summaryrefslogtreecommitdiffstats
path: root/policy-endpoints/src/main
diff options
context:
space:
mode:
authorJorge Hernandez <jh1730@att.com>2018-08-01 16:18:25 -0500
committerJorge Hernandez <jh1730@att.com>2018-08-03 14:14:05 -0500
commit030aee91fd3aec55a8940770181825f9f04a43aa (patch)
tree122cb45734ef2a4b219ebc83a111d9101087facd /policy-endpoints/src/main
parent6d662cb19aa858b743ab7e01d02a2a173abebcad (diff)
generic jetty https server support
jetty https support in constructor, or by using ".https" when creating an http server service. Change-Id: I94e8e3e4b93eb6b194657028c740b6781316c7da Issue-ID: POLICY-940 Signed-off-by: Jorge Hernandez <jh1730@att.com>
Diffstat (limited to 'policy-endpoints/src/main')
-rw-r--r--policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java50
-rw-r--r--policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyJerseyServer.java11
-rw-r--r--policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java59
3 files changed, 101 insertions, 19 deletions
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
index f09893b2..c7d2b1bf 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
@@ -37,9 +37,10 @@ import org.slf4j.LoggerFactory;
public interface HttpServletServerFactory {
/**
- * builds an http server with support for servlets
+ * builds an http or https server with support for servlets
*
* @param name name
+ * @param https use secured http over tls connection
* @param host binding host
* @param port port
* @param contextPath server base path
@@ -48,17 +49,32 @@ public interface HttpServletServerFactory {
* @return http server
* @throws IllegalArgumentException when invalid parameters are provided
*/
- public HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ HttpServletServer build(String name, boolean https, String host, int port, String contextPath, boolean swagger,
boolean managed);
/**
+ * builds an http server with support for servlets
+ *
+ * @param name name
+ * @param host binding host
+ * @param port port
+ * @param contextPath server base path
+ * @param swagger enable swagger documentation
+ * @param managed is it managed by infrastructure
+ * @return http server
+ * @throws IllegalArgumentException when invalid parameters are provided
+ */
+ HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ boolean managed);
+
+ /**
* list of http servers per properties
*
* @param properties properties based configuration
* @return list of http servers
* @throws IllegalArgumentException when invalid parameters are provided
*/
- public List<HttpServletServer> build(Properties properties);
+ List<HttpServletServer> build(Properties properties);
/**
* gets a server based on the port
@@ -66,26 +82,26 @@ public interface HttpServletServerFactory {
* @param port port
* @return http server
*/
- public HttpServletServer get(int port);
+ HttpServletServer get(int port);
/**
* provides an inventory of servers
*
* @return inventory of servers
*/
- public List<HttpServletServer> inventory();
+ List<HttpServletServer> inventory();
/**
* destroys server bound to a port
*
* @param port
*/
- public void destroy(int port);
+ void destroy(int port);
/**
* destroys the factory and therefore all servers
*/
- public void destroy();
+ void destroy();
}
@@ -107,14 +123,14 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
protected HashMap<Integer, HttpServletServer> servers = new HashMap<>();
@Override
- public synchronized HttpServletServer build(String name, String host, int port, String contextPath, boolean swagger,
+ public synchronized HttpServletServer build(String name, boolean https, String host, int port, String contextPath, boolean swagger,
boolean managed) {
if (servers.containsKey(port)) {
return servers.get(port);
}
- JettyJerseyServer server = new JettyJerseyServer(name, host, port, contextPath, swagger);
+ JettyJerseyServer server = new JettyJerseyServer(name, https, host, port, contextPath, swagger);
if (managed) {
servers.put(port, server);
}
@@ -123,6 +139,13 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
}
@Override
+ public synchronized HttpServletServer build(String name, String host, int port, String contextPath,
+ boolean swagger, boolean managed) {
+ return build(name, false, host, port, contextPath, swagger, managed);
+ }
+
+
+ @Override
public synchronized List<HttpServletServer> build(Properties properties) {
ArrayList<HttpServletServer> serviceList = new ArrayList<>();
@@ -192,7 +215,14 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
swagger = Boolean.parseBoolean(swaggerString);
}
- HttpServletServer service = build(serviceName, hostName, servicePort, contextUriPath, swagger, managed);
+ String httpsString = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
+ + serviceName + PolicyEndPointProperties.PROPERTY_HTTP_HTTPS_SUFFIX);
+ boolean https = false;
+ if (httpsString != null && !httpsString.isEmpty()) {
+ https = Boolean.parseBoolean(httpsString);
+ }
+
+ HttpServletServer service = build(serviceName, https, hostName, servicePort, contextUriPath, swagger, managed);
if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) {
service.setBasicAuthentication(userName, password, authUriPath);
}
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyJerseyServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyJerseyServer.java
index cd286927..9932d094 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyJerseyServer.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyJerseyServer.java
@@ -104,6 +104,7 @@ public class JettyJerseyServer extends JettyServletServer {
* Constructor
*
* @param name name
+ * @param https enable https?
* @param host host server host
* @param port port server port
* @param swagger support swagger?
