diff options
109 files changed, 752 insertions, 1727 deletions
diff --git a/csit/install-robotframework.sh b/csit/install-robotframework.sh new file mode 100644 index 00000000..2c4f4320 --- /dev/null +++ b/csit/install-robotframework.sh @@ -0,0 +1,16 @@ +set -exu + +ROBOT3_VENV=$(mktemp -d --suffix=robot_venv) +echo "ROBOT3_VENV=${ROBOT3_VENV}" >> "${WORKSPACE}/env.properties" + +echo "Python version is: $(python3 --version)" + +python3 -m venv "${ROBOT3_VENV}" +source "${ROBOT3_VENV}/bin/activate" + +# Make sure pip3 itself us up-to-date. +python3 -m pip install --upgrade pip + +echo "Installing Python Requirements" +python3 -m pip install -r ${WORKSPACE}/pylibs.txt +python3 -m pip freeze diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/csit/plans/dmaap-datarouter/dr-suite/setup.sh index 53b4387c..10730a31 100755 --- a/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh +++ b/csit/plans/dmaap-datarouter/dr-suite/setup.sh @@ -19,7 +19,4 @@ source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-launch.sh # Launch DR. If true is passed, 2 subscriber containers are also deployed, else false. -dmaap_dr_launch true -cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl -# Add the root CA to robot framework. This is then removed on teardown. -python -c 'import update_ca; update_ca.add_onap_ca_cert()'
\ No newline at end of file +dmaap_dr_launch true
\ No newline at end of file diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/csit/plans/dmaap-datarouter/dr-suite/teardown.sh index 536863bc..8e50e5cd 100755 --- a/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh +++ b/csit/plans/dmaap-datarouter/dr-suite/teardown.sh @@ -1,6 +1,6 @@ #!/bin/bash # ============LICENSE_START=================================================== -# Copyright (C) 2019-2021 Nordix Foundation. +# Copyright (C) 2019-2022 Nordix Foundation. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt b/csit/plans/dmaap-datarouter/dr-suite/testplan.txt index 5d32c668..8349a056 100755 --- a/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt +++ b/csit/plans/dmaap-datarouter/dr-suite/testplan.txt @@ -1,2 +1,2 @@ # Place the suites in run order. -dmaap-datarouter/ssl-dr-suite +dmaap-datarouter/dr-suite diff --git a/csit/prepare-csit.sh b/csit/prepare-csit.sh index 109cdb49..22a102db 100755 --- a/csit/prepare-csit.sh +++ b/csit/prepare-csit.sh @@ -18,31 +18,25 @@ # if [ -z "$WORKSPACE" ]; then + # shellcheck disable=SC2155 export WORKSPACE=`git rev-parse --show-toplevel` fi +# shellcheck disable=SC2034 TESTPLANDIR=${WORKSPACE}/${TESTPLAN} -# Assume that if ROBOT_VENV is set and virtualenv with system site packages can be activated, -# ci-management/jjb/integration/include-raw-integration-install-robotframework.sh has already -# been executed +# Assume that if ROBOT3_VENV is set and virtualenv with system site packages can be activated, +# and install-robotframework.sh has already been executed if [ -f ${WORKSPACE}/env.properties ]; then source ${WORKSPACE}/env.properties fi -if [ -f ${ROBOT_VENV}/bin/activate ]; then - source ${ROBOT_VENV}/bin/activate +if [ -f ${ROBOT3_VENV}/bin/activate ]; then + source ${ROBOT3_VENV}/bin/activate else - rm -rf /tmp/ci-management rm -f ${WORKSPACE}/env.properties - cd /tmp - git clone "https://gerrit.onap.org/r/ci-management" - source /tmp/ci-management/jjb/integration/include-raw-integration-install-robotframework.sh + source ${WORKSPACE}/install-robotframework.sh fi -# install eteutils -mkdir -p ${ROBOT_VENV}/src/onap -rm -rf ${ROBOT_VENV}/src/onap/testsuite -pip install --upgrade --extra-index-url="https://nexus3.onap.org/repository/PyPi.staging/simple" 'robotframework-onap==0.5.1.*' --pre - +pip install --upgrade --extra-index-url="https://nexus3.onap.org/repository/PyPi.staging/simple" 'robotframework-onap==7.0.2.*' --pre pip freeze diff --git a/csit/pylibs.txt b/csit/pylibs.txt new file mode 100644 index 00000000..60ec2165 --- /dev/null +++ b/csit/pylibs.txt @@ -0,0 +1,9 @@ +docker-py +ipaddr +netaddr +netifaces +pyhocon +requests +robotframework-httplibrary +robotframework-requests +robotframework-sshlibrary diff --git a/csit/run-csit.sh b/csit/run-csit.sh index ce9cf80f..2ae857df 100755 --- a/csit/run-csit.sh +++ b/csit/run-csit.sh @@ -22,6 +22,15 @@ # functions # +# wrapper for sourcing a file +function source_safely() { + [ -z "$1" ] && return 1 + relax_set + # shellcheck disable=SC1090 + . "$1" + load_set +} + function on_exit(){ rc=$? if [[ ${WORKSPACE} ]]; then @@ -105,14 +114,6 @@ function relax_set() { set +o pipefail } -# wrapper for sourcing a file -function source_safely() { - [ -z "$1" ] && return 1 - relax_set - . "$1" - load_set -} - # # main # @@ -153,13 +154,14 @@ TESTPLANDIR="${WORKSPACE}/${TESTPLAN}" source_safely "${WORKSPACE}/prepare-csit.sh" # Activate the virtualenv containing all the required libraries installed by prepare-csit.sh -source_safely "${ROBOT_VENV}/bin/activate" +source_safely "${ROBOT3_VENV}/bin/activate" WORKDIR=$(mktemp -d --suffix=-robot-workdir) + cd "${WORKDIR}" # Add csit scripts to PATH -export PATH="${PATH}:${WORKSPACE}/docker/scripts:${WORKSPACE}/scripts:${ROBOT_VENV}/bin" +export PATH="${PATH}:${WORKSPACE}/docker/scripts:${WORKSPACE}/scripts:${ROBOT3_VENV}/bin" export SCRIPTS="${WORKSPACE}/scripts" export ROBOT_VARIABLES= diff --git a/csit/run-project-csit.sh b/csit/run-project-csit.sh index a990bf1b..0506a8df 100755 --- a/csit/run-project-csit.sh +++ b/csit/run-project-csit.sh @@ -16,13 +16,15 @@ # limitations under the License. # +# shellcheck disable=SC2155 export WORKSPACE=$(git rev-parse --show-toplevel)/csit -rm -rf ${WORKSPACE}/archives -mkdir -p ${WORKSPACE}/archives -cd ${WORKSPACE} +rm -rf "${WORKSPACE}"/archives +mkdir -p "${WORKSPACE}"/archives +# shellcheck disable=SC2164 +cd "${WORKSPACE}" -./run-csit.sh plans/dmaap-datarouter/ssl-dr-suite +./run-csit.sh plans/dmaap-datarouter/dr-suite diff --git a/csit/scripts/dmaap-datarouter/datarouter-launch.sh b/csit/scripts/dmaap-datarouter/datarouter-launch.sh index 6d38913d..d4a422d2 100644 --- a/csit/scripts/dmaap-datarouter/datarouter-launch.sh +++ b/csit/scripts/dmaap-datarouter/datarouter-launch.sh @@ -1,7 +1,7 @@ #!/bin/bash # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,13 +22,14 @@ function dmaap_dr_launch() { subscribers_required=$1 - mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs + mkdir -p "${WORKSPACE}"/archives/dmaap/dr/last_run_logs # start DMaaP DR containers with docker compose and configuration from docker-compose.yml docker login -u docker -p docker nexus3.onap.org:10001 if [[ ${subscribers_required} == true ]]; then - docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d + docker-compose -f "${WORKSPACE}"/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d else + # shellcheck disable=SC2086 docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d datarouter-prov datarouter-node mariadb fi @@ -50,10 +51,12 @@ function dmaap_dr_launch() { for i in 1 2 3 4 5 6 7 8 9 10; do if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]] then + # shellcheck disable=SC2046 echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) echo "DR Service Running, datarouter-prov container is healthy" break else + # shellcheck disable=SC2046 echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) echo sleep ${i} sleep ${i} @@ -66,27 +69,32 @@ function dmaap_dr_launch() { fi done + # shellcheck disable=SC2006 DR_PROV_IP=`get-instance-ip.sh datarouter-prov` + # shellcheck disable=SC2006 DR_NODE_IP=`get-instance-ip.sh datarouter-node` DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) - echo DR_PROV_IP=${DR_PROV_IP} - echo DR_NODE_IP=${DR_NODE_IP} - echo DR_GATEWAY_IP=${DR_GATEWAY_IP} + echo DR_PROV_IP="${DR_PROV_IP}" + echo DR_NODE_IP="${DR_NODE_IP}" + echo DR_GATEWAY_IP="${DR_GATEWAY_IP}" if [[ ${subscribers_required} == true ]] then + # shellcheck disable=SC2006 DR_SUB_IP=`get-instance-ip.sh subscriber-node` + # shellcheck disable=SC2006 DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` - echo DR_SUB_IP=${DR_SUB_IP} - echo DR_SUB2_IP=${DR_SUB2_IP} + echo DR_SUB_IP="${DR_SUB_IP}" + echo DR_SUB2_IP="${DR_SUB2_IP}" fi sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts - docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" - docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT http://$DR_PROV_IP/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT http://$DR_PROV_IP/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" #Pass any variables required by Robot test suites in ROBOT_VARIABLES + # shellcheck disable=SC2034 ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}" }
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh index 8958f28c..f54f8424 100755 --- a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh +++ b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh @@ -1,6 +1,6 @@ #!/bin/bash # ============LICENSE_START=================================================== -# Copyright (C) 2019-2021 Nordix Foundation. +# Copyright (C) 2019-2022 Nordix Foundation. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,16 +18,15 @@ # ============LICENSE_END===================================================== function teardown_dmaap_dr (){ - cd ${WORKSPACE}/archives/dmaap/dr + # shellcheck disable=SC2164 + cd "${WORKSPACE}"/archives/dmaap/dr rm -rf last_run_logs/* docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs - docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs - docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs + docker cp subscriber-node:/var/log/onap/subscriber last_run_logs/sub1_logs + docker cp subscriber-node2:/var/log/onap/subscriber last_run_logs/sub2_logs sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts - docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf - cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl - python -c 'import update_ca; update_ca.remove_onap_ca_cert()' + docker-compose -f "${WORKSPACE}"/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf }
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml index d2902ff5..d7b7ea1a 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml +++ b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml @@ -25,15 +25,10 @@ services: container_name: datarouter-prov hostname: dmaap-dr-prov ports: - - "443:8443" - - "8443:8443" - "8080:8080" volumes: - ./provserver.properties:/opt/app/datartr/etc/provserver.properties - ./logback.xml:/opt/app/datartr/etc/logback.xml - - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks - - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 - - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props depends_on: mariadb: condition: service_healthy @@ -52,13 +47,10 @@ services: container_name: datarouter-node hostname: dmaap-dr-node ports: - - "9443:8443" - "9090:8080" volumes: - ./node.properties:/opt/app/datartr/etc/node.properties - - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks - - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 - - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + - ./logback.xml:/opt/app/datartr/etc/logback.xml depends_on: datarouter-prov: condition: service_healthy @@ -75,6 +67,7 @@ services: - "7070:7070" volumes: - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + - ./sub-logback.xml:/opt/app/subscriber/etc/logback.xml networks: net: aliases: @@ -88,6 +81,7 @@ services: - "7071:7070" volumes: - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + - ./sub-logback.xml:/opt/app/subscriber/etc/logback.xml networks: net: aliases: diff --git a/csit/scripts/dmaap-datarouter/docker-compose/node.properties b/csit/scripts/dmaap-datarouter/docker-compose/node.properties index 9f3ca40d..1e684b43 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/node.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/node.properties @@ -19,10 +19,10 @@ # Configuration parameters set at startup for the DataRouter node # # URL to retrieve dynamic configuration -ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +ProvisioningURL = http://dmaap-dr-prov:8080/internal/prov # # URL to upload PUB/DEL/EXP logs -LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +LogUploadURL = http://dmaap-dr-prov:8080/internal/logs # # The port number for http as seen within the server IntHttpPort = 8080 @@ -82,4 +82,4 @@ CadiEnabled = false AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props # https security required for publish request -TlsEnabled = true +TlsEnabled = false diff --git a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties index b38c3f56..caf8240c 100755 --- a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties @@ -18,19 +18,19 @@ #Jetty Server properties org.onap.dmaap.datarouter.provserver.http.port = 8080 -org.onap.dmaap.datarouter.provserver.https.port = 8443 +org.onap.dmaap.datarouter.provserver.https.port = 443 org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props - org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc org.onap.dmaap.datarouter.provserver.logretention = 30 -#DMAAP-597 (Tech Dept) REST request source IP auth -# relaxation to accommodate OOM kubernetes deploy org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false +org.onap.dmaap.datarouter.provserver.cadi.enabled = false +org.onap.dmaap.datarouter.provserver.tlsenabled = false +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080 #Localhost address config org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 @@ -41,18 +41,3 @@ org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/d org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter -# PROV - DEFAULT ENABLED TLS PROTOCOLS -org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 - -# AAF config -org.onap.dmaap.datarouter.provserver.cadi.enabled = false - -org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# -org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed -org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub -org.onap.dmaap.datarouter.provserver.aaf.instance = legacy -org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -org.onap.dmaap.datarouter.provserver.tlsenabled = true -org.onap.dmaap.datarouter.nodeserver.https.port = 8443 -org.onap.dmaap.datarouter.nodeserver.http.port = 8080
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml b/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml new file mode 100644 index 00000000..222a4ffb --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml @@ -0,0 +1,61 @@ +<!-- + ============LICENSE_START================================================== + * org.onap.dmaap + * =========================================================================== + * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * +--> +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <property name="logDir" value="/var/log/onap/subscriber" /> + <property name="generalLogName" value="application" /> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> + <property name="logDirectory" value="${logDir}" /> + + <appender name="file" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <append>true</append> + <immediateFlush>true</immediateFlush> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="console" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <logger name="org.eclipse.jetty" level="info"/> + + <root level="debug"> + <appender-ref ref="file" /> + <appender-ref ref="console" /> + </root> +</configuration> diff --git a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties index 311bbe56..aad02d14 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties @@ -23,13 +23,5 @@ org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery -org.onap.dmaap.datarouter.subscriber.https.relaxation = true -org.onap.dmaap.datarouter.subscriber.keystore.type = jks -org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit -org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks -org.onap.dmaap.datarouter.subscriber.keystore.password = changeit -org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks -org.onap.dmaap.datarouter.subscriber.truststore.password = changeit - diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 Binary files differdeleted file mode 100644 index 3793a9d4..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props deleted file mode 100644 index e32e7282..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props +++ /dev/null @@ -1,17 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# by root -# on 2021-03-12T11:38:49.244+0000 -# @copyright 2019, AT&T -############################################################ -Challenge=secret -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_key_password=secret -#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 -cadi_keystore_password=secret -cadi_keystore_password_jks=secret -cadi_keystore_password_p12=secret -cadi_truststore=/opt/app/osaaf/local/truststore.jks -cadi_truststore_password=secret -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks Binary files differdeleted file mode 100644 index 91547c60..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 Binary files differdeleted file mode 100755 index 1393fb05..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props deleted file mode 100644 index 18f91ba8..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props +++ /dev/null @@ -1,17 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# by root -# on 2021-03-12T11:29:50.699+0000 -# @copyright 2019, AT&T -############################################################ -Challenge=secret -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_key_password=secret -#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 -cadi_keystore_password=secret -cadi_keystore_password_jks=secret -cadi_keystore_password_p12=secret -cadi_truststore=/opt/app/osaaf/local/truststore.jks -cadi_truststore_password=secret -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks Binary files differdeleted file mode 100644 index 91547c60..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem deleted file mode 100644 index 1f9d08e5..00000000 --- a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem +++ /dev/null @@ -1,40 +0,0 @@ - -# Issuer: C=US,O=ONAP,OU=OSAAF -# Subject: C=US,O=ONAP,OU=OSAAF -# Label: "" -# Serial: 0x9EAEEDC0A7CEB59D -# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F -# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B -# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA ------BEGIN CERTIFICATE----- -MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL -BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM -BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1 -MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV -BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj -6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X -SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI -tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r -4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY -WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy -uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991 -qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN -Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM -RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs -wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj -MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei -Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8 -oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4 -RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb -X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov -yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90 -XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT -EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5 -VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR -OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi -mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe -jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt -3arVcS9XgA== ------END CERTIFICATE-----
