diff options
author | efiacor <fiachra.corcoran@est.tech> | 2022-12-07 10:56:27 +0000 |
---|---|---|
committer | efiacor <fiachra.corcoran@est.tech> | 2022-12-07 15:59:59 +0000 |
commit | bda6aeaa60607ab4fe5af508156019d7bd5c0ce4 (patch) | |
tree | 24bae3847c1139ba9aed95ce286277202aae9a93 /datarouter-node/src/main | |
parent | b37d32a39c7096e39fc389f15d150e8c2b8c54c2 (diff) |
[DMAAP-DR] Remove AAF/TLS phase 1
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ifeae01dd8e7f0a737d8b74594a8061ae3d4ea647
Issue-ID: DMAAP-1642
Diffstat (limited to 'datarouter-node/src/main')
11 files changed, 241 insertions, 348 deletions
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java deleted file mode 100644 index 9cdaeecd..00000000 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.datarouter.node; - -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; -import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.filter.CadiFilter; - - -public class DRNodeCadiFilter extends CadiFilter { - - private static EELFLogger logger = EELFManager.getInstance().getLogger(DRNodeCadiFilter.class); - - DRNodeCadiFilter(boolean init, PropAccess access) throws ServletException { - super(init, access); - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - String path = httpRequest.getPathInfo(); - if (!(path.startsWith("/internal"))) { - if (!("POST".equalsIgnoreCase(httpRequest.getMethod()))) { - if ("DELETE".equalsIgnoreCase(httpRequest.getMethod()) && path.startsWith("/delete")) { - chain.doFilter(request, response); - } else { - doFilterWithFeedId(request, response, chain); - } - } - } else { - chain.doFilter(request, response); - } - } - - private String getFeedId(ServletRequest request, ServletResponse response) { - HttpServletRequest req = (HttpServletRequest) request; - HttpServletResponse resp = (HttpServletResponse) response; - String fileid = req.getPathInfo(); - if (fileid == null) { - logger.error("NODE0105 Rejecting bad URI for PUT " + req.getPathInfo() + " from " + req.getRemoteAddr()); - try { - resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>."); - } catch (IOException e) { - logger.error("NODE0541 DRNodeCadiFilter.getFeedId: ", e); - } - return null; - } - String feedid = ""; - - if (fileid.startsWith("/publish/")) { - fileid = fileid.substring(9); - int index = fileid.indexOf('/'); - if (index == -1 || index == fileid.length() - 1) { - logger.error("NODE0105 Rejecting bad URI for PUT (publish) of " + req.getPathInfo() + " from " + req - .getRemoteAddr()); - try { - resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. " - + "Possible missing fileid."); - } catch (IOException e) { - logger.error("NODE0542 DRNodeCadiFilter.getFeedId: ", e); - } - return null; - } - feedid = fileid.substring(0, index); - } - return feedid; - } - - private void doFilterWithFeedId(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - String feedId = getFeedId(request, response); - String aafDbInstance = NodeConfigManager.getInstance().getAafInstance(feedId); - if (aafDbInstance != null && !"".equals(aafDbInstance) && !"legacy".equalsIgnoreCase(aafDbInstance)) { - logger.info("DRNodeCadiFilter - doFilter: FeedId - " + feedId + ":" + "AAF Instance -" + aafDbInstance); - super.doFilter(request, response, chain); - } else { - logger.info("DRNodeCadiFilter - doFilter: FeedId - " + feedId + ":" + "Legacy Feed"); - chain.doFilter(request, response); - } - } -} diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java index 91622b3c..5cdb3445 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java @@ -37,7 +37,7 @@ import java.util.Arrays; */ public class IsFrom { - private static EELFLogger logger = EELFManager.getInstance().getLogger(IsFrom.class); + private static final EELFLogger logger = EELFManager.getInstance().getLogger(IsFrom.class); private long nextcheck; private String[] ips; private String fqdn; @@ -91,9 +91,9 @@ public class IsFrom { return true; } } catch (UnknownHostException e) { - logger.error("IsFrom: UnknownHostEx: " + e.toString(), e); + logger.error("IsFrom: UnknownHostEx: " + e, e); } catch (IOException e) { - logger.error("IsFrom: Failed to parse IP : " + ip + " : " + e.toString(), e); + logger.error("IsFrom: Failed to parse IP : " + ip + " : " + e, e); } return false; } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java index 0c31db99..ec49807e 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java @@ -29,8 +29,8 @@ import org.onap.aaf.cadi.PropAccess; class NodeAafPropsUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeAafPropsUtils.class); - private PropAccess propAccess; + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeAafPropsUtils.class); + private final PropAccess propAccess; NodeAafPropsUtils(File propsFile) throws IOException { propAccess = new PropAccess(); diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java index 3b950232..1debcf63 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java @@ -25,6 +25,7 @@ package org.onap.dmaap.datarouter.node; import static java.lang.System.exit; +import static java.lang.System.getProperty; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; @@ -54,10 +55,9 @@ import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; public class NodeConfigManager implements DeliveryQueueHelper { private static final