aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2023-05-05 11:57:56 +0100
committerVasyl Razinkov <vasyl.razinkov@est.tech>2023-05-08 13:11:02 +0000
commita2feaf9b65cbba66181fb560b5815a62427d65cc (patch)
treebe49cc57d447f7bb94e717e1ee970d4b095e1473
parentaf3fdfce91aeea1804c76a8571c102b78dde3794 (diff)
Support SIP TLS
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Icbadd04cfa87302491c59f2e4a39ef92aaafcaa3 Issue-ID: SDC-4483
-rw-r--r--catalog-be/pom.xml58
-rw-r--r--catalog-be/src/main/docker/backend/Dockerfile2
-rw-r--r--catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb4
-rw-r--r--catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb2
-rw-r--r--catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb8
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java151
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/listen/BEAppContextListener.java1
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java52
-rw-r--r--catalog-fe/sdc-frontend/Dockerfile2
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb4
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb2
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb8
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java29
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java2
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java33
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java26
-rw-r--r--catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/FeProxyServletTest.java483
-rw-r--r--common-app-api/pom.xml6
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/be/config/ConfigurationManager.java9
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpClientFactory.java34
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpResponse.java36
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/listener/AppContextListener.java2
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogRequestInterceptor.java63
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogResponseInterceptor.java51
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/common/util/StreamUtils.java132
-rw-r--r--common-app-api/src/main/java/org/openecomp/sdc/fe/config/ConfigurationManager.java5
-rw-r--r--common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpClientFactoryTest.java16
-rw-r--r--common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpResponseTest.java26
-rw-r--r--common-app-api/src/test/java/org/openecomp/sdc/common/util/StreamUtilsTests.java142
-rw-r--r--common/onap-common-configuration-management/onap-configuration-management-api/pom.xml5
-rw-r--r--common/onap-common-configuration-management/onap-configuration-management-api/src/main/java/org/onap/config/api/JettySSLUtils.java79
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml5
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/src/main/java/org/openecomp/sdcrests/vsp/rest/services/VnfPackageRepositoryImpl.java50
-rw-r--r--openecomp-be/backend/openecomp-sdc-security-util/pom.xml6
-rw-r--r--openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile2
-rw-r--r--openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb12
-rw-r--r--openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb16
-rw-r--r--openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb8
-rw-r--r--openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh4
-rw-r--r--openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml5
-rw-r--r--openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml198
-rw-r--r--pom.xml15
-rw-r--r--utils/webseal-simulator/sdc-simulator/Dockerfile2
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb6
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb8
-rw-r--r--utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java102
46 files changed, 733 insertions, 1179 deletions
diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 9f5348acd7..987b2e7c64 100644
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -1,6 +1,6 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>catalog-be</artifactId>
@@ -19,6 +19,7 @@
<maven-dependency-plugin.version>3.2.0</maven-dependency-plugin.version>
<replacer.plugin.version>1.5.3</replacer.plugin.version>
<ui.version>${project.version}</ui.version>
+ <io.github.hakky54.version>7.4.11</io.github.hakky54.version>
</properties>
<dependencies>
@@ -40,6 +41,12 @@
<version>${jsoup.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>${slf4j-api.version}</version>
+ </dependency>
+
<!--JSON and YAML Parsing-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
@@ -216,11 +223,11 @@
</exclusions>
</dependency>
- <dependency>
- <groupId>io.micrometer</groupId>
- <artifactId>micrometer-registry-prometheus</artifactId>
- <version>${micrometer.version}</version>
- </dependency>
+ <dependency>
+ <groupId>io.micrometer</groupId>
+ <artifactId>micrometer-registry-prometheus</artifactId>
+ <version>${micrometer.version}</version>
+ </dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
@@ -618,7 +625,6 @@
<scope>compile</scope>
</dependency>
-
<!-- CAMBRIA CLIENT for U-EB -->
<dependency>
<groupId>com.att.nsa</groupId>
@@ -821,31 +827,6 @@
</exclusions>
</dependency>
- <!-- CADI -->
- <dependency>
- <groupId>org.onap.aaf.authz</groupId>
- <artifactId>aaf-cadi-aaf</artifactId>
- <version>${cadi.version}</version>
- <exclusions>
- <exclusion>
- <groupId>com.datastax.cassandra</groupId>
- <artifactId>cassandra-driver-core</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>log4j</artifactId>
- <groupId>log4j</groupId>
- </exclusion>
- <exclusion>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
<!-- TEST -->
<dependency>
<groupId>org.assertj</groupId>
@@ -1062,6 +1043,17 @@
<artifactId>kafka-clients</artifactId>
</dependency>
+ <dependency>
+ <groupId>io.github.hakky54</groupId>
+ <artifactId>sslcontext-kickstart-for-jetty</artifactId>
+ <version>${io.github.hakky54.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.github.hakky54</groupId>
+ <artifactId>sslcontext-kickstart</artifactId>
+ <version>${io.github.hakky54.version}</version>
+ </dependency>
+
</dependencies>
<build>
diff --git a/catalog-be/src/main/docker/backend/Dockerfile b/catalog-be/src/main/docker/backend/Dockerfile
index db2ab154ca..5f83e75db6 100644
--- a/catalog-be/src/main/docker/backend/Dockerfile
+++ b/catalog-be/src/main/docker/backend/Dockerfile
@@ -1,4 +1,4 @@
-FROM onap/integration-java11:9.0.0
+FROM onap/integration-java11:10.0.0
USER root
ARG JETTY_FOLDER=/app/jetty
diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
index a3e519826c..ba94e21449 100644
--- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
+++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
@@ -11,11 +11,11 @@ default['disableHttp'] = true
#| Jetty |
#| |
#+----------------------------------+
-
default['jetty']['dmaap_truststore_pwd'] = "dmaap_truststore_pwd"
+default['jetty']['keystore_path'] = "etc/org.onap.sdc.p12"
default['jetty']['keystore_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31"
default['jetty']['keymanager_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31"
-default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore"
+default['jetty']['truststore_path'] = "etc/org.onap.sdc.trust.jks"
# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION
# MUST BE ALSO CHANGE IN THE startup.sh FILE
default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0"
diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
index 5655d0fd6f..ad66a67e22 100644
--- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
+++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
@@ -51,8 +51,10 @@ template "ssl-ini" do
mode "0755"
variables ({
:https_port => "#{node['BE'][:https_port]}" ,
+ :jetty_keystore_path => "#{node['jetty'][:keystore_path]}" ,
:jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
:jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+ :jetty_truststore_path => "#{node['jetty'][:truststore_path]}",
:jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
})
end
diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
index 278fdea2ae..c489825c7b 100644
--- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
+++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
@@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %>
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## Keystore file path (relative to $jetty.base)
-jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
+jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %>
## Truststore file path (relative to $jetty.base)
-jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
+jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %>
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
-# jetty.sslContext.keyStoreType=JKS
+jetty.sslContext.keyStoreType=JKS
# jetty.sslContext.keyStoreProvider=
## KeyManager password
@@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
-# jetty.sslContext.trustStoreType=JKS
+jetty.sslContext.trustStoreType=JKS
# jetty.sslContext.trustStoreProvider=
## whether client certificate authentication is required
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java
deleted file mode 100644
index 7edd1621b1..0000000000
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java
+++ /dev/null
@@ -1,151 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.filters;
-
-import java.io.IOException;
-import java.util.function.Supplier;
-import javax.annotation.Priority;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.filter.CadiFilter;
-import org.openecomp.sdc.be.components.impl.CADIHealthCheck;
-import org.openecomp.sdc.be.config.CadiFilterParams;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.impl.WebAppContextWrapper;
-import org.openecomp.sdc.common.api.Constants;
-import org.openecomp.sdc.common.api.HealthCheckInfo;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-import org.springframework.web.context.WebApplicationContext;
-
-@Priority(2)
-public class BeCadiServletFilter extends CadiFilter {
-
- private static final Logger log = Logger.getLogger(BeCadiServletFilter.class);
- private static final String BE_CADI_SERVICE_FILTER = "BeCadiServletFilter: ";
- private ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager();
-
- public BeCadiServletFilter() {
- super();
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- /**
- * This constructor to be used when directly constructing and placing in HTTP Engine
- *
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public BeCadiServletFilter(Access access, Object... moreTafLurs) throws ServletException {
- super(access, moreTafLurs);
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- /**
- * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it
- *
- * @param init
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public BeCadiServletFilter(boolean init, PropAccess access, Object... moreTafLurs) throws ServletException {
- super(init, access, moreTafLurs);
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- private void checkIfNullProperty(String key, String value) {
- /* When value is null, so not defined in application.properties
- set nothing in System properties */
- if (value != null) {
- /* Ensure that any properties already defined in System.prop by JVM params
- won't be overwritten by Spring application.properties values */
- System.setProperty(key, System.getProperty(key, value));
- }
- }
-
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- // set some properties in System so that Cadi filter will find its config
-
- // The JVM values set will always overwrite the Spring ones.
- CadiFilterParams cadiFilterParams = configurationManager.getConfiguration().getCadiFilterParams();
- checkIfNullProperty(Config.HOSTNAME, cadiFilterParams.getHostname());
- log.debug("BeCadiServletFilter: HOSTNAME", cadiFilterParams.getHostname());
- checkIfNullProperty(Config.CADI_KEYFILE, cadiFilterParams.getCadi_keyfile());
- checkIfNullProperty(Config.CADI_LOGLEVEL, cadiFilterParams.getCadi_loglevel());
- checkIfNullProperty(Config.CADI_LATITUDE, cadiFilterParams.getAFT_LATITUDE());
- checkIfNullProperty(Config.CADI_LONGITUDE, cadiFilterParams.getAFT_LONGITUDE());
- checkIfNullProperty(Config.AAF_URL, cadiFilterParams.getAaf_url());
- //checkIfNullProperty(Config.AAF_LOCATE_URL, cadiFilterParams.getAafLocateUrl());
- checkIfNullProperty(Config.AAF_APPID, cadiFilterParams.getAaf_id());
- checkIfNullProperty(Config.AAF_APPPASS, cadiFilterParams.getAaf_password());
- checkIfNullProperty(Config.AAF_ENV, cadiFilterParams.getAFT_ENVIRONMENT());
- checkIfNullProperty(Config.CADI_X509_ISSUERS, cadiFilterParams.getCadiX509Issuers());
- checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiFilterParams.getCadi_truststore());
- checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiFilterParams.getCadi_truststore_password());
- super.init(filterConfig);
- log.debug("BeCadiServletFilter finishing init(), Current status of CADI would be UP");
- if (!isNeedAuth()) {
- CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.DOWN);
- } else {
- CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.UP);
