aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoreronkeo <ronan.keogh@ericsson.com>2018-08-14 17:58:28 +0100
committereronkeo <ronan.keogh@ericsson.com>2018-08-14 19:48:59 +0100
commit85129f80a65aea102c07f695878a772ffa2dffc4 (patch)
tree508511cf080d0221c8fbe0bc597622e781159ff0
parent1841cb5d8da7b21996f8faad9d24f858e6ce8a41 (diff)
remove the policy and security issue dependencies
Change-Id: If92573566a96ab85a7ee762b727740e2766ea6a0 Issue-ID: DMAAP-557 Signed-off-by: eronkeo <ronan.keogh@ericsson.com>
-rwxr-xr-xdatarouter-node/pom.xml20
-rw-r--r--datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java57
-rwxr-xr-xdatarouter-prov/pom.xml20
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java516
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java17
-rwxr-xr-xpom.xml6
6 files changed, 333 insertions, 303 deletions
diff --git a/datarouter-node/pom.xml b/datarouter-node/pom.xml
index abd81afa..fb28724f 100755
--- a/datarouter-node/pom.xml
+++ b/datarouter-node/pom.xml
@@ -86,52 +86,52 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-continuation</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlets</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-http</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-websocket</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.websocket.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-io</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
index d7650030..b9cdb541 100644
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeMain.java
@@ -21,14 +21,12 @@
* *
******************************************************************************/
-
package org.onap.dmaap.datarouter.node;
+import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.servlet.*;
import org.eclipse.jetty.util.ssl.*;
import org.eclipse.jetty.server.*;
-import org.eclipse.jetty.server.nio.*;
-import org.eclipse.jetty.server.ssl.*;
import org.apache.log4j.Logger;
/**
@@ -43,7 +41,7 @@ public class NodeMain {
private static class wfconfig implements Runnable {
private NodeConfigManager ncm;
- public wfconfig(NodeConfigManager ncm) {
+ wfconfig(NodeConfigManager ncm) {
this.ncm = ncm;
}
@@ -51,13 +49,14 @@ public class NodeMain {
notify();
}
- public synchronized void waitforconfig() {
+ synchronized void waitforconfig() {
ncm.registerConfigTask(this);
while (!ncm.isConfigured()) {
logger.info("NODE0003 Waiting for Node Configuration");
try {
wait();
} catch (Exception e) {
+ logger.debug("NodeMain: waitforconfig exception");
}
}
ncm.deregisterConfigTask(this);
@@ -71,7 +70,7 @@ public class NodeMain {
/**
* Reset the retry timer for a subscription
*/
- public static void resetQueue(String subid, String ip) {
+ static void resetQueue(String subid, String ip) {
d.resetQueue(ncm.getSpoolDir(subid, ip));
}
@@ -91,25 +90,37 @@ public class NodeMain {
d = new Delivery(ncm);
LogManager lm = new LogManager(ncm);
Server server = new Server();
- SelectChannelConnector http = new SelectChannelConnector();
+
+ // HTTP configuration
+ HttpConfiguration http_config = new HttpConfiguration();
+ http_config.setIdleTimeout(2000);
+ http_config.setRequestHeaderSize(2048);
+
+ ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
http.setPort(ncm.getHttpPort());
- http.setMaxIdleTime(2000);
- http.setRequestHeaderSize(2048);
- SslSelectChannelConnector https = new SslSelectChannelConnector();
+
+ // HTTPS configuration
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStoreType(ncm.getKSType());
+ sslContextFactory.setKeyStorePath(ncm.getKSFile());
+ sslContextFactory.setKeyStorePassword(ncm.getKSPass());
+ sslContextFactory.setKeyManagerPassword(ncm.getKPass());
+
+ HttpConfiguration https_config = new HttpConfiguration(http_config);
+ https_config.setRequestHeaderSize(8192);
+
+ ServerConnector https = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(https_config));
https.setPort(ncm.getHttpsPort());
- https.setMaxIdleTime(30000);
- https.setRequestHeaderSize(8192);
- SslContextFactory cf = https.getSslContextFactory();
-
- /**Skip SSLv3 Fixes*/
- cf.addExcludeProtocols("SSLv3");
- logger.info("Excluded protocols node-" + cf.getExcludeProtocols());
- /**End of SSLv3 Fixes*/
-
- cf.setKeyStoreType(ncm.getKSType());
- cf.setKeyStorePath(ncm.getKSFile());
- cf.setKeyStorePassword(ncm.getKSPass());
- cf.setKeyManagerPassword(ncm.getKPass());
+ https.setIdleTimeout(500000);
+ https.setAcceptQueueSize(2);
+
+ /* Skip SSLv3 Fixes */