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py deleted file mode 100644 index d36f8acc..00000000 --- a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py +++ /dev/null @@ -1,65 +0,0 @@ -# ============LICENSE_START=================================================== -# Copyright (C) 2019-2021 Nordix Foundation. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END===================================================== - -import certifi -import os - - -def add_onap_ca_cert(): - cafile = certifi.where() - dir_path = os.path.dirname(os.path.realpath(__file__)) - datarouter_ca = dir_path + '/onap_ca_cert.pem' - with open(datarouter_ca, 'rb') as infile: - customca = infile.read() - - with open(cafile, 'ab') as outfile: - outfile.write(customca) - - print("Added DR Cert to CA") - - -def remove_onap_ca_cert(): - cafile = certifi.where() - number_of_lines_to_delete = 40 - count = 0 - dr_cert_exists = False - - with open(cafile, 'r+b', buffering=0) as outfile: - for line in outfile.readlines()[-36:-35]: - if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line: - dr_cert_exists = True - if dr_cert_exists: - outfile.seek(0, os.SEEK_END) - end = outfile.tell() - while outfile.tell() > 0: - outfile.seek(-1, os.SEEK_CUR) - char = outfile.read(1) - if char == b'\n': - count += 1 - if count == number_of_lines_to_delete: - outfile.truncate() - print( - "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File") - exit(0) - outfile.seek(-1, os.SEEK_CUR) - else: - print("No DR cert in CA File to remove") - - if count < number_of_lines_to_delete + 1: - print("Number of lines in file less than number of lines to delete. Exiting...") - exit(1) diff --git a/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot b/csit/tests/dmaap-datarouter/dr-suite/dr-suite.robot index 2f96cdc8..8058b9b5 100755 --- a/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot +++ b/csit/tests/dmaap-datarouter/dr-suite/dr-suite.robot @@ -7,15 +7,15 @@ Library Process Library String *** Variables *** -${TARGET_URL} https://dmaap-dr-prov:8443/ -${TARGET_URL_FEED} https://dmaap-dr-prov:8443/feed/1 -${TARGET_URL_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=csit_test -${TARGET_URL_NOT_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=file_that_doesnt_exist -${TARGET_URL_SUBSCRIBE} https://dmaap-dr-prov:8443/subscribe/1 -${TARGET_URL_SUBSCRIPTION} https://dmaap-dr-prov:8443/subs/1 -${TARGET_URL_PUBLISH_PROV} https://dmaap-dr-prov:8443/publish/1/csit_test -${TARGET_URL_PUBLISH_NODE} https://dmaap-dr-node:8443/publish/1/csit_test -${TARGET_URL_DELETE_FILE} https://dmaap-dr-node:8443/delete/2 +${TARGET_URL} http://dmaap-dr-prov:8080/ +${TARGET_URL_FEED} http://dmaap-dr-prov:8080/feed/1 +${TARGET_URL_EXISTS_LOGGING} http://dmaap-dr-prov:8080/feedlog/1?type=pub&filename=csit_test +${TARGET_URL_NOT_EXISTS_LOGGING} http://dmaap-dr-prov:8080/feedlog/1?type=pub&filename=file_that_doesnt_exist +${TARGET_URL_SUBSCRIBE} http://dmaap-dr-prov:8080/subscribe/1 +${TARGET_URL_SUBSCRIPTION} http://dmaap-dr-prov:8080/subs/1 +${TARGET_URL_PUBLISH_PROV} http://dmaap-dr-prov:8080/publish/1/csit_test +${TARGET_URL_PUBLISH_NODE} http://dmaap-dr-node:8080/publish/1/csit_test +${TARGET_URL_DELETE_FILE} http://dmaap-dr-node:8080/delete/2 ${FEED_CONTENT_TYPE} application/vnd.dmaap-dr.feed ${SUBSCRIBE_CONTENT_TYPE} application/vnd.dmaap-dr.subscription @@ -23,9 +23,9 @@ ${PUBLISH_FEED_CONTENT_TYPE} application/octet-stream ${CREATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "CSIT_Test", "business_description": "CSIT_Test", "suspend": false, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}} ${UPDATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "UPDATED-CSIT_Test", "business_description": "CSIT_Test", "suspend": true, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}} -${SUBSCRIBE_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} -${UPDATE_SUBSCRIPTION_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"dradmin", "password":"dradmin", "use100":true}, "metadataOnly":false, "suspend":true, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} -${SUBSCRIBE2_DATA} {"delivery":{ "url":"http://${DR_SUB2_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"privileged", "privilegedSubscriber":true} +${SUBSCRIBE_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} +${UPDATE_SUBSCRIPTION_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070", "user":"dradmin", "password":"dradmin", "use100":true}, "metadataOnly":false, "suspend":true, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} +${SUBSCRIBE2_DATA} {"delivery":{ "url":"http://${DR_SUB2_IP}:7070", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"privileged", "privilegedSubscriber":true} ${CLI_VERIFY_SUB_RECEIVED_FILE} docker exec subscriber-node /bin/sh -c "ls /opt/app/subscriber/delivery | grep csit_test" ${CLI_VERIFY_FILE_REMAINS_ON_NODE} docker exec datarouter-node /bin/sh -c "ls /opt/app/datartr/spool/s/0/2 | grep dmaap-dr-node | grep -v .M" @@ -64,7 +64,7 @@ Run Publish to Feed Sleep 10s Behaviour was noticed where feed was not created in time for publish to be sent ${resp}= PutCall ${TARGET_URL_PUBLISH_PROV} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin log ${TARGET_URL_PUBLISH_PROV} - Should Contain ${resp.headers['Location']} https://dmaap-dr-node:8443/publish/1/csit_test + Should Contain ${resp.headers['Location']} http://dmaap-dr-node:8080/publish/1/csit_test ${resp}= PutCall ${TARGET_URL_PUBLISH_NODE} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin Should Be Equal As Strings ${resp.status_code} 204 log 'JSON Response Code:'${resp} diff --git a/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql b/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql index 88434180..d2bd1cb3 100644 --- a/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql +++ b/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql @@ -147,6 +147,6 @@ INSERT INTO PARAMETERS VALUES ('PROV_MAXFEED_COUNT', '10000'), ('PROV_MAXSUB_COUNT', '100000'), ('PROV_REQUIRE_CERT', 'false'), - ('PROV_REQUIRE_SECURE', 'true'), + ('PROV_REQUIRE_SECURE', 'false'), ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE|DELIVERY_FILE_PROCESS_INTERVAL') ; diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java deleted file mode 100644 index 9cdaeecd..00000000 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilter.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.datarouter.node; - -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; -import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.filter.CadiFilter; - - -public class DRNodeCadiFilter extends CadiFilter { - - private static EELFLogger logger = EELFManager.getInstance().getLogger(DRNodeCadiFilter.class); - - DRNodeCadiFilter(boolean init, PropAccess access) throws ServletException { - super(init, access); - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - String path = httpRequest.getPathInfo(); - if (!(path.startsWith("/internal"))) { - if (!("POST".equalsIgnoreCase(httpRequest.getMethod()))) { - if ("DELETE".equalsIgnoreCase(httpRequest.getMethod()) && path.startsWith("/delete")) { - chain.doFilter(request, response); - } else { - doFilterWithFeedId(request, response, chain); - } - } - } else { - chain.doFilter(request, response); - } - } - - private String getFeedId(ServletRequest request, ServletResponse response) { - HttpServletRequest req = (HttpServletRequest) request; - HttpServletResponse resp = (HttpServletResponse) response; - String fileid = req.getPathInfo(); - if (fileid == null) { - logger.error("NODE0105 Rejecting bad URI for PUT " + req.getPathInfo() + " from " + req.getRemoteAddr()); - try { - resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>."); - } catch (IOException e) { - logger.error("NODE0541 DRNodeCadiFilter.getFeedId: ", e); - } - return null; - } - String feedid = ""; - - if (fileid.startsWith("/publish/")) { - fileid = fileid.substring(9); - int index = fileid.indexOf('/'); - if (index == -1 || index == fileid.length() - 1) { - logger.error("NODE0105 Rejecting bad URI for PUT (publish) of " + req.getPathInfo() + " from " + req - .getRemoteAddr()); - try { - resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. " - + "Possible missing fileid."); - } catch (IOException e) { - logger.error("NODE0542 DRNodeCadiFilter.getFeedId: ", e); - } - return null; - } - feedid = fileid.substring(0, index); - } - return feedid; - } - - private void doFilterWithFeedId(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - String feedId = getFeedId(request, response); - String aafDbInstance = NodeConfigManager.getInstance().getAafInstance(feedId); - if (aafDbInstance != null && !"".equals(aafDbInstance) && !"legacy".equalsIgnoreCase(aafDbInstance)) { - logger.info("DRNodeCadiFilter - doFilter: FeedId - " + feedId + ":" + "AAF Instance -" + aafDbInstance); - super.doFilter(request, response, chain); - } else { - logger.info("DRNodeCadiFilter - doFilter: FeedId - " + feedId + ":" + "Legacy Feed"); - chain.doFilter(request, response); - } - } -} diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java index 91622b3c..5cdb3445 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/IsFrom.java @@ -37,7 +37,7 @@ import java.util.Arrays; */ public class IsFrom { - private static EELFLogger logger = EELFManager.getInstance().getLogger(IsFrom.class); + private static final EELFLogger logger = EELFManager.getInstance().getLogger(IsFrom.class); private long nextcheck; private String[] ips; private String fqdn; @@ -91,9 +91,9 @@ public class IsFrom { return true; } } catch (UnknownHostException e) { - logger.error("IsFrom: UnknownHostEx: " + e.toString(), e); + logger.error("IsFrom: UnknownHostEx: " + e, e); } catch (IOException e) { - logger.error("IsFrom: Failed to parse IP : " + ip + " : " + e.toString(), e); + logger.error("IsFrom: Failed to parse IP : " + ip + " : " + e, e); } return false; } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java index 0c31db99..ec49807e 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeAafPropsUtils.java @@ -29,8 +29,8 @@ import org.onap.aaf.cadi.PropAccess; class NodeAafPropsUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeAafPropsUtils.class); - private PropAccess propAccess; + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeAafPropsUtils.class); + private final PropAccess propAccess; NodeAafPropsUtils(File propsFile) throws IOException { propAccess = new PropAccess(); diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java index 3b950232..1debcf63 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeConfigManager.java @@ -25,6 +25,7 @@ package org.onap.dmaap.datarouter.node; import static java.lang.System.exit; +import static java.lang.System.getProperty; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; @@ -54,10 +55,9 @@ import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; public class NodeConfigManager implements DeliveryQueueHelper { private static final String NODE_CONFIG_MANAGER = "NodeConfigManager"; - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeConfigManager.class); - private static NodeConfigManager base = new NodeConfigManager(); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeConfigManager.class); + private static NodeConfigManager base; - private Timer timer = new Timer("Node Configuration Timer", true); private long maxfailuretimer; private long initfailuretimer; private long waitForFileProcessFailureTimer; @@ -68,16 +68,17 @@ public class NodeConfigManager implements DeliveryQueueHelper { private double fdpstart; private double fdpstop; private int deliverythreads; - private String provurl; + private final String provurl; private String provhost; - private IsFrom provcheck; - private int gfport; - private int svcport; - private int port; - private String spooldir; - private String logdir; - private long logretention; - private String redirfile; + private final int intHttpPort; + private final int intHttpsPort; + private final int extHttpsPort; + private String[] enabledprotocols; + private final boolean cadiEnabled; + private String aafType; + private String aafInstance; + private String aafAction; + private final boolean tlsEnabled; private String kstype; private String ksfile; private String kspass; @@ -86,66 +87,45 @@ public class NodeConfigManager implements DeliveryQueueHelper { private String tsfile; private String tspass; private String myname; - private RedirManager rdmgr; - private RateLimitedOperation pfetcher; - private NodeConfig config; - private File quiesce; - private PublishId pid; - private String nak; - private TaskList configtasks = new TaskList(); - private String eventlogurl; - private String eventlogprefix; - private String eventlogsuffix; + private final String nak; + private final File quiesce; + private final String spooldir; + private final String logdir; + private final long logretention; + private final String eventlogurl; + private final String eventlogprefix; + private final String eventlogsuffix; private String eventloginterval; private boolean followredirects; - private String[] enabledprotocols; - private String aafType; - private String aafInstance; - private String aafAction; - private boolean tlsEnabled; - private boolean cadiEnabled; + private final TaskList configtasks = new TaskList(); + private final PublishId publishId; + private final IsFrom provcheck; + private final RedirManager rdmgr; + private final Timer timer = new Timer("Node Configuration Timer", true); + private final RateLimitedOperation pfetcher; + private NodeConfig config; private NodeAafPropsUtils nodeAafPropsUtils; - - + private static Properties drNodeProperties; + + public static Properties getDrNodeProperties() { + if (drNodeProperties == null) { + try (FileInputStream props = new FileInputStream(getProperty( + "org.onap.dmaap.datarouter.node.properties", + "/opt/app/datartr/etc/node.properties"))) { + drNodeProperties = new Properties(); + drNodeProperties.load(props); + } catch (IOException e) { + eelfLogger.error("Failed to load NODE properties: " + e.getMessage(), e); + exit(1); + } + } + return drNodeProperties; + } /** * Initialize the configuration of a Data Router node. */ private NodeConfigManager() { - - Properties drNodeProperties = new Properties(); - try (FileInputStream fileInputStream = new FileInputStream(System - .getProperty("org.onap.dmaap.datarouter.node.properties", "/opt/app/datartr/etc/node.properties"))) { - eelfLogger.debug("NODE0301 Loading local config file node.properties"); - drNodeProperties.load(fileInputStream); - } catch (Exception e) { - NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); - eelfLogger.error(EelfMsgs.MESSAGE_PROPERTIES_LOAD_ERROR, e, - System.getProperty("org.onap.dmaap.datarouter.node.properties", - "/opt/app/datartr/etc/node.properties")); - } - provurl = drNodeProperties.getProperty("ProvisioningURL", "https://dmaap-dr-prov:8443/internal/prov"); - String aafPropsFilePath = drNodeProperties - .getProperty("AAFPropsFilePath", "/opt/app/osaaf/local/org.onap.dmaap-dr.props"); - try { - nodeAafPropsUtils = new NodeAafPropsUtils(new File(aafPropsFilePath)); - } catch (IOException e) { - eelfLogger.error("NODE0314 Failed to load AAF props. Exiting", e); - exit(1); - } - /* - * START - AAF changes: TDP EPIC US# 307413 - * Pull AAF settings from node.properties - */ - aafType = drNodeProperties.getProperty("AAFType", "org.onap.dmaap-dr.feed"); - aafInstance = drNodeProperties.getProperty("AAFInstance", "legacy"); - aafAction = drNodeProperties.getProperty("AAFAction", "publish"); - cadiEnabled = Boolean.parseBoolean(drNodeProperties.getProperty("CadiEnabled", "false")); - /* - * END - AAF changes: TDP EPIC US# 307413 - * Pull AAF settings from node.properties - */ - //Disable and enable protocols*/ - enabledprotocols = ((drNodeProperties.getProperty("NodeHttpsProtocols")).trim()).split("\\|"); + provurl = getDrNodeProperties().getProperty("ProvisioningURL", "http://dmaap-dr-prov:8080/internal/prov"); try { provhost = (new URL(provurl)).getHost(); } catch (Exception e) { @@ -153,14 +133,49 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.error(EelfMsgs.MESSAGE_BAD_PROV_URL, e, provurl); exit(1); } - eelfLogger.debug("NODE0303 Provisioning server is " + provhost); - eventlogurl = drNodeProperties.getProperty("LogUploadURL", "https://feeds-drtr.web.att.com/internal/logs"); + eelfLogger.debug("NODE0303 Provisioning server is at: " + provhost); provcheck = new IsFrom(provhost); - gfport = Integer.parseInt(drNodeProperties.getProperty("IntHttpPort", "8080")); - svcport = Integer.parseInt(drNodeProperties.getProperty("IntHttpsPort", "8443")); - port = Integer.parseInt(drNodeProperties.getProperty("ExtHttpsPort", "443")); - spooldir = drNodeProperties.getProperty("SpoolDir", "spool"); - tlsEnabled = Boolean.parseBoolean(drNodeProperties.getProperty("TlsEnabled", "true")); + + cadiEnabled = Boolean.parseBoolean(getDrNodeProperties().getProperty("CadiEnabled", "false")); + if (cadiEnabled) { + aafType = getDrNodeProperties().getProperty("AAFType", "org.onap.dmaap-dr.feed"); + aafInstance = getDrNodeProperties().getProperty("AAFInstance", "legacy"); + aafAction = getDrNodeProperties().getProperty("AAFAction", "publish"); + } + tlsEnabled = Boolean.parseBoolean(getDrNodeProperties().getProperty("TlsEnabled", "true")); + if (isTlsEnabled()) { + try { + kstype = getDrNodeProperties().getProperty("KeyStoreType", "PKCS12"); + tstype = getDrNodeProperties().getProperty("TrustStoreType", "jks"); + enabledprotocols = ((getDrNodeProperties().getProperty("NodeHttpsProtocols")).trim()).split("\\|"); + nodeAafPropsUtils = new NodeAafPropsUtils(new File(getDrNodeProperties() + .getProperty("AAFPropsFilePath", "/opt/app/osaaf/local/org.onap.dmaap-dr.props"))); + getSslContextData(); + if (tsfile != null && tsfile.length() > 0) { + System.setProperty("javax.net.ssl.trustStoreType", tstype); + System.setProperty("javax.net.ssl.trustStore", tsfile); + System.setProperty("javax.net.ssl.trustStorePassword", tspass); + } + myname = NodeUtils.getCanonicalName(kstype, ksfile, kspass); + if (myname == null) { + NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); + eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_FETCH_ERROR, ksfile); + eelfLogger.error("NODE0309 Unable to fetch canonical name from keystore file " + ksfile); + exit(1); + } + eelfLogger.debug("NODE0304 My certificate says my name is " + myname); + } catch (Exception e) { + eelfLogger.error("NODE0314 Failed to load AAF props. Exiting", e); + exit(1); + } + } + myname = "dmaap-dr-node"; + + eventlogurl = getDrNodeProperties().getProperty("LogUploadURL", "https://feeds-drtr.web.att.com/internal/logs"); + intHttpPort = Integer.parseInt(getDrNodeProperties().getProperty("IntHttpPort", "80")); + intHttpsPort = Integer.parseInt(getDrNodeProperties().getProperty("IntHttpsPort", "443")); + extHttpsPort = Integer.parseInt(getDrNodeProperties().getProperty("ExtHttpsPort", "443")); + spooldir = getDrNodeProperties().getProperty("SpoolDir", "spool"); File fdir = new File(spooldir + "/f"); fdir.mkdirs(); @@ -171,39 +186,19 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.error("NODE0313 Failed to clear junk files from " + fdir.getPath(), e); } } - logdir = drNodeProperties.getProperty("LogDir", "logs"); + logdir = getDrNodeProperties().getProperty("LogDir", "logs"); (new File(logdir)).mkdirs(); - logretention = Long.parseLong(drNodeProperties.getProperty("LogRetention", "30")) * 86400000L; + logretention = Long.parseLong(getDrNodeProperties().getProperty("LogRetention", "30")) * 86400000L; eventlogprefix = logdir + "/events"; eventlogsuffix = ".log"; - redirfile = drNodeProperties.getProperty("RedirectionFile", "etc/redirections.dat"); - kstype = drNodeProperties.getProperty("KeyStoreType", "PKCS12"); - ksfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_keystore"); - kspass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); - kpass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); - tstype = drNodeProperties.getProperty("TrustStoreType", "jks"); - tsfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_truststore"); - tspass = nodeAafPropsUtils.getDecryptedPass("cadi_truststore_password"); - if (tsfile != null && tsfile.length() > 0) { - System.setProperty("javax.net.ssl.trustStoreType", tstype); - System.setProperty("javax.net.ssl.trustStore", tsfile); - System.setProperty("javax.net.ssl.trustStorePassword", tspass); - } - nak = drNodeProperties.getProperty("NodeAuthKey", "Node123!"); - quiesce = new File(drNodeProperties.getProperty("QuiesceFile", "etc/SHUTDOWN")); - myname = NodeUtils.getCanonicalName(kstype, ksfile, kspass); - if (myname == null) { - NodeUtils.setIpAndFqdnForEelf(NODE_CONFIG_MANAGER); - eelfLogger.error(EelfMsgs.MESSAGE_KEYSTORE_FETCH_ERROR, ksfile); - eelfLogger.error("NODE0309 Unable to fetch canonical name from keystore file " + ksfile); - exit(1); - } - eelfLogger.debug("NODE0304 My certificate says my name is " + myname); - pid = new PublishId(myname); - long minrsinterval = Long.parseLong(drNodeProperties.getProperty("MinRedirSaveInterval", "10000")); - long minpfinterval = Long.parseLong(drNodeProperties.getProperty("MinProvFetchInterval", "10000")); - rdmgr = new RedirManager(redirfile, minrsinterval, timer); - pfetcher = new RateLimitedOperation(minpfinterval, timer) { + String redirfile = getDrNodeProperties().getProperty("RedirectionFile", "etc/redirections.dat"); + publishId = new PublishId(myname); + nak = getDrNodeProperties().getProperty("NodeAuthKey", "Node123!"); + quiesce = new File(getDrNodeProperties().getProperty("QuiesceFile", "etc/SHUTDOWN")); + rdmgr = new RedirManager(redirfile, + Long.parseLong(getDrNodeProperties().getProperty("MinRedirSaveInterval", "10000")), timer); + pfetcher = new RateLimitedOperation( + Long.parseLong(getDrNodeProperties().getProperty("MinProvFetchInterval", "10000")), timer) { public void run() { fetchconfig(); } @@ -212,10 +207,21 @@ public class NodeConfigManager implements DeliveryQueueHelper { pfetcher.request(); } + private void getSslContextData() { + ksfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_keystore"); + kspass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); + kpass = nodeAafPropsUtils.getDecryptedPass("cadi_keystore_password"); + tsfile = nodeAafPropsUtils.getPropAccess().getProperty("cadi_truststore"); + tspass = nodeAafPropsUtils.getDecryptedPass("cadi_truststore_password"); + } + /** * Get the default node configuration manager. */ public static