remove the policy and security issue dependencies

Change-Id: If92573566a96ab85a7ee762b727740e2766ea6a0
Issue-ID: DMAAP-557
Signed-off-by: eronkeo <ronan.keogh@ericsson.com>

diff --git a/datarouter-node/pom.xml b/datarouter-node/pom.xml
index abd81af..fb28724 100755 (executable)
--- a/datarouter-node/pom.xml
+++ b/datarouter-node/pom.xml
@@ -86,52 +86,52 @@
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-server</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-continuation</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-util</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-deploy</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-servlet</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-servlets</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-http</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-security</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-websocket</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.websocket.version}</version>
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-io</artifactId>
-            <version>7.6.14.v20131031</version>
+            <version>${jetty.version}</version>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>

diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
index d765003..b9cdb54 100644 (file)
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
@@ -21,14 +21,12 @@
  * *
  ******************************************************************************/
 
-
 package org.onap.dmaap.datarouter.node;
 
+import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.servlet.*;
 import org.eclipse.jetty.util.ssl.*;
 import org.eclipse.jetty.server.*;
-import org.eclipse.jetty.server.nio.*;
-import org.eclipse.jetty.server.ssl.*;
 import org.apache.log4j.Logger;
 
 /**
@@ -43,7 +41,7 @@ public class NodeMain {
     private static class wfconfig implements Runnable {
         private NodeConfigManager ncm;
 
-        public wfconfig(NodeConfigManager ncm) {
+        wfconfig(NodeConfigManager ncm) {
             this.ncm = ncm;
         }
 
@@ -51,13 +49,14 @@ public class NodeMain {
             notify();
         }
 
-        public synchronized void waitforconfig() {
+        synchronized void waitforconfig() {
             ncm.registerConfigTask(this);
             while (!ncm.isConfigured()) {
                 logger.info("NODE0003 Waiting for Node Configuration");
                 try {
                     wait();
                 } catch (Exception e) {
+                    logger.debug("NodeMain: waitforconfig exception");
                 }
             }
             ncm.deregisterConfigTask(this);
@@ -71,7 +70,7 @@ public class NodeMain {
     /**
      * Reset the retry timer for a subscription
      */
-    public static void resetQueue(String subid, String ip) {
+    static void resetQueue(String subid, String ip) {
         d.resetQueue(ncm.getSpoolDir(subid, ip));
     }
 
@@ -91,25 +90,37 @@ public class NodeMain {
         d = new Delivery(ncm);
         LogManager lm = new LogManager(ncm);
         Server server = new Server();
-        SelectChannelConnector http = new SelectChannelConnector();
+
+        // HTTP configuration
+        HttpConfiguration http_config = new HttpConfiguration();
+        http_config.setIdleTimeout(2000);
+        http_config.setRequestHeaderSize(2048);
+
+        ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
         http.setPort(ncm.getHttpPort());
-        http.setMaxIdleTime(2000);
-        http.setRequestHeaderSize(2048);
-        SslSelectChannelConnector https = new SslSelectChannelConnector();
+
+        // HTTPS configuration
+        SslContextFactory sslContextFactory = new SslContextFactory();
+        sslContextFactory.setKeyStoreType(ncm.getKSType());
+        sslContextFactory.setKeyStorePath(ncm.getKSFile());
+        sslContextFactory.setKeyStorePassword(ncm.getKSPass());
+        sslContextFactory.setKeyManagerPassword(ncm.getKPass());
+
+        HttpConfiguration https_config = new HttpConfiguration(http_config);
+        https_config.setRequestHeaderSize(8192);
+
+        ServerConnector https = new ServerConnector(server,
+                new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+                new HttpConnectionFactory(https_config));
         https.setPort(ncm.getHttpsPort());
-        https.setMaxIdleTime(30000);
-        https.setRequestHeaderSize(8192);
-        SslContextFactory cf = https.getSslContextFactory();
-
-        /**Skip SSLv3 Fixes*/
-        cf.addExcludeProtocols("SSLv3");
-        logger.info("Excluded protocols node-" + cf.getExcludeProtocols());
-        /**End of SSLv3 Fixes*/
-
-        cf.setKeyStoreType(ncm.getKSType());
-        cf.setKeyStorePath(ncm.getKSFile());
-        cf.setKeyStorePassword(ncm.getKSPass());
-        cf.setKeyManagerPassword(ncm.getKPass());
+        https.setIdleTimeout(500000);
+        https.setAcceptQueueSize(2);
+
+        /* Skip SSLv3 Fixes */
+        sslContextFactory.addExcludeProtocols("SSLv3");
+        logger.info("Excluded protocols node-" + sslContextFactory.getExcludeProtocols());
+        /* End of SSLv3 Fixes */
+
         server.setConnectors(new Connector[]{http, https});
         ServletContextHandler ctxt = new ServletContextHandler(0);
         ctxt.setContextPath("/");