String NODE_CONFIG_MANAGER = "NodeConfigManager"; - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeConfigManager.class); - private static NodeConfigManager base = new NodeConfigManager(); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeConfigManager.class); + private static NodeConfigManager base; - private Timer timer = new Timer("Node Configuration Timer", true); private long maxfailuretimer; private long initfailuretimer; private long waitForFileProcessFailureTimer; @@ -68,16 +68,17 @@ public class NodeConfigManager implements DeliveryQueueHelper { private double fdpstart; private double fdpstop; private int deliverythreads; - private String provurl; + private final String provurl; private String provhost; - private IsFrom provcheck; - private int gfport; - private int svcport; - private int port; - private String spooldir; - private String logdir; - private long logretention; - private String redirfile; + private final int intHttpPort; + private final int intHttpsPort; + private final int extHttpsPort; + private String[] enabledprotocols; + private final boolean cadiEnabled; + private String aafType; + private String aafInstance; + private String aafAction; + private final boolean tlsEnabled; private String kstype; private String ksfile; private String kspass; @@ -86,66 +87,45 @@ public class NodeConfigManager implements DeliveryQueueHelper { private String tsfile; private String tspass; private String myname; - private RedirManager rdmgr; - private RateLimitedOperation pfetcher; - private NodeConfig config; - private File quiesce; - private PublishId pid; - private String nak; - private TaskList configtasks = new TaskList(); - private String eventlogurl; - private String eventlogprefix; - private String eventlogsuffix; + private final String nak; + private final File quiesce; + private final String spooldir; + private final String logdir; + private final long logretention; + private final String eventlogurl; + private final String eventlogprefix; + private final String eventlogsuffix; private String eventloginterval; private boolean followredirects; - private String[] enabledprotocols; - private String aafType; - private String aafInstance; - private String aafAction; - private boolean tlsEnabled; - private boolean cadiEnabled; + private final TaskList configtasks = new TaskList(); + private final PublishId publishId; + private final IsFrom provcheck; + private final RedirManager rdmgr; + private final Timer timer = new Timer("Node Configuration Timer", true); + private final RateLimitedOperation pfetcher; + private NodeConfig config; private NodeAafPropsUtils nodeAafPropsUtils; - - + private static Properties drNodeProperties; + + public static Properties getDrNodeProperties() { + if (drNodeProperties == null) { + try (FileInputStream props = new FileInputStream(getProperty( + "org.onap.dmaap.datarouter.node.properties", + "/opt/app/datartr/etc/node.properties"))) { + drNodeProperties = new Properties(); + drNodeProperties.load(props); + } catch (IOException e) { + eelfLogger.error("Failed to load NODE properties: " + e.getMessage(), e); + exit(1); + } + } + return drNodeProperties; + } /** * Initialize the configuration of a Data Router node. */ private NodeConfigManager() { - - Properties drNodeProperties = new Properties(); - try (FileInputStream fileInputStream = new FileInputStream(System - .getProperty("org.onap.dmaap.datarouter.node.properties", "/opt/app/datartr/etc/node.properties"))) { - eelfLogger.debug("NODE0301 Loading local config file node.properties"); - drNodeProperties.load(fileInputStream); - } catch (Exception e) { - NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); - eelfLogger.error(EelfMsgs.MESSAGE_PROPERTIES_LOAD_ERROR, e, - System.getProperty("org.onap.dmaap.datarouter.node.properties", - "/opt/app/datartr/etc/node.properties")); - } - provurl = drNodeProperties.getProperty("ProvisioningURL", "https://dmaap-dr-prov:8443/internal/prov"); - String aafPropsFilePath = drNodeProperties - .getProperty("AAFPropsFilePath", "/opt/app/osaaf/local/org.onap.dmaap-dr.props"); - try { - nodeAafPropsUtils = new NodeAafPropsUtils(new File(aafPropsFilePath)); - } catch (IOException e) { - eelfLogger.error("NODE0314 Failed to load AAF props. Exiting", e); - exit(1); - } - /* - * START - AAF changes: TDP EPIC US# 307413 - * Pull AAF settings from node.properties - */ - aafType = drNodeProperties.getProperty("AAFType", "org.onap.dmaap-dr.feed"); - aafInstance = drNodeProperties.getProperty("AAFInstance", "legacy"); - aafAction = drNodeProperties.getProperty("AAFAction", "publish"); - cadiEnabled = Boolean.parseBoolean(drNodeProperties.getProperty("CadiEnabled", "false")); - /* - * END - AAF changes: TDP EPIC US# 307413 - * Pull AAF settings from node.properties - */ - //Disable and enable protocols*/ - enabledprotocols = ((drNodeProperties.getProperty("NodeHttpsProtocols")).trim()).split("\\|"); + provurl = getDrNodeProperties().getProperty("ProvisioningURL", "http://dmaap-dr-prov:8080/internal/prov"); try { provhost = (new URL(provurl)).getHost(); } catch (Exception e) { @@ -153,14 +133,49 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.error(EelfMsgs.MESSAGE_BAD_PROV_URL, e, provurl); exit(1); } - eelfLogger.debug("NODE0303 Provisioning server is " + provhost); - eventlogurl = drNodeProperties.getProperty("LogUploadURL", "https://feeds-drtr.web.att.com/internal/logs"); + eelfLogger.debug("NODE0303 Provisioning server is at: " + provhost); provcheck = new IsFrom(provhost); - gfport = Integer.parseInt(drNodeProperties.getProperty("IntHttpPort", "8080")); - svcport = Integer.parseInt(drNodeProperties.getProperty("IntHttpsPort", "8443")); - port = Integer.parseInt(drNodeProperties.getProperty("ExtHttpsPort", "443")); - spooldir = drNodeProperties.getProperty("SpoolDir", "spool"); - tlsEnabled = Boolean.parseBoolean(drNodeProperties.getProperty("TlsEnabled", "true")); + + cadiEnabled = Boolean.parseBoolean(getDrNodeProperties().getProperty("CadiEnabled", "false")); + if (cadiEnabled) { + aafType = getDrNodeProperties().getProperty("AAFType", "org.onap.dmaap-dr.feed"); + aafInstance = getDrNodeProperties().getProperty("AAFInstance", "legacy"); + aafAction = getDrNodeProperties().getProperty("AAFAction", "publish"); + } + tlsEnabled = Boolean.parseBoolean(getDrNodeProperties().getProperty("TlsEnabled", "true")); + if (isTlsEnabled()) { + try { + kstype = getDrNodeProperties().getProperty("KeyStoreType", "PKCS12"); + tstype = getDrNodeProperties().getProperty("TrustStoreType", "jks"); + enabledprotocols = ((getDrNodeProperties().getProperty("NodeHttpsProtocols")).trim()).split("\\|"); + nodeAafPropsUtils = new NodeAafPropsUtils(new File(getDrNodeProperties() + .getProperty("AAFPropsFilePath", "/opt/app/osaaf/local/org.onap.dmaap-dr.props"))); + getSslContextData(); + if (tsfile != null && tsfile.length() > 0) { + System.setProperty("javax.net.ssl.trustStoreType", tstype); + System.setProperty("javax.net.ssl.trustStore", tsfile); + System.setProperty("javax.net.ssl.trustStorePassword", tspass); + } + myname = NodeUtils.getCanonicalName(kstype, ksfile, kspass); + if (myname == null) { + NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); + eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_FETCH_ERROR, ksfile); + eelfLogger.error("NODE0309 Unable to fetch canonical name from keystore file " + ksfile); + exit(1); + } + eelfLogger.debug("NODE0304 My certificate says my name is " + myname); + } catch (Exception e) { + eelfLogger.error("NODE0314 Failed to load AAF props. Exiting", e); + exit(1); + } + } + myname = "dmaap-dr-node"; + + eventlogurl = getDrNodeProperties().getProperty("LogUploadURL", "https://feeds-drtr.web.att.com/internal/logs"); + intHttpPort = Integer.parseInt(getDrNodeProperties().getProperty("IntHttpPort", "80")); + intHttpsPort = Integer.parseInt(getDrNodeProperties().getProperty("IntHttpsPort", "443")); + extHttpsPort = Integer.parseInt(getDrNodeProperties().getProperty("ExtHttpsPort", "443")); + spooldir = getDrNodeProperties().getProperty("SpoolDir", "spool"); File fdir = new File(spooldir + "/f"); fdir.mkdirs(); @@ -171,39 +186,19 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.error("NODE0313 Failed to clear junk files from " + fdir.getPath(), e); } } - logdir = drNodeProperties.getProperty("LogDir", "logs"); + logdir = getDrNodeProperties().getProperty("LogDir", "logs"); (new File(logdir)).mkdirs(); - logretention = Long.parseLong(drNodeProperties.getProperty("LogRetention", "30")) * 86400000L; + logretention = Long.parseLong(getDrNodeProperties().getProperty("LogRetention", "30")) * 86400000L; eventlogprefix = logdir + "/events"; eventlogsuffix = ".log"; - redirfile = drNodeProperties.getProperty("RedirectionFile", "etc/redirections.dat"); - kstype = drNodeProperties.getProperty("KeyStoreType", "PKCS12"); - ksfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_keystore"); - kspass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); - kpass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); - tstype = drNodeProperties.getProperty("TrustStoreType", "jks"); - tsfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_truststore"); - tspass = nodeAafPropsUtils.getDecryptedPass("cadi_truststore_password"); - if (tsfile != null && tsfile.length() > 0) { - System.setProperty("javax.net.ssl.trustStoreType", tstype); - System.setProperty("javax.net.ssl.trustStore", tsfile); - System.setProperty("javax.net.ssl.trustStorePassword", tspass); - } - nak = drNodeProperties.getProperty("NodeAuthKey", "Node123!"); - quiesce = new File(drNodeProperties.getProperty("QuiesceFile", "etc/SHUTDOWN")); - myname = NodeUtils.getCanonicalName(kstype, ksfile, kspass); - if (myname == null) { - NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); - eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_FETCH_ERROR, ksfile); - eelfLogger.error("NODE0309 Unable to fetch canonical name from keystore file " + ksfile); - exit(1); - } - eelfLogger.debug("NODE0304 My certificate says my name is " + myname); - pid = new PublishId(myname); - long minrsinterval = Long.parseLong(drNodeProperties.getProperty("MinRedirSaveInterval", "10000")); - long minpfinterval = Long.parseLong(drNodeProperties.getProperty("MinProvFetchInterval", "10000")); - rdmgr = new RedirManager(redirfile, minrsinterval, timer); - pfetcher = new RateLimitedOperation(minpfinterval, timer) { + String redirfile = getDrNodeProperties().getProperty("RedirectionFile", "etc/redirections.dat"); + publishId = new PublishId(myname); + nak = getDrNodeProperties().getProperty("NodeAuthKey", "Node123!"); + quiesce = new File(getDrNodeProperties().getProperty("QuiesceFile", "etc/SHUTDOWN")); + rdmgr = new RedirManager(redirfile, + Long.parseLong(getDrNodeProperties().getProperty("MinRedirSaveInterval", "10000")), timer); + pfetcher = new RateLimitedOperation( + Long.parseLong(getDrNodeProperties().getProperty("MinProvFetchInterval", "10000")), timer) { public void run() { fetchconfig(); } @@ -212,10 +207,21 @@ public class NodeConfigManager implements DeliveryQueueHelper { pfetcher.request(); } + private void getSslContextData() { + ksfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_keystore"); + kspass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); + kpass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); + tsfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_truststore"); + tspass = nodeAafPropsUtils.getDecryptedPass("cadi_truststore_password"); + } + /** * Get the default node configuration manager. */ public static NodeConfigManager getInstance() { + if (base == null) { + base = new NodeConfigManager(); + } return base; } @@ -302,14 +308,14 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.debug("NodeConfigMan.fetchConfig: provurl:: " + provurl); URL url = new URL(provurl); Reader reader = new InputStreamReader(url.openStream()); - config = new NodeConfig(new ProvData(reader), myname, spooldir, port, nak); + config = new NodeConfig(new ProvData(reader), myname, spooldir, extHttpsPort, nak); localconfig(); configtasks.startRun(); runTasks(); } catch (Exception e) { NodeUtils.setIpAndFqdnForEelf("fetchconfigs"); eelfLogger.error(EelfMsgs.MESSAGE_CONF_FAILED, e.toString()); - eelfLogger.error("NODE0306 Configuration failed " + e.toString() + " - try again later", e); + eelfLogger.error("NODE0306 Configuration failed " + e + " - try again later", e); pfetcher.request(); } } @@ -472,7 +478,7 @@ public class NodeConfigManager implements DeliveryQueueHelper { * Generate a publish ID. */ public String getPublishId() { - return pid.next(); + return publishId.next(); } /** @@ -677,21 +683,21 @@ public class NodeConfigManager implements DeliveryQueueHelper { * Get the http port. */ int getHttpPort() { - return gfport; + return intHttpPort; } /** * Get the https port. */ int getHttpsPort() { - return svcport; + return intHttpsPort; } /** * Get the externally visible https port. */ int getExtHttpsPort() { - return port; + return extHttpsPort; } /** diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java index 2b151ade..485cdb20 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java @@ -34,8 +34,7 @@ import org.eclipse.jetty.server.Server; */ public class NodeRunner { - private static EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeRunner.class); - private static NodeConfigManager nodeConfigManager; + private static final EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeRunner.class); private NodeRunner() { } @@ -49,26 +48,26 @@ public class NodeRunner { public static void main(String[] args) { nodeMainLogger.debug("NODE0001 Data Router Node Starting"); IsFrom.setDNSCache(); - nodeConfigManager = NodeConfigManager.getInstance(); + NodeConfigManager nodeConfigManager = NodeConfigManager.getInstance(); nodeMainLogger.debug("NODE0002 I am " + nodeConfigManager.getMyName()); (new WaitForConfig(nodeConfigManager)).waitForConfig(); new LogManager(nodeConfigManager); try { - Server server = NodeServer.getServerInstance(); + Server server = NodeServer.getServerInstance(nodeConfigManager); server.start(); server.join(); - nodeMainLogger.debug("NODE00006 Node Server started-" + server.getState()); + nodeMainLogger.debug("NODE0006 Node Server started-" + server.getState()); } catch (Exception e) { - nodeMainLogger.error("NODE00006 Jetty failed to start. Reporting will we be unavailable: " + nodeMainLogger.error("NODE0006 Jetty failed to start. Reporting will we be unavailable: " + e.getMessage(), e); exit(1); } - nodeMainLogger.debug("NODE00007 Node Server joined"); + nodeMainLogger.debug("NODE0007 Node Server joined"); } private static class WaitForConfig implements Runnable { - private NodeConfigManager localNodeConfigManager; + private final NodeConfigManager localNodeConfigManager; WaitForConfig(NodeConfigManager ncm) { this.localNodeConfigManager = ncm; @@ -86,7 +85,7 @@ public class NodeRunner { wait(); } catch (Exception exception) { nodeMainLogger.error("NodeMain: waitForConfig exception. Exception Message:- " - + exception.toString(), exception); + + exception, exception); } } localNodeConfigManager.deregisterConfigTask(this); diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java index e15d211c..cc07ab62 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java @@ -42,7 +42,7 @@ import org.jetbrains.annotations.NotNull; public class NodeServer { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class); private static Server server; private static Delivery delivery; @@ -50,14 +50,15 @@ public class NodeServer { private NodeServer(){ } - static Server getServerInstance() { + static Server getServerInstance(NodeConfigManager nodeConfigManager) { if (server == null) { - server = createNodeServer(NodeConfigManager.getInstance()); + server = createNodeServer(nodeConfigManager); } return server; } private static Server