NodeConfigManager getInstance() { + if (base == null) { + base = new NodeConfigManager(); + } return base; } @@ -302,14 +308,14 @@ public class NodeConfigManager implements DeliveryQueueHelper { eelfLogger.debug("NodeConfigMan.fetchConfig: provurl:: " + provurl); URL url = new URL(provurl); Reader reader = new InputStreamReader(url.openStream()); - config = new NodeConfig(new ProvData(reader), myname, spooldir, port, nak); + config = new NodeConfig(new ProvData(reader), myname, spooldir, extHttpsPort, nak); localconfig(); configtasks.startRun(); runTasks(); } catch (Exception e) { NodeUtils.setIpAndFqdnForEelf("fetchconfigs"); eelfLogger.error(EelfMsgs.MESSAGE_CONF_FAILED, e.toString()); - eelfLogger.error("NODE0306 Configuration failed " + e.toString() + " - try again later", e); + eelfLogger.error("NODE0306 Configuration failed " + e + " - try again later", e); pfetcher.request(); } } @@ -472,7 +478,7 @@ public class NodeConfigManager implements DeliveryQueueHelper { * Generate a publish ID. */ public String getPublishId() { - return pid.next(); + return publishId.next(); } /** @@ -677,21 +683,21 @@ public class NodeConfigManager implements DeliveryQueueHelper { * Get the http port. */ int getHttpPort() { - return gfport; + return intHttpPort; } /** * Get the https port. */ int getHttpsPort() { - return svcport; + return intHttpsPort; } /** * Get the externally visible https port. */ int getExtHttpsPort() { - return port; + return extHttpsPort; } /** diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java index 2b151ade..485cdb20 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeRunner.java @@ -34,8 +34,7 @@ import org.eclipse.jetty.server.Server; */ public class NodeRunner { - private static EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeRunner.class); - private static NodeConfigManager nodeConfigManager; + private static final EELFLogger nodeMainLogger = EELFManager.getInstance().getLogger(NodeRunner.class); private NodeRunner() { } @@ -49,26 +48,26 @@ public class NodeRunner { public static void main(String[] args) { nodeMainLogger.debug("NODE0001 Data Router Node Starting"); IsFrom.setDNSCache(); - nodeConfigManager = NodeConfigManager.getInstance(); + NodeConfigManager nodeConfigManager = NodeConfigManager.getInstance(); nodeMainLogger.debug("NODE0002 I am " + nodeConfigManager.getMyName()); (new WaitForConfig(nodeConfigManager)).waitForConfig(); new LogManager(nodeConfigManager); try { - Server server = NodeServer.getServerInstance(); + Server server = NodeServer.getServerInstance(nodeConfigManager); server.start(); server.join(); - nodeMainLogger.debug("NODE00006 Node Server started-" + server.getState()); + nodeMainLogger.debug("NODE0006 Node Server started-" + server.getState()); } catch (Exception e) { - nodeMainLogger.error("NODE00006 Jetty failed to start. Reporting will we be unavailable: " + nodeMainLogger.error("NODE0006 Jetty failed to start. Reporting will we be unavailable: " + e.getMessage(), e); exit(1); } - nodeMainLogger.debug("NODE00007 Node Server joined"); + nodeMainLogger.debug("NODE0007 Node Server joined"); } private static class WaitForConfig implements Runnable { - private NodeConfigManager localNodeConfigManager; + private final NodeConfigManager localNodeConfigManager; WaitForConfig(NodeConfigManager ncm) { this.localNodeConfigManager = ncm; @@ -86,7 +85,7 @@ public class NodeRunner { wait(); } catch (Exception exception) { nodeMainLogger.error("NodeMain: waitForConfig exception. Exception Message:- " - + exception.toString(), exception); + + exception, exception); } } localNodeConfigManager.deregisterConfigTask(this); diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java index e15d211c..cc07ab62 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServer.java @@ -42,7 +42,7 @@ import org.jetbrains.annotations.NotNull; public class NodeServer { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServer.class); private static Server server; private static Delivery delivery; @@ -50,14 +50,15 @@ public class NodeServer { private NodeServer(){ } - static Server getServerInstance() { + static Server getServerInstance(NodeConfigManager nodeConfigManager) { if (server == null) { - server = createNodeServer(NodeConfigManager.getInstance()); + server = createNodeServer(nodeConfigManager); } return server; } private static Server createNodeServer(NodeConfigManager nodeConfigManager) { + eelfLogger.info("NODE0005 Creating new NodeServer"); server = new Server(); delivery = new Delivery(nodeConfigManager); @@ -70,47 +71,45 @@ public class NodeServer { httpServerConnector.setPort(nodeConfigManager.getHttpPort()); httpServerConnector.setIdleTimeout(2000); - SslContextFactory sslContextFactory = getSslContextFactory(nodeConfigManager); - - HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); - httpsConfiguration.setRequestHeaderSize(8192); - - SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer(); - secureRequestCustomizer.setStsMaxAge(2000); - secureRequestCustomizer.setStsIncludeSubDomains(true); - httpsConfiguration.addCustomizer(secureRequestCustomizer); - - // HTTPS connector - try (ServerConnector httpsServerConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), - new HttpConnectionFactory(httpsConfiguration))) { - - httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); - httpsServerConnector.setIdleTimeout(3600000); - httpsServerConnector.setAcceptQueueSize(2); - - //Context Handler - ServletContextHandler servletContextHandler = new ServletContextHandler(0); - servletContextHandler.setContextPath("/"); - servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery)), "/*"); - - //CADI Filter activation check - if (nodeConfigManager.getCadiEnabled()) { - try { - servletContextHandler.addFilter(new FilterHolder(new DRNodeCadiFilter(true, - nodeConfigManager.getNodeAafPropsUtils().getPropAccess())), "/*", - EnumSet.of(DispatcherType.REQUEST)); - } catch (ServletException e) { - eelfLogger.error("Failed to add CADI Filter: " + e.getMessage(), e); - } - } - server.setHandler(servletContextHandler); - server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + //Context Handler + ServletContextHandler servletContextHandler = new ServletContextHandler(0); + servletContextHandler.setContextPath("/"); + servletContextHandler.addServlet(new ServletHolder(new NodeServlet(delivery, nodeConfigManager)), "/*"); + + if (nodeConfigManager.isTlsEnabled()) { + initialiseHttpsConnector(nodeConfigManager, httpConfiguration, httpServerConnector, servletContextHandler); + } else { + eelfLogger.info("NODE0005 Adding HTTP Connector"); + server.setConnectors(new Connector[]{httpServerConnector}); } + server.setHandler(servletContextHandler); } return server; } + private static void initialiseHttpsConnector(NodeConfigManager nodeConfigManager, HttpConfiguration httpConfiguration, + ServerConnector httpServerConnector, ServletContextHandler servletContextHandler) { + HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); + httpsConfiguration.setRequestHeaderSize(8192); + + SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer(); + secureRequestCustomizer.setStsMaxAge(2000); + secureRequestCustomizer.setStsIncludeSubDomains(true); + httpsConfiguration.addCustomizer(secureRequestCustomizer); + + // HTTPS connector + try (ServerConnector httpsServerConnector = new ServerConnector(server, + new SslConnectionFactory(getSslContextFactory(nodeConfigManager), HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfiguration))) { + + httpsServerConnector.setPort(nodeConfigManager.getHttpsPort()); + httpsServerConnector.setIdleTimeout(3600000); + httpsServerConnector.setAcceptQueueSize(2); + eelfLogger.info("NODE0005 TLS Enabled: Adding HTTP/S Connectors"); + server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + } + } + /** * Reset the retry timer for a subscription. */ @@ -120,7 +119,7 @@ public class NodeServer { @NotNull - private static SslContextFactory getSslContextFactory(NodeConfigManager nodeConfigManager) { + private static SslContextFactory.Server getSslContextFactory(NodeConfigManager nodeConfigManager) { SslContextFactory sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setKeyStoreType(nodeConfigManager.getKSType()); sslContextFactory.setKeyStorePath(nodeConfigManager.getKSFile()); @@ -142,6 +141,6 @@ public class NodeServer { eelfLogger.info("Supported protocols: " + String.join(",", sslContextFactory.getIncludeProtocols())); eelfLogger.info("Unsupported ciphers: " + String.join(",", sslContextFactory.getExcludeCipherSuites())); eelfLogger.info("Supported ciphers: " + String.join(",", sslContextFactory.getIncludeCipherSuites())); - return sslContextFactory; + return (SslContextFactory.Server) sslContextFactory; } } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java index ee1f5b7d..80f7e3ad 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java @@ -28,6 +28,7 @@ import static org.onap.dmaap.datarouter.node.NodeUtils.sendResponseError; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; +import jakarta.servlet.http.HttpServlet; import java.io.File; import java.io.FileOutputStream; import java.io.FileWriter; @@ -40,9 +41,8 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Enumeration; import java.util.regex.Pattern; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.jetbrains.annotations.Nullable; import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; import org.slf4j.MDC; @@ -64,9 +64,9 @@ public class NodeServlet extends HttpServlet { private static final String INVALID_REQUEST_URI = "Invalid request URI. Expecting <feed-publishing-url>/<fileid>."; private static final String IO_EXCEPTION = "IOException"; private static final String ON_BEHALF_OF = "X-DMAAP-DR-ON-BEHALF-OF"; - private static NodeConfigManager config; - private static Pattern metaDataPattern; - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServlet.class); + private final NodeConfigManager config; + private static final Pattern metaDataPattern; + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeServlet.class); static { final String ws = "\\s*"; @@ -81,7 +81,8 @@ public class NodeServlet extends HttpServlet { private final Delivery delivery; - NodeServlet(Delivery delivery) { + NodeServlet(Delivery delivery, NodeConfigManager nodeConfigManager) { + config = nodeConfigManager; this.delivery = delivery; } @@ -90,7 +91,6 @@ public class NodeServlet extends HttpServlet { */ @Override public void init() { - config = NodeConfigManager.getInstance(); eelfLogger.debug("NODE0101 Node Servlet Configured"); } @@ -113,7 +113,7 @@ public class NodeServlet extends HttpServlet { eelfLogger.info(EelfMsgs.ENTRY); try { eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); if (down(resp)) { return; } @@ -152,7 +152,7 @@ public class NodeServlet extends HttpServlet { NodeUtils.setRequestIdAndInvocationId(req); eelfLogger.info(EelfMsgs.ENTRY); eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); try { common(req, resp, true); } catch (IOException ioe) { @@ -170,7 +170,7 @@ public class NodeServlet extends HttpServlet { NodeUtils.setRequestIdAndInvocationId(req); eelfLogger.info(EelfMsgs.ENTRY); eelfLogger.debug(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(ON_BEHALF_OF), - getIdFromPath(req) + ""); + getIdFromPath(req) + ""); try { common(req, resp, false); } catch (IOException ioe) { @@ -194,7 +194,7 @@ public class NodeServlet extends HttpServlet { String lip = req.getLocalAddr(); String pubid = null; String rcvd = NodeUtils.logts(System.currentTimeMillis()) + ";from=" + ip + ";by=" + lip; - Target[] targets = null; + Target[] targets; boolean isAAFFeed = false; if (fileid.startsWith("/delete/")) { deleteFile(req, resp, fileid, pubid); @@ -203,7 +203,7 @@ public class NodeServlet extends HttpServlet { String credentials = req.getHeader("Authorization"); if (credentials == null) { eelfLogger.error("NODE0306 Rejecting unauthenticated PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Authorization header required"); eelfLogger.info(EelfMsgs.EXIT); return; @@ -213,9 +213,9 @@ public class NodeServlet extends HttpServlet { int index = fileid.indexOf('/'); if (index == -1 || index == fileid.length() - 1) { eelfLogger.error("NODE0205 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. Possible missing fileid."); + "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. Possible missing fileid."); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -233,7 +233,7 @@ public class NodeServlet extends HttpServlet { if (!req.isUserInRole(permission)) { String message = "AAF disallows access to permission string - " + permission; eelfLogger.error("NODE0307 Rejecting unauthenticated PUT or DELETE of " + req.getPathInfo() - + FROM + req.getRemoteAddr()); + + FROM + req.getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, message); eelfLogger.info(EelfMsgs.EXIT); return; @@ -259,17 +259,17 @@ public class NodeServlet extends HttpServlet { targets = config.parseRouting(req.getHeader("X-DMAAP-DR-ROUTING")); } else { eelfLogger.error("NODE0204 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return; } if (fileid.indexOf('/') != -1) { eelfLogger.error("NODE0202 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -290,8 +290,8 @@ public class NodeServlet extends HttpServlet { String reason = config.isPublishPermitted(feedid, credentials, ip); if (reason != null) { eelfLogger.error("NODE0111 Rejecting unauthorized publish attempt to feed " + PathUtil - .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil - .cleanString(ip) + " reason " + PathUtil.cleanString(reason)); + .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil + .cleanString(ip) + " reason " + PathUtil.cleanString(reason)); resp.sendError(HttpServletResponse.SC_FORBIDDEN, reason); eelfLogger.info(EelfMsgs.EXIT); return; @@ -301,11 +301,11 @@ public class NodeServlet extends HttpServlet { String reason = config.isPublishPermitted(feedid, ip); if (reason != null) { eelfLogger.error("NODE0111 Rejecting unauthorized publish attempt to feed " + PathUtil - .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil - .cleanString(ip) + " reason Invalid AAF user- " + PathUtil.cleanString(reason)); + .cleanString(feedid) + " fileid " + PathUtil.cleanString(fileid) + FROM + PathUtil + .cleanString(ip) + " reason Invalid AAF user- " + PathUtil.cleanString(reason)); String message = "Invalid AAF user- " + PathUtil.cleanString(reason); eelfLogger.debug("NODE0308 Rejecting unauthenticated PUT or DELETE of " + PathUtil - .cleanString(req.getPathInfo()) + FROM + PathUtil.cleanString(req.getRemoteAddr())); + .cleanString(req.getPathInfo()) + FROM + PathUtil.cleanString(req.getRemoteAddr())); resp.sendError(HttpServletResponse.SC_FORBIDDEN, message); return; } @@ -327,9 +327,9 @@ public class NodeServlet extends HttpServlet { } String redirto = HTTPS + newnode + port + PUBLISH + feedid + "/" + fileid; eelfLogger - .debug("NODE0108 Redirecting publish attempt for feed " + PathUtil.cleanString(feedid) + USER - + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " to " + PathUtil - .cleanString(redirto)); //Fortify scan fixes - log forging + .debug("NODE0108 Redirecting publish attempt for feed " + PathUtil.cleanString(feedid) + USER + + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " to " + PathUtil + .cleanString(redirto)); //Fortify scan fixes - log forging resp.sendRedirect(PathUtil.cleanString(redirto)); //Fortify scan fixes-open redirect - 2 issues eelfLogger.info(EelfMsgs.EXIT); return; @@ -346,23 +346,23 @@ public class NodeServlet extends HttpServlet { try { StringBuilder mx = new StringBuilder(); mx.append(req.getMethod()).append('\t').append(fileid).append('\n'); - Enumeration hnames = req.getHeaderNames(); + Enumeration<String> hnames = req.getHeaderNames(); String ctype = null; boolean hasRequestIdHeader = false; boolean hasInvocationIdHeader = false; while (hnames.hasMoreElements()) { - String hn = (String) hnames.nextElement(); + String hn = hnames.nextElement(); String hnlc = hn.toLowerCase(); if ((isput && ("content-type".equals(hnlc) - || "content-language".equals(hnlc) - || "content-md5".equals(hnlc) - || "content-range".equals(hnlc))) - || "x-dmaap-dr-meta".equals(hnlc) - || (feedid == null && "x-dmaap-dr-received".equals(hnlc)) - || (hnlc.startsWith("x-") && !hnlc.startsWith("x-dmaap-dr-"))) { - Enumeration hvals = req.getHeaders(hn); + || "content-language".equals(hnlc) + || "content-md5".equals(hnlc) + || "content-range".equals(hnlc))) + || "x-dmaap-dr-meta".equals(hnlc) + || (feedid == null && "x-dmaap-dr-received".equals(hnlc)) + || (hnlc.startsWith("x-") && !hnlc.startsWith("x-dmaap-dr-"))) { + Enumeration<String> hvals = req.getHeaders(hn); while (hvals.hasMoreElements()) { - String hv = (String) hvals.nextElement(); + String hv = hvals.nextElement(); if ("content-type".equals(hnlc)) { ctype = hv; } @@ -375,16 +375,16 @@ public class NodeServlet extends HttpServlet { if ("x-dmaap-dr-meta".equals(hnlc)) { if (hv.length() > 4096) { eelfLogger.error("NODE0109 Rejecting publish attempt with metadata too long for feed " - + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " - + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging + + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " + + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Metadata too long"); eelfLogger.info(EelfMsgs.EXIT); return; } if (!metaDataPattern.matcher(hv.replaceAll("\\\\.", "X")).matches()) { eelfLogger.error("NODE0109 Rejecting publish attempt with malformed metadata for feed " - + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " - + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging + + PathUtil.cleanString(feedid) + USER + PathUtil.cleanString(user) + " ip " + + PathUtil.cleanString(ip)); //Fortify scan fixes - log forging resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Malformed metadata"); eelfLogger.info(EelfMsgs.EXIT); return; @@ -406,7 +406,7 @@ public class NodeServlet extends HttpServlet { String message = writeInputStreamToFile(req, data); if (message != null) { StatusLog.logPubFail(pubid, feedid, logurl, req.getMethod(), ctype, exlen, data.length(), ip, user, - message); + message); throw new IOException(message); } Path dpath = Paths.get(fbase); @@ -417,7 +417,7 @@ public class NodeServlet extends HttpServlet { continue; } String dbase = PathUtil - .cleanString(di.getSpool() + "/" + pubid); //Fortify scan fixes-Path Manipulation + .cleanString(di.getSpool() + "/" + pubid); //Fortify scan fixes-Path Manipulation Files.createLink(Paths.get(dbase), dpath); mw = new FileWriter(meta); mw.write(metadata); @@ -434,19 +434,19 @@ public class NodeServlet extends HttpServlet { resp.getOutputStream().close(); } catch (IOException ioe) { StatusLog.logPubFail(pubid, feedid, logurl, req.getMethod(), ctype, exlen, data.length(), ip, user, - ioe.getMessage()); + ioe.getMessage()); //Fortify scan fixes - log forging eelfLogger.error("NODE0110 IO Exception while closing IO stream " + PathUtil.cleanString(feedid) - + USER + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " " + ioe - .toString(), ioe); + + USER + PathUtil.cleanString(user) + " ip " + PathUtil.cleanString(ip) + " " + ioe + .toString(), ioe); throw ioe; } StatusLog.logPub(pubid, feedid, logurl, req.getMethod(), ctype, data.length(), ip, user, - HttpServletResponse.SC_NO_CONTENT); + HttpServletResponse.SC_NO_CONTENT); } catch (IOException ioe) { eelfLogger.error("NODE0110 IO Exception receiving publish attempt for feed " + feedid + USER + user - + " ip " + ip + " " + ioe.toString(), ioe); + + " ip " + ip + " " + ioe.toString(), ioe); eelfLogger.info(EelfMsgs.EXIT); throw ioe; } finally { @@ -481,7 +481,7 @@ public class NodeServlet extends HttpServlet { byte[] buf = new byte[1024 * 1024]; int bytesRead; try (OutputStream dos = new FileOutputStream(data); - InputStream is = req.getInputStream()) { + InputStream is = req.getInputStream()) { while ((bytesRead = is.read(buf)) > 0) { dos.write(buf, 0, bytesRead); } @@ -510,9 +510,9 @@ public class NodeServlet extends HttpServlet { int index = fileid.indexOf('/'); if (index == -1 || index == fileid.length() - 1) { eelfLogger.error("NODE0112 Rejecting bad URI for DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - "Invalid request URI. Expecting <subId>/<pubId>."); + "Invalid request URI. Expecting <subId>/<pubId>."); eelfLogger.info(EelfMsgs.EXIT); return; } @@ -520,7 +520,7 @@ public class NodeServlet extends HttpServlet { int subId = Integer.parseInt(subscriptionId); pubid = fileid.substring(index + 1); String errorMessage = "Unable to delete files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName() + "."; + + config.getMyName() + "."; int subIdDir = subId - (subId % 100); if (!isAuthorizedToDelete(resp, subscriptionId, errorMessage)) { return; @@ -528,7 +528,7 @@ public class NodeServlet extends HttpServlet { boolean result = delivery.markTaskSuccess(config.getSpoolBase() + "/s/" + subIdDir + "/" + subId, pubid); if (result) { eelfLogger.debug("NODE0115 Successfully deleted files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName()); + + config.getMyName()); resp.setStatus(HttpServletResponse.SC_OK); eelfLogger.info(EelfMsgs.EXIT); } else { @@ -538,7 +538,7 @@ public class NodeServlet extends HttpServlet { } } catch (IOException ioe) { eelfLogger.error("NODE0117 Unable to delete files (" + pubid + ", " + pubid + FROM_DR_MESSAGE - + config.getMyName(), ioe); + + config.getMyName(), ioe); eelfLogger.info(EelfMsgs.EXIT); } } @@ -551,8 +551,8 @@ public class NodeServlet extends HttpServlet { } if (!req.isSecure() && config.isTlsEnabled()) { eelfLogger.error( - "NODE0104 Rejecting insecure PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + "NODE0104 Rejecting insecure PUT or DELETE of " + req.getPathInfo() + FROM + req + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_FORBIDDEN, "https required on publish requests"); eelfLogger.info(EelfMsgs.EXIT); return null; @@ -560,9 +560,9 @@ public class NodeServlet extends HttpServlet { String fileid = req.getPathInfo(); if (fileid == null) { eelfLogger.error("NODE0201 Rejecting bad URI for PUT or DELETE of " + req.getPathInfo() + FROM + req - .getRemoteAddr()); + .getRemoteAddr()); resp.sendError(HttpServletResponse.SC_NOT_FOUND, - INVALID_REQUEST_URI); + INVALID_REQUEST_URI); eelfLogger.info(EelfMsgs.EXIT); return null; } @@ -570,19 +570,19 @@ public class NodeServlet extends HttpServlet { } private boolean isAuthorizedToDelete(HttpServletResponse resp, String subscriptionId, String errorMessage) - throws IOException { + throws IOException { try { boolean deletePermitted = config.isDeletePermitted(subscriptionId); if (!deletePermitted) { eelfLogger.error("NODE0113 " + errorMessage + " Error: Subscription " - + subscriptionId + " is not a privileged subscription"); + + subscriptionId + " is not a privileged subscription"); resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); eelfLogger.info(EelfMsgs.EXIT); return false; } } catch (NullPointerException npe) { eelfLogger.error("NODE0114 " + errorMessage + " Error: Subscription " + subscriptionId - + " does not exist", npe); + + " does not exist", npe); resp.sendError(HttpServletResponse.SC_NOT_FOUND); eelfLogger.info(EelfMsgs.EXIT); return false; diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java index 2c8dcdb0..5cca7375 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeUtils.java @@ -50,8 +50,8 @@ import java.util.zip.GZIPInputStream; import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; import org.onap.dmaap.datarouter.node.eelf.EelfMsgs; @@ -62,8 +62,7 @@ import org.slf4j.MDC; */ public class NodeUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance() - .getLogger(NodeUtils.