summaryrefslogtreecommitdiffstats
path: root/cadi/servlet-sample/src/test/java/org
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-10-15 07:37:28 -0500
committerInstrumental <jonathan.gathman@att.com>2018-10-15 07:38:55 -0500
commit93871ff58e90a91d359f72b00a92fe1e28310b82 (patch)
tree199885fe72c46ae15ef06d95ff3be28ce9469b83 /cadi/servlet-sample/src/test/java/org
parent1ccc1ca3fbd7bc1357a4d63d5fa5a29ce3f0ab67 (diff)
Add Servlet Sample
Includes CA Bootstrap names for K8 Issue-ID: AAF-451 Change-Id: Ibc34a21cad0b38c5d56dbc20d84deb5bf66e9d64 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/servlet-sample/src/test/java/org')
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java127
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java45
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java112
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java46
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java101
5 files changed, 0 insertions, 431 deletions
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
deleted file mode 100644
index 7d1eae96..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import javax.servlet.Servlet;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-
-// Uncomment if you utilized the "MiniJASPIWrap" in the Servlet setup in "main()", and want to protect your service via Permission or mapped role
-// @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
- public class MyServlet implements Servlet {
- private ServletConfig servletConfig;
-
- public void init(ServletConfig config) throws ServletException {
- servletConfig = config;
- }
-
- public ServletConfig getServletConfig() {
- return servletConfig;
- }
-
- public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
- HttpServletRequest request;
- try {
- request = (HttpServletRequest)req;
- } catch (ClassCastException e) {
- throw new ServletException("Only serving HTTP today",e);
- }
-
- res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
- request.getUserPrincipal());
-
- String perm = request.getParameter("PERM");
- if (perm!=null) {
- if (request.isUserInRole(perm)) {
- if (perm.indexOf('|')<0) {
- res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
- } else {
- res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
- }
- } else {
- if (perm.indexOf('|')<0) {
- res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
- } else {
- res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
- }
- }
- }
-
- // You can get the working AAFCon from Trans
- AAFCon<?> aafcon = AAFCon.obtain(req);
- if (aafcon!=null) {
- try {
- res.getOutputStream().println("----- Perms JSON from direct call -----");
- final Principal up = request.getUserPrincipal();
- TaggedPrincipal tp;
- if (up instanceof TaggedPrincipal) {
- tp = (TaggedPrincipal)up;
- } else {
- tp = new TaggedPrincipal() {
- @Override
- public String getName() {
- return up.getName();
- }
-
- @Override
- public String tag() {
- return "Unknown";
- }
- };
- }
- // This call will be "as the user calling", but only if permission is set to trust.
-// Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- Future<String> future = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- if (future.get(4000 /* timeout */)) {
- res.getOutputStream().print(future.value);
- } else {
- System.err.println(future.code() + ", " + future.body());
- res.getOutputStream().print(future.code() + ", " + future.body());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- } else {
- res.getOutputStream().println("No AAFCon instantiated");
- }
- res.getOutputStream().print("</pre></body></html>");
-
- }
-
- public String getServletInfo() {
- return "MyServlet";
- }
-
- public void destroy() {
- }
- } \ No newline at end of file
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
deleted file mode 100644
index a45725d7..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.util.EnumSet;
-
-import javax.servlet.DispatcherType;
-
-import org.eclipse.jetty.webapp.WebAppContext;
-import org.onap.aaf.cadi.filter.CadiFilter;
-
-
-
-public class Config {
- /**
- * Method to make jetty configurations (others?) with more complex function possible
- *
- * @param sc
- */
- public static final void addToContext(WebAppContext sc, String propFile) {
- sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
- sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
- }
-
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
deleted file mode 100644
index 165acffb..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.net.Inet4Address;
-import java.util.concurrent.ArrayBlockingQueue;
-
-import javax.servlet.Servlet;
-
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.handler.ContextHandler;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.FilterMapping;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfo;
-import org.onap.aaf.cadi.filter.CadiFilter;
-
-public abstract class JettyServletServer implements Servlet {