- }
- }
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- if (ThreadLocalsHolder.isExternalRequest() && isNeedAuth()) {
- log.debug("doFilter: {}", request.getContentType());
- HttpServletRequest hreq = (HttpServletRequest) request;
- log.debug("Need aaf authentication : {}", hreq);
- ThreadLocalUtils threadLocalUtils = getThreadLocalUtils(((HttpServletRequest) request).getSession().getServletContext());
- threadLocalUtils.setUserContext((HttpServletRequest) request);
- super.doFilter(request, response, chain);
- } else {
- log.debug("No need aaf authentication");
- chain.doFilter(request, response);
- }
- }
-
- private boolean isNeedAuth() {
- return configurationManager.getConfiguration().getAafAuthNeeded();
- }
-
- ThreadLocalUtils getThreadLocalUtils(ServletContext context) {
- return getClassFromWebAppContext(context, () -> ThreadLocalUtils.class);
- }
-
- <T> T getClassFromWebAppContext(ServletContext context, Supplier<Class<T>> businessLogicClassGen) {
- WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context
- .getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR);
- WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context);
- return webApplicationContext.getBean(businessLogicClassGen.get());
- }
-}
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/listen/BEAppContextListener.java b/catalog-be/src/main/java/org/openecomp/sdc/be/listen/BEAppContextListener.java
index 76be33cedf..0bd921db54 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/listen/BEAppContextListener.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/listen/BEAppContextListener.java
@@ -39,6 +39,7 @@ public class BEAppContextListener extends AppContextListener implements ServletC
private static final String MANIFEST_FILE_NAME = "/META-INF/MANIFEST.MF";
private static final Logger log = Logger.getLogger(BEAppContextListener.class);
+ @Override
public void contextInitialized(ServletContextEvent context) {
super.contextInitialized(context);
ConfigurationManager configurationManager = new ConfigurationManager(ExternalConfiguration.getConfigurationSource());
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java b/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java
index b38210116c..c423795a2f 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java
@@ -21,7 +21,11 @@
*/
package org.openecomp.sdc.config;
+import nl.altindag.ssl.SSLFactory;
+import nl.altindag.ssl.util.JettySslUtils;
import org.apache.http.impl.client.CloseableHttpClient;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.onap.config.api.JettySSLUtils;
import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
import org.onap.sdc.security.PortalClient;
import org.openecomp.sdc.be.auditing.impl.ConfigurationProvider;
@@ -29,19 +33,27 @@ import org.openecomp.sdc.be.components.impl.ComponentLocker;
import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler;
import org.openecomp.sdc.be.components.impl.lock.ComponentLockAspect;
import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic;
+import org.openecomp.sdc.be.config.Configuration;
import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.ecomp.converters.AssetMetadataConverter;
import org.openecomp.sdc.be.filters.FilterConfiguration;
import org.openecomp.sdc.be.filters.PortalConfiguration;
import org.openecomp.sdc.be.filters.ThreadLocalUtils;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
+import javax.net.ssl.SSLSessionContext;
+import javax.net.ssl.X509ExtendedKeyManager;
+import javax.net.ssl.X509ExtendedTrustManager;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.StandardOpenOption;
+
+
// @formatter:off
-@Configuration
+@org.springframework.context.annotation.Configuration
@ComponentScan({
"org.openecomp.sdc.be.user",
"org.openecomp.sdc.be.facade.operations",
@@ -73,10 +85,11 @@ public class CatalogBESpringConfig {
private static final int BEFORE_TRANSACTION_MANAGER = 0;
private final ComponentLocker componentLocker;
+ private final JettySSLUtils.JettySslConfig sslConfig;
- @Autowired
public CatalogBESpringConfig(ComponentLocker componentLocker) {
this.componentLocker = componentLocker;
+ sslConfig = JettySSLUtils.getSSLConfig();
}
@Bean(name = "lifecycleBusinessLogic")
@@ -132,7 +145,36 @@ public class CatalogBESpringConfig {
}
@Bean
- public org.openecomp.sdc.be.config.Configuration configuration() {
+ public Configuration configuration() {
return ConfigurationManager.getConfigurationManager().getConfiguration();
}
+
+ @Bean
+ public SSLFactory sslFactory() throws IOException {
+ return SSLFactory.builder().withSwappableIdentityMaterial()
+ .withIdentityMaterial(Files.newInputStream(Path.of(sslConfig.getKeystorePath()), StandardOpenOption.READ), sslConfig.getKeystorePass().toCharArray(), sslConfig.getKeystoreType()).withSwappableTrustMaterial()
+ .withTrustMaterial(Files.newInputStream(Path.of(sslConfig.getTruststorePath()), StandardOpenOption.READ), sslConfig.getTruststorePass().toCharArray(), sslConfig.getTruststoreType()).withNeedClientAuthentication()
+ .build();
+ }
+
+ @Bean
+ public SslContextFactory.Server sslContextFactory(SSLFactory sslFactory) {
+ return JettySslUtils.forServer(sslFactory);
+ }
+
+ @Bean
+ public X509ExtendedKeyManager keyManager(SSLFactory sslFactory) throws Exception {
+ return sslFactory.getKeyManager().orElseThrow(Exception::new);
+ }
+
+ @Bean
+ public X509ExtendedTrustManager trustManager(SSLFactory sslFactory) throws Exception {
+ return sslFactory.getTrustManager().orElseThrow(Exception::new);
+ }
+
+ @Bean
+ public SSLSessionContext serverSessionContext(SSLFactory sslFactory) {
+ return sslFactory.getSslContext().getServerSessionContext();
+ }
+
}
diff --git a/catalog-fe/sdc-frontend/Dockerfile b/catalog-fe/sdc-frontend/Dockerfile
index 7de4b1f3fd..341dda2410 100644
--- a/catalog-fe/sdc-frontend/Dockerfile
+++ b/catalog-fe/sdc-frontend/Dockerfile
@@ -1,4 +1,4 @@
-FROM onap/integration-java11:9.0.0
+FROM onap/integration-java11:10.0.0
USER root
ARG JETTY_FOLDER=/app/jetty
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
index 9fbb363bf9..85f8fcf6a3 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
@@ -4,8 +4,10 @@ default['BE'][:https_port] = 8443
default['FE'][:http_port] = 8181
default['FE'][:https_port] = 9443
default['disableHttp'] = true
+default['jetty']['keystore_path'] = "etc/org.onap.sdc.p12"
default['jetty'][:keystore_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31"
default['jetty'][:keymanager_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31"