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(NodeUtils.class); private NodeUtils() { } diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java index d1d2abb3..1ffc9ec4 100644 --- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java +++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/PublishId.java @@ -30,7 +30,7 @@ package org.onap.dmaap.datarouter.node; public class PublishId { private long nextuid; - private String myname; + private final String myname; /** * Generate publish IDs for the specified name. diff --git a/datarouter-node/src/main/resources/docker/Dockerfile b/datarouter-node/src/main/resources/docker/Dockerfile index 7bc92c83..38ea3b9e 100644 --- a/datarouter-node/src/main/resources/docker/Dockerfile +++ b/datarouter-node/src/main/resources/docker/Dockerfile @@ -19,7 +19,7 @@ # limitations under the License. # ============LICENSE_END==================================================== # -FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 +FROM nexus3.onap.org:10001/onap/integration-java11:10.0.0 COPY /opt /opt diff --git a/datarouter-node/src/main/resources/node.properties b/datarouter-node/src/main/resources/node.properties index f7c24fab..ac9aec22 100644 --- a/datarouter-node/src/main/resources/node.properties +++ b/datarouter-node/src/main/resources/node.properties @@ -24,16 +24,16 @@ # Configuration parameters set at startup for the DataRouter node # # URL to retrieve dynamic configuration -ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +ProvisioningURL = http://dmaap-dr-prov/internal/prov # # URL to upload PUB/DEL/EXP logs -LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +LogUploadURL = http://dmaap-dr-prov/internal/logs # # The port number for http as seen within the server IntHttpPort = 8080 # # The port number for https as seen within the server -IntHttpsPort = 8443 +IntHttpsPort = 8080 # # The external port number for https taking port mapping into account ExtHttpsPort = 443 @@ -71,6 +71,9 @@ NodeAuthKey = Node123! # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 # +# AAF CADI enabled flag +CadiEnabled = false +# # AAF type to generate permission string AAFType = org.onap.dmaap-dr.feed # @@ -80,11 +83,8 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF CADI enabled flag -CadiEnabled = false -# # AAF Props file path AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props # https security required for publish request -TlsEnabled = true +TlsEnabled = false diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilterTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilterTest.java deleted file mode 100644 index 0796aa56..00000000 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DRNodeCadiFilterTest.java +++ /dev/null @@ -1,130 +0,0 @@ -/*
- * ============LICENSE_START=======================================================
- * Copyright (C) 2019 Nordix Foundation.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * SPDX-License-Identifier: Apache-2.0
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.dmaap.datarouter.node;
-
-import static org.mockito.Mockito.doThrow;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-import java.io.IOException;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.filter.CadiFilter;
-import org.powermock.api.mockito.PowerMockito;
-import org.powermock.api.support.membermodification.MemberMatcher;
-import org.powermock.core.classloader.annotations.PowerMockIgnore;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor;
-import org.powermock.modules.junit4.PowerMockRunner;
-
-@SuppressStaticInitializationFor("org.onap.dmaap.datarouter.node.NodeConfigManager")
-@PrepareForTest({CadiFilter.class})
-@RunWith(PowerMockRunner.class)
-@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "javax.management.*"})
-public class DRNodeCadiFilterTest {
-
- @Mock
- private PropAccess access;
-
- @Mock
- private HttpServletRequest request;
-
- @Mock
- private HttpServletResponse response;
-
- @Mock
- private FilterChain chain;
-
- private DRNodeCadiFilter cadiFilter;
-
-
- @Before
- public void setUp() throws ServletException {
- cadiFilter = new DRNodeCadiFilter(false, access);
- }
-
- @Test
- public void Given_doFilter_Called_And_Method_Is_GET_And_AAF_DB_Instance_Is_NULL_Then_Chain_doFilter_Called()
- throws Exception {
- PowerMockito.mockStatic(NodeConfigManager.class);
- NodeConfigManager config = mock(NodeConfigManager.class);
-
- PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config);
- PowerMockito.when(config.getAafInstance("/other/5")).thenReturn("legacy");
- when(request.getPathInfo()).thenReturn("/publish/5");
- when(request.getMethod()).thenReturn("GET");
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_Called_And_Method_Is_GET_And_Path_Includes_Internal_Then_Chain_doFilter_Called()
- throws Exception {
- PowerMockito.mockStatic(NodeConfigManager.class);
- NodeConfigManager config = mock(NodeConfigManager.class);
-
- PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config);
- PowerMockito.when(config.getAafInstance("/other/5")).thenReturn("legacy");
- when(request.getPathInfo()).thenReturn("/internal/5");
- when(request.getMethod()).thenReturn("GET");
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_Called_And_Method_Is_GET_And_AAF_DB_Is_Not_Null_Then_Super_doFilter_Called()
- throws Exception {
- PowerMockito.mockStatic(NodeConfigManager.class);
- NodeConfigManager config = mock(NodeConfigManager.class);
-
- PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config);
- PowerMockito.when(config.getAafInstance("5")).thenReturn("EXISTS");
- when(request.getPathInfo()).thenReturn("/publish/5/fileId");
- when(request.getMethod()).thenReturn("GET");
- PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class));
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(0)).doFilter(request, response);
- }
-
- @Test
- public void Given_getFileid_Called_And_SendError_Fails_Then_Throw_IOException_And_Call_chain_doFilter()
- throws Exception {
- PowerMockito.mockStatic(NodeConfigManager.class);
- NodeConfigManager config = mock(NodeConfigManager.class);
-
- PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config);
- when(request.getPathInfo()).thenReturn("/publish/5");
- when(request.getMethod()).thenReturn("DELETE");
- doThrow(new IOException()).when(response).sendError(HttpServletResponse.SC_NOT_FOUND,
- "Invalid request URI. Expecting <feed-publishing-url>/<fileid>. Possible missing fileid.");
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-}
diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DeliveryQueueTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DeliveryQueueTest.java index fa4966c9..d1194279 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DeliveryQueueTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/DeliveryQueueTest.java @@ -68,7 +68,7 @@ public class DeliveryQueueTest { when(destInfo.isPrivilegedSubscriber()).thenReturn(true); deliveryQueue = new DeliveryQueue(deliveryQueueHelper, destInfo); NodeConfigManager configManager = mockNodeConfigManager(); - FieldUtils.writeDeclaredStaticField(StatusLog.class, "config", configManager, true); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", configManager, true); } @Test diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/LogManagerTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/LogManagerTest.java index 7eacd838..cb3c88a4 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/LogManagerTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/LogManagerTest.java @@ -55,7 +55,6 @@ public class LogManagerTest { @Before public void setUp() throws IllegalAccessException { mockNodeConfigManager(); - FieldUtils.writeDeclaredStaticField(StatusLog.class, "config", config, true); logManager = new LogManager(config); } @@ -94,7 +93,7 @@ public class LogManagerTest { assertNull(worker.getFeedId("")); } - private void mockNodeConfigManager() { + private void mockNodeConfigManager() throws IllegalAccessException { PowerMockito.when(config.getLogDir()).thenReturn(System.getProperty("user.dir") + "/src/test/resources"); PowerMockito.when(config.getTimer()).thenReturn(new Timer("Node Configuration Timer", true)); PowerMockito.when(config.getEventLogPrefix()) @@ -104,6 +103,7 @@ public class LogManagerTest { PowerMockito.when(config.getEventLogInterval()).thenReturn("30s"); PowerMockito.when(config.getPublishId()).thenReturn("123456789.dmaap-dr-node"); PowerMockito.when(config.getEventLogUrl()).thenReturn("https://dmaap-dr-prov:8443/internal/logs"); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } } diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java index 82038fba..046a56e2 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeConfigManagerTest.java @@ -47,7 +47,9 @@ import org.junit.Test; import org.mockito.Mock; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor; +@SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.node.NodeConfigManager"}) @PowerMockIgnore({"javax.net.ssl.*", "javax.security.auth.x500.X500Principal", "javax.crypto.*"}) @PrepareForTest({InetAddress.class}) public class NodeConfigManagerTest { @@ -75,7 +77,6 @@ public class NodeConfigManagerTest { String href = "https://dmaap-dr-prov:8443/internal/prov"; URLConnection urlConnection = mock(URLConnection.class); httpUrlStreamHandler.addConnection(new URL(href), urlConnection); - //File prov = new File("src/test/resources/prov_data.json"); InputStream anyInputStream = new ByteArrayInputStream(Files.readAllBytes(Paths.get("src/test/resources/prov_data.json"))); when(urlConnection.getInputStream()).thenReturn(anyInputStream); } @@ -92,7 +93,7 @@ public class NodeConfigManagerTest { } @Test - public void Verify_NodeConfigMan_Getters() { + public void Verify_NodeConfigMan_Getters_Secure() { NodeConfigManager nodeConfigManager = NodeConfigManager.getInstance(); Assert.assertEquals("legacy", nodeConfigManager.getAafInstance()); Assert.assertEquals("src/test/resources/spool/f", nodeConfigManager.getSpoolDir()); @@ -110,11 +111,10 @@ public class NodeConfigManagerTest { Assert.assertEquals(new String[] {"TLSv1.1", "TLSv1.2"}, nodeConfigManager.getEnabledprotocols()); Assert.assertEquals("org.onap.dmaap-dr.feed", nodeConfigManager.getAafType()); Assert.assertEquals("publish", nodeConfigManager.getAafAction()); - Assert.assertFalse(nodeConfigManager.getCadiEnabled()); + Assert.assertTrue(nodeConfigManager.getCadiEnabled()); Assert.assertFalse(nodeConfigManager.isShutdown()); Assert.assertTrue(nodeConfigManager.isTlsEnabled()); Assert.assertTrue(nodeConfigManager.isConfigured()); - Assert.assertEquals("legacy", nodeConfigManager.getAafInstance("1")); Assert.assertNotNull(nodeConfigManager.getPublishId()); Assert.assertNotNull(nodeConfigManager.getAllDests()); Assert.assertEquals(10000, nodeConfigManager.getInitFailureTimer()); diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServerTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServerTest.java index 153753e9..af43e5d8 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServerTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServerTest.java @@ -43,7 +43,7 @@ import org.powermock.modules.junit4.PowerMockRunner; @PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*"}) public class NodeServerTest { - private NodeConfigManager config = mock(NodeConfigManager.class); + private final NodeConfigManager config = mock(NodeConfigManager.class); @Before public void setUp() throws Exception { setUpConfig(); @@ -58,7 +58,7 @@ public class NodeServerTest { @Test public void Verify_Node_Server_Is_Configured_Correctly() { - Assert.assertNotNull(NodeServer.getServerInstance()); + Assert.assertNotNull(NodeServer.getServerInstance(config)); } private void setUpConfig() throws IllegalAccessException { @@ -73,14 +73,13 @@ public class NodeServerTest { when(config.getEventLogInterval()).thenReturn("40"); when(config.isDeletePermitted("1")).thenReturn(true); when(config.getAllDests()).thenReturn(new DestInfo[0]); + when(config.isTlsEnabled()).thenReturn(true); when(config.getKSType()).thenReturn("PKCS12"); when(config.getKSFile()).thenReturn("src/test/resources/aaf/org.onap.dmaap-dr.p12"); when(config.getKSPass()).thenReturn("tVac2#@Stx%tIOE^x[c&2fgZ"); when(config.getTstype()).thenReturn("jks"); when(config.getTsfile()).thenReturn("src/test/resources/aaf/org.onap.dmaap-dr.trust.jks"); when(config.getTspass()).thenReturn("XHX$2Vl?Lk*2CB.i1+ZFAhZd"); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); - FieldUtils.writeDeclaredStaticField(NodeRunner.class, "nodeConfigManager", config, true); PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config); } diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServletTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServletTest.java index f7e3d7c8..0dcc0a19 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServletTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeServletTest.java @@ -23,6 +23,8 @@ package org.onap.dmaap.datarouter.node; import static org.junit.Assert.assertEquals; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.ArgumentMatchers.anyObject; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.anyString; @@ -41,22 +43,27 @@ import java.util.Arrays; import java.util.Collections; import java.util.Enumeration; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.junit.AfterClass; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.mockito.BDDMockito; import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.internal.matchers.Any; import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor; import org.powermock.modules.junit4.PowerMockRunner; import org.slf4j.LoggerFactory; @RunWith(PowerMockRunner.class) @SuppressStaticInitializationFor("org.onap.dmaap.datarouter.node.NodeConfigManager") +@PrepareForTest(NodeServer.class) @PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*"}) public class NodeServletTest { @@ -84,7 +91,8 @@ public class NodeServletTest { setUpNodeMainDelivery(); delivery = mock(Delivery.class); when(delivery.markTaskSuccess("spool/s/0/1", "dmaap-dr-node.1234567")).thenReturn(true); - nodeServlet = new NodeServlet(delivery); + PowerMockito.mockStatic(NodeServer.class); + nodeServlet = new NodeServlet(delivery, config); when(request.getHeader("Authorization")).thenReturn("User1"); when(request.getHeader("X-DMAAP-DR-PUBLISH-ID")).thenReturn("User1"); } @@ -332,31 +340,23 @@ public class NodeServletTest { when(config.getEventLogInterval()).thenReturn("40"); when(config.isDeletePermitted("1")).thenReturn(true); when(config.getAllDests()).thenReturn(new DestInfo[0]); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); - FieldUtils.writeDeclaredStaticField(NodeRunner.class, "nodeConfigManager", config, true); - PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } private void setUpConfigToReturnUnprivilegedSubscriber() throws IllegalAccessException { - NodeConfigManager config = mock(NodeConfigManager.class); PowerMockito.mockStatic(NodeConfigManager.class); when(config.isShutdown()).thenReturn(false); when(config.isConfigured()).thenReturn(true); when(config.isDeletePermitted("1")).thenReturn(false); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); - FieldUtils.writeDeclaredStaticField(NodeRunner.class, "nodeConfigManager", config, true); - PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } private void setUpConfigToReturnNullOnIsDeletePermitted() throws IllegalAccessException { - NodeConfigManager config = mock(NodeConfigManager.class); PowerMockito.mockStatic(NodeConfigManager.class); when(config.isShutdown()).thenReturn(false); when(config.isConfigured()).thenReturn(true); when(config.isDeletePermitted("1")).thenThrow(new NullPointerException()); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); - FieldUtils.writeDeclaredStaticField(NodeRunner.class, "nodeConfigManager", config, true); - PowerMockito.when(NodeConfigManager.getInstance()).thenReturn(config); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } private void setUpNodeMainDelivery() throws IllegalAccessException{ @@ -365,14 +365,12 @@ public class NodeServletTest { FieldUtils.writeDeclaredStaticField(NodeServer.class, "delivery", delivery, true); } - private void setNodeConfigManagerIsConfiguredToReturnFalse() throws IllegalAccessException{ - NodeConfigManager config = mock(NodeConfigManager.class); + private void setNodeConfigManagerIsConfiguredToReturnFalse() throws IllegalAccessException { when(config.isConfigured()).thenReturn(false); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } private void setNodeConfigManagerIsPublishPermittedToReturnAReason() throws IllegalAccessException{ - NodeConfigManager config = mock(NodeConfigManager.class); when(config.isShutdown()).thenReturn(false); when(config.getMyName()).thenReturn("dmaap-dr-node"); when(config.isConfigured()).thenReturn(true); @@ -380,11 +378,10 @@ public class NodeServletTest { when(config.getLogDir()).thenReturn("log/dir"); when(config.isPublishPermitted(anyString(), anyString(), anyString())).thenReturn("Publisher not permitted for this feed"); when(config.isAnotherNode(anyString(), anyString())).thenReturn(false); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); + FieldUtils.writeDeclaredStaticField(NodeConfigManager.class, "base", config, true); } - private void setNodeConfigManagerToAllowRedirectOnIngressNode() throws IllegalAccessException{ - NodeConfigManager config = mock(NodeConfigManager.class); + private void setNodeConfigManagerToAllowRedirectOnIngressNode() { when(config.isShutdown()).thenReturn(false); when(config.isConfigured()).thenReturn(true); when(config.getSpoolDir()).thenReturn("spool/dir"); @@ -394,7 +391,6 @@ public class NodeServletTest { when(config.getAuthUser(anyString(), anyString())).thenReturn("User1"); when(config.getIngressNode(anyString(), anyString(), anyString())).thenReturn("NewNode"); when(config.getExtHttpsPort()).thenReturn(8080); - FieldUtils.writeDeclaredStaticField(NodeServlet.class, "config", config, true); } private String createLargeMetaDataString() { diff --git a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeUtilsTest.java b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeUtilsTest.java index f3d14df7..40cb11fb 100644 --- a/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeUtilsTest.java +++ b/datarouter-node/src/test/java/org/onap/dmaap/datarouter/node/NodeUtilsTest.java @@ -24,7 +24,7 @@ package org.onap.dmaap.datarouter.node; import static org.mockito.Mockito.when; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; diff --git a/datarouter-node/src/test/resources/node_test.properties b/datarouter-node/src/test/resources/node_test.properties index 3c96ed25..407d37c6 100644 --- a/datarouter-node/src/test/resources/node_test.properties +++ b/datarouter-node/src/test/resources/node_test.properties @@ -71,6 +71,9 @@ NodeAuthKey = Node123! # DR_NODE DEFAULT ENABLED TLS PROTOCOLS NodeHttpsProtocols = TLSv1.1|TLSv1.2 # +# AAF CADI enabled flag +CadiEnabled = true +# # AAF type to generate permission string AAFType = org.onap.dmaap-dr.feed # @@ -80,9 +83,6 @@ AAFInstance = legacy # AAF action to generate permission string - default should be publish AAFAction = publish # -# AAF CADI enabled flag -CadiEnabled = false -# # AAF Props file path AAFPropsFilePath = src/test/resources/aaf/org.onap.dmaap-dr.props diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/Authorizer.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/Authorizer.java index fb62f192..48ad7bdd 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/Authorizer.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/Authorizer.java @@ -24,8 +24,8 @@ package org.onap.dmaap.datarouter.authz;