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ logger.info("Excluded protocols node-" + sslContextFactory.getExcludeProtocols());
+ /* End of SSLv3 Fixes */
+
server.setConnectors(new Connector[]{http, https});
ServletContextHandler ctxt = new ServletContextHandler(0);
ctxt.setContextPath("/");
diff --git a/datarouter-prov/pom.xml b/datarouter-prov/pom.xml
index 269e015d..0f1030d4 100755
--- a/datarouter-prov/pom.xml
+++ b/datarouter-prov/pom.xml
@@ -82,52 +82,52 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-continuation</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlets</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-http</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-websocket</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.websocket.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-io</artifactId>
- <version>7.6.14.v20131031</version>
+ <version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
index abcd76cd..60496e56 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/Main.java
@@ -1,249 +1,267 @@
-/*******************************************************************************
- * ============LICENSE_START==================================================
- * * org.onap.dmaap
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-
-
-package org.onap.dmaap.datarouter.provisioning;
-
-import java.security.Security;
-import java.util.Properties;
-import java.util.Timer;
-
-import org.apache.log4j.Logger;
-import org.eclipse.jetty.server.Connector;
-import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.NCSARequestLog;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;
-import org.eclipse.jetty.server.handler.DefaultHandler;
-import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.server.handler.RequestLogHandler;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.FilterMapping;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
-import org.onap.dmaap.datarouter.provisioning.utils.DB;
-import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader;
-import org.onap.dmaap.datarouter.provisioning.utils.PurgeLogDirTask;
-import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter;
-
-/**
- * <p>
- * A main class which may be used to start the provisioning server with an "embedded" Jetty server.
- * Configuration is done via the properties file <i>provserver.properties</i>, which should be in the CLASSPATH.
- * The provisioning server may also be packaged with a web.xml and started as a traditional webapp.
- * </p>
- * <p>
- * Most of the work of the provisioning server is carried out within the eight servlets (configured below)
- * that are used to handle each of the eight types of requests the server may receive.
- * In addition, there are background threads started to perform other tasks:
- * </p>
- * <ul>
- * <li>One background Thread runs the {@link LogfileLoader} in order to process incoming logfiles.
- * This Thread is created as a side effect of the first successful POST to the /internal/logs/ servlet.</li>
- * <li>One background Thread runs the {@link SynchronizerTask} which is used to periodically
- * synchronize the database between active and standby servers.</li>
- * <li>One background Thread runs the {@link Poker} which is used to notify the nodes whenever
- * provisioning data changes.</li>
- * <li>One task is run once a day to run {@link PurgeLogDirTask} which purges older logs from the
- * /opt/app/datartr/logs directory.</li>
- * </ul>
- * <p>
- * The provisioning server is stopped by issuing a GET to the URL http://127.0.0.1/internal/halt
- * using <i>curl</i> or some other such tool.
- * </p>
- *
- * @author Robert Eby
- * @version $Id: Main.java,v 1.12 2014/03/12 19:45:41 eby Exp $
- */
-public class Main {
- /**
- * The truststore to use if none is specified
- */
- public static final String DEFAULT_TRUSTSTORE = "/opt/java/jdk/jdk180/jre/lib/security/cacerts";
- public static final String KEYSTORE_TYPE_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.type";
- public static final String KEYSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.path";
- public static final String KEYSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.password";
- public static final String TRUSTSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.path";
- public static final String TRUSTSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.password";
-
- /**
- * The one and only {@link Server} instance in this JVM
- */
- private static Server server;
-
- /**
- * Starts the Data Router Provisioning server.