-
- public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
- // Defaults:
- int blockingQueueSize = 10;
- int corePoolSize = 10;
- int maxPoolSize = 10;
- int keepAliveTime = 3000;
- String hostname = access.getProperty(Config.HOSTNAME, null);
- if (hostname==null) {
- hostname = Inet4Address.getLocalHost().getHostName();
- }
-
- // Add your own Properties to override defaults
-
- ArrayBlockingQueue<Runnable> queue = new ArrayBlockingQueue<Runnable>(blockingQueueSize);
- QueuedThreadPool pool = new QueuedThreadPool(maxPoolSize,corePoolSize,keepAliveTime,queue);
- Server server = new Server(pool);
-
- String protocol;
- if (access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
- ServerConnector conn = new ServerConnector(server);
- conn.setHost(hostname);
- conn.setPort(port);
- server.addConnector(conn);
- protocol = "http";
- } else {
- // Setup Security
- SecurityInfo securityInfo = new SecurityInfo(access);
- SslContextFactory scf = new SslContextFactory();
- scf.setSslContext(securityInfo.getSSLContext());
- scf.setWantClientAuth(true);
- ServerConnector sslConnector = new ServerConnector(server,scf);
- sslConnector.setHost(hostname);
- sslConnector.setPort(port);
- server.addConnector(sslConnector);
- protocol = "https";
- }
-
- // Setup Sample Servlet
- CadiFilter cf = new CadiFilter(true,access);
- FilterHolder cfh = new FilterHolder(cf);
-
- ServletHandler shand = new ServletHandler();
- shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
- // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
- ServletHolder sh = new ServletHolder();
- sh.setServlet(servletCls.newInstance());
- shand.addServletWithMapping(sh,"/*");
-
- // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
- // with the "MiniJSAPIWrap class, as shown here. Then add "@RolesAllowed" on your
- // servlet (see sample). Use Pipe delimited Permissions, not AAF Roles in the line
- // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
- // call initialize after start
- ContextHandler ch = new ServletContextHandler();
- ch.setContextPath(context);
- ch.setHandler(shand);
- server.setHandler(ch);
- // Startup the Server
- server.setStopAtShutdown(true);
- server.start();
-
- access.log(Level.INFO,"TestServlet is running at " + protocol + "://"+hostname+':'+port+context);
- return server;
- }
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
deleted file mode 100644
index 6edd6f5b..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import org.eclipse.jetty.server.Server;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.sample.cadi.MyServlet;
-import org.onap.aaf.cadi.PropAccess;
-
-
-
-
-public class JettyStandalone {
- public static void main(String[] args) {
- PropAccess access = new PropAccess(args);
- try {
- Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
- server.join();
- } catch (Exception e) {
- access.log(Level.ERROR, e);
- } finally {
- access.log(Level.INFO,"Stopping Service");
- }
-
- }
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
deleted file mode 100644
index 4d170f3f..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.io.IOException;
-
-import javax.servlet.Servlet;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.UnavailableException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.eclipse.jetty.server.Request;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.onap.aaf.cadi.filter.RolesAllowed;
-
-
-
-/**
- * MiniJASPIWrap
- *
- * Support the ability to check JASPI Annotation Style Authorizations.
- *
- * This can be a clean way to enforce API Authorization without mistakes in code.
- *
- * @author JonathanGathman
- *
- */
-public class MiniJASPIWrap extends ServletHolder {
- private RolesAllowed rolesAllowed;
- //private String roles;
- public MiniJASPIWrap(Class<? extends Servlet> servlet) {
- super(servlet);
- this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- if (rolesAllowed!=null) {
- for (String str : rolesAllowed.value()) {
- if (first)first=false;
- else sb.append(',');
- sb.append(str);
- }
- }
- //roles = sb.toString();
- }
-
- /**
- * handle
- *
- * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
- * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style)
- */
- @Override
- public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException {
- if (rolesAllowed==null) {
- super.handle(baseRequest, request, response);
- } else { // Validate
- try {
-
- HttpServletRequest hreq = (HttpServletRequest)request;
- boolean proceed = false;
- for (String role : rolesAllowed.value()) {
- if (hreq.isUserInRole(role)) {
- proceed = true;
- break;
- }
- }
- if (proceed) {
- super.handle(baseRequest, request, response);
- } else {
- //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
- ((HttpServletResponse)response).sendError(403); // forbidden
- }
- } catch (ClassCastException e) {
- throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
- }
- }
- }
-
-}