- aafPropsUtils = AafPropsUtils.getInstance();
-
- //HTTP Connector
- HandlerCollection handlerCollection;
- try (ServerConnector httpServerConnector =
- new ServerConnector(server, new HttpConnectionFactory(httpConfiguration))) {
- httpServerConnector.setPort(httpPort);
- httpServerConnector.setAcceptQueueSize(2);
- httpServerConnector.setIdleTimeout(300000);
-
- // SSL Context
- SslContextFactory sslContextFactory = new SslContextFactory();
- sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY);
- sslContextFactory.setKeyStorePath(getAafPropsUtils().getKeystorePathProperty());
- sslContextFactory.setKeyStorePassword(getAafPropsUtils().getKeystorePassProperty());
- sslContextFactory.setKeyManagerPassword(getAafPropsUtils().getKeystorePassProperty());
-
- String truststorePathProperty = getAafPropsUtils().getTruststorePathProperty();
- if (truststorePathProperty != null && truststorePathProperty.length() > 0) {
- intlogger.info("@@ TS -> " + truststorePathProperty);
- sslContextFactory.setTrustStoreType(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY);
- sslContextFactory.setTrustStorePath(truststorePathProperty);
- sslContextFactory.setTrustStorePassword(getAafPropsUtils().getTruststorePassProperty());
- } else {
- sslContextFactory.setTrustStorePath(AafPropsUtils.DEFAULT_TRUSTSTORE);
- sslContextFactory.setTrustStorePassword("changeit");
- }
-
- sslContextFactory.setWantClientAuth(true);
- sslContextFactory.setExcludeCipherSuites(
- "SSL_RSA_WITH_DES_CBC_SHA",
- "SSL_DHE_RSA_WITH_DES_CBC_SHA",
- "SSL_DHE_DSS_WITH_DES_CBC_SHA",
- "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
- "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
- "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
- "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
- );
- sslContextFactory.addExcludeProtocols("SSLv3");
- sslContextFactory.setIncludeProtocols(getProvProperties().getProperty(
- "org.onap.dmaap.datarouter.provserver.https.include.protocols",
- "TLSv1.1|TLSv1.2").trim().split("\\|"));
-
- intlogger.info("Not supported protocols prov server:-"
- + String.join(",", sslContextFactory.getExcludeProtocols()));
- intlogger.info("Supported protocols prov server:-"
- + String.join(",", sslContextFactory.getIncludeProtocols()));
- intlogger.info("Not supported ciphers prov server:-"
- + String.join(",", sslContextFactory.getExcludeCipherSuites()));
- intlogger.info("Supported ciphers prov server:-"
- + String.join(",", sslContextFactory.getIncludeCipherSuites()));
-
- // HTTPS configuration
- HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
- httpsConfiguration.setRequestHeaderSize(8192);
-
- // HTTPS connector
- try (ServerConnector httpsServerConnector = new ServerConnector(server,
- new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
- new HttpConnectionFactory(httpsConfiguration))) {
-
- httpsServerConnector.setPort(httpsPort);
- httpsServerConnector.setIdleTimeout(30000);
- httpsServerConnector.setAcceptQueueSize(2);
-
- // Servlet and Filter configuration
- ServletContextHandler servletContextHandler = new ServletContextHandler(0);
- servletContextHandler.setContextPath("/");
- servletContextHandler.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
- servletContextHandler.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
- servletContextHandler.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
- servletContextHandler.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
- servletContextHandler.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
- servletContextHandler.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
- servletContextHandler.addServlet(new ServletHolder(new GroupServlet()), "/group/*");
- servletContextHandler.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
- servletContextHandler.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
- servletContextHandler.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
- servletContextHandler.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
- servletContextHandler.addFilter(new FilterHolder(new ThrottleFilter()),
- "/publish/*", EnumSet.of(DispatcherType.REQUEST));
-
- //CADI Filter activation check
- if (Boolean.parseBoolean(getProvProperties().getProperty(
- "org.onap.dmaap.datarouter.provserver.cadi.enabled", "false"))) {
- servletContextHandler.addFilter(new FilterHolder(new DRProvCadiFilter(true, getAafPropsUtils().getPropAccess())),
- "/*", EnumSet.of(DispatcherType.REQUEST));
- intlogger.info("PROV0001 AAF CADI Auth enabled for ");
- }
-
- ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection();
- contextHandlerCollection.addHandler(servletContextHandler);
-
- // Server's Handler collection
- handlerCollection = new HandlerCollection();
- handlerCollection.setHandlers(new Handler[]{contextHandlerCollection, new DefaultHandler()});
- handlerCollection.addHandler(requestLogHandler);
-
- server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector});
- }
- }
- server.setHandler(handlerCollection);
-