summaryrefslogtreecommitdiffstats
path: root/src/main/java/org/onap/dcae
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/onap/dcae')
-rwxr-xr-xsrc/main/java/org/onap/dcae/common/Constants.java1
-rwxr-xr-xsrc/main/java/org/onap/dcae/common/Parameters.java1
-rwxr-xr-xsrc/main/java/org/onap/dcae/common/RestapiCallNode.java74
-rwxr-xr-xsrc/main/java/org/onap/dcae/common/RestapiCallNodeUtil.java1
-rw-r--r--src/main/java/org/onap/dcae/controller/AccessController.java2
-rw-r--r--src/main/java/org/onap/dcae/controller/ControllerConfigInfo.java15
-rw-r--r--src/main/java/org/onap/dcae/controller/PersistentEventConnection.java1
7 files changed, 57 insertions, 38 deletions
diff --git a/src/main/java/org/onap/dcae/common/Constants.java b/src/main/java/org/onap/dcae/common/Constants.java
index 4c2c7b5..562fe99 100755
--- a/src/main/java/org/onap/dcae/common/Constants.java
+++ b/src/main/java/org/onap/dcae/common/Constants.java
@@ -45,4 +45,5 @@ public class Constants {
public static final String KSETTING_TRUST_STORE_PASSWORD = "trustStorePassword";
public static final String KSETTING_KEY_STORE_FILENAME = "keyStoreFileName";
public static final String KSETTING_KEY_STORE_PASSWD = "keyStorePassword";
+ public static final String KDEFAULT_DISABLE_SSL = "disableSsl";
}
diff --git a/src/main/java/org/onap/dcae/common/Parameters.java b/src/main/java/org/onap/dcae/common/Parameters.java
index 5bc85a5..00747ac 100755
--- a/src/main/java/org/onap/dcae/common/Parameters.java
+++ b/src/main/java/org/onap/dcae/common/Parameters.java
@@ -49,4 +49,5 @@ public class Parameters {
public String oAuthVersion;
public AuthType authtype;
public Boolean returnRequestPayload;
+ public boolean disableSsl;
}
diff --git a/src/main/java/org/onap/dcae/common/RestapiCallNode.java b/src/main/java/org/onap/dcae/common/RestapiCallNode.java
index 6fb232c..4d1a776 100755
--- a/src/main/java/org/onap/dcae/common/RestapiCallNode.java
+++ b/src/main/java/org/onap/dcae/common/RestapiCallNode.java
@@ -318,44 +318,46 @@ public class RestapiCallNode {
protected HttpResponse sendHttpRequest(String request, Parameters p) throws Exception {
/* Enable this code if external controller's keyStore file not availabale */
- /*Create a trust manager that does not validate certificate chains*/
-// TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
-// public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-// return null;
-// }
-// public void checkClientTrusted(X509Certificate[] certs, String authType) {
-// }
-// public void checkServerTrusted(X509Certificate[] certs, String authType) {
-// }
-// }
-// };
-//
-// // Install the all-trusting trust manager
-// SSLContext sc = SSLContext.getInstance("SSL");
-// sc.init(null, trustAllCerts, new java.security.SecureRandom());
-// HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-//
-// // Create all-trusting host name verifier
-// HostnameVerifier allHostsValid = new HostnameVerifier() {
-// public boolean verify(String hostname, SSLSession session) {
-// return true;
-// }
-// };
-//
-// // Install the all-trusting host verifier
-// log.info("Warning!!! No SSL handshake **************************************");
-// HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
- /*HELPER CODE END */
ClientConfig config = new DefaultClientConfig();
- SSLContext ssl = null;
- if (p.ssl && p.restapiUrl.startsWith("https")) {
- ssl = createSSLContext(p);
- }
- if (ssl != null) {
- HostnameVerifier hostnameVerifier = (hostname, session) -> true;
+ if (!p.disableSsl) {
+ SSLContext ssl = null;
+ if (p.ssl && p.restapiUrl.startsWith("https")) {
+ ssl = createSSLContext(p);
+ }
+ if (ssl != null) {
+ HostnameVerifier hostnameVerifier = (hostname, session) -> true;
+
+ config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
+ new HTTPSProperties(hostnameVerifier, ssl));
+ }
+ } else {
+
+ /* Create a trust manager that does not validate certificate chains */
+ TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
+ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+ public void checkClientTrusted(X509Certificate[] certs, String authType) {
+ }
+ public void checkServerTrusted(X509Certificate[] certs, String authType) {
+ }
+ }
+ };
+
+ /* Install the all-trusting trust manager */
+ SSLContext sc = SSLContext.getInstance("SSL");
+ sc.init(null, trustAllCerts, new java.security.SecureRandom());
+ HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+
+ /* Create all-trusting host name verifier */
+ HostnameVerifier allHostsValid = new HostnameVerifier() {
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }
+ };
- config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
- new HTTPSProperties(hostnameVerifier, ssl));
+ /* Install the all-trusting host verifier*/
+ HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
}
logProperties(config.getProperties());
diff --git a/src/main/java/org/onap/dcae/common/RestapiCallNodeUtil.java b/src/main/java/org/onap/dcae/common/RestapiCallNodeUtil.java
index 1ff00dd..9566658 100755
--- a/src/main/java/org/onap/dcae/common/RestapiCallNodeUtil.java
+++ b/src/main/java/org/onap/dcae/common/RestapiCallNodeUtil.java
@@ -84,6 +84,7 @@ public class RestapiCallNodeUtil {
p.partner = parseParam(paramMap, "partner", false, null);
p.dumpHeaders = Boolean.valueOf(parseParam(paramMap, "dumpHeaders", false, null));
p.returnRequestPayload = Boolean.valueOf(parseParam(paramMap, "returnRequestPayload", false, null));
+ p.disableSsl = Boolean.valueOf(parseParam(paramMap, "disableSsl", false, "true"));
log.info(p.toString());
return p;
}
diff --git a/src/main/java/org/onap/dcae/controller/AccessController.java b/src/main/java/org/onap/dcae/controller/AccessController.java
index c2ed5e3..bd80d97 100644
--- a/src/main/java/org/onap/dcae/controller/AccessController.java
+++ b/src/main/java/org/onap/dcae/controller/AccessController.java
@@ -71,6 +71,7 @@ public class AccessController {
.setController_subscriptionUrl(controller.get("controller_subscriptionUrl").toString())
.setController_accessTokenMethod(controller.get("controller_accessTokenMethod").toString())
.setController_subsMethod(controller.get("controller_subsMethod").toString())
+ .setController_disableSsl(controller.get("controller_disableSsl").toString())
.createControllerConfigInfo();
this.properties = properties;
this.ctx = new RestConfContext();
@@ -237,6 +238,7 @@ public class AccessController {
String KeyPassword = getKeyStorePassword(toAbsolutePath(this.getProperties().keystorePasswordFileLocation()));
paraMap.put(Constants.KSETTING_KEY_STORE_PASSWD, KeyPassword);
+ paraMap.put(Constants.KDEFAULT_DISABLE_SSL, "true");
}
private Path toAbsolutePath(final String path) {
diff --git a/src/main/java/org/onap/dcae/controller/ControllerConfigInfo.java b/src/main/java/org/onap/dcae/controller/ControllerConfigInfo.java
index 52cfc83..68eb162 100644
--- a/src/main/java/org/onap/dcae/controller/ControllerConfigInfo.java
+++ b/src/main/java/org/onap/dcae/controller/ControllerConfigInfo.java
@@ -29,7 +29,7 @@ public class ControllerConfigInfo {
private String controller_subscriptionUrl;
private String controller_accessTokenMethod;
private String controller_subsMethod;
-
+ private String controller_disableSsl;
public static class ControllerConfigInfoBuilder {
@@ -42,6 +42,7 @@ public class ControllerConfigInfo {
private String controller_subscriptionUrl;
private String controller_accessTokenMethod;
private String controller_subsMethod;
+ private String controller_disableSsl;
public ControllerConfigInfoBuilder setController_name(String controller_name) {
this.controller_name = controller_name;
@@ -88,6 +89,11 @@ public class ControllerConfigInfo {
return this;
}
+ public ControllerConfigInfoBuilder setController_disableSsl(String controller_disableSsl) {
+ this.controller_disableSsl = controller_disableSsl;
+ return this;
+ }
+
public ControllerConfigInfo createControllerConfigInfo() {
return new ControllerConfigInfo(this);
}
@@ -104,7 +110,7 @@ public class ControllerConfigInfo {
this.controller_subscriptionUrl = controllerConfigInfoBuilder.controller_subscriptionUrl;
this.controller_accessTokenMethod = controllerConfigInfoBuilder.controller_accessTokenMethod;
this.controller_subsMethod = controllerConfigInfoBuilder.controller_subsMethod;
-
+ this.controller_disableSsl = controllerConfigInfoBuilder.controller_disableSsl;
}
@@ -143,4 +149,9 @@ public class ControllerConfigInfo {
public String getController_subscriptionUrl() {
return controller_subscriptionUrl;
}
+
+ public String getController_disableSsl() {
+ return controller_disableSsl;
+ }
+
} \ No newline at end of file
diff --git a/src/main/java/org/onap/dcae/controller/PersistentEventConnection.java b/src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
index c963129..2fb782f 100644
--- a/src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
+++ b/src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
@@ -175,6 +175,7 @@ public class PersistentEventConnection implements Runnable {
modifyEventParamMap(Constants.KSETTING_REST_UNAME, parentCtrllr.getCfgInfo().getController_restapiUser());
modifyEventParamMap(Constants.KSETTING_REST_PASSWD, parentCtrllr.getCfgInfo().getController_restapiPassword());
modifyEventParamMap(Constants.KSETTING_HTTP_METHOD, parentCtrllr.getCfgInfo().getController_subsMethod());
+ modifyEventParamMap(Constants.KDEFAULT_DISABLE_SSL, parentCtrllr.getCfgInfo().getController_disableSsl());
parentCtrllr.getRestApiCallNode().sendRequest(eventParaMap, ctx, null);
} catch (Exception e) {