createNodeServer(NodeConfigManager nodeConfigManager) { + eelfLogger.info("NODE0005 Creating new NodeServer"); server = new Server(); delivery = new Delivery(nodeConfigManager); @@ -70,47 +71,45 @@ public class NodeServer { httpServerConnector.setPort(nodeConfigManager.getHttpPort()); httpServerConnector.setIdleTimeout(2000); - SslContextFactory sslContextFactory = getSslContextFactory(nodeConfigManager); - - HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); - httpsConfiguration.setRequestHeaderSize(8192); - - SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer(); - secureRequestCustomizer.setStsMaxAge(2000); - secureRequestCustomizer.setStsIncludeSubDomains(true); - httpsConfiguration.addCustomizer(secureRequestCustomizer); - - // HTTPS connector - try (ServerConnector httpsServerConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), - new HttpConnectionFactory(httpsConfiguration))) { - - httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); - httpsServerConnector.setIdleTimeout(3600000); - httpsServerConnector.setAcceptQueueSize(2); - - //Context Handler - ServletContextHandler servletContextHandler = new ServletContextHandler(0); - servletContextHandler.setContextPath("/"); - servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*"); - - //CADI Filter activation check - if (nodeConfigManager.getCadiEnabled()) { - try { - servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, - nodeConfigManager.getNodeAafPropsUtils().getPropAccess())), "/*", - EnumSet.of(DispatcherType.REQUEST)); - } catch (ServletException e) { - eelfLogger.error("Failed to add CADI Filter: " + e.getMessage(), e); - } - } - server.setHandler(servletContextHandler); - server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + //Context Handler + ServletContextHandler servletContextHandler = new ServletContextHandler(0); + servletContextHandler.setContextPath("/"); + servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery, nodeConfigManager)), "/*"); + + if (nodeConfigManager.isTlsEnabled()) { + initialiseHttpsConnector(nodeConfigManager, httpConfiguration, httpServerConnector, servletContextHandler); + } else { + eelfLogger.info("NODE0005 Adding HTTP Connector"); + server.setConnectors(new Connector[]{httpServerConnector}); } + server.setHandler(servletContextHandler); } return server; } + private static void initialiseHttpsConnector(NodeConfigManager nodeConfigManager, HttpConfiguration httpConfiguration, + ServerConnector httpServerConnector, ServletContextHandler servletContextHandler) { + HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); + httpsConfiguration.setRequestHeaderSize(8192); + + SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer(); + secureRequestCustomizer.setStsMaxAge(2000); + secureRequestCustomizer.setStsIncludeSubDomains(true); + httpsConfiguration.addCustomizer(secureRequestCustomizer); + + // HTTPS connector + try (ServerConnector httpsServerConnector = new ServerConnector(server, + new SslConnectionFactory(getSslContextFactory(nodeConfigManager), HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfiguration))) { + + httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); + httpsServerConnector.setIdleTimeout(3600000); + httpsServerConnector.setAcceptQueueSize(2); + eelfLogger.info("NODE0005 TLS Enabled: Adding HTTP/S Connectors"); + server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + } + } + /** * Reset the retry timer for a subscription. */ @@ -120,7 +119,7 @@ public class NodeServer { @NotNull - private static SslContextFactory getSslContextFactory(NodeConfigManager nodeConfigManager) { + private static SslContextFactory.Server getSslContextFactory(NodeConfigManager nodeConfigManager) { SslContextFactory sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType()); sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile()); @@ -142,6 +141,6 @@ public class NodeServer { eelfLogger.info("Supported protocols: " + String.join(",", sslContextFactory.getIncludeProtocols())); eelfLogger.info("Unsupported ciphers: " + String.join(",", sslContextFactory.getExcludeCipherSuites())); eelfLogger.info("Supported ciphers: " + String.join(",", sslContextFactory.getIncludeCipherSuites())); - return sslContextFactory; + return (SslContextFactory.Server) sslContextFactory; } } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java index ee1f5b7d..80f7e3ad 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java @@ -28,6 +28,7 @@ import static org.onap.dmaap.datarouter.node.NodeUtils.sendResponseError; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; +import jakarta.servlet.http.HttpServlet; import java.io.File; import java.io.FileOutputStream; import java.io.FileWriter; @@ -40,9 +41,8 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Enumeration; import java.util.regex.Pattern; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.jetbrains.annotations.Nullable; import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; import org.slf4j.MDC; @@ -64,9 +64,9 @@ public class NodeServlet extends HttpServlet { private static final String INVALID_REQUEST_URI = "Invalid request URI. Expecting <feed-publishing-url>/<fileid>."; private static final String IO_EXCEPTION = "IOException"; private static final String ON_BEHALF_OF = "X-DMAAP-DR-ON-BEHALF-OF"; - private static NodeConfigManager config; - private static Pattern metaDataPattern; - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServlet.class); + private final NodeConfigManager config; + private static final Pattern metaDataPattern; + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServlet.class); static { final String ws = "\\s*"; @@ -81,7 +81,8 @@ public class NodeServlet extends HttpServlet { private final Delivery delivery; - NodeServlet(Delivery delivery) { + NodeServlet(Delivery delivery, NodeConfigManager nodeConfigManager) { + config = nodeConfigManager; this.delivery = delivery; } @@ -90,7 +91,6 @@ public class NodeServlet extends HttpServlet { */ @Override public void init() { - config = NodeConfigManager.getInstance(); eelfLogger.debug("NODE0101 Node Servlet Configured"); } @@ -113,7 +113,7 @@ public class NodeServlet extends HttpServlet { eelfLogger.info(EelfMsgs.ENTRY); try { eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); if (down(resp)) { return; } @@ -152,7 +152,7 @@ public class NodeServlet extends HttpServlet { NodeUtils.setRequestIdAndInvocationId(req); eelfLogger.info(EelfMsgs.ENTRY); eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); try { common(req, resp, true); } catch (IOException ioe) { @@ -170,7 +170,7 @@ public class NodeServlet extends HttpServlet { NodeUtils.setRequestIdAndInvocationId(req); eelfLogger.info(EelfMsgs.ENTRY); eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); try { common(req, resp, false); } catch (IOException ioe) { @@ -194,7 +194,7 @@ public class NodeServlet extends HttpServlet { String lip = req.getLocalAddr(); String pubid = null; String rcvd = NodeUtils.logts(System.currentTimeMillis()) + ";from=" + ip + ";by=" + lip; - Target[] targets = null; + Target[] targets; boolean isAAFFeed = false; if (fileid.startsWith("/delete/")) { deleteFile(req, resp, fileid, pubid); @@ -203,7 +203,7 @@ public class NodeServlet extends HttpServlet { String credentials = req.getHeader("Authorization"); if (credentials == null) { eelfLogger.error("NODE0306 Rejecting unauthenticated PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Authorization header required"); eelfLogger.info(EelfMsgs.EXIT); return; @@ -213,9 +213,9 @@ public class NodeServlet extends HttpServlet { int index = fileid.indexOf('/'); if (index == -1 || index == fileid.length() - 1) { eelfLogger.error("NODE0205 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. Possible missing fileid."); + "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. Possible missing fileid."); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -233,7 +233,7 @@ public class NodeServlet extends HttpServlet { if (!req.isUserInRole(permission)) { String message = "AAF disallows access to permission string - " + permission; eelfLogger.error("NODE0307 Rejecting unauthenticated PUT or DELETE of " + req.getPathInfo() - + FROM + req.getRemoteAddr()); + + FROM + req.getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, message); eelfLogger.info(EelfMsgs.EXIT); return; @@ -259,17 +259,17 @@ public class NodeServlet extends HttpServlet { targets = config.parseRouting(req.getHeader("X-DMAAP-DR-ROUTING")); } else { eelfLogger.error("NODE0204 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return; } if (fileid.indexOf('/') != -1) { eelfLogger.error("NODE0202 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -290,8 +290,8 @@ public class NodeServlet extends HttpServlet { String reason = config.isPublishPermitted(feedid, credentials, ip); if (reason != null) { eelfLogger.error("NODE0111 Rejecting unauthorized publish attempt to feed " + PathUtil - .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil - .cleanString(ip) + " reason " + PathUtil.cleanString(reason)); + .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil + .cleanString(ip) + " reason " + PathUtil.cleanString(reason)); resp.sendError(HttpServletResponse.SC_FORBIDDEN, reason); eelfLogger.info(EelfMsgs.EXIT); return; @@ -301,11 +301,11 @@ public class NodeServlet extends HttpServlet { String reason = config.isPublishPermitted(feedid, ip); if (reason != null) { eelfLogger.error("NODE0111 Rejecting unauthorized publish attempt to feed " + PathUtil - .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil - .cleanString(ip) + " reason Invalid AAF user- " + PathUtil.cleanString(reason)); + .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil + .cleanString(ip) + " reason Invalid AAF user- " + PathUtil.cleanString(reason)); String message = "Invalid AAF user- " + PathUtil.cleanString(reason); eelfLogger.debug("NODE0308 Rejecting unauthenticated PUT or DELETE of " + PathUtil - .cleanString(req.getPathInfo()) + FROM + PathUtil.cleanString(req.getRemoteAddr())); + .cleanString(req.getPathInfo()) + FROM + PathUtil.cleanString(req.getRemoteAddr())); resp.sendError(HttpServletResponse.SC_FORBIDDEN, message); return; } @@ -327,9 +327,9 @@ public class NodeServlet extends HttpServlet { } String redirto = HTTPS + newnode + port + PUBLISH + feedid + "/" + fileid; eelfLogger - .debug("NODE0108 Redirecting publish attempt for feed " + PathUtil.cleanString(feedid) + USER - + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " to " + PathUtil - .cleanString(redirto)); //Fortify scan fixes - log forging + .debug("NODE0108 Redirecting publish attempt for feed " + PathUtil.cleanString(feedid) + USER + + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " to " + PathUtil + .cleanString(redirto)); //Fortify scan fixes - log forging resp.sendRedirect(PathUtil.cleanString(redirto)); //Fortify scan fixes-open redirect - 2 issues eelfLogger.info(EelfMsgs.EXIT); return; @@ -346,23 +346,23 @@ public class NodeServlet extends HttpServlet { try { StringBuilder mx = new StringBuilder(); mx.append(req.getMethod()).append('\t').append(fileid).append('\n'); - Enumeration hnames = req.getHeaderNames(); + Enumeration<String> hnames = req.getHeaderNames(); String ctype = null; boolean hasRequestIdHeader = false; boolean hasInvocationIdHeader = false; while (hnames.hasMoreElements()) { - String hn = (String) hnames.nextElement(); + String hn = hnames.nextElement(); String hnlc = hn.toLowerCase(); if ((isput && ("content-type".equals(hnlc) - || "content-language".equals(hnlc) - || "content-md5".equals(hnlc) - || "content-range".equals(hnlc))) - || "x-dmaap-dr-meta".equals(hnlc) - || (feedid == null && "x-dmaap-dr-received".equals(hnlc)) - || (hnlc.startsWith("x-") && !hnlc.startsWith("x-dmaap-dr-"))) { - Enumeration hvals = req.getHeaders(hn); + || "content-language".equals(hnlc) + || "content-md5".equals(hnlc) + || "content-range".equals(hnlc))) + || "x-dmaap-dr-meta".equals(hnlc) + || (feedid == null && "x-dmaap-dr-received".equals(hnlc)) + || (hnlc.startsWith("x-") && !hnlc.startsWith("x-dmaap-dr-"))) { + Enumeration<String> hvals = req.getHeaders(hn); while (hvals.hasMoreElements()) { - String hv = (String) hvals.nextElement(); + String hv = hvals.nextElement(); if ("content-type".equals(hnlc)) { ctype = hv; } @@ -375,16 +375,16 @@ public class NodeServlet extends HttpServlet { if ("x-dmaap-dr-meta".equals(hnlc)) { if (hv.length() > 4096) { eelfLogger.error("NODE0109 Rejecting publish attempt with metadata too long for feed " - + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " - + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging + + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " + + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Metadata too long"); eelfLogger.info(EelfMsgs.EXIT); return; } if (!metaDataPattern.matcher(hv.replaceAll("\\\\.", "X")).matches()) { eelfLogger.error("NODE0109 Rejecting publish attempt with malformed metadata for feed " - + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " - + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging + + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " + + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Malformed metadata"); eelfLogger.info(EelfMsgs.EXIT); return; @@ -406,7 +406,7 @@ public class NodeServlet extends HttpServlet { String message = writeInputStreamToFile(req, data); if (message != null) { StatusLog.logPubFail(pubid, feedid, logurl, req.getMethod(), ctype, exlen, data.length(), ip, user, - message); + message); throw new IOException(message); } Path dpath = Paths.get(fbase); @@ -417,7 +417,7 @@ public class NodeServlet extends HttpServlet { continue; } String dbase = PathUtil - .cleanString(di.getSpool() + "/" + pubid); //Fortify scan fixes-Path Manipulation + .cleanString(di.getSpool() + "/" + pubid); //Fortify scan fixes-Path Manipulation Files.createLink(Paths.get(dbase), dpath); mw = new FileWriter(meta); mw.write(metadata); @@ -434,19 +434,19 @@ public class NodeServlet extends HttpServlet { resp.getOutputStream().close(); } catch (IOException ioe) { StatusLog.logPubFail(pubid, feedid, logurl, req.getMethod(), ctype, exlen, data.length(), ip, user, - ioe.getMessage()); + ioe.getMessage()); //Fortify scan fixes - log forging eelfLogger.error("NODE0110 IO Exception while closing IO stream " + PathUtil.cleanString(feedid) - + USER + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " " + ioe - .toString(), ioe); + + USER + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " " + ioe + .toString(), ioe); throw ioe; } StatusLog.logPub(pubid, feedid, logurl, req.getMethod(), ctype, data.length(), ip, user, - HttpServletResponse.SC_NO_CONTENT); + HttpServletResponse.SC_NO_CONTENT); } catch (IOException ioe) { eelfLogger.error("NODE0110 IO Exception receiving publish attempt for feed " + feedid + USER + user - + " ip " + ip + " " + ioe.toString(), ioe); + + " ip " + ip + " " + ioe.toString(), ioe); eelfLogger.info(EelfMsgs.EXIT); throw ioe; } finally { @@ -481,7 +481,7 @@ public class NodeServlet extends HttpServlet { byte[] buf = new byte[1024 * 1024]; int bytesRead; try (OutputStream dos = new FileOutputStream(data); - InputStream is = req.getInputStream()) { + InputStream is = req.getInputStream()) { while ((bytesRead = is.read(buf)) > 0) { dos.write(buf, 0, bytesRead); } @@ -510,9 +510,9 @@ public class NodeServlet extends HttpServlet { int index = fileid.indexOf('/'); if (index == -1 || index == fileid.length() - 1) { eelfLogger.error("NODE0112 Rejecting bad URI for DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <subId>/<pubId>."); + "Invalid request URI. Expecting <subId>/<pubId>."); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -520,7 +520,7 @@ public class NodeServlet extends HttpServlet { int subId = Integer.parseInt(subscriptionId); pubid = fileid.substring(index + 