+import jakarta.servlet.http.HttpServletRequest;
import java.util.Map;
-import javax.servlet.http.HttpServletRequest;
/**
* A Data Router API that requires authorization of incoming requests creates an instance of a class that implements
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthorizer.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthorizer.java index 761df097..48e31bfe 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthorizer.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthorizer.java @@ -26,7 +26,7 @@ package org.onap.dmaap.datarouter.authz.impl; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; import java.util.Map; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; import org.onap.dmaap.datarouter.authz.Authorizer; import org.onap.dmaap.datarouter.authz.impl.AuthzResource.ResourceType; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/BaseServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/BaseServlet.java index 52629ffb..1942b148 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/BaseServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/BaseServlet.java @@ -31,6 +31,10 @@ import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; +import jakarta.servlet.ServletConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; import java.net.InetAddress; import java.net.UnknownHostException; import java.security.cert.X509Certificate; @@ -44,10 +48,6 @@ import java.util.Map; import java.util.Properties; import java.util.Set; import java.util.UUID; -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; import org.jetbrains.annotations.Nullable; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServlet.java index eada4862..a0df71ce 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServlet.java @@ -31,8 +31,8 @@ import com.att.eelf.configuration.EELFManager; import java.io.IOException; import java.io.InvalidObjectException; import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.json.JSONObject; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/FeedServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/FeedServlet.java index de27c652..5182cc23 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/FeedServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/FeedServlet.java @@ -28,10 +28,11 @@ import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.send import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.InvalidObjectException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.json.JSONException; import org.json.JSONObject; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; @@ -53,8 +54,7 @@ import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs; public class FeedServlet extends ProxyServlet { - //Adding EELF Logger Rally:US664892 - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(FeedServlet.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(FeedServlet.class); /** * Delete the Feed at the address /feed/<feednumber>. diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/GroupServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/GroupServlet.java index 432ea3c0..94303e96 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/GroupServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/GroupServlet.java @@ -26,10 +26,10 @@ package org.onap.dmaap.datarouter.provisioning; import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.InvalidObjectException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.json.JSONObject; import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java index efa1c102..06959eef 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/InternalServlet.java @@ -39,8 +39,8 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; import java.util.Properties; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.json.JSONArray; import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord; import org.onap.dmaap.datarouter.provisioning.beans.LogRecord; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/LogServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/LogServlet.java index 9cde4804..5f7ed337 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/LogServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/LogServlet.java @@ -28,6 +28,7 @@ import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.send import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
+import jakarta.servlet.ServletOutputStream;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
@@ -38,9 +39,8 @@ import java.text.SimpleDateFormat; import java.util.Date;
import java.util.HashMap;
import java.util.Map;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.onap.dmaap.datarouter.provisioning.beans.DeliveryRecord;
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.beans.ExpiryRecord;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvRunner.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvRunner.java index 8a0ef448..747530ab 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvRunner.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvRunner.java @@ -73,12 +73,12 @@ import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask; */ public class ProvRunner { - public static final EELFLogger intlogger = EELFManager.getInstance() - .getLogger("org.onap.dmaap.datarouter.provisioning.internal"); + public static final EELFLogger intlogger = EELFManager.getInstance().getLogger("org.onap.dmaap.datarouter.provisioning.internal"); private static Server provServer; private static AafPropsUtils aafPropsUtils; private static Properties provProperties; + private static Boolean tlsEnabled; /** * Starts the Data Router Provisioning server. @@ -91,14 +91,16 @@ public class ProvRunner { intlogger.error("Data Router Provisioning database init failure. Exiting."); exit(1); } - // Set up AAF properties - try { - aafPropsUtils = new AafPropsUtils(new File(getProvProperties().getProperty( - "org.onap.dmaap.datarouter.provserver.aafprops.path", - "/opt/app/osaaf/local/org.onap.dmaap-dr.props"))); - } catch (IOException e) { - intlogger.error("NODE0314 Failed to load AAF props. Exiting", e); - exit(1); + if (Boolean.TRUE.equals(getTlsEnabled())) { + // Set up AAF properties + try { + aafPropsUtils = new AafPropsUtils(new File(getProvProperties().getProperty( + "org.onap.dmaap.datarouter.provserver.aafprops.path", + "/opt/app/osaaf/local/org.onap.dmaap-dr.props"))); + } catch (IOException e) { + intlogger.error("NODE0314 Failed to load AAF props. Exiting", e); + exit(1); + } } // Daemon to clean up the log directory on a daily basis Timer rolex = new Timer(); @@ -138,11 +140,11 @@ public class ProvRunner { public static Properties getProvProperties() { if (provProperties == null) { - try { + try (FileInputStream props = new FileInputStream(getProperty( + "org.onap.dmaap.datarouter.provserver.properties", + "/opt/app/datartr/etc/provserver.properties"))) { provProperties = new Properties(); - provProperties.load(new FileInputStream(getProperty( - "org.onap.dmaap.datarouter.provserver.properties", - "/opt/app/datartr/etc/provserver.properties"))); + provProperties.load(props); } catch (IOException e) { intlogger.error("Failed to load PROV properties: " + e.getMessage(), e); exit(1); @@ -154,4 +156,12 @@ public class ProvRunner { public static AafPropsUtils getAafPropsUtils() { return aafPropsUtils; } + + public static Boolean getTlsEnabled() { + if (tlsEnabled == null) { + tlsEnabled = Boolean.parseBoolean(getProvProperties() + .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true")); + } + return tlsEnabled; + } } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvServer.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvServer.java index e1d4568f..9eb91178 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvServer.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProvServer.java @@ -23,16 +23,13 @@ package org.onap.dmaap.datarouter.provisioning; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; import java.security.Security; -import java.util.EnumSet; import java.util.Properties; -import javax.servlet.DispatcherType; -import javax.servlet.ServletException; import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.CustomRequestLog; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.HttpConnectionFactory; -import org.eclipse.jetty.server.NCSARequestLog; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.SslConnectionFactory; @@ -40,21 +37,17 @@ import org.eclipse.jetty.server.handler.ContextHandlerCollection; import org.eclipse.jetty.server.handler.DefaultHandler; import org.eclipse.jetty.server.handler.HandlerCollection; import org.eclipse.jetty.server.handler.RequestLogHandler; -import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.util.thread.QueuedThreadPool; import org.jetbrains.annotations.NotNull; import org.onap.dmaap.datarouter.provisioning.utils.AafPropsUtils; -import org.onap.dmaap.datarouter.provisioning.utils.DRProvCadiFilter; -import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter; public class ProvServer { - public static final EELFLogger intlogger = EELFManager.getInstance() - .getLogger("InternalLog"); + public static final EELFLogger intlogger = EELFManager.getInstance().getLogger("InternalLog"); private static Server server; @@ -69,9 +62,6 @@ public class ProvServer { } private static Server createProvServer(Properties provProps) { - final int httpsPort = Integer.parseInt( - provProps.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "8443")); - Security.setProperty("networkaddress.cache.ttl", "4"); QueuedThreadPool queuedThreadPool = getQueuedThreadPool(); @@ -81,48 +71,52 @@ public class ProvServer { server.setDumpAfterStart(false); server.setDumpBeforeStop(false); - NCSARequestLog ncsaRequestLog = getRequestLog(provProps); - RequestLogHandler requestLogHandler = new RequestLogHandler(); - requestLogHandler.setRequestLog(ncsaRequestLog); - - server.setRequestLog(ncsaRequestLog); - - HttpConfiguration httpConfiguration = getHttpConfiguration(httpsPort); + HttpConfiguration httpConfiguration = getHttpConfiguration(); //HTTP Connector try (ServerConnector httpServerConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfiguration))) { httpServerConnector.setPort(Integer.parseInt(provProps.getProperty( - "org.onap.dmaap.datarouter.provserver.http.port", "8080"))); + "org.onap.dmaap.datarouter.provserver.http.port", "80"))); httpServerConnector.setAcceptQueueSize(2); httpServerConnector.setIdleTimeout(30000); - SslContextFactory sslContextFactory = getSslContextFactory(provProps); - - // HTTPS configuration - HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); - httpsConfiguration.setRequestHeaderSize(8192); - - // HTTPS connector - try (ServerConnector httpsServerConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), - new HttpConnectionFactory(httpsConfiguration))) { - httpsServerConnector.setPort(httpsPort); - httpsServerConnector.setIdleTimeout(30000); - httpsServerConnector.setAcceptQueueSize(2); - - ServletContextHandler servletContextHandler = getServletContextHandler(provProps); - ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection(); - contextHandlerCollection.addHandler(servletContextHandler); - - // Server's Handler collection - HandlerCollection handlerCollection = new HandlerCollection(); - handlerCollection.setHandlers(new Handler[]{contextHandlerCollection, new DefaultHandler()}); - handlerCollection.addHandler(requestLogHandler); - - server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); - server.setHandler(handlerCollection); + ServletContextHandler servletContextHandler = getServletContextHandler(provProps); + ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection(); + contextHandlerCollection.addHandler(servletContextHandler); + + CustomRequestLog customRequestLog = getCustomRequestLog(provProps); + RequestLogHandler requestLogHandler = new RequestLogHandler(); + requestLogHandler.setRequestLog(customRequestLog); + + server.setRequestLog(customRequestLog); + + // Server's Handler collection + HandlerCollection handlerCollection = new HandlerCollection(); + handlerCollection.setHandlers(new Handler[]{contextHandlerCollection, new DefaultHandler()}); + handlerCollection.addHandler(requestLogHandler); + + if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) { + // HTTPS configuration + int httpsPort = Integer.parseInt( + provProps.getProperty("org.onap.dmaap.datarouter.provserver.https.port", "443")); + httpConfiguration.setSecureScheme("https"); + httpConfiguration.setSecurePort(httpsPort); + HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); + httpsConfiguration.setRequestHeaderSize(8192); + // HTTPS connector + try (ServerConnector httpsServerConnector = new ServerConnector(server, + new SslConnectionFactory(getSslContextFactory(provProps), HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfiguration))) { + httpsServerConnector.setPort(httpsPort); + httpsServerConnector.setIdleTimeout(30000); + httpsServerConnector.setAcceptQueueSize(2); + server.setConnectors(new Connector[]{httpServerConnector, httpsServerConnector}); + } + } else { + server.setConnectors(new Connector[]{httpServerConnector}); } + server.setHandler(handlerCollection); } return server; } @@ -138,7 +132,7 @@ public class ProvServer { } @NotNull - private static SslContextFactory getSslContextFactory(Properties provProps) { + private static SslContextFactory.Server getSslContextFactory(Properties provProps) { SslContextFactory sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setKeyStoreType(AafPropsUtils.KEYSTORE_TYPE_PROPERTY); sslContextFactory.setKeyStorePath(ProvRunner.getAafPropsUtils().getKeystorePathProperty()); @@ -149,7 +143,6 @@ public class ProvServer { sslContextFactory.setTrustStorePath(ProvRunner.getAafPropsUtils().getTruststorePathProperty()); sslContextFactory.setTrustStorePassword(ProvRunner.getAafPropsUtils().getTruststorePassProperty()); - sslContextFactory.setWantClientAuth(true); sslContextFactory.setExcludeCipherSuites( "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", @@ -169,28 +162,20 @@ public class ProvServer { intlogger.info("Unsupported ciphers: " + String.join(",", sslContextFactory.getExcludeCipherSuites())); intlogger.info("Supported ciphers: " + String.join(",", sslContextFactory.getIncludeCipherSuites())); - return sslContextFactory; + return (SslContextFactory.Server) sslContextFactory; } @NotNull - private static NCSARequestLog getRequestLog(Properties provProps) { - NCSARequestLog ncsaRequestLog = new NCSARequestLog(); - ncsaRequestLog.setFilename(provProps.getProperty( - "org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd"); - ncsaRequestLog.setFilenameDateFormat("yyyyMMdd"); - ncsaRequestLog.setRetainDays(90); - ncsaRequestLog.setAppend(true); - ncsaRequestLog.setExtended(false); - ncsaRequestLog.setLogCookies(false); - ncsaRequestLog.setLogTimeZone("GMT"); - return ncsaRequestLog; + private static CustomRequestLog getCustomRequestLog(Properties provProps) { + String filename = provProps.getProperty( + "org.onap.dmaap.datarouter.provserver.accesslog.dir") + "/request.log.yyyy_mm_dd"; + String format = "yyyyMMdd"; + return new CustomRequestLog(filename, format); } @NotNull - private static HttpConfiguration getHttpConfiguration(int httpsPort) { + private static HttpConfiguration getHttpConfiguration() { HttpConfiguration httpConfiguration = new HttpConfiguration(); - httpConfiguration.setSecureScheme("https"); - httpConfiguration.setSecurePort(httpsPort); httpConfiguration.setOutputBufferSize(32768); httpConfiguration.setRequestHeaderSize(8192); httpConfiguration.setResponseHeaderSize(8192); @@ -214,23 +199,6 @@ public class ProvServer { servletContextHandler.addServlet(new ServletHolder(new InternalServlet()), "/internal/*"); servletContextHandler.addServlet(new ServletHolder(new RouteServlet()), "/internal/route/*"); servletContextHandler.addServlet(new ServletHolder(new DRFeedsServlet()), "/"); - servletContextHandler.addFilter(new FilterHolder(new ThrottleFilter()), - "/publish/*", EnumSet.of(DispatcherType.REQUEST)); - setCadiFilter(servletContextHandler, provProps); return servletContextHandler; } - - private static void setCadiFilter(ServletContextHandler servletContextHandler, Properties provProps) { - if (Boolean.parseBoolean(provProps.getProperty( - "org.onap.dmaap.datarouter.provserver.cadi.enabled", "false"))) { - try { - servletContextHandler.addFilter(new FilterHolder(new DRProvCadiFilter( - true, ProvRunner.getAafPropsUtils().getPropAccess())), "/*", EnumSet.of(DispatcherType.REQUEST)); - intlogger.info("PROV0001 AAF CADI filter enabled"); - } catch (ServletException e) { - intlogger.error("PROV0001 Failed to add CADI filter to server"); - } - - } - } } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java index 089ea755..49be5aa0 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/ProxyServlet.java @@ -26,6 +26,10 @@ package org.onap.dmaap.datarouter.provisioning; import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError; +import jakarta.servlet.ServletConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; @@ -36,10 +40,6 @@ import java.security.KeyStore; import java.security.KeyStoreException; import java.util.Collections; import java.util.List; -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.IOUtils; import org.apache.http.Header; import org.apache.http.HttpEntity; @@ -47,6 +47,7 @@ import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpEntityEnclosingRequestBase; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpRequestBase; +import org.apache.http.conn.scheme.PlainSocketFactory; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.entity.BasicHttpEntity; @@ -79,22 +80,27 @@ public class ProxyServlet extends BaseServlet { public void init(ServletConfig config) throws ServletException { super.init(config); try { - // Set up keystore - String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; - String store = ProvRunner.getAafPropsUtils().getKeystorePathProperty(); - String pass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); - KeyStore keyStore = readStore(store, pass, type); - // Set up truststore - store = ProvRunner.getAafPropsUtils().getTruststorePathProperty(); - pass = ProvRunner.getAafPropsUtils().getTruststorePassProperty(); - KeyStore trustStore = readStore(store, pass, AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); - - // We are connecting with the node name, but the certificate will have the CNAME - // So we need to accept a non-matching certificate name - SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore, + if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) { + // Set up keystore + String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; + String store = ProvRunner.getAafPropsUtils().getKeystorePathProperty(); + String pass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); + KeyStore keyStore = readStore(store, pass, type); + // Set up truststore + store = ProvRunner.getAafPropsUtils().getTruststorePathProperty(); + pass = ProvRunner.getAafPropsUtils().getTruststorePassProperty(); + KeyStore trustStore = readStore(store, pass, AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); + + // We are connecting with the node name, but the certificate will have the CNAME + // So we need to accept a non-matching certificate name + SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore, ProvRunner.getAafPropsUtils().getKeystorePassProperty(), trustStore); - socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - sch = new Scheme("https", 443, socketFactory); + socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); + sch = new Scheme("https", 443, socketFactory); + } else { + PlainSocketFactory socketFactory = new PlainSocketFactory(); + sch = new Scheme("http", 80, socketFactory); + } inited = true; } catch (Exception e) { intlogger.error("ProxyServlet.init: " + e.getMessage(), e); diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java index 949019d1..db5470cc 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java @@ -27,14 +27,14 @@ package org.onap.dmaap.datarouter.provisioning; import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
+import jakarta.servlet.ServletConfig;
+import jakarta.servlet.ServletException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONArray;
@@ -159,8 +159,7 @@ public class PublishServlet extends BaseServlet { } else {
// Generate new URL
