttpConnectionFactory(httpsConfiguration))) {
+ new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(httpsConfiguration))) {
+
httpsServerConnector.setPort(nodeConfigManager.getHttpsPort());
- httpsServerConnector.setIdleTimeout(500000);
+ httpsServerConnector.setIdleTimeout(3600000);
httpsServerConnector.setAcceptQueueSize(2);
+ //Context Handler
+ ServletContextHandler servletContextHandler = new ServletContextHandler(0);
+ servletContextHandler.setContextPath("/");
+ servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*");
+
+ //CADI Filter activation check
+ if (nodeConfigManager.getCadiEnabled()) {
+ servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true,
+ nodeConfigManager.getNodeAafPropsUtils().getPropAccess())), "/*", EnumSet.of(DispatcherType.REQUEST));
+ }
+
+ server.setHandler(servletContextHandler);
server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
}
}
- ctxt = new ServletContextHandler(0);
- ctxt.setContextPath("/");
- server.setHandler(ctxt);
- ctxt.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*");
- nodeMainLogger.info("NODE0005 Data Router Node Activating Service");
- server.start();
+
+ try {
+ server.start();
+ nodeMainLogger.debug("NODE00006 Node Server started-" + server.getState());
+ } catch (Exception e) {
+ nodeMainLogger.error("NODE00006 Jetty failed to start. Reporting will we unavailable: "
+ + e.getMessage(), e);
+ }
server.join();
+ nodeMainLogger.debug("NODE00007 Node Server joined - " + server.getState());
+ }
+
+ private static class WaitForConfig implements Runnable {
+
+ private NodeConfigManager localNodeConfigManager;
+
+ WaitForConfig(NodeConfigManager ncm) {
+ this.localNodeConfigManager = ncm;
+ }
+
+ public synchronized void run() {
+ notifyAll();
+ }
+
+ synchronized void waitForConfig() {
+ localNodeConfigManager.registerConfigTask(this);
+ while (!localNodeConfigManager.isConfigured()) {
+ nodeMainLogger.debug("NODE0003 Waiting for Node Configuration");
+ try {
+ wait();
+ } catch (Exception exception) {
+ nodeMainLogger.error("NodeMain: waitForConfig exception. Exception Message:- "
+ + exception.toString(), exception);
+ }
+ }
+ localNodeConfigManager.deregisterConfigTask(this);
+ nodeMainLogger.debug("NODE0004 Node Configuration Data Received");
+ }
}
}
Code Review / dmaap / datarouter.git / blobdiff