diff --git a/datarouter-prov/pom.xml b/datarouter-prov/pom.xml
index 269e015..0f1030d 100755 (executable)
--- a/datarouter-prov/pom.xml
+++ b/datarouter-prov/pom.xml
@@ -82,52 +82,52 @@
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-server</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-continuation</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-util</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-deploy</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-servlet</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-servlets</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-http</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-security</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-websocket</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.websocket.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.eclipse.jetty</groupId>\r
             <artifactId>jetty-io</artifactId>\r
-            <version>7.6.14.v20131031</version>\r
+            <version>${jetty.version}</version>\r
         </dependency>\r
         <dependency>\r
             <groupId>org.apache.commons</groupId>\r

diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
index abcd76c..60496e5 100644 (file)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
@@ -1,249 +1,267 @@
-/*******************************************************************************\r
- * ============LICENSE_START==================================================\r
- * * org.onap.dmaap\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * *\r
- *  *      http://www.apache.org/licenses/LICENSE-2.0\r
- * *\r
- *  * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-\r
-\r
-package org.onap.dmaap.datarouter.provisioning;\r
-\r
-import java.security.Security;\r
-import java.util.Properties;\r
-import java.util.Timer;\r
-\r
-import org.apache.log4j.Logger;\r
-import org.eclipse.jetty.server.Connector;\r
-import org.eclipse.jetty.server.Handler;\r
-import org.eclipse.jetty.server.NCSARequestLog;\r
-import org.eclipse.jetty.server.Server;\r
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;\r
-import org.eclipse.jetty.server.handler.DefaultHandler;\r
-import org.eclipse.jetty.server.handler.HandlerCollection;\r
-import org.eclipse.jetty.server.handler.RequestLogHandler;\r
-import org.eclipse.jetty.server.nio.SelectChannelConnector;\r
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;\r
-import org.eclipse.jetty.servlet.FilterHolder;\r
-import org.eclipse.jetty.servlet.FilterMapping;\r
-import org.eclipse.jetty.servlet.ServletContextHandler;\r
-import org.eclipse.jetty.servlet.ServletHolder;\r
-import org.eclipse.jetty.util.ssl.SslContextFactory;\r
-import org.eclipse.jetty.util.thread.QueuedThreadPool;\r
-import org.onap.dmaap.datarouter.provisioning.utils.DB;\r
-import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader;\r
-import org.onap.dmaap.datarouter.provisioning.utils.PurgeLogDirTask;\r
-import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter;\r
-\r
-/**\r
- * <p>\r
- * A main class which may be used to start the provisioning server with an "embedded" Jetty server.\r
- * Configuration is done via the properties file <i>provserver.properties</i>, which should be in the CLASSPATH.\r
- * The provisioning server may also be packaged with a web.xml and started as a traditional webapp.\r
- * </p>\r
- * <p>\r
- * Most of the work of the provisioning server is carried out within the eight servlets (configured below)\r
- * that are used to handle each of the eight types of requests the server may receive.\r
- * In addition, there are background threads started to perform other tasks:\r
- * </p>\r
- * <ul>\r
- * <li>One background Thread runs the {@link LogfileLoader} in order to process incoming logfiles.\r
- * This Thread is created as a side effect of the first successful POST to the /internal/logs/ servlet.</li>\r
- * <li>One background Thread runs the {@link SynchronizerTask} which is used to periodically\r
- * synchronize the database between active and standby servers.</li>\r
- * <li>One background Thread runs the {@link Poker} which is used to notify the nodes whenever\r
- * provisioning data changes.</li>\r
- * <li>One task is run once a day to run {@link PurgeLogDirTask} which purges older logs from the\r
- * /opt/app/datartr/logs directory.</li>\r
- * </ul>\r
- * <p>\r
- * The provisioning server is stopped by issuing a GET to the URL http://127.0.0.1/internal/halt\r
- * using <i>curl</i> or some other such tool.\r
- * </p>\r
- *\r
- * @author Robert Eby\r