@@ -111,19 +112,19 @@ public class JettyJerseyServer extends JettyServletServer {
*
* @throws IllegalArgumentException in invalid arguments are provided
*/
- public JettyJerseyServer(String name, String host, int port, String contextPath, boolean swagger) {
+ public JettyJerseyServer(String name, boolean https, String host, int port, String contextPath, boolean swagger) {
- super(name, host, port, contextPath);
+ super(name, https, host, port, contextPath);
if (swagger) {
this.swaggerId = "swagger-" + this.port;
- attachSwaggerServlet();
+ attachSwaggerServlet(https);
}
}
/**
* attaches a swagger initialization servlet
*/
- protected void attachSwaggerServlet() {
+ protected void attachSwaggerServlet(boolean https) {
ServletHolder swaggerServlet = context.addServlet(JerseyJaxrsConfig.class, "/");
@@ -133,7 +134,7 @@ public class JettyJerseyServer extends JettyServletServer {
}
swaggerServlet.setInitParameter(SWAGGER_API_BASEPATH,
- "http://" + hostname + ":" + this.connector.getPort() + "/");
+ ((https) ? "https://" : "http://") + hostname + ":" + this.connector.getPort() + "/");
swaggerServlet.setInitParameter(SWAGGER_CONTEXT_ID, swaggerId);
swaggerServlet.setInitParameter(SWAGGER_SCANNER_ID, swaggerId);
swaggerServlet.setInitParameter(SWAGGER_PRETTY_PRINT, "true");
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
index 97166ec7..a4cc9b5f 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java
@@ -2,7 +2,7 @@
* ============LICENSE_START=======================================================
* ONAP
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,12 +26,16 @@ import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.Slf4jRequestLog;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Credential;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.onap.policy.common.endpoints.http.server.HttpServletServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -42,6 +46,14 @@ import org.slf4j.LoggerFactory;
public abstract class JettyServletServer implements HttpServletServer, Runnable {
/**
+ * Keystore/Truststore system property names
+ */
+ public static final String SYSTEM_KEYSTORE_PROPERTY_NAME = "javax.net.ssl.keyStore";
+ public static final String SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME = "javax.net.ssl.keyStorePassword";
+ public static final String SYSTEM_TRUSTSTORE_PROPERTY_NAME = "javax.net.ssl.trustStore";
+ public static final String SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME = "javax.net.ssl.trustStorePassword";
+
+ /**
* Logger
*/
private static Logger logger = LoggerFactory.getLogger(JettyServletServer.class);
@@ -111,7 +123,7 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable
*
* @throws IllegalArgumentException if invalid parameters are passed in
*/
- public JettyServletServer(String name, String host, int port, String contextPath) {
+ public JettyServletServer(String name, boolean https, String host, int port, String contextPath) {
String srvName = name;
String srvHost = host;
String ctxtPath = contextPath;
@@ -120,7 +132,7 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable
srvName = "http-" + port;
}
- if (port <= 0 && port >= 65535) {
+ if (port <= 0 || port >= 65535) {
throw new IllegalArgumentException("Invalid Port provided: " + port);
}
@@ -145,7 +157,11 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable
this.jettyServer = new Server();
this.jettyServer.setRequestLog(new Slf4jRequestLog());
- this.connector = new ServerConnector(this.jettyServer);
+ if (https)
+ this.connector = httpsConnector();
+ else
+ this.connector = httpConnector();
+
this.connector.setName(srvName);
this.connector.setReuseAddress(true);
this.connector.setPort(port);
@@ -155,6 +171,41 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable
this.jettyServer.setHandler(context);
}
+ public JettyServletServer(String name, String host, int port, String contextPath) {
+ this(name, false, host, port, contextPath);
+ }
+
+ public ServerConnector httpsConnector() {
+ SslContextFactory sslContextFactory = new SslContextFactory();
+
+ String keyStore = System.getProperty(SYSTEM_KEYSTORE_PROPERTY_NAME);
+ if (keyStore != null) {
+ sslContextFactory.setKeyStorePath(keyStore);
+
+ String ksPassword = System.getProperty(SYSTEM_KEYSTORE_PASSWORD_PROPERTY_NAME);
+ if (ksPassword != null)
+ sslContextFactory.setKeyStorePassword(ksPassword);
+ }
+
+ String trustStore = System.getProperty(SYSTEM_TRUSTSTORE_PROPERTY_NAME);
+ if (trustStore != null) {
+ sslContextFactory.setTrustStorePath(trustStore);
+
+ String tsPassword = System.getProperty(SYSTEM_TRUSTSTORE_PASSWORD_PROPERTY_NAME);
+ if (tsPassword != null)
+ sslContextFactory.setTrustStorePassword(tsPassword);
+ }
+
+ HttpConfiguration https = new HttpConfiguration();
+ https.addCustomizer(new SecureRequestCustomizer());
+
+ return new ServerConnector(jettyServer, sslContextFactory, new HttpConnectionFactory(https));
+ }
+
+ public ServerConnector httpConnector() {
+ return new ServerConnector(this.jettyServer);
+ }
+
@Override
public void setBasicAuthentication(String user, String password, String servletPath) {
String srvltPath = servletPath;