+default['jetty']['truststore_path'] = "etc/org.onap.sdc.trust.jks"
# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION
# MUST BE ALSO CHANGE IN THE startup.sh FILE
default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0"
@@ -17,4 +19,4 @@ default['ONBOARDING_BE'][:https_port] = 8445
#BasicAuth
default['basic_auth']['enabled'] = true
default['basic_auth'][:user_name] = "testName"
-default['basic_auth'][:user_pass] = "testPass" \ No newline at end of file
+default['basic_auth'][:user_pass] = "testPass"
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
index 734c05ae02..e465d9f087 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
@@ -49,8 +49,10 @@ template "ssl-ini" do
mode "0755"
variables({
:https_port => "#{node['FE'][:https_port]}" ,
+ :jetty_keystore_path => "#{node['jetty'][:keystore_path]}" ,
:jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
:jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+ :jetty_truststore_path => "#{node['jetty'][:truststore_path]}",
:jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
})
end
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
index 278fdea2ae..c489825c7b 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
@@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %>
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## Keystore file path (relative to $jetty.base)
-jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
+jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %>
## Truststore file path (relative to $jetty.base)
-jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
+jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %>
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
-# jetty.sslContext.keyStoreType=JKS
+jetty.sslContext.keyStoreType=JKS
# jetty.sslContext.keyStoreProvider=
## KeyManager password
@@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
-# jetty.sslContext.trustStoreType=JKS
+jetty.sslContext.trustStoreType=JKS
# jetty.sslContext.trustStoreProvider=
## whether client certificate authentication is required
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
index e1b4572a05..b095a1cde7 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
@@ -21,8 +21,6 @@ package org.openecomp.sdc.fe.impl;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
import org.apache.http.HttpStatus;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
@@ -43,6 +41,8 @@ import org.openecomp.sdc.fe.config.ConfigurationManager;
import org.openecomp.sdc.fe.config.PluginsConfiguration;
import org.openecomp.sdc.fe.config.PluginsConfiguration.Plugin;
+import java.io.IOException;
+
public class PluginStatusBL {
private static final Logger log = Logger.getLogger(PluginStatusBL.class.getName());
@@ -74,23 +74,24 @@ public class PluginStatusBL {
private boolean hasSecuredPlugins() {
if (this.getPluginsList() != null) {
return pluginsConfiguration.getPluginsList().stream()
- .anyMatch(plugin -> plugin.getPluginDiscoveryUrl().toLowerCase().startsWith("https"));
+ .anyMatch(plugin -> plugin.getPluginDiscoveryUrl().toLowerCase().startsWith("https"));
}
return false;
}
- private CloseableHttpClient getPooledClient(boolean isSecured) throws GeneralSecurityException, IOException {
+ private CloseableHttpClient getPooledClient(final boolean isSecured) throws Exception {
final PoolingHttpClientConnectionManager poolingConnManager;
- if (!isSecured) {
- poolingConnManager = new PoolingHttpClientConnectionManager();
- } else {
- SSLConnectionSocketFactory s = new SSLConnectionSocketFactory(JettySSLUtils.getSslContext(), new NoopHostnameVerifier());
- Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", new PlainConnectionSocketFactory()).register("https", s).build();
+ if (isSecured) {
+ final SSLConnectionSocketFactory s = new SSLConnectionSocketFactory(JettySSLUtils.getSslContext(), new NoopHostnameVerifier());
+ final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
+ .register("http", new PlainConnectionSocketFactory())
+ .register("https", s).build();
poolingConnManager = new PoolingHttpClientConnectionManager(registry);
+ } else {
+ poolingConnManager = new PoolingHttpClientConnectionManager();
}
- int maxTotal = System.getProperties().containsKey(MAX_CONNECTION_POOL) ? Integer.parseInt(System.getProperty(MAX_CONNECTION_POOL)) : 5;
- int routeMax = System.getProperties().containsKey(MAX_ROUTE_POOL) ? Integer.parseInt(System.getProperty(MAX_ROUTE_POOL)) : 20;
+ final int maxTotal = System.getProperties().containsKey(MAX_CONNECTION_POOL) ? Integer.parseInt(System.getProperty(MAX_CONNECTION_POOL)) : 5;
+ final int routeMax = System.getProperties().containsKey(MAX_ROUTE_POOL) ? Integer.parseInt(System.getProperty(MAX_ROUTE_POOL)) : 20;
poolingConnManager.setMaxTotal(maxTotal);
poolingConnManager.setDefaultMaxPerRoute(routeMax);
return HttpClients.custom().setConnectionManager(poolingConnManager).setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
@@ -115,9 +116,9 @@ public class PluginStatusBL {
log.debug("The value returned from getConfig is {}", pluginsConfiguration);
Integer connectionTimeout = pluginsConfiguration.getConnectionTimeout();
this.requestConfig = RequestConfig.custom().setSocketTimeout(connectionTimeout).setConnectTimeout(connectionTimeout)
- .setConnectionRequestTimeout(connectionTimeout).build();
+ .setConnectionRequestTimeout(connectionTimeout).build();
Plugin wantedPlugin = pluginsConfiguration.getPluginsList().stream().filter(plugin -> plugin.getPluginId().equals(pluginId)).findAny()
- .orElse(null);
+ .orElse(null);
if (wantedPlugin != null) {
result = gson.toJson(checkPluginAvailability(wantedPlugin));
}
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
index 877d637a3e..79ef07a5da 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
@@ -38,6 +38,7 @@ public class FEAppContextListener extends AppContextListener implements ServletC
private static final int PROBE_INTERVALE = 15;
private static Logger log = Logger.getLogger(FEAppContextListener.class.getName());
+ @Override
public void contextInitialized(ServletContextEvent context) {
super.contextInitialized(context);
ConfigurationManager configurationManager = new ConfigurationManager(ExternalConfiguration.getConfigurationSource());
@@ -61,6 +62,7 @@ public class FEAppContextListener extends AppContextListener implements ServletC
log.debug("After executing {}", this.getClass());
}
+ @Override
public void contextDestroyed(ServletContextEvent context) {
ExecutorService executorPool = (ExecutorService) context.getServletContext().getAttribute(Constants.THREAD_EXECUTOR_ATTR);
