summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorefiacor <fiachra.corcoran@est.tech>2021-07-15 14:13:18 +0100
committerefiacor <fiachra.corcoran@est.tech>2021-07-15 14:13:22 +0100
commitc747114b805c85f4a111f35f289b2e58acf92ef9 (patch)
treec971fc061b5ec87bbba022dc86392cacfc4edbdd /src
parent5ad0b4d710f20bd7bed96486aa878645d5f8e806 (diff)
[DMAAP-MR] Fix vulnerabilities for rel I
Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Ie900556f2542c154cbef8c5a11db86bcc46402f7 Issue-ID: DMAAP-1608
Diffstat (limited to 'src')
-rw-r--r--src/main/ajsc/dmaap_v1/dmaap/v1/conf/jaxrsBeans.groovy2
-rw-r--r--src/main/java/org/onap/dmaap/service/MMRestService.java37
-rw-r--r--src/main/resources/docker-compose/docker-compose.yml2
-rw-r--r--src/main/resources/docker-compose/kafka/zk_client_jaas.conf6
-rw-r--r--src/main/resources/docker-compose/zk/zk_server_jaas.conf2
-rw-r--r--src/test/java/org/onap/dmaap/JUnitTestSuite.java6
-rw-r--r--src/test/java/org/onap/dmaap/TestRunner.java6
-rw-r--r--src/test/java/org/onap/dmaap/mmagent/TestRunner.java5
-rw-r--r--src/test/java/org/onap/dmaap/mr/cambria/embed/ZooKeeperLocal.java3
-rw-r--r--src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaJsonStreamReaderTest.java3
-rw-r--r--src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaRawStreamReaderTest.java3
-rw-r--r--src/test/java/org/onap/dmaap/util/JUnitTestSuite.java5
12 files changed, 28 insertions, 52 deletions
diff --git a/src/main/ajsc/dmaap_v1/dmaap/v1/conf/jaxrsBeans.groovy b/src/main/ajsc/dmaap_v1/dmaap/v1/conf/jaxrsBeans.groovy
index b019fbc..326b448 100644
--- a/src/main/ajsc/dmaap_v1/dmaap/v1/conf/jaxrsBeans.groovy
+++ b/src/main/ajsc/dmaap_v1/dmaap/v1/conf/jaxrsBeans.groovy
@@ -7,7 +7,7 @@
userService(org.onap.dmaap.JaxrsUserService)
topicService(org.onap.dmaap.service.TopicRestService)
eventService(org.onap.dmaap.service.EventsRestService)
- adminServiceorg.onap.dmaap.service.AdminRestService)
+ adminServiceorg.(org.onap.dmaap.service.AdminRestService)
apiKeyService(org.onap.dmaap.service.ApiKeysRestService)
metricsService(org.onap.dmaap.service.MetricsRestService)
transactionService(org.onap.dmaap.service.TransactionRestService)
diff --git a/src/main/java/org/onap/dmaap/service/MMRestService.java b/src/main/java/org/onap/dmaap/service/MMRestService.java
index c5874ae..685dc8a 100644
--- a/src/main/java/org/onap/dmaap/service/MMRestService.java
+++ b/src/main/java/org/onap/dmaap/service/MMRestService.java
@@ -288,12 +288,7 @@ public class MMRestService {
InputStream inStream = null;
MirrorMaker mirrormaker = gson.fromJson(input, MirrorMaker.class);
- try {
- inStream = IOUtils.toInputStream(jsonOb.toString(), "UTF-8");
-
- } catch (IOException ioe) {
- throw ioe;
- }
+ inStream = IOUtils.toInputStream(jsonOb.toString(), "UTF-8");
JSONObject responseJson = callPubSub(jsonOb.getString("messageID"), ctx, inStream, mirrormaker.name,
true);
@@ -490,12 +485,8 @@ public class MMRestService {
InputStream inStream = null;
- try {
- inStream = IOUtils.toInputStream(jsonOb.toString(), "UTF-8");
+ inStream = IOUtils.toInputStream(jsonOb.toString(), "UTF-8");
- } catch (IOException ioe) {
- LOGGER.error("Error while converting string to an input stream:", ioe);
- }
JSONObject deleteMM = jsonOb.getJSONObject("deleteMirrorMaker");
JSONObject existMirrorMaker = validateMMExists(ctx, deleteMM.getString("name"));
@@ -760,12 +751,8 @@ public class MMRestService {
InputStream inStream = null;
// convert listAll Json object to InputStream object
- try {
- inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
+ inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
- } catch (IOException ioe) {
- LOGGER.error("Error while converting string to an input stream:", ioe);
- }
JSONObject listMirrorMaker = new JSONObject();
listMirrorMaker = callPubSub(randomStr, ctx, inStream, null, true);
@@ -922,12 +909,8 @@ public class MMRestService {
InputStream inStream = null;
// convert listAll Json object to InputStream object
- try {
- inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
+ inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
- } catch (IOException ioe) {
- LOGGER.error("Error while converting string to an input stream:", ioe);
