aboutsummaryrefslogtreecommitdiffstats
path: root/datarouter-prov/src
diff options
context:
space:
mode:
authordavid.mcweeney <david.mcweeney@est.tech>2022-03-16 16:08:44 +0000
committerdavid.mcweeney <david.mcweeney@est.tech>2022-04-04 16:27:53 +0100
commitd70c2ca145d2b3eac7ed6a4f16d41e322962cf59 (patch)
treea71e61d38753a5b258b103f56a5ac3b19c6325eb /datarouter-prov/src
parent9602193f94e88e8d82936ba36fc20203227a4eec (diff)
DMAAP-1714 - DR Making TLS Configurable
Change-Id: I0c3bc05182691c12c9d0f0b76d09f7dfea3e09eb Signed-off-by: david.mcweeney <david.mcweeney@est.tech> Issue-ID: DMAAP-1714
Diffstat (limited to 'datarouter-prov/src')
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java13
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java37
-rwxr-xr-xdatarouter-prov/src/main/resources/provserver.properties6
-rwxr-xr-xdatarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java47
-rwxr-xr-xdatarouter-prov/src/test/resources/h2Database.properties3
-rw-r--r--datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties36
6 files changed, 99 insertions, 43 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
index 35205aa9..949019d1 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
@@ -45,6 +45,7 @@ import org.onap.dmaap.datarouter.provisioning.utils.Poker;
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.beans.IngressRoute;
import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
+import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities;
/**
* This servlet handles redirects for the &lt;publishURL&gt; on the provisioning server, which is generated by the
@@ -158,9 +159,15 @@ public class PublishServlet extends BaseServlet {
} else {
// Generate new URL
String nextnode = getRedirectNode(feedid, req);
- nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
- "org.onap.dmaap.datarouter.provserver.https.port", "8443");
- String newurl = "https://" + nextnode + "/publish" + req.getPathInfo();
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
+ "org.onap.dmaap.datarouter.nodeserver.https.port", "8443");
+ } else {
+ nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
+ "org.onap.dmaap.datarouter.nodeserver.http.port", "8080");
+ }
+ String newurl = URLUtilities.getUrlSecurityOption() + nextnode + "/publish" + req.getPathInfo();
String qs = req.getQueryString();
if (qs != null) {
newurl += "?" + qs;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java
index 2e000027..988b576f 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java
@@ -28,8 +28,8 @@ import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
import java.net.InetAddress;
import java.net.UnknownHostException;
-
import org.onap.dmaap.datarouter.provisioning.BaseServlet;
+import org.onap.dmaap.datarouter.provisioning.ProvRunner;
/**
* Utility functions used to generate the different URLs used by the Data Router.
@@ -39,9 +39,7 @@ import org.onap.dmaap.datarouter.provisioning.BaseServlet;
*/
public class URLUtilities {
-
private static final EELFLogger utilsLogger = EELFManager.getInstance().getLogger("UtilsLog");
- private static final String HTTPS = "https://";
private static String otherPod;
private URLUtilities() {
@@ -54,7 +52,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generateFeedURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/feed/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/feed/" + feedid;
}
/**
@@ -64,7 +62,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generatePublishURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/publish/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/publish/" + feedid;
}
/**
@@ -74,7 +72,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generateSubscribeURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/subscribe/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/subscribe/" + feedid;
}
/**
@@ -84,7 +82,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generateFeedLogURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/feedlog/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/feedlog/" + feedid;
}
/**
@@ -94,7 +92,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generateSubscriptionURL(int subid) {
- return HTTPS + BaseServlet.getProvName() + "/subs/" + subid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/subs/" + subid;
}
/**
@@ -104,7 +102,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generateSubLogURL(int subid) {
- return HTTPS + BaseServlet.getProvName() + "/sublog/" + subid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/sublog/" + subid;
}
/**
@@ -113,7 +111,7 @@ public class URLUtilities {
* @return the URL
*/
public static String generatePeerProvURL() {
- return HTTPS + getPeerPodName() + "/internal/prov";
+ return getUrlSecurityOption() + getPeerPodName() + getAppropriateUrlPort() + "/internal/prov";
}
/**
@@ -128,7 +126,7 @@ public class URLUtilities {
return "";
}
- return HTTPS + peerPodUrl + "/internal/drlogs/";
+ return getUrlSecurityOption() + peerPodUrl + getAppropriateUrlPort() + "/internal/drlogs/";
}
/**
@@ -154,4 +152,21 @@ public class URLUtilities {
return otherPod;
}
+ public static String getUrlSecurityOption() {
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ return "https://";
+ }
+ return "http://";
+ }
+
+ private static String getAppropriateUrlPort() {
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true")))
+ return "";
+
+ return ":" + ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080");
+
+ }
}
diff --git a/datarouter-prov/src/main/resources/provserver.properties b/datarouter-prov/src/main/resources/provserver.properties
