summaryrefslogtreecommitdiffstats
path: root/cadi/servlet-sample/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'cadi/servlet-sample/src/test')
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java174
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java20
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java96
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java24
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java96
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java62
6 files changed, 236 insertions, 236 deletions
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
index 466c02da..f11d8f89 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
@@ -36,91 +36,91 @@ import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
// Uncomment if you utilized the "MiniJASPIWrap" in the Servlet setup in "main()", and want to protect your service via Permission or mapped role
-// @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
- public class MyServlet implements Servlet {
- private ServletConfig servletConfig;
-
- public void init(ServletConfig config) throws ServletException {
- servletConfig = config;
- }
-
- public ServletConfig getServletConfig() {
- return servletConfig;
- }
-
- public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
- HttpServletRequest request;
- try {
- request = (HttpServletRequest)req;
- } catch (ClassCastException e) {
- throw new ServletException("Only serving HTTP today",e);
- }
-
- res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
- request.getUserPrincipal());
-
- String perm = request.getParameter("PERM");
- if(perm!=null) {
- if(request.isUserInRole(perm)) {
- if(perm.indexOf('|')<0) {
- res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
- } else {
- res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
- }
- } else {
- if(perm.indexOf('|')<0) {
- res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
- } else {
- res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
- }
- }
- }
-
- // You can get the working AAFCon from Trans
- AAFCon<?> aafcon = AAFCon.obtain(req);
- if(aafcon!=null) {
- try {
- res.getOutputStream().println("----- Perms JSON from direct call -----");
- final Principal up = request.getUserPrincipal();
- TaggedPrincipal tp;
- if(up instanceof TaggedPrincipal) {
- tp = (TaggedPrincipal)up;
- } else {
- tp = new TaggedPrincipal() {
- @Override
- public String getName() {
- return up.getName();
- }
+// @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
+ public class MyServlet implements Servlet {
+ private ServletConfig servletConfig;
+
+ public void init(ServletConfig config) throws ServletException {
+ servletConfig = config;
+ }
+
+ public ServletConfig getServletConfig() {
+ return servletConfig;
+ }
+
+ public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
+ HttpServletRequest request;
+ try {
+ request = (HttpServletRequest)req;
+ } catch (ClassCastException e) {
+ throw new ServletException("Only serving HTTP today",e);
+ }
+
+ res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
+ request.getUserPrincipal());
+
+ String perm = request.getParameter("PERM");
+ if(perm!=null) {
+ if(request.isUserInRole(perm)) {
+ if(perm.indexOf('|')<0) {
+ res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
+ } else {
+ res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
+ }
+ } else {
+ if(perm.indexOf('|')<0) {
+ res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
+ } else {
+ res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
+ }
+ }
+ }
+
+ // You can get the working AAFCon from Trans
+ AAFCon<?> aafcon = AAFCon.obtain(req);
+ if(aafcon!=null) {
+ try {
+ res.getOutputStream().println("----- Perms JSON from direct call -----");
+ final Principal up = request.getUserPrincipal();
+ TaggedPrincipal tp;
+ if(up instanceof TaggedPrincipal) {
+ tp = (TaggedPrincipal)up;
+ } else {
+ tp = new TaggedPrincipal() {
+ @Override
+ public String getName() {
+ return up.getName();
+ }
- @Override
- public String tag() {
- return "Unknown";
- }
- };
- }
- // This call will be "as the user calling", but only if permission is set to trust.
-// Future<String> future = aafcon.clientAs("2.0",tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- Future<String> future = aafcon.client("2.0").read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- if(future.get(4000 /* timeout */)) {
- res.getOutputStream().print(future.value);
- } else {
- System.err.println(future.code() + ", " + future.body());
- res.getOutputStream().print(future.code() + ", " + future.body());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- } else {
- res.getOutputStream().println("No AAFCon instantiated");
- }
- res.getOutputStream().print("</pre></body></html>");
-
- }
-
- public String getServletInfo() {
- return "MyServlet";
- }
-
- public void destroy() {
- }
- } \ No newline at end of file
+ @Override
+ public String tag() {
+ return "Unknown";
+ }
+ };
+ }
+ // This call will be "as the user calling", but only if permission is set to trust.