- *
- * @param args not used
- * @throws Exception if Jetty has a problem starting
- */
- public static void main(String[] args) throws Exception {
- Security.setProperty("networkaddress.cache.ttl", "4");
- Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.internal");
-
- // Check DB is accessible and contains the expected tables
- if (!checkDatabase(logger))
- System.exit(1);
-
- logger.info("PROV0000 **** AT&T Data Router Provisioning Server starting....");
-
- // Get properties
- Properties p = (new DB()).getProperties();
- int http_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080"));
- int https_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "8443"));
-
- // HTTP connector
- SelectChannelConnector http = new SelectChannelConnector();
- http.setPort(http_port);
- http.setMaxIdleTime(300000);
- http.setRequestHeaderSize(2048);
- http.setAcceptors(2);
- http.setConfidentialPort(https_port);
- http.setLowResourcesConnections(20000);
-
- // HTTPS connector
- SslSelectChannelConnector https = new SslSelectChannelConnector();
- https.setPort(https_port);
- https.setMaxIdleTime(30000);
- https.setRequestHeaderSize(8192);
- https.setAcceptors(2);
-
- // SSL stuff
- SslContextFactory cf = https.getSslContextFactory();
-
- /**Skip SSLv3 Fixes*/
- cf.addExcludeProtocols("SSLv3");
- logger.info("Excluded protocols prov-" + cf.getExcludeProtocols());
- /**End of SSLv3 Fixes*/
-
- cf.setKeyStoreType(p.getProperty(KEYSTORE_TYPE_PROPERTY, "jks"));
- cf.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));
- cf.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));
- cf.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));
- String ts = p.getProperty(TRUSTSTORE_PATH_PROPERTY);
- if (ts != null && ts.length() > 0) {
- System.out.println("@@ TS -> " + ts);
- cf.setTrustStore(ts);
- cf.setTrustStorePassword(p.getProperty(TRUSTSTORE_PASSWORD_PROPERTY));
- } else {
- cf.setTrustStore(DEFAULT_TRUSTSTORE);
- cf.setTrustStorePassword("changeit");
- }
- cf.setTrustStore("/opt/app/datartr/self_signed/cacerts.jks");
- cf.setTrustStorePassword("changeit");
- cf.setWantClientAuth(true);
-
- // Servlet and Filter configuration
- ServletContextHandler ctxt = new ServletContextHandler(0);
- ctxt.setContextPath("/");
- ctxt.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
- ctxt.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
- ctxt.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
- ctxt.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
- ctxt.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
- ctxt.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
- ctxt.addServlet(new ServletHolder(new GroupServlet()), "/group/*"); //Provision groups - Rally US708115 -1610
- ctxt.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
- ctxt.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
- ctxt.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
- ctxt.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
- ctxt.addFilter(new FilterHolder(new ThrottleFilter()), "/publish/*", FilterMapping.REQUEST);
-
- ContextHandlerCollection contexts = new ContextHandlerCollection();
- contexts.addHandler(ctxt);
-
- // Request log configuration
- NCSARequestLog nrl = new NCSARequestLog();
- nrl.setFilename(p.getProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd");
- nrl.setFilenameDateFormat("yyyyMMdd");
- nrl.setRetainDays(90);
- nrl.setAppend(true);
- nrl.setExtended(false);
- nrl.setLogCookies(false);
- nrl.setLogTimeZone("GMT");
-
- RequestLogHandler reqlog = new RequestLogHandler();
- reqlog.setRequestLog(nrl);
-
- // Server's Handler collection
- HandlerCollection hc = new HandlerCollection();
- hc.setHandlers(new Handler[]{contexts, new DefaultHandler()});
- hc.addHandler(reqlog);
-
- // Server's thread pool
- QueuedThreadPool pool = new QueuedThreadPool();
- pool.setMinThreads(10);
- pool.setMaxThreads(200);
- pool.setDetailedDump(false);
-
- // Daemon to clean up the log directory on a daily basis
- Timer rolex = new Timer();
- rolex.scheduleAtFixedRate(new PurgeLogDirTask(), 0, 86400000L); // run once per day
-
- // Start LogfileLoader
- LogfileLoader.getLoader();
-
- // The server itself
- server = new Server();
- server.setThreadPool(pool);
- server.setConnectors(new Connector[]{http, https});
- server.setHandler(hc);
- server.setStopAtShutdown(true);
- server.setSendServerVersion(true);
- server.setSendDateHeader(true);
- server.setGracefulShutdown(5000); // allow 5 seconds for servlets to wrap up
- server.setDumpAfterStart(false);
- server.setDumpBeforeStop(false);
-
- server.start();
- server.join();
- logger.info("PROV0001 **** AT&T Data Router Provisioning Server halted.");
- }
-
- private static boolean checkDatabase(Logger logger) {
- DB db = new DB();
- return db.runRetroFits();
- }
-
- /**
- * Stop the Jetty server.