index ad9a19e3..642088ff 100755
--- a/datarouter-prov/src/main/resources/provserver.properties
+++ b/datarouter-prov/src/main/resources/provserver.properties
@@ -56,4 +56,8 @@ org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.fe
org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub
org.onap.dmaap.datarouter.provserver.aaf.instance = legacy
org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
-org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe \ No newline at end of file
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
+
+org.onap.dmaap.datarouter.provserver.tlsenabled = true
+org.onap.dmaap.datarouter.nodeserver.https.port = 8443
+org.onap.dmaap.datarouter.nodeserver.http.port = 8080 \ No newline at end of file
diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
index d644df9a..1f4fd535 100755
--- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
+++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
@@ -22,9 +22,27 @@
******************************************************************************/
package org.onap.dmaap.datarouter.provisioning;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.contains;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
+
import ch.qos.logback.classic.spi.ILoggingEvent;
import ch.qos.logback.core.read.ListAppender;
import java.sql.Connection;
+import java.sql.SQLException;
+import java.util.HashSet;
+import java.util.Set;
+import javax.persistence.EntityManager;
+import javax.persistence.EntityManagerFactory;
+import javax.persistence.Persistence;
+import javax.servlet.ServletInputStream;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.reflect.FieldUtils;
import org.jetbrains.annotations.NotNull;
import org.json.JSONObject;
@@ -45,25 +63,6 @@ import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.modules.junit4.PowerMockRunner;
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.Persistence;
-import javax.servlet.ServletInputStream;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.sql.SQLException;
-import java.util.HashSet;
-import java.util.Set;
-
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.ArgumentMatchers.contains;
-import static org.mockito.ArgumentMatchers.eq;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
-
@RunWith(PowerMockRunner.class)
@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*"})
@@ -89,7 +88,7 @@ public class SubscriptionServletTest extends DrServletTestBase {
em = emf.createEntityManager();
System.setProperty(
"org.onap.dmaap.datarouter.provserver.properties",
- "src/test/resources/h2Database.properties");
+ "src/test/resources/h2DatabaseTlsDisabled.properties");
}
@AfterClass
@@ -157,14 +156,6 @@ public class SubscriptionServletTest extends DrServletTestBase {
}
@Test
- public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception {
- when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
- when(request.getPathInfo()).thenReturn("/2");
- subscriptionServlet.doDelete(request, response);
- verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access"));
- }
-
- @Test
public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() throws Exception {
when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
when(request.getPathInfo()).thenReturn("/2");
diff --git a/datarouter-prov/src/test/resources/h2Database.properties b/datarouter-prov/src/test/resources/h2Database.properties
index 6957ae17..95968716 100755
--- a/datarouter-prov/src/test/resources/h2Database.properties
+++ b/datarouter-prov/src/test/resources/h2Database.properties
@@ -31,3 +31,6 @@ org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs
org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources
org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources
org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1
+org.onap.dmaap.datarouter.provserver.tlsenabled = true
+org.onap.dmaap.datarouter.nodeserver.https.port = 8443
+org.onap.dmaap.datarouter.nodeserver.http.port = 8080
diff --git a/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties
new file mode 100644
index 00000000..05ab3a47
--- /dev/null
+++ b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties
@@ -0,0 +1,36 @@
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==================================================
+# * org.onap.dmaap
+# * ===========================================================================
+# * Copyright ? 2017 AT&T Intellectual Property. All rights reserved.
+# * ===========================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# * ============LICENSE_END====================================================
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# *
+#-------------------------------------------------------------------------------
+
+# Database access
+org.onap.dmaap.datarouter.db.driver = org.h2.Driver
+org.onap.dmaap.datarouter.db.url = jdbc:h2:mem:test;DB_CLOSE_DELAY=-1
+org.onap.dmaap.datarouter.provserver.isaddressauthenabled = true
+org.onap.dmaap.datarouter.provserver.cadi.enabled = true
+org.onap.dmaap.datarouter.provserver.https.relaxation = false
+org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs
+org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources
+org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources
+org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1
+org.onap.dmaap.datarouter.provserver.tlsenabled = false
+org.onap.dmaap.datarouter.nodeserver.https.port = 8443
+org.onap.dmaap.datarouter.nodeserver.http.port = 8080