if (executorPool != null) {
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
index 0ef435311f..1bec4e48c4 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
@@ -19,13 +19,7 @@
*/
package org.openecomp.sdc.fe.servlets;
-import static org.apache.commons.lang3.StringUtils.isEmpty;
-
import com.google.common.annotations.VisibleForTesting;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.Base64;
-import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.NotImplementedException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.client.api.Request;
@@ -44,6 +38,13 @@ import org.openecomp.sdc.fe.config.PluginsConfiguration.Plugin;
import org.openecomp.sdc.fe.impl.LogHandler;
import org.openecomp.sdc.fe.utils.BeProtocol;
+import javax.servlet.http.HttpServletRequest;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Base64;
+
+import static org.apache.commons.lang3.StringUtils.isEmpty;
+
public class FeProxyServlet extends SSLProxyServlet {
public static final String UUID = "uuid";
@@ -101,7 +102,7 @@ public class FeProxyServlet extends SSLProxyServlet {
BasicAuthConfig basicAuth = config.getBasicAuth();
if (basicAuth.isEnabled()) {
proxyRequest.header(HttpHeader.AUTHORIZATION,
- "Basic " + Base64.getEncoder().encodeToString((basicAuth.getUserName() + ":" + basicAuth.getUserPass()).getBytes()));
+ "Basic " + Base64.getEncoder().encodeToString((basicAuth.getUserName() + ":" + basicAuth.getUserPass()).getBytes()));
}
super.addProxyHeaders(clientRequest, proxyRequest);
}
@@ -127,7 +128,7 @@ public class FeProxyServlet extends SSLProxyServlet {
}
private String getModifiedUrl(Configuration config, PluginsConfiguration pluginConf, String uri, String queryString)
- throws MalformedURLException {
+ throws MalformedURLException {
if (config == null) {
log.error(EcompLoggerErrorCode.UNKNOWN_ERROR, "FeProxyServlet getModifiedUrl", "sdc-FE", "failed to retrieve configuration.");
throw new RuntimeException("failed to read FE configuration");
@@ -153,8 +154,8 @@ public class FeProxyServlet extends SSLProxyServlet {
} else if (uri.contains(WORKFLOW_CONTEXT)) {
uri = uri.replace(SDC1_FE_PROXY + WORKFLOW_CONTEXT, WORKFLOW_CONTEXT);
String workflowPluginURL = pluginConf.getPluginsList().stream()
- .filter(plugin -> plugin.getPluginId().equalsIgnoreCase(PLUGIN_ID_WORKFLOW)).map(Plugin::getPluginDiscoveryUrl).findFirst()
- .orElse(null);
+ .filter(plugin -> plugin.getPluginId().equalsIgnoreCase(PLUGIN_ID_WORKFLOW)).map(Plugin::getPluginDiscoveryUrl).findFirst()
+ .orElse(null);
java.net.URL workflowURL = new URL(workflowPluginURL);
protocol = workflowURL.getProtocol();
host = workflowURL.getHost();
@@ -192,7 +193,7 @@ public class FeProxyServlet extends SSLProxyServlet {
private PluginsConfiguration getPluginConfiguration(HttpServletRequest request) {
return ((ConfigurationManager) request.getSession().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getPluginsConfiguration();
+ .getPluginsConfiguration();
}
private boolean isMsToggleOn(Configuration config) {
@@ -224,7 +225,7 @@ public class FeProxyServlet extends SSLProxyServlet {
String facadeSuffix = String.format("%s%s", FACADE_PATH_IDENTIFIER, CATALOG_REQUEST_IDENTIFIER);
String nonFacadeUrl = currentURI.replace(facadeSuffix, "rest/v1/screen");
redirectValue = getModifiedUrl(config, getPluginConfiguration(request), nonFacadeUrl,
- "excludeTypes=VFCMT&excludeTypes=Configuration");
+ "excludeTypes=VFCMT&excludeTypes=Configuration");
}
// Home
else if (currentURI.endsWith(HOME_REQUEST_IDENTIFIER)) {
@@ -249,10 +250,10 @@ public class FeProxyServlet extends SSLProxyServlet {
String facadeSuffix = String.format("%s%s", FACADE_PATH_IDENTIFIER, CATALOG_REQUEST_IDENTIFIER);
String nonFacadeUrl = currentURI.replace(facadeSuffix, "rest/v1/screen");
redirectValue = getModifiedUrl(config, getPluginConfiguration(request), nonFacadeUrl,
- "excludeTypes=VFCMT&excludeTypes=Configuration");
+ "excludeTypes=VFCMT&excludeTypes=Configuration");
} else {
String message = String
- .format("facade is toggled off, Could not rediret url %s with query params %s", currentURI, getQueryString(request));
+ .format("facade is toggled off, Could not rediret url %s with query params %s", currentURI, getQueryString(request));
log.error(message);
throw new NotImplementedException(message);
}
@@ -265,7 +266,7 @@ public class FeProxyServlet extends SSLProxyServlet {
if (StringUtils.isEmpty(msUrl)) {
// do that only once
msUrl = String.format(MS_URL, config.getCatalogFacadeMs().getProtocol(), config.getCatalogFacadeMs().getHost(),
- config.getCatalogFacadeMs().getPort());
+ config.getCatalogFacadeMs().getPort());
}
StringBuilder url;
String queryString;
@@ -293,7 +294,7 @@ public class FeProxyServlet extends SSLProxyServlet {
private Configuration getConfiguration(HttpServletRequest request) {
return ((ConfigurationManager) request.getSession().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getConfiguration();
+ .getConfiguration();
}
private String getAuthority(String host, String port) {
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
index 891bc4ae34..812be7f8ea 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
@@ -19,10 +19,12 @@
*/
package org.openecomp.sdc.fe.servlets;
-import javax.servlet.ServletException;
import org.eclipse.jetty.client.HttpClient;
+import org.eclipse.jetty.client.dynamic.HttpClientTransportDynamic;
+import org.eclipse.jetty.io.ClientConnector;
import org.eclipse.jetty.proxy.ProxyServlet;
import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.onap.config.api.JettySSLUtils;
import org.openecomp.sdc.common.api.Constants;
import org.openecomp.sdc.fe.config.Configuration;
import org.openecomp.sdc.fe.config.ConfigurationManager;
@@ -30,15 +32,17 @@ import org.openecomp.sdc.fe.utils.BeProtocol;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.servlet.ServletException;
+
public abstract class SSLProxyServlet extends ProxyServlet {
private static final long serialVersionUID = 1L;
- private static final Logger log = LoggerFactory.getLogger(SSLProxyServlet.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(SSLProxyServlet.class);
@Override
protected HttpClient createHttpClient() throws ServletException {
Configuration config = ((ConfigurationManager) getServletConfig().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getConfiguration();
+ .getConfiguration();
boolean isSecureClient = !config.getBeProtocol().equals(BeProtocol.HTTP.getProtocolName());
