aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/main/bin/start.sh4
-rw-r--r--src/main/java/org/onap/aai/babel/BabelApplication.java23
-rw-r--r--src/main/java/org/onap/aai/babel/request/RequestHeaders.java7
-rw-r--r--src/main/resources/application.properties1
-rw-r--r--src/test/java/org/onap/aai/babel/TestApplication.java14
5 files changed, 32 insertions, 17 deletions
diff --git a/src/main/bin/start.sh b/src/main/bin/start.sh
index 3121c8e..8c4cdf5 100644
--- a/src/main/bin/start.sh
+++ b/src/main/bin/start.sh
@@ -35,6 +35,10 @@ PROPS="-DAPP_HOME=${APP_HOME}"
PROPS="${PROPS} -DCONFIG_HOME=${CONFIG_HOME}"
PROPS="${PROPS} -Dtosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json"
PROPS="${PROPS} -DKEY_STORE_PASSWORD=${KEY_STORE_PASSWORD}"
+if [ ! -z "$REQUIRE_CLIENT_AUTH" ]; then
+ PROPS="$PROPS -Dserver.ssl.client-auth=${REQUIRE_CLIENT_AUTH}"
+fi
+
JVM_MAX_HEAP=${MAX_HEAP:-1024}
exec java -Xmx${JVM_MAX_HEAP}m ${PROPS} -jar ${APP_HOME}/babel.jar
diff --git a/src/main/java/org/onap/aai/babel/BabelApplication.java b/src/main/java/org/onap/aai/babel/BabelApplication.java
index 9eaa0ce..e524e6e 100644
--- a/src/main/java/org/onap/aai/babel/BabelApplication.java
+++ b/src/main/java/org/onap/aai/babel/BabelApplication.java
@@ -21,7 +21,7 @@
package org.onap.aai.babel;
-import java.util.HashMap;
+import com.google.common.collect.ImmutableMap;
import org.eclipse.jetty.util.security.Password;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -38,26 +38,21 @@ public class BabelApplication extends SpringBootServletInitializer {
/**
* Spring Boot Initialization.
- *
+ *
* @param args
- * main args
+ * main args (expected to be null)
*/
public static void main(String[] args) {
String keyStorePassword = System.getProperty("KEY_STORE_PASSWORD");
if (keyStorePassword == null || keyStorePassword.isEmpty()) {
- throw new IllegalArgumentException("Env property KEY_STORE_PASSWORD not set");
+ throw new IllegalArgumentException("Mandatory property KEY_STORE_PASSWORD not set");
}
- HashMap<String, Object> props = new HashMap<>();
- String decryptedValue = keyStorePassword.startsWith(Password.__OBFUSCATE) ? //
- Password.deobfuscate(keyStorePassword) : keyStorePassword;
- props.put("server.ssl.key-store-password", decryptedValue);
+ ImmutableMap<String, Object> defaults =
+ ImmutableMap.of("server.ssl.key-store-password", new Password(keyStorePassword).toString());
- String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
- props.put("server.ssl.client-auth",
- Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
-
- context = new BabelApplication()
- .configure(new SpringApplicationBuilder(BabelApplication.class).properties(props)).run(args);
+ context = new BabelApplication() //
+ .configure(new SpringApplicationBuilder(BabelApplication.class).properties(defaults)) //
+ .run(args);
}
public static void exit() {
diff --git a/src/main/java/org/onap/aai/babel/request/RequestHeaders.java b/src/main/java/org/onap/aai/babel/request/RequestHeaders.java
index f0d960c..1850d62 100644
--- a/src/main/java/org/onap/aai/babel/request/RequestHeaders.java
+++ b/src/main/java/org/onap/aai/babel/request/RequestHeaders.java
@@ -2,8 +2,8 @@
* ============LICENSE_START=======================================================
* org.onap.aai
* ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017-2018 European Software Marketing Ltd.
+ * Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2017-2019 European Software Marketing Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
+
package org.onap.aai.babel.request;
import java.util.Optional;
@@ -62,7 +63,7 @@ public class RequestHeaders {
* If the correlation ID contains the symbol : then this character and any trailing characters are removed. This
* allows for an incrementing numeric sequence where there are multiple HTTP requests for a single transaction.
*
- * @return the normalsed UUID used for correlating transactions across components, or else null (if no ID is set)
+ * @return the normalized UUID used for correlating transactions across components, or else null (if no ID is set)
*/
public String getCorrelationId() {
// If the request ID is missing, use the transaction ID (if present)
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index b845b8f..187826a 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,5 +1,6 @@
server.port=9516
server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
+server.ssl.client-auth=need
server.contextPath=/services/babel-service
diff --git a/src/test/java/org/onap/aai/babel/TestApplication.java b/src/test/java/org/onap/aai/babel/TestApplication.java
index 8c9ca5e..bb43b40 100644
--- a/src/test/java/org/onap/aai/babel/TestApplication.java
+++ b/src/test/java/org/onap/aai/babel/TestApplication.java
@@ -93,6 +93,20 @@ public class TestApplication {
BabelApplication.main(new String[] {});
}
+ /**
+ * This test asserts that if the KEY_STORE_PASSWORD System Property is set (and is not empty) then the value is
+ * passed to Jetty, debobfuscated, and used to open the key store, even if the resulting password value is actually
+ * an empty string.
+ */
+ @Test
+ public void testApplicationWithBlankObfuscatedKeyStorePassword() {
+ // Note that "OBF:" is correctly deobfuscated and results in an empty string.
+ System.setProperty("KEY_STORE_PASSWORD", "OBF:");
+ final CauseMatcher expectedCause = new CauseMatcher(IOException.class, "password was incorrect");
+ expectedEx.expectCause(expectedCause);
+ BabelApplication.main(new String[] {});
+ }
+
private static class CauseMatcher extends TypeSafeMatcher<Throwable> {
private final Class<? extends Throwable> type;