diff options
author | Niharika Sharma <niharika.sharma@amdocs.com> | 2022-10-14 14:01:39 -0400 |
---|---|---|
committer | Niharika Sharma <niharika.sharma@amdocs.com> | 2022-10-14 14:01:39 -0400 |
commit | d132185f972de61328bef9d511b875c0eefd9b1c (patch) | |
tree | 57193b404f56d81430732083f07688f9253912b9 /src/main/java/org | |
parent | 13b9dcf4848fe3df7231c23613d07cd4779f946a (diff) |
Fixed AAI ModelLoader fails to connect to aai-babel
Issue-ID: AAI-3533
Signed-off-by: Niharika Sharma <niharika.sharma@amdocs.com>
Change-Id: I121263b0be39b13109782e0b5db02d3a36650d75
Diffstat (limited to 'src/main/java/org')
3 files changed, 53 insertions, 32 deletions
diff --git a/src/main/java/org/onap/aai/modelloader/config/ModelLoaderConfig.java b/src/main/java/org/onap/aai/modelloader/config/ModelLoaderConfig.java index adc58e5..f8c5d23 100644 --- a/src/main/java/org/onap/aai/modelloader/config/ModelLoaderConfig.java +++ b/src/main/java/org/onap/aai/modelloader/config/ModelLoaderConfig.java @@ -86,14 +86,14 @@ public class ModelLoaderConfig implements IConfiguration { protected static final String PROP_AAI_AUTHENTICATION_USER = PREFIX_AAI + "AUTH_USER"; protected static final String PROP_AAI_AUTHENTICATION_PASSWORD = PREFIX_AAI + "AUTH_PASSWORD"; protected static final String PROP_AAI_USE_GIZMO = PREFIX_AAI + "USE_GIZMO"; - + protected static final String PROP_AAI_USE_HTTPS = PREFIX_AAI + "USE_HTTPS"; protected static final String PROP_BABEL_BASE_URL = PREFIX_BABEL + "BASE_URL"; protected static final String PROP_BABEL_KEYSTORE_FILE = PREFIX_BABEL + SUFFIX_KEYSTORE_FILE; protected static final String PROP_BABEL_KEYSTORE_PASSWORD = PREFIX_BABEL + SUFFIX_KEYSTORE_PASS; protected static final String PROP_BABEL_TRUSTSTORE_FILE = PREFIX_BABEL + SUFFIX_TRUSTSTORE_FILE; protected static final String PROP_BABEL_TRUSTSTORE_PASSWORD = PREFIX_BABEL + SUFFIX_TRUSTSTORE_PASS; protected static final String PROP_BABEL_GENERATE_RESOURCE_URL = PREFIX_BABEL + "GENERATE_ARTIFACTS_URL"; - + protected static final String PROP_BABEL_USE_HTTPS = PREFIX_BABEL + "USE_HTTPS"; protected static final String PROP_DEBUG_INGEST_SIMULATOR = PREFIX_DEBUG + "INGEST_SIMULATOR"; protected static final String FILESEP = (System.getProperty("file.separator") == null) ? "/" : System.getProperty("file.separator"); @@ -305,6 +305,16 @@ public class ModelLoaderConfig implements IConfiguration { return useGizmo != null && useGizmo.equalsIgnoreCase("true"); } + public boolean useHttpsWithAAI() { + String useHttps = get(PROP_AAI_USE_HTTPS); + return useHttps != null && useHttps.equalsIgnoreCase("true"); + } + + public boolean useHttpsWithBabel() { + String useHttps = get(PROP_BABEL_USE_HTTPS); + return useHttps != null && useHttps.equalsIgnoreCase("true"); + } + /** * @return password for AAI authentication that has been reverse-engineered from its obfuscated form. */ diff --git a/src/main/java/org/onap/aai/modelloader/restclient/AaiRestClient.java b/src/main/java/org/onap/aai/modelloader/restclient/AaiRestClient.java index a2a4c5b..29c0c70 100644 --- a/src/main/java/org/onap/aai/modelloader/restclient/AaiRestClient.java +++ b/src/main/java/org/onap/aai/modelloader/restclient/AaiRestClient.java @@ -157,14 +157,23 @@ public class AaiRestClient { private RestClient setupClient() { RestClient restClient = new RestClient(); - // @formatter:off - restClient.validateServerHostname(false) - .validateServerCertChain(false) - .clientCertFile(config.getAaiKeyStorePath()) - .clientCertPassword(config.getAaiKeyStorePassword()) - .connectTimeoutMs(120000) - .readTimeoutMs(120000); - // @formatter:on + //Use certs only if SSL is enabled + if (config.useHttpsWithAAI()) + {// @formatter:off + restClient.validateServerHostname(false) + .validateServerCertChain(false) + .clientCertFile(config.getAaiKeyStorePath()) + .clientCertPassword(config.getAaiKeyStorePassword()) + .connectTimeoutMs(120000) + .readTimeoutMs(120000); + // @formatter:on + } + else { + restClient.validateServerHostname(false) + .validateServerCertChain(false) + .connectTimeoutMs(120000) + .readTimeoutMs(120000); + } if (useBasicAuth()) { restClient.authenticationMode(RestAuthenticationMode.SSL_BASIC); diff --git a/src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java b/src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java index 805fe34..289015c 100644 --- a/src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java +++ b/src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java @@ -98,34 +98,36 @@ public class HttpsBabelServiceClient implements BabelServiceClient { this.config = config; logger.debug(ModelLoaderMsgs.DISTRIBUTION_EVENT, "Creating Babel Service client"); + //Initialize SSL Context only if SSL is enabled + if (config.useHttpsWithBabel()) { + SSLContext ctx = SSLContext.getInstance(SSL_PROTOCOL); + KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYSTORE_ALGORITHM); + KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE); - SSLContext ctx = SSLContext.getInstance(SSL_PROTOCOL); - KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYSTORE_ALGORITHM); - KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE); + String clientCertPassword = config.getBabelKeyStorePassword(); - String clientCertPassword = config.getBabelKeyStorePassword(); - - char[] pwd = null; - if (clientCertPassword != null) { - pwd = clientCertPassword.toCharArray(); - } + char[] pwd = null; + if (clientCertPassword != null) { + pwd = clientCertPassword.toCharArray(); + } - TrustManager[] trustManagers = getTrustManagers(); + TrustManager[] trustManagers = getTrustManagers(); - String clientCertFileName = config.getBabelKeyStorePath(); - if (clientCertFileName == null) { - ctx.init(null, trustManagers, null); - } else { - InputStream fin = Files.newInputStream(Paths.get(clientCertFileName)); - keyStore.load(fin, pwd); - kmf.init(keyStore, pwd); - ctx.init(kmf.getKeyManagers(), trustManagers, null); - } + String clientCertFileName = config.getBabelKeyStorePath(); + if (clientCertFileName == null) { + ctx.init(null, trustManagers, null); + } else { + InputStream fin = Files.newInputStream(Paths.get(clientCertFileName)); + keyStore.load(fin, pwd); + kmf.init(keyStore, pwd); + ctx.init(kmf.getKeyManagers(), trustManagers, null); + } - logger.debug(ModelLoaderMsgs.DISTRIBUTION_EVENT, "Initialised context"); + logger.debug(ModelLoaderMsgs.DISTRIBUTION_EVENT, "Initialised context"); - HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory()); - HttpsURLConnection.setDefaultHostnameVerifier((host, session) -> true); + HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory()); + HttpsURLConnection.setDefaultHostnameVerifier((host, session) -> true); + } client = Client.create(new DefaultClientConfig()); |