src/main/java/org/onap/dmaap/dbcapi/server/JettyServer.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * org.onap.dmaap
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property.
   6  *
   7  * Modifications Copyright (C) 2019 IBM.
   8  * ================================================================================
   9  * Licensed under the Apache License, Version 2.0 (the "License");
  10  * you may not use this file except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *      http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  * ============LICENSE_END=========================================================
  21  */
  22
  23 package org.onap.dmaap.dbcapi.server;
  24
  25 import com.google.common.collect.Sets;
  26 import javax.servlet.DispatcherType;
  27
  28 import org.eclipse.jetty.http.HttpVersion;
  29 import org.eclipse.jetty.server.*;
  30 import org.eclipse.jetty.servlet.DefaultServlet;
  31 import org.eclipse.jetty.servlet.ServletContextHandler;
  32 import org.eclipse.jetty.servlet.ServletHolder;
  33 import org.eclipse.jetty.util.ssl.SslContextFactory;
  34 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
  35
  36 import java.util.Properties;
  37
  38 /**
  39  * A  Jetty server which supports:
  40  *      - http and https (simultaneously for dev env)
  41  *  - REST API context
  42  *  - static html pages (for documentation).
  43  */
  44 public class JettyServer extends BaseLoggingClass {
  45
  46     private Server server;
  47
  48
  49     public Server getServer() {
  50         return server;
  51     }
  52
  53     public JettyServer(Properties params) throws Exception {
  54
  55         server = new Server();
  56         int httpPort = Integer.valueOf(params.getProperty("IntHttpPort", "80"));
  57         int sslPort = Integer.valueOf(params.getProperty("IntHttpsPort", "443"));
  58         boolean allowHttp = Boolean.valueOf(params.getProperty("HttpAllowed", "false"));
  59         serverLogger.info("port params: http=" + httpPort + " https=" + sslPort);
  60         serverLogger.info("allowHttp=" + allowHttp);
  61
  62         // HTTP Server
  63         HttpConfiguration http_config = new HttpConfiguration();
  64         http_config.setSecureScheme("https");
  65         http_config.setSecurePort(sslPort);
  66         http_config.setOutputBufferSize(32768);
  67
  68         try (ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(http_config))) {
  69             httpConnector.setPort(httpPort);
  70             httpConnector.setIdleTimeout(30000);
  71
  72             // HTTPS Server
  73
  74             HttpConfiguration https_config = new HttpConfiguration(http_config);
  75             https_config.addCustomizer(new SecureRequestCustomizer());
  76             SslContextFactory sslContextFactory = new SslContextFactory.Server();
  77             sslContextFactory.setWantClientAuth(true);
  78
  79             CertificateManager certificateManager = new CertficateManagerFactory(params).initCertificateManager();
  80             if ( ! certificateManager.isReady()) {
  81                 serverLogger.error("CertificateManager is not ready.  NOT starting https!");
  82             } else {
  83                 setUpKeystore(certificateManager, sslContextFactory);
  84                 setUpTrustStore(certificateManager, sslContextFactory);
  85
  86
  87                     if (sslPort != 0) {
  88                         try (ServerConnector sslConnector = new ServerConnector(server,
  89                             new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
  90                             new HttpConnectionFactory(https_config))) {
  91                             sslConnector.setPort(sslPort);
  92                             server.addConnector(sslConnector);
  93                             serverLogger.info("Starting sslConnector on port " + sslPort + " for https");
  94                         }
  95                     } else {
  96                         serverLogger.info("NOT starting sslConnector because InHttpsPort param is " + sslPort );
  97                     }
  98             }
  99             if (allowHttp) {
 100                 serverLogger.info("Starting httpConnector on port " + httpPort);
 101                 server.addConnector(httpConnector);
 102             } else {
 103                 serverLogger.info("NOT starting httpConnector because HttpAllowed param is " + allowHttp);
 104             }
 105         }
 106
 107         // Set context for servlet.  This is shared for http and https
 108         ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
 109         context.setContextPath("/");
 110         server.setHandler(context);
 111
 112         ServletHolder jerseyServlet = context
 113             .addServlet(org.glassfish.jersey.servlet.ServletContainer.class, "/webapi/*");
 114         jerseyServlet.setInitOrder(1);
 115         jerseyServlet.setInitParameter("jersey.config.server.provider.packages", "org.onap.dmaap.dbcapi.resources");
 116         jerseyServlet.setInitParameter("javax.ws.rs.Application", "org.onap.dmaap.dbcapi.server.ApplicationConfig");
 117
 118         // also serve up some static pages...
 119         ServletHolder staticServlet = context.addServlet(DefaultServlet.class, "/*");
 120         staticServlet.setInitParameter("resourceBase", "www");
 121         staticServlet.setInitParameter("pathInfoOnly", "true");
 122
 123         registerAuthFilters(context);
 124
 125         try {
 126
 127             serverLogger.info("Starting jetty server");
 128             String unit_test = params.getProperty("UnitTest", "No");
 129             serverLogger.info("UnitTest=" + unit_test);
 130             if (unit_test.equals("No")) {
 131                 server.start();
 132                 server.dumpStdErr();
 133                 server.join();
 134             }
 135         } catch (Exception e) {
 136             errorLogger.error("Exception " + e);
 137         } finally {
 138             server.destroy();
 139         }
 140
 141     }
 142
 143     private void registerAuthFilters(ServletContextHandler context) {
 144         context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthenticationFilter", "/webapi/*",
 145             Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
 146         context.addFilter("org.onap.dmaap.dbcapi.resources.AAFAuthorizationFilter", "/webapi/*",
 147             Sets.newEnumSet(Sets.newHashSet(DispatcherType.FORWARD, DispatcherType.REQUEST), DispatcherType.class));
 148     }
 149
 150     private void setUpKeystore(CertificateManager certificateManager, SslContextFactory sslContextFactory) {
 151         String keystore = certificateManager.getKeyStoreFile();
 152         logger.info("https Server using keystore at " + keystore);
 153         sslContextFactory.setKeyStorePath(keystore);
 154         sslContextFactory.setKeyStoreType(certificateManager.getKeyStoreType());
 155         sslContextFactory.setKeyStorePassword(certificateManager.getKeyStorePassword());
 156         sslContextFactory.setKeyManagerPassword(certificateManager.getKeyStorePassword());
 157     }
 158
 159     private void setUpTrustStore(CertificateManager certificateManager, SslContextFactory sslContextFactory) {
 160         String truststore = certificateManager.getTrustStoreFile();
 161         logger.info("https Server using truststore at " + truststore);
 162         sslContextFactory.setTrustStorePath(truststore);
 163         sslContextFactory.setTrustStoreType(certificateManager.getTrustStoreType());
 164         sslContextFactory.setTrustStorePassword(certificateManager.getTrustStorePassword());
 165     }
 166 }