+// Future<String> future = aafcon.clientAs("2.0",tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+ Future<String> future = aafcon.client("2.0").read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+ if(future.get(4000 /* timeout */)) {
+ res.getOutputStream().print(future.value);
+ } else {
+ System.err.println(future.code() + ", " + future.body());
+ res.getOutputStream().print(future.code() + ", " + future.body());
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ } else {
+ res.getOutputStream().println("No AAFCon instantiated");
+ }
+ res.getOutputStream().print("</pre></body></html>");
+
+ }
+
+ public String getServletInfo() {
+ return "MyServlet";
+ }
+
+ public void destroy() {
+ }
+ } \ No newline at end of file
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
index 17f9b198..a45725d7 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
@@ -31,15 +31,15 @@ import org.onap.aaf.cadi.filter.CadiFilter;
public class Config {
- /**
- * Method to make jetty configurations (others?) with more complex function possible
- *
- * @param sc
- */
- public static final void addToContext(WebAppContext sc, String propFile) {
- sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
- sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
- }
-
+ /**
+ * Method to make jetty configurations (others?) with more complex function possible
+ *
+ * @param sc
+ */
+ public static final void addToContext(WebAppContext sc, String propFile) {
+ sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
+ sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
+ }
+
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
index 2d1fc097..cec8a539 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
@@ -43,70 +43,70 @@ import org.onap.aaf.cadi.config.SecurityInfo;
import org.onap.aaf.cadi.filter.CadiFilter;
public abstract class JettyServletServer implements Servlet {
-
- public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
- // Defaults:
- int blockingQueueSize = 10;
+
+ public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
+ // Defaults:
+ int blockingQueueSize = 10;
int corePoolSize = 10;
int maxPoolSize = 10;
int keepAliveTime = 3000;
- String hostname = access.getProperty(Config.HOSTNAME, null);
- if(hostname==null) {
- hostname = Inet4Address.getLocalHost().getHostName();
- }
+ String hostname = access.getProperty(Config.HOSTNAME, null);
+ if(hostname==null) {
+ hostname = Inet4Address.getLocalHost().getHostName();
+ }
// Add your own Properties to override defaults
ArrayBlockingQueue<Runnable> queue = new ArrayBlockingQueue<Runnable>(blockingQueueSize);
QueuedThreadPool pool = new QueuedThreadPool(maxPoolSize,corePoolSize,keepAliveTime,queue);
- Server server = new Server(pool);
+ Server server = new Server(pool);
- String protocol;
- if(access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
- ServerConnector conn = new ServerConnector(server);
- conn.setHost(hostname);
- conn.setPort(port);
- server.addConnector(conn);
- protocol = "http";
- } else {
- // Setup Security
- SecurityInfo securityInfo = new SecurityInfo(access);
- SslContextFactory scf = new SslContextFactory();
- scf.setSslContext(securityInfo.getSSLContext());
- scf.setWantClientAuth(true);
- ServerConnector sslConnector = new ServerConnector(server,scf);
- sslConnector.setHost(hostname);
- sslConnector.setPort(port);
- server.addConnector(sslConnector);
- protocol = "https";
- }
+ String protocol;
+ if(access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
+ ServerConnector conn = new ServerConnector(server);
+ conn.setHost(hostname);
+ conn.setPort(port);
+ server.addConnector(conn);
+ protocol = "http";
+ } else {
+ // Setup Security
+ SecurityInfo securityInfo = new SecurityInfo(access);
+ SslContextFactory scf = new SslContextFactory();
+ scf.setSslContext(securityInfo.getSSLContext());
+ scf.setWantClientAuth(true);
+ ServerConnector sslConnector = new ServerConnector(server,scf);
+ sslConnector.setHost(hostname);
+ sslConnector.setPort(port);
+ server.addConnector(sslConnector);
+ protocol = "https";
+ }
// Setup Sample Servlet
CadiFilter cf = new CadiFilter(true,access);
- FilterHolder cfh = new FilterHolder(cf);
-
- ServletHandler shand = new ServletHandler();
- shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
- // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
- ServletHolder sh = new ServletHolder();
- sh.setServlet(servletCls.newInstance());
- shand.addServletWithMapping(sh,"/*");
-
- // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
- // with the "MiniJSAPIWrap class, as shown here. Then add "@RolesAllowed" on your
- // servlet (see sample). Use Pipe delimited Permissions, not AAF Roles in the line
- // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
- // call initialize after start
- ContextHandler ch = new ServletContextHandler();
- ch.setContextPath(context);
- ch.setHandler(shand);
- server.setHandler(ch);
- // Startup the Server
+ FilterHolder cfh = new FilterHolder(cf);
+
+ ServletHandler shand = new ServletHandler();
+ shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
+ // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
+ ServletHolder sh = new ServletHolder();
+ sh.setServlet(servletCls.newInstance());
+ shand.addServletWithMapping(sh,"/*");
+
+ // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
+ // with the "MiniJSAPIWrap class, as shown here. Then add "@RolesAllowed" on your
+ // servlet (see sample). Use Pipe delimited Permissions, not AAF Roles in the line
+ // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
+ // call initialize after start
+ ContextHandler ch = new ServletContextHandler();
+ ch.setContextPath(context);
+ ch.setHandler(shand);
+ server.setHandler(ch);
+ // Startup the Server
server.setStopAtShutdown(true);
server.start();
access.log(Level.INFO,"TestServlet is running at " + protocol + "://"+hostname+':'+port+context);
return server;
- }
