* org.onap.dmaap
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import java.net.URL;
import java.net.HttpURLConnection;
+import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
import org.apache.commons.codec.binary.Base64;
-import org.apache.log4j.Logger;
import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.model.ApiError;
import org.onap.dmaap.dbcapi.model.MR_Cluster;
private String mmProvCred;
private String unit_test;
- private boolean useAAF;
-
+ private String authMethod;
+ private boolean hostnameVerify;
public MrTopicConnection(String user, String pwd ) {
mmProvCred = new String( user + ":" + pwd );
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
unit_test = p.getProperty( "UnitTest", "No" );
- useAAF= "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
+ authMethod = p.getProperty("MR.authentication", "none");
+ hostnameVerify= "true".equalsIgnoreCase(p.getProperty("MR.hostnameVerify", "true"));
}
public boolean makeTopicConnection( MR_Cluster cluster, String topic, String overrideFqdn ) {
topicURL = cluster.getTopicProtocol() + "://" + fqdn + ":" + cluster.getTopicPort() + "/events/" + topic ;
- if ( cluster.getTopicProtocol().equals( "https")) {
+ if ( "https".equals(cluster.getTopicProtocol())) {
return makeSecureConnection( topicURL );
}
return makeConnection( topicURL );
}
+
private boolean makeSecureConnection( String pURL ) {
logger.info( "makeConnection to " + pURL );
-
+
try {
+ HostnameVerifier hostnameVerifier = new HostnameVerifier() {
+ @Override
+ public boolean verify( String hostname, SSLSession session ) {
+ return true;
+ }
+
+ };
+
+
URL u = new URL( pURL );
- uc = (HttpsURLConnection) u.openConnection();
+ uc = (HttpsURLConnection) u.openConnection();
uc.setInstanceFollowRedirects(false);
+ if ( ! hostnameVerify ) {
+ HttpsURLConnection ucs = (HttpsURLConnection) uc;
+ ucs.setHostnameVerifier(hostnameVerifier);
+ }
+
logger.info( "open connection to " + pURL );
return(true);
} catch (Exception e) {
logger.error("Unexpected error during openConnection of " + pURL );
- e.printStackTrace();
+ logger.error("Error", e);;
return(false);
}
return(true);
} catch (Exception e) {
logger.error("Unexpected error during openConnection of " + pURL );
- e.printStackTrace();
+ logger.error("error", e);
return(false);
}
try {
byte[] postData = postMessage.getBytes();
logger.info( "post fields=" + postMessage );
- if ( useAAF ) {
+ if ( authMethod.equalsIgnoreCase("basicAuth") ) {
uc.setRequestProperty("Authorization", auth);
logger.info( "Authenticating with " + auth );
+ } else if ( authMethod.equalsIgnoreCase("cert")) {
+ logger.error( "MR.authentication set for client certificate. Not supported yet.");
}
uc.setRequestMethod("POST");
uc.setRequestProperty("Content-Type", "application/json");
} catch (ProtocolException pe) {
// Rcvd error instead of 100-Continue
- try {
- // work around glitch in Java 1.7.0.21 and likely others
- // without this, Java will connect multiple times to the server to run the same request
- uc.setDoOutput(false);
- } catch (Exception e) {
- }
+ callSetDoOutputOnError();
+
} catch ( SSLException se ) {
+ logger.error("Error", se);
response.setCode(500);
response.setMessage( se.getMessage());
return response;
response.setCode(500);
response.setMessage( "Unable to read response");
logger.warn( response.getMessage() );
- e.printStackTrace();
+ logger.error("Error", e);
}
}
finally {
try {
uc.disconnect();
- } catch ( Exception e ) {}
+ } catch ( Exception e ) {
+ logger.error("Error", e);
+ }
}
return response;
}
+
+ public void callSetDoOutputOnError() {
+ try {
+ // work around glitch in Java 1.7.0.21 and likely others
+ // without this, Java will connect multiple times to the server to run the same request
+ uc.setDoOutput(false);
+ } catch (Exception e) {
+ logger.error("Error", e);
+ }
+ }
}