diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-09-17 07:09:26 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-09-17 07:09:38 -0500 |
commit | fa8d6a2ec732729a05db6e545318dd1e65cbb943 (patch) | |
tree | 8ef47d112994ddcb74207b7a20a7ac95cf452879 /cadi/servlet-sample | |
parent | e72d3300a54026cb317d2563c6449ffbb91b8b57 (diff) |
Remove Tomcat (Security Issue)
Issue-ID: AAF-420
Change-Id: I5990ca297cf7b196b8148161260a41c11d92399d
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/servlet-sample')
-rw-r--r-- | cadi/servlet-sample/pom.xml | 6 | ||||
-rw-r--r-- | cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java | 108 |
2 files changed, 4 insertions, 110 deletions
diff --git a/cadi/servlet-sample/pom.xml b/cadi/servlet-sample/pom.xml index 5711d440..de527c51 100644 --- a/cadi/servlet-sample/pom.xml +++ b/cadi/servlet-sample/pom.xml @@ -23,11 +23,13 @@ <version>${project.jettyVersion}</version> </dependency> - <dependency> + <!-- Tomcat Embedded has security flaws. not worth it for a sample + <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-jasper</artifactId> <version>${tomcat.version}</version> - </dependency> + </dependency> + --> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java deleted file mode 100644 index e82dddd2..00000000 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java +++ /dev/null @@ -1,108 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.sample.cadi.tomcate; - -import java.io.File; -import java.io.IOException; -import java.net.URISyntaxException; - -import org.apache.catalina.Service; -import org.apache.catalina.connector.Connector; -import org.apache.catalina.startup.Tomcat; -import org.apache.log4j.chainsaw.Main; -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.Access.Level; -import org.onap.aaf.cadi.PropAccess; - -/** - * @author JonathanGathman - * - */ -public class TomcatEmbedded { - - public static void main(String[] args) throws Exception { - System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true"); - Tomcat tomcat = new Tomcat(); - - Service service = tomcat.getService(); - service.addConnector(getSslConnector(new PropAccess(args), 8081)); - - tomcat.addWebapp("/caditest", getRootFolder().getAbsolutePath()); - - tomcat.start(); - tomcat.getServer().await(); - - } - - private static Connector getSslConnector(PropAccess access, int port) throws IOException { - Connector connector = new Connector(); - connector.setPort(port); - connector.setSecure(true); - connector.setScheme("https"); - setAttr(connector,access,"keyAlias","cadi_alias"); - setAttr(connector,access,"keystoreFile","cadi_keystore"); - connector.setAttribute("keystoreType", "PKCS12"); - setAttr(connector,access,"keystorePass","cadi_keystore_password"); - setAttr(connector,access,"truststoreFile","cadi_truststore"); - connector.setAttribute("truststoreType", "JKS"); - setAttr(connector,access,"truststorePass","cadi_truststore_password"); - connector.setAttribute("clientAuth", "want"); - connector.setAttribute("protocol", "HTTP/1.1"); - connector.setAttribute("sslProtocol", "TLS"); - connector.setAttribute("maxThreads", "200"); - connector.setAttribute("protocol", "org.apache.coyote.http11.Http11AprProtocol"); - connector.setAttribute("SSLEnabled", true); - return connector; - } - - private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException { - String value = access.getProperty(atag, null); - if (value==null) { - access.log(Level.ERROR, atag, "is null"); - } else { - if (value.startsWith("enc:")) { - access.log(Level.INIT,atag,"=enc:************"); - value = access.decrypt(value, false); - } else { - access.log(Level.INIT,atag,"=",value); - } - connector.setAttribute(ctag, value); - } - } - - private static File getRootFolder() { - try { - File root; - String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/"); - int lastIndexOf = runningJarPath.lastIndexOf("/target/"); - if (lastIndexOf < 0) { - root = new File(""); - } else { - root = new File(runningJarPath.substring(0, lastIndexOf)); - } - System.out.println("application resolved root folder: " + root.getAbsolutePath()); - return root; - } catch (URISyntaxException ex) { - throw new RuntimeException(ex); - } - } -} |