X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdatarouter.git;a=blobdiff_plain;f=datarouter-node%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fnode%2FNodeMain.java;h=7a2691e47c67b2c051414fe78bab7f4b13f36882;hp=e07642c4540b336ce480bd614ef2d290177347c9;hb=5e6a9f65049e8e8d39e8dcab227e5d75b328b173;hpb=65229b8032f16fdfd045732b83902af92e79ab02 diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java index e07642c4..7a2691e4 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java @@ -23,19 +23,22 @@ package org.onap.dmaap.datarouter.node; -import java.util.Arrays; -import org.apache.log4j.Logger; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; import org.eclipse.jetty.http.HttpVersion; -import org.eclipse.jetty.server.Connector; -import org.eclipse.jetty.server.HttpConfiguration; -import org.eclipse.jetty.server.HttpConnectionFactory; -import org.eclipse.jetty.server.SecureRequestCustomizer; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.ServerConnector; -import org.eclipse.jetty.server.SslConnectionFactory; +import org.eclipse.jetty.server.*; +import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.onap.aaf.cadi.PropAccess; + +import javax.servlet.DispatcherType; +import java.io.IOException; +import java.io.InputStream; +import java.util.EnumSet; +import java.util.Properties; /** * The main starting point for the Data Router node @@ -45,7 +48,19 @@ public class NodeMain { private NodeMain() { } - private static Logger nodeMainLogger = Logger.getLogger("org.onap.dmaap.datarouter.node.NodeMain"); + private static EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeMain.class); + + class Inner { + InputStream getCadiProps() { + InputStream in = null; + try { + in = getClass().getClassLoader().getResourceAsStream("drNodeCadi.properties"); + } catch (Exception e) { + nodeMainLogger.error("Exception in Inner.getCadiProps() method ", e); + } + return in; + } + } private static class WaitForConfig implements Runnable { @@ -67,8 +82,8 @@ public class NodeMain { wait(); } catch (Exception exception) { nodeMainLogger - .debug("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(), - exception); + .error("NodeMain: waitForConfig exception. Exception Message:- " + exception.toString(), + exception); } } localNodeConfigManager.deregisterConfigTask(this); @@ -89,8 +104,8 @@ public class NodeMain { /** * Start the data router. *

- * The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.ConfigFile system - * property. By default, it is "etc/node.properties". + * The location of the node configuration file can be set using the org.onap.dmaap.datarouter.node.properties system + * property. By default, it is "/opt/app/datartr/etc/node.properties". */ public static void main(String[] args) throws Exception { nodeMainLogger.info("NODE0001 Data Router Node Starting"); @@ -100,15 +115,15 @@ public class NodeMain { (new WaitForConfig(nodeConfigManager)).waitForConfig(); delivery = new Delivery(nodeConfigManager); new LogManager(nodeConfigManager); + Server server = new Server(); + // HTTP configuration HttpConfiguration httpConfiguration = new HttpConfiguration(); httpConfiguration.setRequestHeaderSize(2048); // HTTP connector - ServletContextHandler ctxt; - try (ServerConnector httpServerConnector = new ServerConnector(server, - new HttpConnectionFactory(httpConfiguration))) { + try (ServerConnector httpServerConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfiguration))) { httpServerConnector.setPort(nodeConfigManager.getHttpPort()); httpServerConnector.setIdleTimeout(2000); @@ -118,10 +133,23 @@ public class NodeMain { sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile()); sslContextFactory.setKeyStorePassword(nodeConfigManager.getKSPass()); sslContextFactory.setKeyManagerPassword(nodeConfigManager.getKPass()); - /* Skip SSLv3 Fixes */ + + //SP-6 : Fixes for SDV scan to exclude/remove DES/3DES ciphers are taken care by upgrading jdk in descriptor.xml + sslContextFactory.setExcludeCipherSuites( + "SSL_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_DSS_WITH_DES_CBC_SHA", + "SSL_RSA_EXPORT_WITH_RC4_40_MD5", + "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" + ); + sslContextFactory.addExcludeProtocols("SSLv3"); - nodeMainLogger.info("Excluded protocols node-" + Arrays.toString(sslContextFactory.getExcludeProtocols())); - /* End of SSLv3 Fixes */ + sslContextFactory.setIncludeProtocols(nodeConfigManager.getEnabledprotocols()); + nodeMainLogger.info("NODE00004 Unsupported protocols node server:-" + String.join(",", sslContextFactory.getExcludeProtocols())); + nodeMainLogger.info("NODE00004 Supported protocols node server:-" + String.join(",", sslContextFactory.getIncludeProtocols())); + nodeMainLogger.info("NODE00004 Unsupported ciphers node server:-" + String.join(",", sslContextFactory.getExcludeCipherSuites())); HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); httpsConfiguration.setRequestHeaderSize(8192); @@ -133,21 +161,47 @@ public class NodeMain { // HTTPS connector try (ServerConnector httpsServerConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), - new HttpConnectionFactory(httpsConfiguration))) { + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfiguration))) { + httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); - httpsServerConnector.setIdleTimeout(500000); + httpsServerConnector.setIdleTimeout(3600000); httpsServerConnector.setAcceptQueueSize(2); + //Context Handler + ServletContextHandler servletContextHandler = new ServletContextHandler(0); + servletContextHandler.setContextPath("/"); + servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*"); + + //CADI Filter activation check + if (nodeConfigManager.getCadiEnabeld()) { + Properties cadiProperties = new Properties(); + try { + Inner obj = new NodeMain().new Inner(); + InputStream in = obj.getCadiProps(); + cadiProperties.load(in); + } catch (IOException e1) { + nodeMainLogger.error("NODE00005 Exception in NodeMain.Main() loading CADI properties ", e1); + } + cadiProperties.setProperty("aaf_locate_url", nodeConfigManager.getAafURL()); + nodeMainLogger.info("NODE00005 aaf_url set to - " + cadiProperties.getProperty("aaf_url")); + + PropAccess access = new PropAccess(cadiProperties); + servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, access)), "/*", EnumSet.of(DispatcherType.REQUEST)); + } + + server.setHandler(servletContextHandler); server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); } } - ctxt = new ServletContextHandler(0); - ctxt.setContextPath("/"); - server.setHandler(ctxt); - ctxt.addServlet(new ServletHolder(new NodeServlet()), "/*"); - nodeMainLogger.info("NODE0005 Data Router Node Activating Service"); - server.start(); + + try { + server.start(); + nodeMainLogger.info("NODE00006 Node Server started-" + server.getState()); + } catch (Exception e) { + nodeMainLogger.info("NODE00006 Jetty failed to start. Reporting will we unavailable", e); + } server.join(); + nodeMainLogger.info("NODE00007 Node Server joined - " + server.getState()); } }