- */
- public static void shutdown() {
- new Thread() {
- @Override
- public void run() {
- try {
- server.stop();
- Thread.sleep(5000L);
- System.exit(0);
- } catch (Exception e) {
- // ignore
- }
- }
- }.start();
- }
-}
+/*******************************************************************************
+ * ============LICENSE_START==================================================
+ * * org.onap.dmaap
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+
+
+package org.onap.dmaap.datarouter.provisioning;
+
+import java.security.*;
+import java.util.*;
+
+import org.apache.log4j.Logger;
+import org.eclipse.jetty.http.HttpVersion;
+import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.NCSARequestLog;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
+import org.eclipse.jetty.server.handler.ContextHandlerCollection;
+import org.eclipse.jetty.server.handler.DefaultHandler;
+import org.eclipse.jetty.server.handler.HandlerCollection;
+import org.eclipse.jetty.server.handler.RequestLogHandler;
+import org.eclipse.jetty.server.SslConnectionFactory;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.eclipse.jetty.servlet.FilterHolder;
+import org.eclipse.jetty.servlet.ServletContextHandler;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.onap.dmaap.datarouter.provisioning.utils.LogfileLoader;
+import org.onap.dmaap.datarouter.provisioning.utils.PurgeLogDirTask;
+import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter;
+
+import javax.servlet.DispatcherType;
+
+/**
+ * <p>
+ * A main class which may be used to start the provisioning server with an "embedded" Jetty server.
+ * Configuration is done via the properties file <i>provserver.properties</i>, which should be in the CLASSPATH.
+ * The provisioning server may also be packaged with a web.xml and started as a traditional webapp.
+ * </p>
+ * <p>
+ * Most of the work of the provisioning server is carried out within the eight servlets (configured below)
+ * that are used to handle each of the eight types of requests the server may receive.
+ * In addition, there are background threads started to perform other tasks:
+ * </p>
+ * <ul>
+ * <li>One background Thread runs the {@link LogfileLoader} in order to process incoming logfiles.
+ * This Thread is created as a side effect of the first successful POST to the /internal/logs/ servlet.</li>
+ * <li>One background Thread runs the {@link SynchronizerTask} which is used to periodically
+ * synchronize the database between active and standby servers.</li>
+ * <li>One background Thread runs the {@link Poker} which is used to notify the nodes whenever
+ * provisioning data changes.</li>
+ * <li>One task is run once a day to run {@link PurgeLogDirTask} which purges older logs from the
+ * /opt/app/datartr/logs directory.</li>
+ * </ul>
+ * <p>
+ * The provisioning server is stopped by issuing a GET to the URL http://127.0.0.1/internal/halt
+ * using <i>curl</i> or some other such tool.
+ * </p>
+ *
+ * @author Robert Eby
+ * @version $Id: Main.java,v 1.12 2014/03/12 19:45:41 eby Exp $
+ */
+public class Main {
+ /**
+ * The truststore to use if none is specified
+ */
+ public static final String DEFAULT_TRUSTSTORE = "/opt/java/jdk/jdk180/jre/lib/security/cacerts";
+ public static final String KEYSTORE_TYPE_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.type";
+ public static final String KEYSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.path";
+ public static final String KEYSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.keystore.password";
+ public static final String TRUSTSTORE_PATH_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.path";
+ public static final String TRUSTSTORE_PASSWORD_PROPERTY = "org.onap.dmaap.datarouter.provserver.truststore.password";
+
+ /**
+ * The one and only {@link Server} instance in this JVM
+ */
+ private static Server server;
+
+ /**
+ * Starts the Data Router Provisioning server.