- * @version $Id: Main.java,v 1.12 2014/03/12 19:45:41 eby Exp $\r
- */\r
-public class Main {\r
-    /**\r
-     * The truststore to use if none is specified\r
-     */\r
-    public static final String DEFAULT_TRUSTSTORE = "/opt/java/jdk/jdk180/jre/lib/security/cacerts";\r
-    public static final String KEYSTORE_TYPE_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.type";\r
-    public static final String KEYSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.path";\r
-    public static final String KEYSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.password";\r
-    public static final String TRUSTSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.path";\r
-    public static final String TRUSTSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.password";\r
-\r
-    /**\r
-     * The one and only {@link Server} instance in this JVM\r
-     */\r
-    private static Server server;\r
-\r
-    /**\r
-     * Starts the Data Router Provisioning server.\r
-     *\r
-     * @param args not used\r
-     * @throws Exception if Jetty has a problem starting\r
-     */\r
-    public static void main(String[] args) throws Exception {\r
-        Security.setProperty("networkaddress.cache.ttl", "4");\r
-        Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.internal");\r
-\r
-        // Check DB is accessible and contains the expected tables\r
-        if (!checkDatabase(logger))\r
-            System.exit(1);\r
-\r
-        logger.info("PROV0000 **** AT&T Data Router Provisioning Server starting....");\r
-\r
-        // Get properties\r
-        Properties p = (new DB()).getProperties();\r
-        int http_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080"));\r
-        int https_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "8443"));\r
-\r
-        // HTTP connector\r
-        SelectChannelConnector http = new SelectChannelConnector();\r
-        http.setPort(http_port);\r
-        http.setMaxIdleTime(300000);\r
-        http.setRequestHeaderSize(2048);\r
-        http.setAcceptors(2);\r
-        http.setConfidentialPort(https_port);\r
-        http.setLowResourcesConnections(20000);\r
-\r
-        // HTTPS connector\r
-        SslSelectChannelConnector https = new SslSelectChannelConnector();\r
-        https.setPort(https_port);\r
-        https.setMaxIdleTime(30000);\r
-        https.setRequestHeaderSize(8192);\r
-        https.setAcceptors(2);\r
-\r
-        // SSL stuff\r
-        SslContextFactory cf = https.getSslContextFactory();\r
-\r
-        /**Skip SSLv3 Fixes*/\r
-        cf.addExcludeProtocols("SSLv3");\r
-        logger.info("Excluded protocols prov-" + cf.getExcludeProtocols());\r
-        /**End of SSLv3 Fixes*/\r
-\r
-        cf.setKeyStoreType(p.getProperty(KEYSTORE_TYPE_PROPERTY, "jks"));\r
-        cf.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));\r
-        cf.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));\r
-        cf.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));\r
-        String ts = p.getProperty(TRUSTSTORE_PATH_PROPERTY);\r
-        if (ts != null && ts.length() > 0) {\r
-            System.out.println("@@ TS -> " + ts);\r
-            cf.setTrustStore(ts);\r
-            cf.setTrustStorePassword(p.getProperty(TRUSTSTORE_PASSWORD_PROPERTY));\r
-        } else {\r
-            cf.setTrustStore(DEFAULT_TRUSTSTORE);\r
-            cf.setTrustStorePassword("changeit");\r
-        }\r
-        cf.setTrustStore("/opt/app/datartr/self_signed/cacerts.jks");\r
-        cf.setTrustStorePassword("changeit");\r
-        cf.setWantClientAuth(true);\r
-\r
-        // Servlet and Filter configuration\r
-        ServletContextHandler ctxt = new ServletContextHandler(0);\r
-        ctxt.setContextPath("/");\r
-        ctxt.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");\r
-        ctxt.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");\r
-        ctxt.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");\r
-        ctxt.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");\r
-        ctxt.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");\r
-        ctxt.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");\r
-        ctxt.addServlet(new ServletHolder(new GroupServlet()), "/group/*"); //Provision groups - Rally US708115 -1610\r
-        ctxt.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");\r
-        ctxt.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");\r
-        ctxt.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");\r
