Code Review / dmaap / dbcapi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Manage SSL connection to MR
[dmaap/dbcapi.git] / src / main / java / org / onap / dmaap / dbcapi / client / MrTopicConnection.java
diff --git a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java
index 18fdeba..0a5f91a 100644 (file)
--- a/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/client/MrTopicConnection.java
@@ -3,6 +3,8 @@
  * org.onap.dmaap
  * ================================================================================
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -29,11 +31,12 @@ import java.net.ProtocolException;
 import java.net.URL;
 import java.net.HttpURLConnection;
 
+import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
 
 import org.apache.commons.codec.binary.Base64;
-import org.apache.log4j.Logger;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.model.ApiError;
 import org.onap.dmaap.dbcapi.model.MR_Cluster;
@@ -47,14 +50,15 @@ public class MrTopicConnection extends BaseLoggingClass  {
        
        private  String mmProvCred; 
        private String unit_test;
-       private boolean useAAF;
-
+       private String authMethod;
+       private boolean hostnameVerify;
 
        public MrTopicConnection(String user, String pwd ) {
                mmProvCred = new String( user + ":" + pwd );
                DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
         unit_test = p.getProperty( "UnitTest", "No" );
-       useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
+       authMethod = p.getProperty("MR.authentication", "none");
+       hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true"));
        }
        
        public boolean makeTopicConnection( MR_Cluster cluster, String topic, String overrideFqdn ) {
@@ -64,24 +68,39 @@ public class MrTopicConnection extends BaseLoggingClass  {
 
                topicURL = cluster.getTopicProtocol() + "://" + fqdn + ":" + cluster.getTopicPort() + "/events/" + topic ;
 
-               if ( cluster.getTopicProtocol().equals( "https")) {
+               if ( "https".equals(cluster.getTopicProtocol())) {
                        return makeSecureConnection( topicURL );
                }
                return makeConnection( topicURL );
        }
 
+       
        private boolean makeSecureConnection( String pURL ) {
                logger.info( "makeConnection to " + pURL );
-       
+               
                try {
+                       HostnameVerifier hostnameVerifier = new HostnameVerifier() {
+                               @Override
+                               public boolean verify( String hostname, SSLSession session ) {
+                                       return true;
+                               }
+                       
+                       };
+       
+               
                        URL u = new URL( pURL );
-                       uc = (HttpsURLConnection) u.openConnection();
+                       uc = (HttpsURLConnection) u.openConnection();                   
                        uc.setInstanceFollowRedirects(false);
+                       if ( ! hostnameVerify ) {
+                               HttpsURLConnection ucs = (HttpsURLConnection) uc;
+                               ucs.setHostnameVerifier(hostnameVerifier);
+                       }
+       
                        logger.info( "open connection to " + pURL );
                        return(true);
                } catch (Exception e) {
             logger.error("Unexpected error during openConnection of " + pURL );
-            e.printStackTrace();
+            logger.error("Error", e);;
             return(false);
         }
 
@@ -97,7 +116,7 @@ public class MrTopicConnection extends BaseLoggingClass  {
                        return(true);
                } catch (Exception e) {
             logger.error("Unexpected error during openConnection of " + pURL );
-            e.printStackTrace();
+            logger.error("error", e);
             return(false);
         }
 
@@ -127,9 +146,11 @@ public class MrTopicConnection extends BaseLoggingClass  {
                try {
                        byte[] postData = postMessage.getBytes();
                        logger.info( "post fields=" + postMessage );
-                       if ( useAAF ) {
+                       if ( authMethod.equalsIgnoreCase("basicAuth") ) {
                                uc.setRequestProperty("Authorization", auth);
                                logger.info( "Authenticating with " + auth );
+                       } else if ( authMethod.equalsIgnoreCase("cert")) {
+                               logger.error( "MR.authentication set for client certificate.  Not supported yet.");
                        }
                        uc.setRequestMethod("POST");
                        uc.setRequestProperty("Content-Type", "application/json");
@@ -147,13 +168,10 @@ public class MrTopicConnection extends BaseLoggingClass  {
 
             } catch (ProtocolException pe) {
                  // Rcvd error instead of 100-Continue
-                 try {
-                     // work around glitch in Java 1.7.0.21 and likely others
-                     // without this, Java will connect multiple times to the server to run the same request
-                     uc.setDoOutput(false);
-                 } catch (Exception e) {
-                 }
+               callSetDoOutputOnError();
+                 
             }  catch ( SSLException se ) {
+               logger.error("Error", se);
                        response.setCode(500);
                        response.setMessage( se.getMessage());
                        return response;
@@ -194,16 +212,28 @@ public class MrTopicConnection extends BaseLoggingClass  {
                                response.setCode(500);
                                response.setMessage( "Unable to read response");
                                logger.warn( response.getMessage() );
-               e.printStackTrace();
+               logger.error("Error", e);
                        }
         }
                finally {
                        try {
                                uc.disconnect();
-                       } catch ( Exception e ) {}
+                       } catch ( Exception e ) {
+                               logger.error("Error", e);
+                       }
                }
                return response;
 
        }
+       
+       public void callSetDoOutputOnError() {
+               try {
+            // work around glitch in Java 1.7.0.21 and likely others
+            // without this, Java will connect multiple times to the server to run the same request
+            uc.setDoOutput(false);
+        } catch (Exception e) {
+                       logger.error("Error", e);
+        }
+       }
 
 }
Provides a northbound REST API to ONAP clients to manage DMaaP resources. This includes DMaaP components such as MR and DR, as well as provisioning of topics and feeds. Southbound, it communicates with the respective component APIs.