+ *
+ * @param args not used
+ * @throws Exception if Jetty has a problem starting
+ */
+ public static void main(String[] args) throws Exception {
+ Security.setProperty("networkaddress.cache.ttl", "4");
+ Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.internal");
+
+ // Check DB is accessible and contains the expected tables
+ if (!checkDatabase(logger))
+ System.exit(1);
+
+ logger.info("PROV0000 **** AT&T Data Router Provisioning Server starting....");
+
+ // Get properties
+ Properties p = (new DB()).getProperties();
+ int http_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080"));
+ int https_port = Integer.parseInt(p.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "8443"));
+
+ // HTTP connector
+ HttpConfiguration http_config = new HttpConfiguration();
+ http_config.setSecureScheme("https");
+ http_config.setSecurePort(https_port);
+ http_config.setOutputBufferSize(32768);
+ http_config.setRequestHeaderSize(2048);
+ http_config.setIdleTimeout(300000);
+ http_config.setSendServerVersion(true);
+ http_config.setSendDateHeader(false);
+
+ ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
+ http.setPort(http_port);
+ http.setAcceptQueueSize(2);
+
+ // HTTPS config
+ HttpConfiguration https_config = new HttpConfiguration(http_config);
+ https_config.setRequestHeaderSize(8192);
+
+ // HTTPS connector
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));
+ sslContextFactory.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));
+ sslContextFactory.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));
+
+ ServerConnector https = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(https_config));
+ https.setPort(https_port);
+ https.setIdleTimeout(30000);
+ https.setAcceptQueueSize(2);
+
+ // SSL stuff
+ /* Skip SSLv3 Fixes */
+ sslContextFactory.addExcludeProtocols("SSLv3");
+ logger.info("Excluded protocols prov-" + sslContextFactory.getExcludeProtocols());
+ /* End of SSLv3 Fixes */
+
+ sslContextFactory.setKeyStoreType(p.getProperty(KEYSTORE_TYPE_PROPERTY, "jks"));
+ sslContextFactory.setKeyStorePath(p.getProperty(KEYSTORE_PATH_PROPERTY));
+ sslContextFactory.setKeyStorePassword(p.getProperty(KEYSTORE_PASSWORD_PROPERTY));
+ sslContextFactory.setKeyManagerPassword(p.getProperty("org.onap.dmaap.datarouter.provserver.keymanager.password"));
+ String ts = p.getProperty(TRUSTSTORE_PATH_PROPERTY);
+ if (ts != null && ts.length() > 0) {
+ System.out.println("@@ TS -> " + ts);
+ sslContextFactory.setTrustStorePath(ts);
+ sslContextFactory.setTrustStorePassword(p.getProperty(TRUSTSTORE_PASSWORD_PROPERTY));
+ } else {
+ sslContextFactory.setTrustStorePath(DEFAULT_TRUSTSTORE);
+ sslContextFactory.setTrustStorePassword("changeit");
+ }
+ sslContextFactory.setTrustStorePath("/opt/app/datartr/self_signed/cacerts.jks");
+ sslContextFactory.setTrustStorePassword("changeit");
+ sslContextFactory.setWantClientAuth(true);
+
+ // Servlet and Filter configuration
+ ServletContextHandler ctxt = new ServletContextHandler(0);
+ ctxt.setContextPath("/");
+ ctxt.addServlet(new ServletHolder(new FeedServlet()), "/feed/*");
+ ctxt.addServlet(new ServletHolder(new FeedLogServlet()), "/feedlog/*");
+ ctxt.addServlet(new ServletHolder(new PublishServlet()), "/publish/*");
+ ctxt.addServlet(new ServletHolder(new SubscribeServlet()), "/subscribe/*");
+ ctxt.addServlet(new ServletHolder(new StatisticsServlet()), "/statistics/*");
+ ctxt.addServlet(new ServletHolder(new SubLogServlet()), "/sublog/*");
+ ctxt.addServlet(new ServletHolder(new GroupServlet()), "/group/*"); //Provision groups - Rally US708115 -1610
+ ctxt.addServlet(new ServletHolder(new SubscriptionServlet()), "/subs/*");
+ ctxt.addServlet(new ServletHolder(new InternalServlet()), "/internal/*");
+ ctxt.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*");
+ ctxt.addServlet(new ServletHolder(new DRFeedsServlet()), "/");
+ ctxt.addFilter(new FilterHolder(new ThrottleFilter()), "/publish/*", EnumSet.of(DispatcherType.REQUEST));
+
+ ContextHandlerCollection contexts = new ContextHandlerCollection();
+ contexts.addHandler(ctxt);
+
+ // Request log configuration
+ NCSARequestLog nrl = new NCSARequestLog();
+ nrl.setFilename(p.getProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd");
+ nrl.setFilenameDateFormat("yyyyMMdd");
+ nrl.setRetainDays(90);
+ nrl.setAppend(true);
+ nrl.setExtended(false);
+ nrl.setLogCookies(false);
+ nrl.setLogTimeZone("GMT");
+
+ RequestLogHandler reqlog = new RequestLogHandler();
+ reqlog.setRequestLog(nrl);
+
+ // Server's Handler collection
+ HandlerCollection hc = new HandlerCollection();
+ hc.setHandlers(new Handler[]{contexts, new DefaultHandler()});
+ hc.addHandler(reqlog);
+
+ // Server's thread pool
+ QueuedThreadPool queuedThreadPool = new QueuedThreadPool();
+ queuedThreadPool.setMinThreads(10);
+ queuedThreadPool.setMaxThreads(200);
+ queuedThreadPool.setDetailedDump(false);
+
+ // Daemon to clean up the log directory on a daily basis
+ Timer rolex = new Timer();
+ rolex.scheduleAtFixedRate(new PurgeLogDirTask(), 0, 86400000L); // run once per day
+
+ // Start LogfileLoader
+ LogfileLoader.getLoader();
+
+ // The server itself
+ server = new Server(queuedThreadPool);
+
+ ServerConnector serverConnector = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(https_config));
+ serverConnector.setPort(https_port);
+ serverConnector.setIdleTimeout(500000);
+
+ server.setConnectors(new Connector[]{http, https});
+ server.setHandler(hc);
+ server.setStopAtShutdown(true);
+ server.setStopTimeout(5000);
+
+ server.setDumpAfterStart(false);
+ server.setDumpBeforeStop(false);
+
+ server.start();
+ server.join();
+ logger.info("PROV0001 **** AT&T Data Router Provisioning Server halted.");
+ }
+
+ private static boolean checkDatabase(Logger logger) {
+ DB db = new DB();
+ return db.runRetroFits();
+ }
+
+ /**
+ * Stop the Jetty server.