-        ctxt.addServlet(new ServletHolder(new DRFeedsServlet()), "/");\r
-        ctxt.addFilter(new FilterHolder(new ThrottleFilter()), "/publish/*", FilterMapping.REQUEST);\r
-\r
-        ContextHandlerCollection contexts = new ContextHandlerCollection();\r
-        contexts.addHandler(ctxt);\r
-\r
-        // Request log configuration\r
-        NCSARequestLog nrl = new NCSARequestLog();\r
-        nrl.setFilename(p.getProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd");\r
-        nrl.setFilenameDateFormat("yyyyMMdd");\r
-        nrl.setRetainDays(90);\r
-        nrl.setAppend(true);\r
-        nrl.setExtended(false);\r
-        nrl.setLogCookies(false);\r
-        nrl.setLogTimeZone("GMT");\r
-\r
-        RequestLogHandler reqlog = new RequestLogHandler();\r
-        reqlog.setRequestLog(nrl);\r
-\r
-        // Server's Handler collection\r
-        HandlerCollection hc = new HandlerCollection();\r
-        hc.setHandlers(new Handler[]{contexts, new DefaultHandler()});\r
-        hc.addHandler(reqlog);\r
-\r
-        // Server's thread pool\r
-        QueuedThreadPool pool = new QueuedThreadPool();\r
-        pool.setMinThreads(10);\r
-        pool.setMaxThreads(200);\r
-        pool.setDetailedDump(false);\r
-\r
-        // Daemon to clean up the log directory on a daily basis\r
-        Timer rolex = new Timer();\r
-        rolex.scheduleAtFixedRate(new PurgeLogDirTask(), 0, 86400000L);    // run once per day\r
-\r
-        // Start LogfileLoader\r
-        LogfileLoader.getLoader();\r
-\r
-        // The server itself\r
-        server = new Server();\r
-        server.setThreadPool(pool);\r
-        server.setConnectors(new Connector[]{http, https});\r
-        server.setHandler(hc);\r
-        server.setStopAtShutdown(true);\r
-        server.setSendServerVersion(true);\r
-        server.setSendDateHeader(true);\r
-        server.setGracefulShutdown(5000);    // allow 5 seconds for servlets to wrap up\r
-        server.setDumpAfterStart(false);\r
-        server.setDumpBeforeStop(false);\r
-\r
-        server.start();\r
-        server.join();\r
-        logger.info("PROV0001 **** AT&T Data Router Provisioning Server halted.");\r
-    }\r
-\r
-    private static boolean checkDatabase(Logger logger) {\r
-        DB db = new DB();\r
-        return db.runRetroFits();\r
-    }\r
-\r
-    /**\r
-     * Stop the Jetty server.\r
-     */\r
-    public static void shutdown() {\r
-        new Thread() {\r
-            @Override\r
-            public void run() {\r
-                try {\r
-                    server.stop();\r
-                    Thread.sleep(5000L);\r
-                    System.exit(0);\r
-                } catch (Exception e) {\r
-                    // ignore\r
-                }\r
-            }\r
-        }.start();\r
-    }\r
-}\r
+/*******************************************************************************
+ * ============LICENSE_START==================================================
+ * * org.onap.dmaap
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ *  *      http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ *  * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+
+
+package org.onap.dmaap.datarouter.provisioning;
+
+import java.security.*;
+import java.util.*;
+
+import org.apache.log4j.Logger;
+import org.eclipse.jetty.http.HttpVersion;
+import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.NCSARequestLog;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
+import org.eclipse.jetty.server.handler.ContextHandlerCollection;
+import org.eclipse.jetty.server.handler.DefaultHandler;
+import org.eclipse.jetty.server.handler.HandlerCollection;
+import org.eclipse.jetty.server.handler.RequestLogHandler;
+import org.eclipse.jetty.server.SslConnectionFactory;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.eclipse.jetty.servlet.FilterHolder;
+import org.eclipse.jetty.servlet.ServletContextHandler;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader;
+import org.onap.dmaap.datarouter.provisioning.utils.PurgeLogDirTask;
+import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter;
+
+import javax.servlet.DispatcherType;
+
+/**
+ * <p>
+ * A main class which may be used to start the provisioning server with an "embedded" Jetty server.
+ * Configuration is done via the properties file <i>provserver.properties</i>, which should be in the CLASSPATH.
+ * The provisioning server may also be packaged with a web.xml and started as a traditional webapp.
+ * </p>
+ * <p>