String nextnode = getRedirectNode(feedid, req);
- if (Boolean.parseBoolean(ProvRunner.getProvProperties()
- .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
nextnode = nextnode + ":" + ProvRunner.getProvProperties().getProperty(
"org.onap.dmaap.datarouter.nodeserver.https.port", "8443");
} else {
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/RouteServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/RouteServlet.java index 8506530b..e164ea8a 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/RouteServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/RouteServlet.java @@ -28,8 +28,8 @@ import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.send import java.io.IOException;
import java.util.Set;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java index 1a07ffae..1c324e5a 100755 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java @@ -25,6 +25,7 @@ package org.onap.dmaap.datarouter.provisioning; import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
+import jakarta.servlet.ServletOutputStream;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
@@ -39,9 +40,8 @@ import java.util.Date; import java.util.HashMap;
import java.util.Map;
import java.util.TimeZone;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.utils.LOGJSONObject;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java index fa4a24ff..2ee58d6e 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java @@ -31,8 +31,8 @@ import com.att.eelf.configuration.EELFManager; import java.io.IOException; import java.io.InvalidObjectException; import java.util.Collection; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.json.JSONObject; import org.onap.dmaap.datarouter.authz.AuthorizationResponse; import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java index b3bb679b..1851d03a 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java @@ -34,8 +34,8 @@ import java.net.HttpURLConnection; import java.net.URL;
import java.util.ArrayList;
import java.util.List;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
@@ -53,18 +53,13 @@ import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask; * @author Robert Eby
* @version $Id$
*/
-@SuppressWarnings("serial")
public class SubscriptionServlet extends ProxyServlet {
private static final String SUBCNTRL_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription-control";
//Adding EELF Logger Rally:US664892
- private static EELFLogger eelfLogger = EELFManager.getInstance()
+ private static final EELFLogger eelfLogger = EELFManager.getInstance()
.getLogger(SubscriptionServlet.class);
-
-
-
-
/**
* DELETE on the <subscriptionUrl> -- delete a subscription. See the <i>Deleting a Subscription</i> section in
* the <b>Provisioning API</b> document for details on how this method should be invoked.
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/EventLogRecord.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/EventLogRecord.java index cfdda917..d801a556 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/EventLogRecord.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/EventLogRecord.java @@ -24,10 +24,8 @@ package org.onap.dmaap.datarouter.provisioning.beans;
+import jakarta.servlet.http.HttpServletRequest;
import java.security.cert.X509Certificate;
-
-import javax.servlet.http.HttpServletRequest;
-
import org.onap.dmaap.datarouter.provisioning.BaseServlet;
/**
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/IngressRoute.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/IngressRoute.java index d520a417..973f868d 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/IngressRoute.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/beans/IngressRoute.java @@ -36,7 +36,7 @@ import java.util.Collection; import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONArray;
import org.json.JSONObject;
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java index 6b78d21d..57bc84bd 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/AafPropsUtils.java @@ -29,7 +29,7 @@ import org.onap.aaf.cadi.PropAccess; public class AafPropsUtils { - private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(AafPropsUtils.class); + private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(AafPropsUtils.class); public static final String KEYSTORE_TYPE_PROPERTY = "PKCS12"; public static final String TRUESTSTORE_TYPE_PROPERTY = "jks"; @@ -38,7 +38,7 @@ public class AafPropsUtils { private static final String TRUSTSTORE_PATH_PROPERTY = "cadi_truststore"; private static final String TRUSTSTORE_PASS_PROPERTY = "cadi_truststore_password"; - private PropAccess propAccess; + private final PropAccess propAccess; public AafPropsUtils(File propsFile) throws IOException { propAccess = new PropAccess(); diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilter.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilter.java deleted file mode 100644 index 526bfd54..00000000 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilter.java +++ /dev/null @@ -1,266 +0,0 @@ -/** - * - - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * <p>* http://www.apache.org/licenses/LICENSE-2.0 - * - * <p>Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * <p>* SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.dmaap.datarouter.provisioning.utils; - -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; -import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.filter.CadiFilter; -import org.onap.dmaap.datarouter.provisioning.BaseServlet; -import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord; -import org.onap.dmaap.datarouter.provisioning.beans.Feed; -import org.onap.dmaap.datarouter.provisioning.beans.Subscription; - -public class DRProvCadiFilter extends CadiFilter { - protected static EELFLogger eventlogger = EELFManager.getInstance().getLogger("EventLog"); - protected static EELFLogger intlogger = EELFManager.getInstance().getLogger("InternalLog"); - private String aafInstance = ""; - - public DRProvCadiFilter(boolean init, PropAccess access) throws ServletException { - super(init, access); - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - EventLogRecord elr = new EventLogRecord(httpRequest); - String excludeAAF = httpRequest.getHeader(BaseServlet.EXCLUDE_AAF_HEADER); - //send this param value as true, if want to add legacy feed/subscriber in AAF env - - String pathUrl = httpRequest.getServletPath(); - if (!(pathUrl.contains("internal") - || pathUrl.contains("sublog") - || pathUrl.contains("feedlog") - || pathUrl.contains("statistics") - || pathUrl.contains("publish") - || pathUrl.contains("group"))) { - - String method = httpRequest.getMethod().toUpperCase(); - if (!("POST".equals(method))) { - // if request method is PUT method (publish or Feed update) Needs to check for DELETE - if ("PUT".equals(method) || "DELETE".equals(method)) { - if ((pathUrl.contains("subs"))) { //edit subscriber - int subId = BaseServlet.getIdFromPath(httpRequest); - if (subId <= 0) { - String message = String.format("Invalid request URI - %s", httpRequest.getPathInfo()); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_NOT_FOUND); - eventlogger.error(elr.toString()); - httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND, message); - return; - } - if (isAAFSubscriber(subId)) { //edit AAF Subscriber - String message = String.format("DRProvCadiFilter - " - + "Edit AAF Subscriber : %d : AAF Instance - %s", subId, aafInstance); - elr.setMessage(message); - eventlogger.info(elr.toString()); - //request.setAttribute("aafInstance", aafInstance);// - // no need to set it in request since it is taken care in respective servlets - super.doFilter(request, response, chain); - - } else { //Edit or publish legacy Subscriber - String message = "DRProvCadiFilter - Edit/Publish Legacy Subscriber :" + subId; - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } - - } else { //edit or publish Feed - int feedId = BaseServlet.getIdFromPath(httpRequest); - if (feedId <= 0) { - String message = "Invalid request URI - " + httpRequest.getPathInfo(); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_NOT_FOUND); - eventlogger.error(elr.toString()); - httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND, message); - return; - } - - if (isAAFFeed(feedId)) { //edit AAF Feed - String message = "DRProvCadiFilter - Edit AAF Feed:" - + feedId + ":" + "AAF Instance -" + aafInstance; - elr.setMessage(message); - eventlogger.info(elr.toString()); - super.doFilter(request, response, chain); - - } else { //Edit or publish legacy Feed - String message = "DRProvCadiFilter - Edit/Publish Legacy Feed:" + feedId; - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } - } - } else { // in all other cases defaults to legacy behavior - String message = "DRProvCadiFilter - Default Legacy Feed/Subscriber URI -:" - + httpRequest.getPathInfo(); - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } - } else { - //check to add legacy/AAF subscriber - if ((pathUrl.contains("subscribe"))) { //add subscriber - int feedId = BaseServlet.getIdFromPath(httpRequest); - if (feedId <= 0) { - String message = "Invalid request URI - " + httpRequest.getPathInfo(); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_NOT_FOUND); - eventlogger.error(elr.toString()); - httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND, message); - return; - } - if (isAAFFeed(feedId)) { //check if AAF Feed or legacy to add new subscriber - if (excludeAAF == null) { - String message = "DRProvCadiFilter -Invalid request Header Parmeter " - + BaseServlet.EXCLUDE_AAF_HEADER - + " = " + httpRequest.getHeader(BaseServlet.EXCLUDE_AAF_HEADER); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.error(elr.toString()); - httpResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, message); - return; - } - if (excludeAAF.equalsIgnoreCase("true")) { //Check to add legacy subscriber to AAF Feed - String message = "DRProvCadiFilter - add legacy subscriber to AAF Feed, FeedID:" + feedId; - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } else { - String message = "DRProvCadiFilter - Add AAF subscriber to AAF Feed, FeedID:" - + feedId + ":" + "AAF Instance -" + aafInstance; - elr.setMessage(message); - eventlogger.info(elr.toString()); - super.doFilter(request, response, chain); - } - } else { //Add legacy susbcriber to legacy Feed - String message = "DRProvCadiFilter - add legacy subscriber to legacy Feed:" + feedId; - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } - } else { //add AAF feed - if (excludeAAF == null) { - String message = "DRProvCadiFilter -Invalid request Header Parmeter " - + BaseServlet.EXCLUDE_AAF_HEADER - + " = " + httpRequest.getHeader(BaseServlet.EXCLUDE_AAF_HEADER); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.error(elr.toString()); - httpResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, message); - return; - } - if (excludeAAF.equalsIgnoreCase("true")) { //add legacy feed - String message = "DRProvCadiFilter - Create new legacy Feed : EXCLUDE_AAF = " + excludeAAF; - elr.setMessage(message); - eventlogger.info(elr.toString()); - chain.doFilter(request, response); - } else { //add AAF Feed - String message = "DRProvCadiFilter - Create new AAF Feed : EXCLUDE_AAF = " + excludeAAF; - elr.setMessage(message); - eventlogger.info(elr.toString()); - super.doFilter(request, response, chain); - } - } - } - } else { - //All other requests default to (Non CADI) legacy - chain.doFilter(request, response); - } - } - - /** - * Check if it is AAF feed OR existing feed. - * - * @param feedId the Feed ID - * @return true if it is valid - */ - @SuppressWarnings("resource") - private boolean isAAFFeed(int feedId) { - try { - Feed feed = Feed.getFeedById(feedId); - if (feed != null) { - if (!(("legacy".equalsIgnoreCase(feed.getAafInstance())) || feed.getAafInstance() == null - || feed.getAafInstance().equals(""))) { //also apply null check and empty check too - aafInstance = feed.getAafInstance(); - String message = "DRProvCadiFilter.isAAFFeed: aafInstance-:" + aafInstance + "; feedId:- " + feedId; - intlogger.debug(message); - return true; - } else { - return false; - } - } else { - String message = "DRProvCadiFilter.isAAFFeed; Feed does not exist FeedID:-" + feedId; - intlogger.debug(message); - } - - } catch (Exception e) { - intlogger.error("PROV0073 DRProvCadiFilter.isAAFFeed: " + e.getMessage(), e); - return false; - } - return false; - } - - /** - * Check if it is AAF sub OR existing sub. - * - * @param subId the Sub ID - * @return true if it is valid - */ - @SuppressWarnings("resource") - private boolean isAAFSubscriber(int subId) { - try { - Subscription subscriber = Subscription.getSubscriptionById(subId); - if (subscriber != null) { - if (!(("legacy".equalsIgnoreCase(subscriber.getAafInstance())) - || subscriber.getAafInstance() == null - || "".equals(subscriber.getAafInstance()))) { //also apply null check and empty check too - aafInstance = subscriber.getAafInstance(); - String message = "DRProvCadiFilter.isAAFSubscriber: aafInstance-:" + aafInstance + "; subId:- " - + subId; - intlogger.debug(message); - return true; - } else { - return false; - } - } else { - String message = "DRProvCadiFilter.isAAFSubscriber; Subscriber does not exist subId:-" + subId; - intlogger.debug(message); - } - } catch (Exception e) { - intlogger.error("PROV0073 DRProvCadiFilter.isAAFSubscriber: " + e.getMessage(), e); - return false; - } - return false; - } - -} diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java index 2d92276e..c614c0ba 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/DRRouteCLI.java @@ -37,7 +37,7 @@ import java.security.KeyStore; import java.util.Arrays; import java.util.Properties; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/HttpServletUtils.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/HttpServletUtils.java index ebd09127..40574ee9 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/HttpServletUtils.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/HttpServletUtils.java @@ -24,8 +24,8 @@ package org.onap.dmaap.datarouter.provisioning.utils; import com.att.eelf.configuration.EELFLogger; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; public class HttpServletUtils { diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ProvDbUtils.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ProvDbUtils.java index b654bf3c..b1e7a558 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ProvDbUtils.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ProvDbUtils.java @@ -41,7 +41,7 @@ import org.onap.dmaap.datarouter.provisioning.ProvRunner; public class ProvDbUtils { - private static EELFLogger intLogger = EELFManager.getInstance().getLogger("InternalLog"); + private static final EELFLogger intLogger = EELFManager.getInstance().getLogger("InternalLog"); private static DataSource dataSource; private static ProvDbUtils provDbUtils; diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/SynchronizerTask.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/SynchronizerTask.java index 5eeb45a2..ef282618 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/SynchronizerTask.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/SynchronizerTask.java @@ -29,7 +29,6 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.TEXT_CT; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; import java.io.ByteArrayOutputStream; -import java.io.File; import java.io.FileInputStream; import java.io.InputStream; import java.net.InetAddress; @@ -50,11 +49,12 @@ import java.util.Set; import java.util.Timer; import java.util.TimerTask; import java.util.TreeSet; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; +import org.apache.http.conn.scheme.PlainSocketFactory; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.entity.ByteArrayEntity; @@ -137,43 +137,46 @@ public class SynchronizerTask extends TimerTask { nextsynctime = 0; logger.info("PROV5000: Sync task starting, server podState is UNKNOWN_POD"); - try { - // Set up keystore - String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; - String store = ProvRunner.getAafPropsUtils().getKeystorePathProperty(); - String pass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); - KeyStore keyStore = KeyStore.getInstance(type); - try (FileInputStream instream = new FileInputStream(new File(store))) { - keyStore.load(instream, pass.toCharArray()); - - } - // Set up truststore - store = ProvRunner.getAafPropsUtils().getTruststorePathProperty(); - pass = ProvRunner.getAafPropsUtils().getTruststorePassProperty(); - KeyStore trustStore = null; - if (store != null && store.length() > 0) { - trustStore = KeyStore.getInstance(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); - try (FileInputStream instream = new FileInputStream(new File(store))) { - trustStore.load(instream, pass.toCharArray()); + try (AbstractHttpClient hc = new DefaultHttpClient()) { + Scheme sch; + if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) { + // Set up keystore + String type = AafPropsUtils.KEYSTORE_TYPE_PROPERTY; + String store = ProvRunner.getAafPropsUtils().getKeystorePathProperty(); + String pass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); + KeyStore keyStore = KeyStore.getInstance(type); + try (FileInputStream instream = new FileInputStream(store)) { + keyStore.load(instream, pass.toCharArray()); } - } + // Set up truststore + store = ProvRunner.getAafPropsUtils().getTruststorePathProperty(); + pass = ProvRunner.getAafPropsUtils().getTruststorePassProperty(); + KeyStore trustStore = null; + if (store != null && store.length() > 0) { + trustStore = KeyStore.getInstance(AafPropsUtils.TRUESTSTORE_TYPE_PROPERTY); + try (FileInputStream instream = new FileInputStream(store)) { + trustStore.load(instream, pass.toCharArray()); - // We are connecting with the node name, but the certificate will have the CNAME - // So we need to accept a non-matching certificate name - String keystorepass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); - try (AbstractHttpClient hc = new DefaultHttpClient()) { + } + } + // We are connecting with the node name, but the certificate will have the CNAME + // So we need to accept a non-matching certificate name + String keystorepass = ProvRunner.getAafPropsUtils().getKeystorePassProperty(); SSLSocketFactory socketFactory = (trustStore == null) ? new SSLSocketFactory(keyStore, keystorepass) : new SSLSocketFactory(keyStore, keystorepass, trustStore); socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - Scheme sch = new Scheme("https", 443, socketFactory); - hc.getConnectionManager().getSchemeRegistry().register(sch); - httpclient = hc; + sch = new Scheme("https", 443, socketFactory); + } else { + PlainSocketFactory socketFactory = new PlainSocketFactory(); + sch = new Scheme("http", 80, socketFactory); } + hc.getConnectionManager().getSchemeRegistry().register(sch); + httpclient = hc; setSynchTimer(ProvRunner.getProvProperties().getProperty( - "org.onap.dmaap.datarouter.provserver.sync_interval", "5000")); + "org.onap.dmaap.datarouter.provserver.sync_interval", "5000")); } catch (Exception e) { logger.warn("PROV5005: Problem starting the synchronizer: " + e); } diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java index f0f10671..e117d368 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilter.java @@ -102,9 +102,9 @@ public class ThrottleFilter extends TimerTask implements Filter { private static int samplingPeriod = 0; // sampling period
private static int action = ACTION_DROP; // action to take (throttle or drop)
- private static EELFLogger logger = EELFManager.getInstance().getLogger("InternalLog");
+ private static final EELFLogger logger = EELFManager.getInstance().getLogger("InternalLog");
private static Map<String, Counter> map = new HashMap<>();
- private Map<String, List<Continuation>> suspendedRequests = new HashMap<>();
+ private final Map<String, List<Continuation>> suspendedRequests = new HashMap<>();
private static final Timer rolex = new Timer();
@Override
@@ -213,7 +213,7 @@ public class ThrottleFilter extends TimerTask implements Filter { String str = String.format("Throttling connection: %s %d bad connections in %d minutes",
getConnectionId(request), rate, samplingPeriod);
logger.info(str);
- Continuation continuation = ContinuationSupport.getContinuation(request);
+ Continuation continuation = ContinuationSupport.getContinuation((javax.servlet.ServletRequest) request);
continuation.suspend();
register(id, continuation);
continuation.undispatch();
@@ -232,11 +232,7 @@ public class ThrottleFilter extends TimerTask implements Filter { private void register(String id, Continuation continuation) {
synchronized (suspendedRequests) {
- List<Continuation> list = suspendedRequests.get(id);
- if (list == null) {
- list = new ArrayList<>();
- suspendedRequests.put(id, list);
- }
+ List<Continuation> list = suspendedRequests.computeIfAbsent(id, k -> new ArrayList<>());
list.add(continuation);
}
}
@@ -277,8 +273,8 @@ public class ThrottleFilter extends TimerTask implements Filter { }
}
- public class Counter {
- private List<Long> times = new ArrayList<>(); // a record of request times
+ public static class Counter {
+ private final List<Long> times = new ArrayList<>(); // a record of request times
/**
* Method to prune request rate.