- }
String msgFrmSubscribe = mirrorService.subscribe(ctx, topic, consumergroup, consumerid);
// call listAllMirrorMaker
mirrorService.pushEvents(ctx, topic, inStream, null, null);
@@ -1133,12 +1116,8 @@ public class MMRestService {
InputStream inStream = null;
// convert listAll Json object to InputStream object
- try {
- inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
+ inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
- } catch (IOException ioe) {
- LOGGER.error("Error while converting string to an input stream:", ioe);
- }
// call listAllMirrorMaker
mirrorService.pushEvents(ctx, topic, inStream, null, null);
@@ -1401,12 +1380,8 @@ public class MMRestService {
InputStream inStream = null;
// convert listAll Json object to InputStream object
- try {
- inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
+ inStream = IOUtils.toInputStream(listAll.toString(), "UTF-8");
- } catch (IOException ioe) {
- LOGGER.error("Error while converting string to an input stream:", ioe);
- }
JSONObject listMirrorMaker = new JSONObject();
listMirrorMaker = callPubSub(randomStr, ctx, inStream, name, false);
if (null != listMirrorMaker && listMirrorMaker.length() > 0) {
diff --git a/src/main/resources/docker-compose/docker-compose.yml b/src/main/resources/docker-compose/docker-compose.yml
index 6b41996..9cba0a2 100644
--- a/src/main/resources/docker-compose/docker-compose.yml
+++ b/src/main/resources/docker-compose/docker-compose.yml
@@ -13,7 +13,7 @@ services:
ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
ZOOKEEPER_CLIENT_PORT: 2181
- KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
+ KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl -Dzookeeper.4lw.commands.whitelist=*
ZOOKEEPER_SERVER_ID: 1
volumes:
- ./zk/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
diff --git a/src/main/resources/docker-compose/kafka/zk_client_jaas.conf b/src/main/resources/docker-compose/kafka/zk_client_jaas.conf
index d4ef1eb..79a7601 100644
--- a/src/main/resources/docker-compose/kafka/zk_client_jaas.conf
+++ b/src/main/resources/docker-compose/kafka/zk_client_jaas.conf
@@ -1,5 +1,5 @@
Client {
- org.apache.zookeeper.server.auth.DigestLoginModule required
- username="kafka"
- password="kafka_secret";
+ org.apache.zookeeper.server.auth.DigestLoginModule required
+ username="kafka"
+ password="kafka_secret";
}; \ No newline at end of file
diff --git a/src/main/resources/docker-compose/zk/zk_server_jaas.conf b/src/main/resources/docker-compose/zk/zk_server_jaas.conf
index 26bf460..3d2767f 100644
--- a/src/main/resources/docker-compose/zk/zk_server_jaas.conf
+++ b/src/main/resources/docker-compose/zk/zk_server_jaas.conf
@@ -1,4 +1,4 @@
Server {
org.apache.zookeeper.server.auth.DigestLoginModule required
- user_kafka=kafka_secret;
+ user_kafka="kafka_secret";
}; \ No newline at end of file
diff --git a/src/test/java/org/onap/dmaap/JUnitTestSuite.java b/src/test/java/org/onap/dmaap/JUnitTestSuite.java
index d20d0d6..b555b57 100644
--- a/src/test/java/org/onap/dmaap/JUnitTestSuite.java
+++ b/src/test/java/org/onap/dmaap/JUnitTestSuite.java
@@ -25,13 +25,15 @@ import junit.framework.TestSuite;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
import org.junit.runners.Suite.SuiteClasses;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
@RunWith(Suite.class)
@SuiteClasses({ DMaaPCambriaExceptionMapperTest.class, DMaaPWebExceptionMapper.class,
JaxrsEchoServiceTest.class, HelloWorldTest.class, JaxrsUserServiceTest.class })
public class JUnitTestSuite {
- private static final Logger LOGGER = Logger.getLogger(JUnitTestSuite.class);
+ private static final Logger LOGGER = LogManager.getLogger(JUnitTestSuite.class);
public static void main(String[] args) {
LOGGER.info("Running the test suite");
diff --git a/src/test/java/org/onap/dmaap/TestRunner.java b/src/test/java/org/onap/dmaap/TestRunner.java
index 4542566..a8d1ddc 100644
--- a/src/test/java/org/onap/dmaap/TestRunner.java
+++ b/src/test/java/org/onap/dmaap/TestRunner.java
@@ -23,10 +23,12 @@
import org.junit.runner.JUnitCore;
import org.junit.runner.Result;
import org.junit.runner.notification.Failure;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