+ * Most of the work of the provisioning server is carried out within the eight servlets (configured below)
+ * that are used to handle each of the eight types of requests the server may receive.
+ * In addition, there are background threads started to perform other tasks:
+ * </p>
+ * <ul>
+ * <li>One background Thread runs the {@link LogfileLoader} in order to process incoming logfiles.
+ * This Thread is created as a side effect of the first successful POST to the /internal/logs/ servlet.</li>
+ * <li>One background Thread runs the {@link SynchronizerTask} which is used to periodically
+ * synchronize the database between active and standby servers.</li>
+ * <li>One background Thread runs the {@link Poker} which is used to notify the nodes whenever
+ * provisioning data changes.</li>
+ * <li>One task is run once a day to run {@link PurgeLogDirTask} which purges older logs from the
+ * /opt/app/datartr/logs directory.</li>
+ * </ul>
+ * <p>
+ * The provisioning server is stopped by issuing a GET to the URL http://127.0.0.1/internal/halt
+ * using <i>curl</i> or some other such tool.
+ * </p>
+ *
+ * @author Robert Eby
+ * @version $Id: Main.java,v 1.12 2014/03/12 19:45:41 eby Exp $
+ */
+public class Main {
+    /**
+     * The truststore to use if none is specified
+     */
+    public static final String DEFAULT_TRUSTSTORE = "/opt/java/jdk/jdk180/jre/lib/security/cacerts";
+    public static final String KEYSTORE_TYPE_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.type";
+    public static final String KEYSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.path";
+    public static final String KEYSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.password";
+    public static final String TRUSTSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.path";
+    public static final String TRUSTSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.password";
+
+    /**
+     * The one and only {@link Server} instance in this JVM
+     */
+    private static Server server;
+
+    /**
+     * Starts the Data Router Provisioning server.
+     *
+     * @param args not used
+     * @throws Exception if Jetty has a problem starting
+     */
+    public static void main(String[] args) throws Exception {
+        Security.setProperty("networkaddress.cache.ttl", "4");
+        Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.internal");
+
+        // Check DB is accessible and contains the expected tables
+        if (!checkDatabase(logger))
+            System.exit(1);
+
+        logger.info("PROV0000 **** AT&T Data Router Provisioning Server starting....");
+
+        // Get properties
+        Properties p = (new DB()).getProperties();
+        int http_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080"));
+        int https_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "8443"));
+
+        // HTTP connector
+        HttpConfiguration http_config = new HttpConfiguration();
+        http_config.setSecureScheme("https");
+        http_config.setSecurePort(https_port);
+        http_config.setOutputBufferSize(32768);
+        http_config.setRequestHeaderSize(2048);
+        http_config.setIdleTimeout(300000);
+        http_config.setSendServerVersion(true);
+        http_config.setSendDateHeader(false);
+
+        ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
+        http.setPort(http_port);
+        http.setAcceptQueueSize(2);
+
+        // HTTPS config
+        HttpConfiguration https_config = new HttpConfiguration(http_config);
+        https_config.setRequestHeaderSize(8192);
+
+        // HTTPS connector
+        SslContextFactory sslContextFactory = new SslContextFactory();
+        sslContextFactory.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));
+        sslContextFactory.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));
+        sslContextFactory.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));
+
+        ServerConnector https = new ServerConnector(server,
+                new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+                new HttpConnectionFactory(https_config));
+        https.setPort(https_port);
+        https.setIdleTimeout(30000);
+        https.setAcceptQueueSize(2);
+
+        // SSL stuff
+        /* Skip SSLv3 Fixes */
+        sslContextFactory.addExcludeProtocols("SSLv3");
+        logger.info("Excluded protocols prov-" + sslContextFactory.getExcludeProtocols());
+        /* End of SSLv3 Fixes */
+
+        sslContextFactory.setKeyStoreType(p.getProperty(KEYSTORE_TYPE_PROPERTY, "jks"));