HttpClient client = (isSecureClient) ? getSecureHttpClient() : super.createHttpClient();
int requestTimeout = config.getRequestTimeout() * 1000;
@@ -47,22 +51,30 @@ public abstract class SSLProxyServlet extends ProxyServlet {
}
setTimeout(requestTimeout);
client.setIdleTimeout(requestTimeout);
- client.setStopTimeout(requestTimeout);
return client;
}
private HttpClient getSecureHttpClient() throws ServletException {
- // Instantiate HttpClient with the SslContextFactory
- final var httpClient = new HttpClient(new SslContextFactory.Client(true));
+ final SslContextFactory.Client sslContextFactory = new SslContextFactory.Client(true);
+ try {
+ sslContextFactory.setSslContext(JettySSLUtils.getSslContext());
+ } catch (Exception e) {
+ LOGGER.error("Exception thrown while getting SslContext", e);
+ throw new ServletException(e);
+ }
+ final ClientConnector clientConnector = new ClientConnector();
+ clientConnector.setSslContextFactory(sslContextFactory);
+ final HttpClient httpClient = new HttpClient(new HttpClientTransportDynamic(clientConnector));
// Configure HttpClient, for example:
httpClient.setFollowRedirects(false);
// Start HttpClient
try {
httpClient.start();
} catch (Exception x) {
- log.error("Exception thrown while starting httpClient", x);
+ LOGGER.error("Exception thrown while starting httpClient", x);
throw new ServletException(x);
}
return httpClient;
}
+
}
diff --git a/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/FeProxyServletTest.java b/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/FeProxyServletTest.java
index 36f218a391..ef31b49669 100644
--- a/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/FeProxyServletTest.java
+++ b/catalog-fe/src/test/java/org/openecomp/sdc/fe/servlets/FeProxyServletTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,9 +22,9 @@ package org.openecomp.sdc.fe.servlets;
import org.eclipse.jetty.client.api.Request;
import org.eclipse.jetty.http.HttpFields;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.openecomp.sdc.common.api.Constants;
import org.openecomp.sdc.fe.config.Configuration;
@@ -41,241 +41,248 @@ import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.when;
public class FeProxyServletTest {
- /*
- * Example Url Mappings:
- * http://localhost:8080/sdc1/feProxy/rest/services/MichaelTest2/0.0.1/csar
- * --> http://localhost:8090/sdc2/rest/services/MichaelTest2/0.0.1/csar
- * http://localhost:8080/sdc1/feProxy/dummy/not/working -->
- * http://localhost:8090/sdc2/dummy/not/working
- */
- FeProxyServletForTest feProxy = new FeProxyServletForTest();
- final static HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
- final static HttpSession httpSession = Mockito.mock(HttpSession.class);
- final static ServletContext servletContext = Mockito.mock(ServletContext.class);
- final static ConfigurationManager configurationManager = Mockito.mock(ConfigurationManager.class);
- final static Configuration configuration = Mockito.mock(Configuration.class);
- final static Configuration.OnboardingConfig onboardingConfiguration = Mockito.mock(Configuration.OnboardingConfig.class);
- private final static Configuration.CatalogFacadeMsConfig catalogFacadeMsConfig = Mockito.mock(Configuration.CatalogFacadeMsConfig.class);
- final static Request proxyRequest = Mockito.spy(Request.class);
- final static HttpFields httpFields = Mockito.mock(HttpFields.class);
- private static final PluginsConfiguration pluginsConfiguration = Mockito.mock(PluginsConfiguration.class);
- private static final PluginsConfiguration.Plugin plugin = Mockito.mock(PluginsConfiguration.Plugin.class);
-
- final static String BE_PROTOCOL = "http";
- final static String BE_HOST = "172.20.43.124";
- final static int BE_PORT = 8090;
- final static String ONBOARDING_BE_PROTOCOL = "http";
- final static String ONBOARDING_BE_HOST = "172.20.43.125";
- final static int ONBOARDING_BE_PORT = 8091;
- final static String WF_PROTOCOL = "http";
- final static String WF_HOST = "172.20.43.126";
- final static int WF_PORT = 8092;
- final static String HEADER_1 = "Header1";
- final static String HEADER_2 = "Header2";
- final static String HEADER_3 = "Header3";
- final static String HEADER_1_VAL = "Header1_Val";
- final static String HEADER_2_VAL = "Header2_Val";
- final static String HEADER_3_VAL = "Header3_Val";
- final static String REQUEST_ID_VAL = "4867495a-5ed7-49e4-8be2-cc8d66fdd52b";
- private final static String msProtocol = "http";
- private final static String msHealth = "/healthCheck";
- private final static String msHost = "localhost";
- private final static Integer msPort = 8080;
- private final static String msPath = "/uicache";
- private final static String msUrl = String.format("%s://%s:%s", msProtocol, msHost, msPort);
-
- @BeforeClass
- public static void beforeClass() {
- when(servletRequest.getSession()).thenReturn(httpSession);
- when(httpSession.getServletContext()).thenReturn(servletContext);
- when(servletContext.getAttribute(Constants.CONFIGURATION_MANAGER_ATTR)).thenReturn(configurationManager);
- when(configurationManager.getConfiguration()).thenReturn(configuration);
- when(configuration.getBeProtocol()).thenReturn(BE_PROTOCOL);
- when(configuration.getBeHost()).thenReturn(BE_HOST);
- when(configuration.getBeHttpPort()).thenReturn(BE_PORT);
- when(configuration.getOnboarding()).thenReturn(onboardingConfiguration);
- when(configuration.getOnboarding().getProtocolBe()).thenReturn(ONBOARDING_BE_PROTOCOL);
- when(configuration.getOnboarding().getHostBe()).thenReturn(ONBOARDING_BE_HOST);
- when(configuration.getOnboarding().getPortBe()).thenReturn(ONBOARDING_BE_PORT);
-
- List<String> strList = new ArrayList<>();
- strList.add(HEADER_1);
- strList.add(HEADER_2);
- strList.add(HEADER_3);
-
- when(servletRequest.getHeaderNames()).thenReturn(Collections.enumeration(strList));
- when(servletRequest.getHeader(HEADER_1)).thenReturn(HEADER_1_VAL);
- when(servletRequest.getHeader(HEADER_2)).thenReturn(HEADER_2_VAL);
- when(servletRequest.getHeader(HEADER_3)).thenReturn(HEADER_3_VAL);
- when(servletRequest.getHeader(Constants.X_ECOMP_REQUEST_ID_HEADER)).thenReturn(REQUEST_ID_VAL);
-
- when(proxyRequest.getHeaders()).thenReturn(httpFields);
- when(httpFields.containsKey(HEADER_1)).thenReturn(true);
- when(httpFields.containsKey(HEADER_2)).thenReturn(true);
- when(httpFields.containsKey(HEADER_3)).thenReturn(false);
-
- List<PluginsConfiguration.Plugin> pluginList = new ArrayList<PluginsConfiguration.Plugin>();
- when(plugin.getPluginId()).thenReturn("WORKFLOW");
