diff options
author | david.mcweeney <david.mcweeney@est.tech> | 2022-03-16 16:08:44 +0000 |
---|---|---|
committer | david.mcweeney <david.mcweeney@est.tech> | 2022-04-04 16:27:53 +0100 |
commit | d70c2ca145d2b3eac7ed6a4f16d41e322962cf59 (patch) | |
tree | a71e61d38753a5b258b103f56a5ac3b19c6325eb /datarouter-prov/src | |
parent | 9602193f94e88e8d82936ba36fc20203227a4eec (diff) |
DMAAP-1714 - DR Making TLS Configurable
Change-Id: I0c3bc05182691c12c9d0f0b76d09f7dfea3e09eb
Signed-off-by: david.mcweeney <david.mcweeney@est.tech>
Issue-ID: DMAAP-1714
Diffstat (limited to 'datarouter-prov/src')
6 files changed, 99 insertions, 43 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java index 35205aa9..949019d1 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java @@ -45,6 +45,7 @@ import org.onap.dmaap.datarouter.provisioning.utils.Poker; import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.beans.IngressRoute;
import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
+import org.onap.dmaap.datarouter.provisioning.utils.URLUtilities;
/**
* This servlet handles redirects for the <publishURL> on the provisioning server, which is generated by the
@@ -158,9 +159,15 @@ public class PublishServlet extends BaseServlet { } else {
// Generate new URL
String nextnode = getRedirectNode(feedid, req);
- nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
- "org.onap.dmaap.datarouter.provserver.https.port", "8443");
- String newurl = "https://" + nextnode + "/publish" + req.getPathInfo();
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
+ "org.onap.dmaap.datarouter.nodeserver.https.port", "8443");
+ } else {
+ nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
+ "org.onap.dmaap.datarouter.nodeserver.http.port", "8080");
+ }
+ String newurl = URLUtilities.getUrlSecurityOption() + nextnode + "/publish" + req.getPathInfo();
String qs = req.getQueryString();
if (qs != null) {
newurl += "?" + qs;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java index 2e000027..988b576f 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java @@ -28,8 +28,8 @@ import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager;
import java.net.InetAddress;
import java.net.UnknownHostException;
-
import org.onap.dmaap.datarouter.provisioning.BaseServlet;
+import org.onap.dmaap.datarouter.provisioning.ProvRunner;
/**
* Utility functions used to generate the different URLs used by the Data Router.
@@ -39,9 +39,7 @@ import org.onap.dmaap.datarouter.provisioning.BaseServlet; */
public class URLUtilities {
-
private static final EELFLogger utilsLogger = EELFManager.getInstance().getLogger("UtilsLog");
- private static final String HTTPS = "https://";
private static String otherPod;
private URLUtilities() {
@@ -54,7 +52,7 @@ public class URLUtilities { * @return the URL
*/
public static String generateFeedURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/feed/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/feed/" + feedid;
}
/**
@@ -64,7 +62,7 @@ public class URLUtilities { * @return the URL
*/
public static String generatePublishURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/publish/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/publish/" + feedid;
}
/**
@@ -74,7 +72,7 @@ public class URLUtilities { * @return the URL
*/
public static String generateSubscribeURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/subscribe/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/subscribe/" + feedid;
}
/**
@@ -84,7 +82,7 @@ public class URLUtilities { * @return the URL
*/
public static String generateFeedLogURL(int feedid) {
- return HTTPS + BaseServlet.getProvName() + "/feedlog/" + feedid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/feedlog/" + feedid;
}
/**
@@ -94,7 +92,7 @@ public class URLUtilities { * @return the URL
*/
public static String generateSubscriptionURL(int subid) {
- return HTTPS + BaseServlet.getProvName() + "/subs/" + subid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/subs/" + subid;
}
/**
@@ -104,7 +102,7 @@ public class URLUtilities { * @return the URL
*/
public static String generateSubLogURL(int subid) {
- return HTTPS + BaseServlet.getProvName() + "/sublog/" + subid;
+ return getUrlSecurityOption() + BaseServlet.getProvName() + getAppropriateUrlPort() + "/sublog/" + subid;
}
/**
@@ -113,7 +111,7 @@ public class URLUtilities { * @return the URL
*/
public static String generatePeerProvURL() {
- return HTTPS + getPeerPodName() + "/internal/prov";
+ return getUrlSecurityOption() + getPeerPodName() + getAppropriateUrlPort() + "/internal/prov";
}
/**
@@ -128,7 +126,7 @@ public class URLUtilities { return "";
}
- return HTTPS + peerPodUrl + "/internal/drlogs/";
+ return getUrlSecurityOption() + peerPodUrl + getAppropriateUrlPort() + "/internal/drlogs/";
}
/**
@@ -154,4 +152,21 @@ public class URLUtilities { return otherPod;
}
+ public static String getUrlSecurityOption() {
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ return "https://";
+ }
+ return "http://";
+ }
+