public class TestRunner {
- private static final Logger LOGGER = Logger.getLogger(TestRunner.class);
+ private static final Logger LOGGER = LogManager.getLogger(TestRunner.class);
public static void main(String[] args) {
// TODO Auto-generated method stub
diff --git a/src/test/java/org/onap/dmaap/mmagent/TestRunner.java b/src/test/java/org/onap/dmaap/mmagent/TestRunner.java
index 3e4ece3..9bf4839 100644
--- a/src/test/java/org/onap/dmaap/mmagent/TestRunner.java
+++ b/src/test/java/org/onap/dmaap/mmagent/TestRunner.java
@@ -23,10 +23,11 @@
import org.junit.runner.JUnitCore;
import org.junit.runner.Result;
import org.junit.runner.notification.Failure;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
public class TestRunner {
- private static final Logger LOGGER = Logger.getLogger(TestRunner.class);
+ private static final Logger LOGGER = LogManager.getLogger(TestRunner.class);
public static void main(String[] args) {
// TODO Auto-generated method stub
diff --git a/src/test/java/org/onap/dmaap/mr/cambria/embed/ZooKeeperLocal.java b/src/test/java/org/onap/dmaap/mr/cambria/embed/ZooKeeperLocal.java
index 3209845..97447a8 100644
--- a/src/test/java/org/onap/dmaap/mr/cambria/embed/ZooKeeperLocal.java
+++ b/src/test/java/org/onap/dmaap/mr/cambria/embed/ZooKeeperLocal.java
@@ -22,6 +22,7 @@
import org.apache.zookeeper.server.ServerConfig;
import org.apache.zookeeper.server.ZooKeeperServerMain;
+import org.apache.zookeeper.server.admin.AdminServer.AdminServerException;
import org.apache.zookeeper.server.quorum.QuorumPeerConfig;
import java.io.FileNotFoundException;
@@ -49,7 +50,7 @@ public class ZooKeeperLocal {
public void run() {
try {
zooKeeperServer.runFromConfig(configuration);
- } catch (IOException e) {
+ } catch (IOException | AdminServerException e) {
System.out.println("ZooKeeper Failed");
e.printStackTrace(System.err);
}
diff --git a/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaJsonStreamReaderTest.java b/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaJsonStreamReaderTest.java
index ddfc435..1be8920 100644
--- a/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaJsonStreamReaderTest.java
+++ b/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaJsonStreamReaderTest.java
@@ -54,9 +54,6 @@ public class CambriaJsonStreamReaderTest {
stream = IOUtils.toInputStream(source, "UTF-8");
test = new CambriaJsonStreamReader(stream,"hello");
test.next();
- } catch (IOException e1) {
- // TODO Auto-generated catch block
- e1.printStackTrace();
} catch (CambriaApiException e1) {
e1.printStackTrace();
}
diff --git a/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaRawStreamReaderTest.java b/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaRawStreamReaderTest.java
index ab58082..887e7c9 100644
--- a/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaRawStreamReaderTest.java
+++ b/src/test/java/org/onap/dmaap/mr/cambria/resources/streamReaders/CambriaRawStreamReaderTest.java
@@ -55,9 +55,6 @@ public class CambriaRawStreamReaderTest {
stream = IOUtils.toInputStream(source, "UTF-8");
test = new CambriaRawStreamReader(stream,"hello");
msg = test.next();
- } catch (IOException e1) {
- // TODO Auto-generated catch block
- e1.printStackTrace();
} catch (CambriaApiException e1) {
e1.printStackTrace();
}
diff --git a/src/test/java/org/onap/dmaap/util/JUnitTestSuite.java b/src/test/java/org/onap/dmaap/util/JUnitTestSuite.java
index 9de79ab..7a05d9d 100644
--- a/src/test/java/org/onap/dmaap/util/JUnitTestSuite.java
+++ b/src/test/java/org/onap/dmaap/util/JUnitTestSuite.java
@@ -25,12 +25,13 @@ import junit.framework.TestSuite;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
import org.junit.runners.Suite.SuiteClasses;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
@RunWith(Suite.class)
@SuiteClasses({ ContentLengthInterceptorTest.class, DMaaPAuthFilterTest.class, ServicePropertiesMapBeanTest.class})
public class JUnitTestSuite {
- private static final Logger LOGGER = Logger.getLogger(JUnitTestSuite.class);
+ private static final Logger LOGGER = LogManager.getLogger(JUnitTestSuite.class);
public static void main(String[] args) {
LOGGER.info("Running the test suite");