- when(plugin.getPluginSourceUrl()).thenReturn(WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT);
- when(plugin.getPluginDiscoveryUrl()).thenReturn(WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT);
- pluginList.add(plugin);
- when(configurationManager.getPluginsConfiguration()).thenReturn(pluginsConfiguration);
- when(pluginsConfiguration.getPluginsList()).thenReturn(pluginList);
-
- }
-
- @Before
- public void setUp() {
- when(configuration.getCatalogFacadeMs()).thenReturn(catalogFacadeMsConfig);
- when(servletRequest.getQueryString()).thenReturn(null);
- when(catalogFacadeMsConfig.getPath()).thenReturn(null);
- }
- @Test
- public void testRewriteURI_APIRequest() {
- when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/rest/dummyBeAPI");
- String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/rest/dummyBeAPI";
- String expectedChangedUrl = BE_PROTOCOL + "://" + BE_HOST + ":" + BE_PORT + "/sdc2/rest/dummyBeAPI";
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
-
- when(servletRequest.getContextPath()).thenReturn("/sdc1");
- when(servletRequest.getServletPath()).thenReturn("/feProxy/rest/dummyBeAPI");
-
- String rewriteURI = feProxy.rewriteTarget(servletRequest);
-
- assertTrue(rewriteURI.equals(expectedChangedUrl));
- }
-
- @Test
- public void testRewriteURIWithOnboardingAPIRequest() {
- when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/onboarding-api/gg%20g?subtype=VF");
- String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/onboarding-api/gg%20g?subtype=VF";
- String expectedChangedUrl = ONBOARDING_BE_PROTOCOL + "://" + ONBOARDING_BE_HOST + ":" + ONBOARDING_BE_PORT + "/onboarding-api/gg%20g?subtype=VF";
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
-
- when(servletRequest.getContextPath()).thenReturn("/sdc1");
- when(servletRequest.getServletPath()).thenReturn("/feProxy/onboarding-api/gg%20g?subtype=VF");
-
- String rewriteURI = feProxy.rewriteTarget(servletRequest);
-
- assertTrue(rewriteURI.equals(expectedChangedUrl));
- }
-
-
- @Test
- public void testRewriteURIWithQureyParam_APIRequest() {
- when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/dcae-api/gg%20g?subtype=VF");
- String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/dcae-api/gg%20g?subtype=VF";
- String expectedChangedUrl = BE_PROTOCOL + "://" + BE_HOST + ":" + BE_PORT + "/dcae-api/gg%20g?subtype=VF";
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
-
- when(servletRequest.getContextPath()).thenReturn("/sdc1");
- when(servletRequest.getServletPath()).thenReturn("/feProxy/dcae-api/gg%20g?subtype=VF");
-
- String rewriteURI = feProxy.rewriteTarget(servletRequest);
-
- assertTrue(rewriteURI.equals(expectedChangedUrl));
- }
-
- @Test
- public void testRewriteTargetWithRedeirectAPIRequest() {
- when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/rest/gg%20g?subtype=VF");
- String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/rest/gg%20g?subtype=VF";
- String expectedChangedUrl = BE_PROTOCOL + "://" + BE_HOST + ":" + BE_PORT + "/sdc2/rest/gg%20g?subtype=VF";
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
-
- when(servletRequest.getContextPath()).thenReturn("/sdc1");
- when(servletRequest.getServletPath()).thenReturn("/feProxy/rest/gg%20g?subtype=VF");
-
- String rewriteURI = feProxy.rewriteTarget(servletRequest);
-
- assertTrue(rewriteURI.equals(expectedChangedUrl));
- }
-
-
-
- @Test
- public void testRewriteURIWithWFAPIRequest() {
- when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/wf/workflows");
- String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/wf/workflows";
- String expectedChangedUrl = WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT + "/wf/workflows";
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
-
- when(servletRequest.getContextPath()).thenReturn("/sdc1");
- when(servletRequest.getServletPath()).thenReturn("/feProxy/wf/workflows");
-
- String rewriteURI = feProxy.rewriteTarget(servletRequest);
-
- assertEquals(expectedChangedUrl, rewriteURI);
- }
-
- @Test
- public void testRedirectToMSWhenMsUrlExists() throws MalformedURLException {
- final String urlParams = "x=1&y=2&z=3";
- final String url = "http//test.com:8080/uicache/v1/catalog";
- setUpConfigMocks();
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
- when(servletRequest.getQueryString()).thenReturn(urlParams);
- assertTrue(feProxy.isMsRequest(url + urlParams));
- assertEquals(msUrl + "/uicache/v1/catalog?" + urlParams,
- feProxy.redirectMsRequestToMservice(servletRequest, configuration));
- }
-
- @Test
- public void testRedirectToMSWhenMsUrlExistsWithoutParams() throws MalformedURLException {
- final String uri = "/uicache/v1/home";
- final String url = String.format("http//test.com:8080%s", uri);
- setUpConfigMocks();
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
- when(servletRequest.getRequestURI()).thenReturn(uri);
- assertTrue(feProxy.isMsRequest(url));
- assertEquals(msUrl + "/uicache/v1/home", feProxy.redirectMsRequestToMservice(servletRequest, configuration));
- }
- @Test
- public void testRedirectToBeOnToggleOff() throws MalformedURLException {
- final String uri = "/uicache/v1/catalog";
- final String url = String.format("http//test.com:8080%s", uri);
- when(catalogFacadeMsConfig.getPath()).thenReturn(null);
-
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
- when(servletRequest.getRequestURI()).thenReturn(uri);
- assertTrue(feProxy.isMsRequest(url));
- String expectedUrl = String.format("%s://%s:%s/rest/v1/screen?excludeTypes=VFCMT&excludeTypes=Configuration",
- BE_PROTOCOL, BE_HOST, BE_PORT);
- assertEquals(expectedUrl, feProxy.redirectMsRequestToMservice(servletRequest, configuration));
- }
- @Test(expected = StringIndexOutOfBoundsException.class)
- public void testRedirectToMSWhenMsUrlExistsButItIsNotCatalogRequest() throws MalformedURLException {
- final String url = "http//test.com:8080/rest/v1/sc";
- final String urlParams = "x=1&y=2&z=3";
- setUpConfigMocks();
- when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
- when(servletRequest.getQueryString()).thenReturn(urlParams);
- assertFalse(feProxy.isMsRequest(url));
- feProxy.redirectMsRequestToMservice(servletRequest, configuration);
- }
-
- private void setUpConfigMocks() {
- when(catalogFacadeMsConfig.getPath()).thenReturn(msPath);
- when(catalogFacadeMsConfig.getProtocol()).thenReturn(msProtocol);
- when(catalogFacadeMsConfig.getHost()).thenReturn(msHost);
- when(catalogFacadeMsConfig.getPort()).thenReturn(msPort);
- when(catalogFacadeMsConfig.getHealthCheckUri()).thenReturn(msHealth);
- }