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java index 988b576f..89403488 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/utils/URLUtilities.java @@ -153,20 +153,17 @@ public class URLUtilities { }
public static String getUrlSecurityOption() {
- if (Boolean.parseBoolean(ProvRunner.getProvProperties()
- .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true"))) {
+ if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
return "https://";
}
return "http://";
}
private static String getAppropriateUrlPort() {
- if (Boolean.parseBoolean(ProvRunner.getProvProperties()
- .getProperty("org.onap.dmaap.datarouter.provserver.tlsenabled", "true")))
- return "";
-
+ if (Boolean.TRUE.equals(ProvRunner.getTlsEnabled())) {
+ return "";
+ }
return ":" + ProvRunner.getProvProperties()
.getProperty("org.onap.dmaap.datarouter.provserver.http.port", "8080");
-
}
}
diff --git a/datarouter-prov/src/main/resources/docker/Dockerfile b/datarouter-prov/src/main/resources/docker/Dockerfile index 7bc92c83..38ea3b9e 100644 --- a/datarouter-prov/src/main/resources/docker/Dockerfile +++ b/datarouter-prov/src/main/resources/docker/Dockerfile @@ -19,7 +19,7 @@ # limitations under the License. # ============LICENSE_END==================================================== # -FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 +FROM nexus3.onap.org:10001/onap/integration-java11:10.0.0 COPY /opt /opt diff --git a/datarouter-prov/src/main/resources/provserver.properties b/datarouter-prov/src/main/resources/provserver.properties index 642088ff..66d4e6c4 100755 --- a/datarouter-prov/src/main/resources/provserver.properties +++ b/datarouter-prov/src/main/resources/provserver.properties @@ -26,17 +26,20 @@ org.onap.dmaap.datarouter.provserver.http.port = 8080 org.onap.dmaap.datarouter.provserver.https.port = 8443 org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props - org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc org.onap.dmaap.datarouter.provserver.logretention = 30 -#DMAAP-597 (Tech Dept) REST request source IP auth -# relaxation to accommodate OOM kubernetes deploy +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.tlsenabled = false +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080 + #Localhost address config org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 @@ -46,18 +49,3 @@ org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/d org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter -# PROV - DEFAULT ENABLED TLS PROTOCOLS -org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 - -# AAF config -org.onap.dmaap.datarouter.provserver.cadi.enabled = false - -org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed -org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub -org.onap.dmaap.datarouter.provserver.aaf.instance = legacy -org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe - -org.onap.dmaap.datarouter.provserver.tlsenabled = true -org.onap.dmaap.datarouter.nodeserver.https.port = 8443 -org.onap.dmaap.datarouter.nodeserver.http.port = 8080
\ No newline at end of file diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsDelete.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsDelete.java index 47a3071f..7ebdf223 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsDelete.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsDelete.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsGet.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsGet.java index 70be1f22..2cc5feba 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsGet.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsGet.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPost.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPost.java index dfe7f787..9f604fe9 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPost.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPost.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.Header; import org.apache.http.HttpEntity; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPut.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPut.java index 4220ef17..15e7c70a 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPut.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestDrFeedsPut.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedDelete.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedDelete.java index f451f5a3..25e6e43a 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedDelete.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedDelete.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedPut.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedPut.java index 7a02931e..d77bc98d 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedPut.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestFeedPut.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.Header; import org.apache.http.HttpEntity; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestInternalMisc.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestInternalMisc.java index bc724079..9c30cd3f 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestInternalMisc.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestInternalMisc.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestLogGet.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestLogGet.java index ba28da11..0da0f41d 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestLogGet.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestLogGet.java @@ -28,7 +28,7 @@ import static org.junit.Assert.fail; import java.io.IOException; import java.text.SimpleDateFormat; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestPublish.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestPublish.java index 833380a6..5c84a670 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestPublish.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestPublish.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.Header; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestSubscribePost.java b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestSubscribePost.java index 1f21c1f6..dfcdeff4 100644 --- a/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestSubscribePost.java +++ b/datarouter-prov/src/test/java/datarouter/provisioning/IntegrationTestSubscribePost.java @@ -27,7 +27,7 @@ import static org.junit.Assert.fail; import java.io.IOException; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java index d335ffa1..9d0d3c80 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/authz/impl/ProvAuthTest.java @@ -25,7 +25,7 @@ import static org.mockito.Mockito.when; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import org.junit.AfterClass; import org.junit.Assert; import org.junit.Before; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java index 149943ea..84244dc3 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java @@ -38,7 +38,7 @@ import java.util.HashSet; import java.util.Set; import java.util.UUID; import javax.crypto.SecretKeyFactory; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import org.apache.commons.lang3.reflect.FieldUtils; import org.json.JSONObject; import org.junit.Assert; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java index af1d7145..9993334e 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServletTest.java @@ -32,14 +32,14 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletOutputStream; import java.util.HashSet; import java.util.Set; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONArray; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java index 00bc2aa2..066b51fc 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/FeedServletTest.java @@ -32,6 +32,8 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.ServletOutputStream; import java.sql.Connection; import java.sql.SQLException; import java.util.HashSet; @@ -39,10 +41,8 @@ import java.util.Set; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONArray; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/GroupServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/GroupServletTest.java index d84e66d4..5b9be757 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/GroupServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/GroupServletTest.java @@ -29,15 +29,15 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.ServletOutputStream; import java.util.HashSet; import java.util.Set; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.json.JSONObject; import org.junit.AfterClass; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/InternalServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/InternalServletTest.java index 1601e63d..1016b06d 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/InternalServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/InternalServletTest.java @@ -31,15 +31,15 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.ServletOutputStream; import java.io.File; import java.net.InetAddress; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.junit.AfterClass; import org.junit.Assert; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/LogServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/LogServletTest.java index 1f6e3a59..931c00a2 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/LogServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/LogServletTest.java @@ -25,6 +25,7 @@ package org.onap.dmaap.datarouter.provisioning; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletOutputStream; import org.junit.Before; import org.junit.BeforeClass; import org.junit.AfterClass; @@ -34,9 +35,8 @@ import org.mockito.Mock; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.modules.junit4.PowerMockRunner; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProvServerTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProvServerTest.java index 78d2eaa7..a915fa84 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProvServerTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProvServerTest.java @@ -46,7 +46,7 @@ public class ProvServerTest { public static void init() { System.setProperty( "org.onap.dmaap.datarouter.provserver.properties", - "src/test/resources/h2Database.properties"); + "src/test/resources/h2DatabaseTlsDisabled.properties"); } @Test diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProxyServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProxyServletTest.java index 8a676878..3c8d84e6 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProxyServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/ProxyServletTest.java @@ -24,6 +24,7 @@ import static org.mockito.Matchers.any; import static org.mockito.Mockito.mock; import static org.powermock.api.mockito.PowerMockito.when; +import jakarta.servlet.ServletConfig; import java.io.ByteArrayInputStream; import java.io.IOException; import java.util.ArrayList; @@ -33,9 +34,8 @@ import java.util.List; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletConfig; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.apache.http.Header; import org.apache.http.HttpEntity; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/PublishServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/PublishServletTest.java index 49e93bf1..f0d18b30 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/PublishServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/PublishServletTest.java @@ -37,8 +37,8 @@ import org.powermock.modules.junit4.PowerMockRunner; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.FileNotFoundException; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/RouteServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/RouteServletTest.java index 0c5f63fc..dea98e0a 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/RouteServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/RouteServletTest.java @@ -29,12 +29,12 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import jakarta.servlet.ServletOutputStream; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/StatisticsServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/StatisticsServletTest.java index b6686b0e..9512ff19 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/StatisticsServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/StatisticsServletTest.java @@ -28,12 +28,12 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import jakarta.servlet.ServletOutputStream; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java index 48a39925..bf2371f8 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscribeServletTest.java @@ -32,14 +32,14 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletOutputStream; import java.util.HashSet; import java.util.Set; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONObject; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java index 1f4fd535..d5badd34 100755 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java @@ -32,6 +32,8 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER; import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.ServletOutputStream; import java.sql.Connection; import java.sql.SQLException; import java.util.HashSet; @@ -39,10 +41,8 @@ import java.util.Set; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; -import javax.servlet.ServletInputStream; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.jetbrains.annotations.NotNull; import org.json.JSONObject; diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java deleted file mode 100644 index 25df548e..00000000 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/DRProvCadiFilterTest.java +++ /dev/null @@ -1,271 +0,0 @@ -/**-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2019 Nordix Foundation.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * SPDX-License-Identifier: Apache-2.0
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.dmaap.datarouter.provisioning.utils;
-
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.ArgumentMatchers.eq;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
-
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.Persistence;
-import javax.servlet.FilterChain;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.filter.CadiFilter;
-import org.onap.dmaap.datarouter.provisioning.BaseServlet;
-import org.powermock.api.mockito.PowerMockito;
-import org.powermock.api.support.membermodification.MemberMatcher;
-import org.powermock.core.classloader.annotations.PowerMockIgnore;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.modules.junit4.PowerMockRunner;
-
-@RunWith(PowerMockRunner.class)
-@PrepareForTest({CadiFilter.class})
-@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*"})
-public class DRProvCadiFilterTest {
-
- @Mock
- private PropAccess access;
-
- @Mock
- private HttpServletRequest request;
-
- @Mock
- private HttpServletResponse response;
-
- @Mock
- private FilterChain chain;
-
- private DRProvCadiFilter cadiFilter;
-
-
- private static EntityManagerFactory emf;
- private static EntityManager em;
-
-
- @BeforeClass
- public static void init() {
- emf = Persistence.createEntityManagerFactory("dr-unit-tests");
- em = emf.createEntityManager();
- System.setProperty(
- "org.onap.dmaap.datarouter.provserver.properties",
- "src/test/resources/h2Database.properties");
- }
-
- @Before
- public void setUp() throws Exception {
- cadiFilter = new DRProvCadiFilter(false, access);
- }
-
- @Test
- public void Given_doFilter_Called_And_Path_Contains_subs_And_SubId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned() throws Exception{
- setRequestMocking("PUT", "subs");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
- }
-
- @Test
- public void Given_doFilter_called_And_Path_Contains_subs_And_Is_AAF_Subscriber_then_call_Super_doFilter() throws Exception{
- setRequestMocking("PUT", "subs");
- when(request.getPathInfo()).thenReturn("/2");
- PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class));
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(0)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_called_And_Path_Contains_subs_And_Is_Not_AAF_Subscriber_then_call_chain_doFilter() throws Exception{
- setRequestMocking("PUT", "subs");
- when(request.getPathInfo()).thenReturn("/5");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_called_And_FeedId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned () throws Exception{
- setRequestMocking("PUT", "feeds");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
- }
-
- @Test
- public void Given_doFilter_called_And_FeedId_Is_Correctly_Set_And_Is_AAF_Feed_Then_Call_Super_doFilter() throws Exception{
- setRequestMocking("PUT", "feeds");
- when(request.getPathInfo()).thenReturn("/2");
- PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class));
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(0)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_called_And_FeedId_Is_Correctly_Set_And_Is_Not_AAF_Feed_then_call_chain_doFilter() throws Exception{
- setRequestMocking("PUT", "feeds");
- when(request.getPathInfo()).thenReturn("/1");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-
- @Test
- public void Given_doFilter_called_With_Get_Then_call_chain_doFilter() throws Exception{
- setRequestMocking("GET", "feeds");
- when(request.getPathInfo()).thenReturn("/5");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
- }
-
-
- @Test
- public void Given_doFilter_called_With_POST_Then_call_chain_doFilter() throws Exception{
- setRequestMocking("POST", "subscribe");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_FeedId_Is_Incorrectly_Set_Then_Not_Found_Response_Returned() throws Exception{
- setRequestMocking("POST", "subscribe");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Exclude_AAF_Is_NULL_Then_Bad_Request_Response_Returned() throws Exception{
- setRequestMocking("POST", "subscribe");
- when(request.getPathInfo()).thenReturn("/2");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Exclude_AAF_Equals_True_Then_Call_Chain_doFilter() throws Exception{
- setRequestMocking("POST", "subscribe");
- when(request.getPathInfo()).thenReturn("/2");
- when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("true");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Exclude_AAF_Equals_False_Then_Call_Super_doFilter() throws Exception{
- setRequestMocking("POST", "subscribe");
- when(request.getPathInfo()).thenReturn("/2");
- when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false");
- PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class));
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(0)).doFilter(request, response);
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Is_Not_AAF_Exclude_AAF_Equals_Then_Call_Chain_doFilter() throws Exception{
- setRequestMocking("POST", "subscribe");
- when(request.getPathInfo()).thenReturn("/5");
- when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Is_NULL_Then_Bad_Request_Response_Returned() throws Exception{
- setRequestMocking("POST", "other");
- when(request.getPathInfo()).thenReturn("/5");
-
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_BAD_REQUEST), anyString());
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Equals_True_Then_Call_Chain_doFilter() throws Exception{
- setRequestMocking("POST", "other");
- when(request.getPathInfo()).thenReturn("/5");
- when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("true");
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(1)).doFilter(request, response);
-
- }
-
- @Test
- public void Given_doFilter_called_With_POST_And_Path_Not_Includes_subscribe_And_Exclude_AAF_Equals_False_Then_Call_Super_doFilter() throws Exception{
- setRequestMocking("POST", "other");
- when(request.getPathInfo()).thenReturn("/5");
- when(request.getHeader("X-EXCLUDE-AAF")).thenReturn("false");
- PowerMockito.suppress(MemberMatcher.methodsDeclaredIn(CadiFilter.class));
-
- cadiFilter.doFilter(request, response, chain);
- verify(chain, times(0)).doFilter(request, response);
-
- }
-
- @Test
- public void Given_doFilter_Called_And_Path_Contains_subs_And_getSubId_Throws_NumberFormatException_then_Not_Found_response_returned() throws Exception{
- setRequestMocking("PUT", "subs");
- when(request.getPathInfo()).thenReturn("5/");
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
-
- }
-
- @Test
- public void Given_doFilter_called_And_FeedId_Throws_Set_Then_Not_Found_Response_Returned () throws Exception{