+ */
+ static void shutdown() {
+ new Thread(() -> {
+ try {
+ server.stop();
+ Thread.sleep(5000L);
+ System.exit(0);
+ } catch (Exception e) {
+ // ignore
+ }
+ });
+ }
+}
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
index 7f8d7a8c..897c1ea2 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java
@@ -46,8 +46,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.eclipse.jetty.continuation.Continuation;
import org.eclipse.jetty.continuation.ContinuationSupport;
-import org.eclipse.jetty.server.AbstractHttpConnection;
-import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.server.*;
import org.onap.dmaap.datarouter.provisioning.beans.Parameters;
/**
@@ -174,15 +173,15 @@ public class ThrottleFilter extends TimerTask implements Filter {
public void dropFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
- int rate = getRequestRate((HttpServletRequest) request);
+ int rate = getRequestRate(request);
if (rate >= n_requests) {
// drop request - only works under Jetty
- String m = String.format("Dropping connection: %s %d bad connections in %d minutes", getConnectionId((HttpServletRequest) request), rate, m_minutes);
+ String m = String.format("Dropping connection: %s %d bad connections in %d minutes", getConnectionId(request), rate, m_minutes);
logger.info(m);
Request base_request = (request instanceof Request)
? (Request) request
- : AbstractHttpConnection.getCurrentConnection().getRequest();
- base_request.getConnection().getEndPoint().close();
+ : HttpConnection.getCurrentConnection().getHttpChannel().getRequest();
+ base_request.getHttpChannel().getEndPoint().close();
} else {
chain.doFilter(request, response);
}
@@ -191,11 +190,11 @@ public class ThrottleFilter extends TimerTask implements Filter {
public void throttleFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
// throttle request
- String id = getConnectionId((HttpServletRequest) request);
- int rate = getRequestRate((HttpServletRequest) request);
+ String id = getConnectionId(request);
+ int rate = getRequestRate(request);
Object results = request.getAttribute(THROTTLE_MARKER);
if (rate >= n_requests && results == null) {
- String m = String.format("Throttling connection: %s %d bad connections in %d minutes", getConnectionId((HttpServletRequest) request), rate, m_minutes);
+ String m = String.format("Throttling connection: %s %d bad connections in %d minutes", getConnectionId(request), rate, m_minutes);
logger.info(m);
Continuation continuation = ContinuationSupport.getContinuation(request);
continuation.suspend();
diff --git a/pom.xml b/pom.xml
index 154e6a19..c5aa2fb3 100755
--- a/pom.xml
+++ b/pom.xml
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -45,6 +45,8 @@
<sonar.jacoco.itReportPath>${project.build.directory}/coverage-reports/jacoco-it.exec</sonar.jacoco.itReportPath>
<sonar.jacoco.reportMissing.force.zero>true</sonar.jacoco.reportMissing.force.zero>
<sonar.projectVersion>${project.version}</sonar.projectVersion>
+ <jetty.version>9.4.11.v20180605</jetty.version>
+ <jetty.websocket.version>8.2.0.v20160908</jetty.websocket.version>
<snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
<releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
<stagingNexusPath>/content/repositories/staging/</stagingNexusPath>