+        sslContextFactory.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));
+        sslContextFactory.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));
+        sslContextFactory.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));
+        String ts = p.getProperty(TRUSTSTORE_PATH_PROPERTY);
+        if (ts != null && ts.length() > 0) {
+            System.out.println("@@ TS -> " + ts);
+            sslContextFactory.setTrustStorePath(ts);
+            sslContextFactory.setTrustStorePassword(p.getProperty(TRUSTSTORE_PASSWORD_PROPERTY));
+        } else {
+            sslContextFactory.setTrustStorePath(DEFAULT_TRUSTSTORE);
+            sslContextFactory.setTrustStorePassword("changeit");
+        }
+        sslContextFactory.setTrustStorePath("/opt/app/datartr/self_signed/cacerts.jks");
+        sslContextFactory.setTrustStorePassword("changeit");
+        sslContextFactory.setWantClientAuth(true);
+
+        // Servlet and Filter configuration
+        ServletContextHandler ctxt = new ServletContextHandler(0);
+        ctxt.setContextPath("/");
+        ctxt.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
+        ctxt.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
+        ctxt.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
+        ctxt.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
+        ctxt.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
+        ctxt.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
+        ctxt.addServlet(new ServletHolder(new GroupServlet()), "/group/*"); //Provision groups - Rally US708115 -1610
+        ctxt.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
+        ctxt.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
+        ctxt.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
+        ctxt.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
+        ctxt.addFilter(new FilterHolder(new ThrottleFilter()), "/publish/*", EnumSet.of(DispatcherType.REQUEST));
+
+        ContextHandlerCollection contexts = new ContextHandlerCollection();
+        contexts.addHandler(ctxt);
+
+        // Request log configuration
+        NCSARequestLog nrl = new NCSARequestLog();
+        nrl.setFilename(p.getProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd");
+        nrl.setFilenameDateFormat("yyyyMMdd");
+        nrl.setRetainDays(90);
+        nrl.setAppend(true);
+        nrl.setExtended(false);
+        nrl.setLogCookies(false);
+        nrl.setLogTimeZone("GMT");
+
+        RequestLogHandler reqlog = new RequestLogHandler();
+        reqlog.setRequestLog(nrl);
+
+        // Server's Handler collection
+        HandlerCollection hc = new HandlerCollection();
+        hc.setHandlers(new Handler[]{contexts, new DefaultHandler()});
+        hc.addHandler(reqlog);
+
+        // Server's thread pool
+        QueuedThreadPool queuedThreadPool = new QueuedThreadPool();
+        queuedThreadPool.setMinThreads(10);
+        queuedThreadPool.setMaxThreads(200);
+        queuedThreadPool.setDetailedDump(false);
+
+        // Daemon to clean up the log directory on a daily basis
+        Timer rolex = new Timer();
+        rolex.scheduleAtFixedRate(new PurgeLogDirTask(), 0, 86400000L);    // run once per day
+
+        // Start LogfileLoader
+        LogfileLoader.getLoader();
+
+        // The server itself
+        server = new Server(queuedThreadPool);
+
+        ServerConnector serverConnector = new ServerConnector(server,
+                new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+                new HttpConnectionFactory(https_config));
+        serverConnector.setPort(https_port);
+        serverConnector.setIdleTimeout(500000);
+
+        server.setConnectors(new Connector[]{http, https});
+        server.setHandler(hc);
+        server.setStopAtShutdown(true);
+        server.setStopTimeout(5000);
+
+        server.setDumpAfterStart(false);
+        server.setDumpBeforeStop(false);
+
+        server.start();
+        server.join();
+        logger.info("PROV0001 **** AT&T Data Router Provisioning Server halted.");
+    }
+
+    private static boolean checkDatabase(Logger logger) {
+        DB db = new DB();
+        return db.runRetroFits();
+    }
+
+    /**
+     * Stop the Jetty server.
+     */
+    static void shutdown() {
+        new Thread(() -> {
+            try {
+                server.stop();
+                Thread.sleep(5000L);
+                System.exit(0);
+            } catch (Exception e) {
+                // ignore
+            }
+        });
+    }
+}

diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
index 7f8d7a8..897c1ea 100644 (file)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
@@ -46,8 +46,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.log4j.Logger;\r
 import org.eclipse.jetty.continuation.Continuation;\r
 import org.eclipse.jetty.continuation.ContinuationSupport;\r
-import org.eclipse.jetty.server.AbstractHttpConnection;\r
-import org.eclipse.jetty.server.Request;\r
+import org.eclipse.jetty.server.*;\r
 import org.onap.dmaap.datarouter.provisioning.beans.Parameters;\r
 \r
 /**\r
@@ -174,15 +173,15 @@ public class ThrottleFilter extends TimerTask implements Filter {
 \r
     public void dropFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)\r
             throws IOException, ServletException {\r
-        int rate = getRequestRate((HttpServletRequest) request);\r
+        int rate = getRequestRate(request);\r
         if (rate >= n_requests) {\r
             // drop request - only works under Jetty\r
-            String m = String.format("Dropping connection: %s %d bad connections in %d minutes", getConnectionId((HttpServletRequest) request), rate, m_minutes);\r
+            String m = String.format("Dropping connection: %s %d bad connections in %d minutes", getConnectionId(request), rate, m_minutes);\r
             logger.info(m);\r
             Request base_request = (request instanceof Request)\r
                     ? (Request) request\r
-                    : AbstractHttpConnection.getCurrentConnection().getRequest();\r
-            base_request.getConnection().getEndPoint().close();\r
+                    : HttpConnection.getCurrentConnection().getHttpChannel().getRequest();\r
+            base_request.getHttpChannel().getEndPoint().close();\r
         } else {\r
             chain.doFilter(request, response);\r
         }\r
@@ -191,11 +190,11 @@ public class ThrottleFilter extends TimerTask implements Filter {
     public void throttleFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)\r
             throws IOException, ServletException {\r
         // throttle request\r
-        String id = getConnectionId((HttpServletRequest) request);\r
-        int rate = getRequestRate((HttpServletRequest) request);\r
+        String id = getConnectionId(request);\r
+        int rate = getRequestRate(request);\r
         Object results = request.getAttribute(THROTTLE_MARKER);\r
         if (rate >= n_requests && results == null) {\r
-            String m = String.format("Throttling connection: %s %d bad connections in %d minutes", getConnectionId((HttpServletRequest) request), rate, m_minutes);\r
+            String m = String.format("Throttling connection: %s %d bad connections in %d minutes", getConnectionId(request), rate, m_minutes);\r
             logger.info(m);\r
             Continuation continuation = ContinuationSupport.getContinuation(request);\r
             continuation.suspend();\r

diff --git a/pom.xml b/pom.xml
index 154e6a1..c5aa2fb 100755 (executable)
--- a/pom.xml
+++ b/pom.xml
@@ -7,9 +7,9 @@
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
-  * 
+  *
    *      http://www.apache.org/licenses/LICENSE-2.0
-  * 
+  *
    * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -45,6 +45,8 @@
         <sonar.jacoco.itReportPath>${project.build.directory}/coverage-reports/jacoco-it.exec</sonar.jacoco.itReportPath>
         <sonar.jacoco.reportMissing.force.zero>true</sonar.jacoco.reportMissing.force.zero>
         <sonar.projectVersion>${project.version}</sonar.projectVersion>
+        <jetty.version>9.4.11.v20180605</jetty.version>
+        <jetty.websocket.version>8.2.0.v20160908</jetty.websocket.version>
         <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
         <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
         <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>