- setRequestMocking("PUT", "feeds");
- when(request.getPathInfo()).thenReturn("//5");
- cadiFilter.doFilter(request, response, chain);
- verify(response).sendError(eq(HttpServletResponse.SC_NOT_FOUND), anyString());
- }
-
- private void setRequestMocking(String method, String servletPath)
- {
- when(request.getRemoteAddr()).thenReturn(null);
- when(request.getHeader(BEHALF_HEADER)).thenReturn(null);
- when(request.getAttribute(BaseServlet.CERT_ATTRIBUTE)).thenReturn(null);
- when(request.getMethod()).thenReturn(method);
- when(request.getServletPath()).thenReturn(servletPath);
- }
-
- }
diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilterTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilterTest.java index 94ef3b72..bb0077ab 100644 --- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilterTest.java +++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/utils/ThrottleFilterTest.java @@ -23,6 +23,25 @@ package org.onap.dmaap.datarouter.provisioning.utils; +import static org.hamcrest.core.Is.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.any; +import static org.mockito.Matchers.anyString; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletInputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.reflect.FieldUtils; import org.eclipse.jetty.continuation.Continuation; import org.eclipse.jetty.continuation.ContinuationSupport; @@ -31,33 +50,20 @@ import org.eclipse.jetty.server.HttpChannel; import org.eclipse.jetty.server.HttpConnection; import org.eclipse.jetty.server.Request; import org.junit.Test; - import org.junit.runner.RunWith; -import static org.junit.Assert.*; -import static org.hamcrest.core.Is.is; import org.mockito.Mock; - -import static org.mockito.Matchers.*; -import static org.mockito.Mockito.*; - import org.onap.dmaap.datarouter.provisioning.beans.Parameters; import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.SuppressStaticInitializationFor; import org.powermock.modules.junit4.PowerMockRunner; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletInputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.*; - @RunWith(PowerMockRunner.class) @SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Parameters", "org.eclipse.jetty.server.Request", "org.eclipse.jetty.continuation.ContinuationSupport", "org.eclipse.jetty.server.HttpConnection"}) +@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "javax.management.*"}) public class ThrottleFilterTest { @Mock @@ -132,7 +138,7 @@ public class ThrottleFilterTest { public void Given_Do_Filter_Run_and_enabled_and_action_is_true_and_rate_is_greater_than_0_and_getFeedId_returns_id_then_continuation_will_call_suspend_and_dispatch_once() throws Exception { mockParametersWithValues("0,5,thing"); PowerMockito.mockStatic(ContinuationSupport.class); - PowerMockito.when(continuationsupport.getContinuation(any())).thenReturn(continuation); + PowerMockito.when(ContinuationSupport.getContinuation(any())).thenReturn(continuation); ThrottleFilter.configure(); mockServletInputStream(); FieldUtils.writeDeclaredStaticField(ThrottleFilter.class, "action", 1, true); @@ -175,7 +181,7 @@ public class ThrottleFilterTest { FilterConfig filterconfig = mock(FilterConfig.class); mockParametersWithValues("0,5,thing"); PowerMockito.mockStatic(ContinuationSupport.class); - PowerMockito.when(continuationsupport.getContinuation(any())).thenReturn(continuation); + PowerMockito.when(ContinuationSupport.getContinuation(any())).thenReturn(continuation); throttleFilter.init(filterconfig); throttleFilter.destroy(); @@ -199,17 +205,17 @@ public class ThrottleFilterTest { private void mockContinuationSupport() { PowerMockito.mockStatic(ContinuationSupport.class); - PowerMockito.when(continuationsupport.getContinuation(any())).thenReturn(continuation); + PowerMockito.when(ContinuationSupport.getContinuation(any())).thenReturn(continuation); } private void mockHttpConnectionHttpChannelAndRequest(ServletInputStream serverinputstream) throws IOException { PowerMockito.mockStatic(ContinuationSupport.class); - PowerMockito.when(continuationsupport.getContinuation(any())).thenReturn(continuation); + PowerMockito.when(ContinuationSupport.getContinuation(any())).thenReturn(continuation); when(serverinputstream.read(any())).thenReturn(2).thenReturn(1).thenReturn(0); when(request.getInputStream()).thenReturn(serverinputstream); PowerMockito.mockStatic(HttpConnection.class); EndPoint endpoint = mock(EndPoint.class); - PowerMockito.when(httpconnection.getCurrentConnection()).thenReturn(httpconnection); + PowerMockito.when(HttpConnection.getCurrentConnection()).thenReturn(httpconnection); PowerMockito.when(httpconnection.getHttpChannel()).thenReturn(httpchannel); when(httpchannel.getRequest()).thenReturn(req); when(req.getHttpChannel()).thenReturn(httpchannel); diff --git a/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties index 05ab3a47..b7f5aa9d 100644 --- a/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties +++ b/datarouter-prov/src/test/resources/h2DatabaseTlsDisabled.properties @@ -25,8 +25,8 @@ org.onap.dmaap.datarouter.db.driver = org.h2.Driver org.onap.dmaap.datarouter.db.url = jdbc:h2:mem:test;DB_CLOSE_DELAY=-1 org.onap.dmaap.datarouter.provserver.isaddressauthenabled = true -org.onap.dmaap.datarouter.provserver.cadi.enabled = true -org.onap.dmaap.datarouter.provserver.https.relaxation = false +org.onap.dmaap.datarouter.provserver.cadi.enabled = false +org.onap.dmaap.datarouter.provserver.https.relaxation = true org.onap.dmaap.datarouter.provserver.accesslog.dir = unit-test-logs org.onap.dmaap.datarouter.provserver.spooldir = src/test/resources org.onap.dmaap.datarouter.provserver.dbscripts = src/test/resources diff --git a/datarouter-prov/src/test/resources/prov_data.json b/datarouter-prov/src/test/resources/prov_data.json index cf455c71..80ff6fab 100644 --- a/datarouter-prov/src/test/resources/prov_data.json +++ b/datarouter-prov/src/test/resources/prov_data.json @@ -25,10 +25,10 @@ "aaf_instance": "legacy", "publisher": "dradmin", "links": { - "subscribe": "https://dmaap-dr-prov/subscribe/1", - "log": "https://dmaap-dr-prov/feedlog/1", - "publish": "https://dmaap-dr-prov/publish/1", - "self": "https://dmaap-dr-prov/feed/1" + "subscribe": "http://dmaap-dr-prov/subscribe/1", + "log": "http://dmaap-dr-prov/feedlog/1", + "publish": "http://dmaap-dr-prov/publish/1", + "self": "http://dmaap-dr-prov/feed/1" }, "created_date": 1560871903000 } @@ -49,7 +49,7 @@ "use100": true, "password": "PASSWORD", "user": "LOGIN", - "url": "https://dcae-pm-mapper:8443/delivery" + "url": "http://dcae-pm-mapper:8080/delivery" }, "subscriber": "dradmin", "groupid": 0, @@ -62,9 +62,9 @@ "decompress": true, "aaf_instance": "legacy", "links": { - "feed": "https://dmaap-dr-prov/feed/1", - "log": "https://dmaap-dr-prov/sublog/1", - "self": "https://dmaap-dr-prov/subs/1" + "feed": "http://dmaap-dr-prov/feed/1", + "log": "http://dmaap-dr-prov/sublog/1", + "self": "http://dmaap-dr-prov/subs/1" }, "created_date": 1560872889000 } diff --git a/datarouter-subscriber/pom.xml b/datarouter-subscriber/pom.xml index 2d97b175..8ca5bf0e 100755 --- a/datarouter-subscriber/pom.xml +++ b/datarouter-subscriber/pom.xml @@ -148,16 +148,6 @@ <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> </dependency> - <dependency> - <groupId>com.att.eelf</groupId> - <artifactId>eelf-core</artifactId> - <exclusions> - <exclusion> - <artifactId>powermock-api-mockito</artifactId> - <groupId>org.powermock</groupId> - </exclusion> - </exclusions> - </dependency> </dependencies> <profiles> <profile> diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServlet.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServlet.java index 34a844c6..b820f3df 100644 --- a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServlet.java +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServlet.java @@ -23,8 +23,9 @@ package org.onap.dmaap.datarouter.subscriber; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; @@ -32,18 +33,18 @@ import java.io.InputStream; import java.io.OutputStream; import java.io.PrintWriter; import java.net.URLEncoder; +import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.apache.commons.codec.binary.Base64; - +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class SampleSubscriberServlet extends HttpServlet { - private static EELFLogger logger = EELFManager.getInstance().getLogger(SampleSubscriberServlet.class); + private final Logger logger = LoggerFactory.getLogger(SampleSubscriberServlet.class); + private static String outputDirectory; private static String basicAuth; @@ -67,7 +68,7 @@ public class SampleSubscriberServlet extends HttpServlet { try { Files.createDirectory(Paths.get(outputDirectory)); } catch (IOException e) { - logger.info("SubServlet: Failed to create delivery dir: " + e.getMessage(), e); + logger.error("SubServlet: Failed to create delivery dir: " + e.getMessage(), e); } basicAuth = "Basic " + Base64.encodeBase64String((login + ":" + password).getBytes()); } @@ -77,7 +78,7 @@ public class SampleSubscriberServlet extends HttpServlet { try { common(req, resp, false); } catch (IOException e) { - logger.info("SampleSubServlet: Failed to doPut: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + logger.error("SampleSubServlet: Failed to doPut: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); } } @@ -86,7 +87,7 @@ public class SampleSubscriberServlet extends HttpServlet { try { common(req, resp, true); } catch (IOException e) { - logger.info("SampleSubServlet: Failed to doDelete: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + logger.error("SampleSubServlet: Failed to doDelete: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); } } @@ -115,7 +116,7 @@ public class SampleSubscriberServlet extends HttpServlet { return; } if (!basicAuth.equals(authHeader)) { - logger.info("SampleSubServlet: Rejecting request with incorrect Authorization header from " + logger.error("SampleSubServlet: Rejecting request with incorrect Authorization header from " + req.getRemoteAddr() + ": " + req.getPathInfo()); resp.sendError(HttpServletResponse.SC_FORBIDDEN); return; @@ -127,7 +128,7 @@ public class SampleSubscriberServlet extends HttpServlet { fileid = fileid + "?" + queryString; } String publishid = req.getHeader("X-DMAAP-DR-PUBLISH-ID"); - String filename = URLEncoder.encode(fileid, "UTF-8").replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A"); + String filename = URLEncoder.encode(fileid, StandardCharsets.UTF_8).replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A"); String fullPath = outputDirectory + "/" + filename; String tmpPath = outputDirectory + "/." + filename; String fullMetaDataPath = outputDirectory + "/" + filename + ".M"; @@ -164,7 +165,7 @@ public class SampleSubscriberServlet extends HttpServlet { } catch (IOException ioe) { Files.deleteIfExists(Paths.get(tmpPath)); Files.deleteIfExists(Paths.get(tmpMetaDataPath)); - logger.info("SampleSubServlet: Failed to process file " + fullPath + " from " + req.getRemoteAddr() + ": " + logger.error("SampleSubServlet: Failed to process file " + fullPath + " from " + req.getRemoteAddr() + ": " + req.getPathInfo()); throw ioe; } diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberMain.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberMain.java index 9184dce4..0e8d92fc 100644 --- a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberMain.java +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberMain.java @@ -23,8 +23,6 @@ package org.onap.dmaap.datarouter.subscriber; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; import java.util.Arrays; import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.server.Connector; @@ -37,11 +35,13 @@ import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class SubscriberMain { - private static EELFLogger logger = EELFManager.getInstance().getLogger(SubscriberMain.class); + private static final Logger logger = LoggerFactory.getLogger(SubscriberMain.class); /** * Main class for Subscriber. @@ -66,7 +66,7 @@ public class SubscriberMain { httpServerConnector.setIdleTimeout(30000); // SSL Context Factory - SslContextFactory sslContextFactory = new SslContextFactory.Server(); + SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); // SSL HTTP Configuration HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); @@ -81,7 +81,7 @@ public class SubscriberMain { /*Skip SSLv3 Fixes*/ sslContextFactory.addExcludeProtocols("SSLv3"); - logger.info("Excluded protocols for SubscriberMain:" + logger.debug("Excluded protocols for SubscriberMain:" + Arrays.toString(sslContextFactory.getExcludeProtocols())); /*End of SSLv3 Fixes*/ @@ -102,10 +102,10 @@ public class SubscriberMain { try { server.start(); } catch ( Exception e ) { - logger.info("Jetty failed to start. Reporting will be unavailable-" + e); + logger.error("Jetty failed to start. Reporting will be unavailable-" + e); } server.join(); - logger.info("org.onap.dmaap.datarouter.subscriber.SubscriberMain started-" + server.getState()); + logger.debug("org.onap.dmaap.datarouter.subscriber.SubscriberMain started-" + server.getState()); } }
\ No newline at end of file diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java index 49cad503..c060a9b0 100644 --- a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberProps.java @@ -23,17 +23,18 @@ package org.onap.dmaap.datarouter.subscriber; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; import java.io.IOException; import java.util.Properties; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class SubscriberProps { + private static final Logger logger = LoggerFactory.getLogger(SubscriberProps.class); + private static SubscriberProps instance = null; - private static EELFLogger logger = EELFManager.getInstance().getLogger(SubscriberProps.class); - private Properties properties; + private final Properties properties; private SubscriberProps(String propsPath) throws IOException { properties = new Properties(); diff --git a/datarouter-subscriber/src/main/resources/docker/Dockerfile b/datarouter-subscriber/src/main/resources/docker/Dockerfile index 7bc92c83..f3ad036e 100644 --- a/datarouter-subscriber/src/main/resources/docker/Dockerfile +++ b/datarouter-subscriber/src/main/resources/docker/Dockerfile @@ -19,7 +19,7 @@ # limitations under the License. # ============LICENSE_END==================================================== # -FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 +FROM nexus3.onap.org:10001/onap/integration-java11:10.0.0 COPY /opt /opt @@ -29,8 +29,6 @@ ARG group=onap USER root RUN apk add --no-cache curl -EXPOSE 8080 8443 - WORKDIR /opt RUN chmod 0700 startup.sh diff --git a/datarouter-subscriber/src/test/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServletTest.java b/datarouter-subscriber/src/test/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServletTest.java index 006dee76..bab9d011 100755 --- a/datarouter-subscriber/src/test/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServletTest.java +++ b/datarouter-subscriber/src/test/java/org/onap/dmaap/datarouter/subscriber/SampleSubscriberServletTest.java @@ -22,6 +22,7 @@ ******************************************************************************/ package org.onap.dmaap.datarouter.subscriber; +import jakarta.servlet.ServletInputStream; import org.apache.commons.io.FileUtils; import org.junit.After; import org.junit.Before; @@ -31,9 +32,8 @@ import org.mockito.Mock; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.modules.junit4.PowerMockRunner; -import javax.servlet.ServletInputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.File; import java.io.IOException; diff --git a/datarouter-subscriber/src/test/resources/logback-test.xml b/datarouter-subscriber/src/test/resources/logback-test.xml index 76390505..515732b4 100644 --- a/datarouter-subscriber/src/test/resources/logback-test.xml +++ b/datarouter-subscriber/src/test/resources/logback-test.xml @@ -21,92 +21,30 @@ * --> <configuration scan="true" scanPeriod="3 seconds" debug="false"> - <property name="logDir" value="logs/EELF" /> + <property name="logDir" value="logs" /> <property name="generalLogName" value="application" /> - <property name="errorLogName" value="errors" /> - <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> <property name="logDirectory" value="${logDir}" /> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${defaultPattern}</pattern> - </encoder> - </appender> - - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - - <!-- The EELFAppender is used to record events to the general application - log --> - - <appender name="EELF" - class="ch.qos.logback.core.rolling.RollingFileAppender"> + <appender name="file" class="ch.qos.logback.core.FileAppender"> <file>${logDirectory}/${generalLogName}.log</file> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> + <append>true</append> + <immediateFlush>true</immediateFlush> <encoder> <pattern>${defaultPattern}</pattern> </encoder> </appender> - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELF" /> - </appender> - - <appender name="EELFError" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${errorLogName}.log</file> - <filter class="ch.qos.logback.classic.filter.LevelFilter"> - <level>ERROR</level> - <onMatch>ACCEPT</onMatch> - <onMismatch>DENY</onMismatch> - </filter> - <rollingPolicy - class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> - <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip - </fileNamePattern> - <minIndex>1</minIndex> - <maxIndex>9</maxIndex> - </rollingPolicy> - <triggeringPolicy - class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> - <maxFileSize>5MB</maxFileSize> - </triggeringPolicy> + <appender name="console" class="ch.qos.logback.core.ConsoleAppender"> <encoder> <pattern>${defaultPattern}</pattern> </encoder> </appender> - <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFError"/> - </appender> - - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> - </logger> - - <logger name="com.att.eelf.error" level="error" additivity="false"> - <appender-ref ref="asyncEELFError" /> - </logger> + <logger name="org.eclipse.jetty" level="INFO"/> <root level="DEBUG"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFError" /> + <appender-ref ref="file" /> + <appender-ref ref="console" /> </root> - </configuration> diff --git a/docs/configuration.rst b/docs/configuration.rst index b55d0730..3cecc0df 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -17,13 +17,6 @@ For DR Provisioning server config, edit the following props in the provserver.pr org.onap.dmaap.datarouter.provserver.tlsenabled = false -and ensure aaf cadi is disabled also - -.. code-block:: bash - - org.onap.dmaap.datarouter.provserver.cadi.enabled = false - - For DR Node server config, edit the following props in the node.properties file to target http. .. code-block:: bash @@ -35,8 +28,5 @@ For DR Node server config, edit the following props in the node.properties file LogUploadURL = http://dmaap-dr-prov:8080/internal/logs ... # - # AAF CADI enabled flag - CadiEnabled = false - # # Enable to run over http or https (default true|https) TlsEnabled = false @@ -32,7 +32,7 @@ <parent> <groupId>org.onap.oparent</groupId> <artifactId>oparent</artifactId> - <version>3.0.0</version> + <version>3.3.2</version> </parent> <properties> <!--revision must also be set in the version.properties file at project root--> @@ -59,7 +59,7 @@ <maven.build.timestamp.format>yyyyMMdd'T'HHmmss'Z'</maven.build.timestamp.format> <!--dependency version across all modules--> - <jetty.version>9.4.41.v20210516</jetty.version> + <jetty.version>11.0.12</jetty.version> <javax.mail-api.version>1.5.5</javax.mail-api.version> <javax.servlet-api.version>4.0.1</javax.servlet-api.version> <qos.logback.version>1.2.7</qos.logback.version> @@ -154,7 +154,7 @@ <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-continuation</artifactId> - <version>${jetty.version}</version> + <version>9.4.49.v20220914</version> </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> @@ -169,7 +169,7 @@ <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-http</artifactId> - <version>9.4.43.v20210629</version> + <version>${jetty.version}</version> </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> |