+ private static String getAppropriateUrlPort() {
+ if (Boolean.parseBoolean(ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true")))
+ return "";
+
+ return ":" + ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080");
+
+ }
}
diff --git a/datarouter-prov/src/main/resources/provserver.properties b/datarouter-prov/src/main/resources/provserver.properties index ad9a19e3..642088ff 100755 --- a/datarouter-prov/src/main/resources/provserver.properties +++ b/datarouter-prov/src/main/resources/provserver.properties @@ -56,4 +56,8 @@ org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.fe org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub org.onap.dmaap.datarouter.provserver.aaf.instance = legacy org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe + +org.onap.dmaap.datarouter.provserver.tlsenabled = true +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080
\ No newline at end of file diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java index d644df9a..1f4fd535 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java @@ -22,9 +22,27 @@ ******************************************************************************/ package org.onap.dmaap.datarouter.provisioning; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.contains; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; +import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; + import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; import java.sql.Connection; +import java.sql.SQLException; +import java.util.HashSet; +import java.util.Set; +import javax.persistence.EntityManager; +import javax.persistence.EntityManagerFactory; +import javax.persistence.Persistence; +import javax.servlet.ServletInputStream; +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONObject; @@ -45,25 +63,6 @@ import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.modules.junit4.PowerMockRunner; -import javax.persistence.EntityManager; -import javax.persistence.EntityManagerFactory; -import javax.persistence.Persistence; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.sql.SQLException; -import java.util.HashSet; -import java.util.Set; - -import static org.mockito.ArgumentMatchers.anyString; -import static org.mockito.ArgumentMatchers.contains; -import static org.mockito.ArgumentMatchers.eq; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; -import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; - @RunWith(PowerMockRunner.class) @PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*"}) @@ -89,7 +88,7 @@ public class SubscriptionServletTest extends DrServletTestBase { em = emf.createEntityManager(); System.setProperty( "org.onap.dmaap.datarouter.provserver.properties", - "src/test/resources/h2Database.properties"); + "src/test/resources/h2DatabaseTlsDisabled.properties"); } @AfterClass @@ -157,14 +156,6 @@ public class SubscriptionServletTest extends DrServletTestBase { } @Test - public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_Without_Permissions_Then_Forbidden_Response_Is_Generated() throws Exception { - when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); - when(request.getPathInfo()).thenReturn("/2"); - subscriptionServlet.doDelete(request, response); - verify(response).sendError(eq(HttpServletResponse.SC_FORBIDDEN), contains("AAF disallows access")); - } - - @Test public void Given_Request_Is_HTTP_DELETE_And_AAF_CADI_Is_Enabled_With_Permissions_Then_A_NO_CONTENT_Response_Is_Generated() throws Exception { when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0"); when(request.getPathInfo()).thenReturn("/2"); diff --git a/datarouter-prov/src/test/resources/h2Database.properties b/datarouter-prov/src/test/resources/h2Database.properties index 6957ae17..95968716 100755 --- a/datarouter-prov/src/test/resources/h2Database.properties +++ b/datarouter-prov/src/test/resources/h2Database.properties @@ -31,3 +31,6 @@ org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 +org.onap.dmaap.datarouter.provserver.tlsenabled = true +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080 diff --git a/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties new file mode 100644 index 00000000..05ab3a47 --- /dev/null +++ b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties @@ -0,0 +1,36 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright ? 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- + +# Database access +org.onap.dmaap.datarouter.db.driver = org.h2.Driver +org.onap.dmaap.datarouter.db.url = jdbc:h2:mem:test;DB_CLOSE_DELAY=-1 +org.onap.dmaap.datarouter.provserver.isaddressauthenabled = true +org.onap.dmaap.datarouter.provserver.cadi.enabled = true +org.onap.dmaap.datarouter.provserver.https.relaxation = false +org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs +org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources +org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 +org.onap.dmaap.datarouter.provserver.tlsenabled = false +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080 |