1); String errorMessage = "Unable to delete files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName() + "."; + + config.getMyName() + "."; int subIdDir = subId - (subId % 100); if (!isAuthorizedToDelete(resp, subscriptionId, errorMessage)) { return; @@ -528,7 +528,7 @@ public class NodeServlet extends HttpServlet { boolean result = delivery.markTaskSuccess(config.getSpoolBase() + "/s/" + subIdDir + "/" + subId, pubid); if (result) { eelfLogger.debug("NODE0115 Successfully deleted files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName()); + + config.getMyName()); resp.setStatus(HttpServletResponse.SC_OK); eelfLogger.info(EelfMsgs.EXIT); } else { @@ -538,7 +538,7 @@ public class NodeServlet extends HttpServlet { } } catch (IOException ioe) { eelfLogger.error("NODE0117 Unable to delete files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName(), ioe); + + config.getMyName(), ioe); eelfLogger.info(EelfMsgs.EXIT); } } @@ -551,8 +551,8 @@ public class NodeServlet extends HttpServlet { } if (!req.isSecure() && config.isTlsEnabled()) { eelfLogger.error( - "NODE0104 Rejecting insecure PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + "NODE0104 Rejecting insecure PUT or DELETE of " + req.getPathInfo() + FROM + req + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, "https required on publish requests"); eelfLogger.info(EelfMsgs.EXIT); return null; @@ -560,9 +560,9 @@ public class NodeServlet extends HttpServlet { String fileid = req.getPathInfo(); if (fileid == null) { eelfLogger.error("NODE0201 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return null; } @@ -570,19 +570,19 @@ public class NodeServlet extends HttpServlet { } private boolean isAuthorizedToDelete(HttpServletResponse resp, String subscriptionId, String errorMessage) - throws IOException { + throws IOException { try { boolean deletePermitted = config.isDeletePermitted(subscriptionId); if (!deletePermitted) { eelfLogger.error("NODE0113 " + errorMessage + " Error: Subscription " - + subscriptionId + " is not a privileged subscription"); + + subscriptionId + " is not a privileged subscription"); resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); eelfLogger.info(EelfMsgs.EXIT); return false; } } catch (NullPointerException npe) { eelfLogger.error("NODE0114 " + errorMessage + " Error: Subscription " + subscriptionId - + " does not exist", npe); + + " does not exist", npe); resp.sendError(HttpServletResponse.SC_NOT_FOUND); eelfLogger.info(EelfMsgs.EXIT); return false; diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java index 2c8dcdb0..5cca7375 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java @@ -50,8 +50,8 @@ import java.util.zip.GZIPInputStream; import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; @@ -62,8 +62,7 @@ import org.slf4j.MDC; */ public class NodeUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance() - .getLogger(NodeUtils.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeUtils.class); private NodeUtils() { } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java index d1d2abb3..1ffc9ec4 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java @@ -30,7 +30,7 @@ package org.onap.dmaap.datarouter.node; public class PublishId { private long nextuid; - private String myname; + private final String myname; /** * Generate publish IDs for the specified name. diff --git a/datarouter-node/src/main/resources/docker/Dockerfile b/datarouter-node/src/main/resources/docker/Dockerfile index 7bc92c83..38ea3b9e 100644 --- a/datarouter-node/src/main/resources/docker/Dockerfile +++ b/datarouter-node/src/main/resources/docker/Dockerfile @@ -19,7 +19,7 @@ # limitations under the License. # ============LICENSE_END==================================================== # -FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 +FROM nexus3.onap.org:10001/onap/integration-java11:10.0.0 COPY /opt /opt diff --git a/datarouter-node/src/main/resources/node.properties b/datarouter-node/src/main/resources/node.properties index f7c24fab..ac9aec22 100644 --- a/datarouter-node/src/main/resources/node.properties +++ b/datarouter-node/src/main/resources/node.properties @@ -24,16 +24,16 @@ # Configuration parameters set at startup for the DataRouter node # # URL to retrieve dynamic configuration -ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +ProvisioningURL = http://dmaap-dr-prov/internal/prov # # URL to upload PUB/DEL/EXP logs -LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +LogUploadURL = http://dmaap-dr-prov/internal/logs # # The port number for http as seen within the server IntHttpPort = 8080 # # The port number for https as seen within the server -IntHttpsPort = 8443 +IntHttpsPort = 8080 # # The external port number for https taking port mapping into account ExtHttpsPort = 443 @@ -71,6 +71,9 @@ NodeAuthKey = Node123! # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 # +# AAF CADI enabled flag +CadiEnabled = false +# # AAF type to generate permission string AAFType = org.onap.dmaap-dr.feed # @@ -80,11 +83,8 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF CADI enabled flag -CadiEnabled = false -# # AAF Props file path AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props # https security required for publish request -TlsEnabled = true +TlsEnabled = false |