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
index 049e45e8..6edd6f5b 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
@@ -30,17 +30,17 @@ import org.onap.aaf.cadi.PropAccess;
public class JettyStandalone {
- public static void main(String[] args) {
- PropAccess access = new PropAccess(args);
- try {
- Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
- server.join();
- } catch (Exception e) {
- access.log(Level.ERROR, e);
- } finally {
- access.log(Level.INFO,"Stopping Service");
- }
-
- }
+ public static void main(String[] args) {
+ PropAccess access = new PropAccess(args);
+ try {
+ Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
+ server.join();
+ } catch (Exception e) {
+ access.log(Level.ERROR, e);
+ } finally {
+ access.log(Level.INFO,"Stopping Service");
+ }
+
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
index 904f3cdc..29462cfb 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
@@ -48,54 +48,54 @@ import org.onap.aaf.cadi.filter.RolesAllowed;
*
*/
public class MiniJASPIWrap extends ServletHolder {
- private RolesAllowed rolesAllowed;
- //private String roles;
- public MiniJASPIWrap(Class<? extends Servlet> servlet) {
- super(servlet);
- this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- if(rolesAllowed!=null) {
- for(String str : rolesAllowed.value()) {
- if(first)first=false;
- else sb.append(',');
- sb.append(str);
- }
- }
- //roles = sb.toString();
- }
+ private RolesAllowed rolesAllowed;
+ //private String roles;
+ public MiniJASPIWrap(Class<? extends Servlet> servlet) {
+ super(servlet);
+ this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ if(rolesAllowed!=null) {
+ for(String str : rolesAllowed.value()) {
+ if(first)first=false;
+ else sb.append(',');
+ sb.append(str);
+ }
+ }
+ //roles = sb.toString();
+ }
- /**
- * handle
- *
- * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
- * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style)
- */
- @Override
- public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException {
- if(rolesAllowed==null) {
- super.handle(baseRequest, request, response);
- } else { // Validate
- try {
-
- HttpServletRequest hreq = (HttpServletRequest)request;
- boolean proceed = false;
- for(String role : rolesAllowed.value()) {
- if(hreq.isUserInRole(role)) {
- proceed = true;
- break;
- }
- }
- if(proceed) {
- super.handle(baseRequest, request, response);
- } else {
- //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
- ((HttpServletResponse)response).sendError(403); // forbidden
- }
- } catch(ClassCastException e) {
- throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
- }
- }
- }
+ /**
+ * handle
+ *
+ * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
+ * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style)
+ */
+ @Override
+ public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException {
+ if(rolesAllowed==null) {
+ super.handle(baseRequest, request, response);
+ } else { // Validate
+ try {
+
+ HttpServletRequest hreq = (HttpServletRequest)request;
+ boolean proceed = false;
+ for(String role : rolesAllowed.value()) {
+ if(hreq.isUserInRole(role)) {
+ proceed = true;
+ break;
+ }
+ }
+ if(proceed) {
+ super.handle(baseRequest, request, response);
+ } else {
+ //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
+ ((HttpServletResponse)response).sendError(403); // forbidden
+ }
+ } catch(ClassCastException e) {
+ throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
+ }
+ }
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
index 415283a5..1597dbd5 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
@@ -39,7 +39,7 @@ import org.onap.aaf.cadi.PropAccess;
*/
public class TomcatEmbedded {
- public static void main(String[] args) throws Exception {
+ public static void main(String[] args) throws Exception {
System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true");
Tomcat tomcat = new Tomcat();
@@ -51,8 +51,8 @@ public class TomcatEmbedded {
tomcat.start();
tomcat.getServer().await();
- }
-
+ }
+
private static Connector getSslConnector(PropAccess access, int port) throws IOException {
Connector connector = new Connector();
connector.setPort(port);
@@ -75,34 +75,34 @@ public class TomcatEmbedded {
}
private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException {
- String value = access.getProperty(atag, null);
- if(value==null) {
- access.log(Level.ERROR, atag, "is null");
- } else {
- if(value.startsWith("enc:")) {
- access.log(Level.INIT,atag,"=enc:************");
- value = access.decrypt(value, false);
- } else {
- access.log(Level.INIT,atag,"=",value);
- }
- connector.setAttribute(ctag, value);
- }
+ String value = access.getProperty(atag, null);
+ if(value==null) {
+ access.log(Level.ERROR, atag, "is null");
+ } else {
+ if(value.startsWith("enc:")) {
+ access.log(Level.INIT,atag,"=enc:************");
+ value = access.decrypt(value, false);
+ } else {
+ access.log(Level.INIT,atag,"=",value);
+ }
+ connector.setAttribute(ctag, value);
+ }
}
- private static File getRootFolder() {
- try {
- File root;
- String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/");
- int lastIndexOf = runningJarPath.lastIndexOf("/target/");
- if (lastIndexOf < 0) {
- root = new File("");
- } else {
- root = new File(runningJarPath.substring(0, lastIndexOf));
- }
- System.out.println("application resolved root folder: " + root.getAbsolutePath());
- return root;
- } catch (URISyntaxException ex) {
- throw new RuntimeException(ex);
- }
- }
+ private static File getRootFolder() {
+ try {
+ File root;
+ String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/");
+ int lastIndexOf = runningJarPath.lastIndexOf("/target/");
+ if (lastIndexOf < 0) {
+ root = new File("");
+ } else {
+ root = new File(runningJarPath.substring(0, lastIndexOf));
+ }
+ System.out.println("application resolved root folder: " + root.getAbsolutePath());
+ return root;
+ } catch (URISyntaxException ex) {
+ throw new RuntimeException(ex);
+ }
+ }
}