-
- /* class for testing only exposes the protected method.*/
- public static class FeProxyServletForTest extends FeProxyServlet{
- private static final long serialVersionUID = 1L;
- @Override
- public String rewriteTarget(HttpServletRequest request) {
- return super.rewriteTarget(request);
- }
- @Override
- boolean isMsRequest(String currentUrl) {
- return super.isMsRequest(currentUrl);
- }
- }
+ /*
+ * Example Url Mappings:
+ * http://localhost:8080/sdc1/feProxy/rest/services/MichaelTest2/0.0.1/csar
+ * --> http://localhost:8090/sdc2/rest/services/MichaelTest2/0.0.1/csar
+ * http://localhost:8080/sdc1/feProxy/dummy/not/working -->
+ * http://localhost:8090/sdc2/dummy/not/working
+ */
+ private final FeProxyServletForTest feProxy = new FeProxyServletForTest();
+ private static final HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
+ private static final HttpSession httpSession = Mockito.mock(HttpSession.class);
+ private static final ServletContext servletContext = Mockito.mock(ServletContext.class);
+ private static final ConfigurationManager configurationManager = Mockito.mock(ConfigurationManager.class);
+ private static final Configuration configuration = Mockito.mock(Configuration.class);
+ private static final Configuration.OnboardingConfig onboardingConfiguration = Mockito.mock(Configuration.OnboardingConfig.class);
+ private static final Configuration.CatalogFacadeMsConfig catalogFacadeMsConfig = Mockito.mock(Configuration.CatalogFacadeMsConfig.class);
+ private static final Request proxyRequest = Mockito.spy(Request.class);
+ private static final HttpFields httpFields = Mockito.mock(HttpFields.class);
+ private static final PluginsConfiguration pluginsConfiguration = Mockito.mock(PluginsConfiguration.class);
+ private static final PluginsConfiguration.Plugin plugin = Mockito.mock(PluginsConfiguration.Plugin.class);
+
+ private static final boolean sslEnabled = false;
+ private static final String BE_PROTOCOL = "http";
+ private static final String BE_PROTOCOL_SSL = "https";
+ private static final String BE_HOST = "172.20.43.124";
+ private static final int BE_PORT = 8090;
+ private static final int BE_PORT_SSL = 9443;
+ private static final String ONBOARDING_BE_PROTOCOL = "http";
+ private static final String ONBOARDING_BE_HOST = "172.20.43.125";
+ private static final int ONBOARDING_BE_PORT = 8091;
+ private static final String WF_PROTOCOL = "http";
+ private static final String WF_HOST = "172.20.43.126";
+ private static final int WF_PORT = 8092;
+ private static final String HEADER_1 = "Header1";
+ private static final String HEADER_2 = "Header2";
+ private static final String HEADER_3 = "Header3";
+ private static final String HEADER_1_VAL = "Header1_Val";
+ private static final String HEADER_2_VAL = "Header2_Val";
+ private static final String HEADER_3_VAL = "Header3_Val";
+ private static final String REQUEST_ID_VAL = "4867495a-5ed7-49e4-8be2-cc8d66fdd52b";
+ private static final String msProtocol = "http";
+ private static final String msHealth = "/healthCheck";
+ private static final String msHost = "localhost";
+ private static final Integer msPort = 8080;
+ private static final String msPath = "/uicache";
+ private static final String msUrl = String.format("%s://%s:%s", msProtocol, msHost, msPort);
+
+ @BeforeAll
+ public static void beforeClass() {
+ when(servletRequest.getSession()).thenReturn(httpSession);
+ when(httpSession.getServletContext()).thenReturn(servletContext);
+ when(servletContext.getAttribute(Constants.CONFIGURATION_MANAGER_ATTR)).thenReturn(configurationManager);
+ when(configurationManager.getConfiguration()).thenReturn(configuration);
+ when(configuration.getBeProtocol()).thenReturn(sslEnabled ? BE_PROTOCOL_SSL : BE_PROTOCOL);
+ when(configuration.getBeHost()).thenReturn(BE_HOST);
+ when(configuration.getBeHttpPort()).thenReturn(BE_PORT);
+ when(configuration.getBeSslPort()).thenReturn(BE_PORT_SSL);
+ when(configuration.getOnboarding()).thenReturn(onboardingConfiguration);
+ when(configuration.getOnboarding().getProtocolBe()).thenReturn(ONBOARDING_BE_PROTOCOL);
+ when(configuration.getOnboarding().getHostBe()).thenReturn(ONBOARDING_BE_HOST);
+ when(configuration.getOnboarding().getPortBe()).thenReturn(ONBOARDING_BE_PORT);
+
+ List<String> strList = new ArrayList<>();
+ strList.add(HEADER_1);
+ strList.add(HEADER_2);
+ strList.add(HEADER_3);
+
+ when(servletRequest.getHeaderNames()).thenReturn(Collections.enumeration(strList));
+ when(servletRequest.getHeader(HEADER_1)).thenReturn(HEADER_1_VAL);
+ when(servletRequest.getHeader(HEADER_2)).thenReturn(HEADER_2_VAL);
+ when(servletRequest.getHeader(HEADER_3)).thenReturn(HEADER_3_VAL);
+ when(servletRequest.getHeader(Constants.X_ECOMP_REQUEST_ID_HEADER)).thenReturn(REQUEST_ID_VAL);
+
+ when(proxyRequest.getHeaders()).thenReturn(httpFields);
+ when(httpFields.contains(HEADER_1)).thenReturn(true);
+ when(httpFields.contains(HEADER_2)).thenReturn(true);
+ when(httpFields.contains(HEADER_3)).thenReturn(false);
+
+ List<PluginsConfiguration.Plugin> pluginList = new ArrayList<PluginsConfiguration.Plugin>();
+ when(plugin.getPluginId()).thenReturn("WORKFLOW");
+ when(plugin.getPluginSourceUrl()).thenReturn(WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT);
+ when(plugin.getPluginDiscoveryUrl()).thenReturn(WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT);
+ pluginList.add(plugin);
+ when(configurationManager.getPluginsConfiguration()).thenReturn(pluginsConfiguration);
+ when(pluginsConfiguration.getPluginsList()).thenReturn(pluginList);
+
+ }
+
+ @BeforeEach
+ public void setUp() {
+ when(configuration.getCatalogFacadeMs()).thenReturn(catalogFacadeMsConfig);
+ when(servletRequest.getQueryString()).thenReturn(null);
+ when(catalogFacadeMsConfig.getPath()).thenReturn(null);
+ }
+
+ @Test
+ void testRewriteURI_APIRequest() {
+ when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/rest/dummyBeAPI");
+ String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/rest/dummyBeAPI";
+ String expectedChangedUrl = (sslEnabled ? BE_PROTOCOL_SSL : BE_PROTOCOL) + "://" + BE_HOST + ":" + (sslEnabled ? BE_PORT_SSL : BE_PORT) + "/sdc2/rest/dummyBeAPI";
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
+
+ when(servletRequest.getContextPath()).thenReturn("/sdc1");
+ when(servletRequest.getServletPath()).thenReturn("/feProxy/rest/dummyBeAPI");
+
+ String rewriteURI = feProxy.rewriteTarget(servletRequest);
+
+ assertEquals(expectedChangedUrl, rewriteURI);
+ }
+
+ @Test
+ void testRewriteURIWithOnboardingAPIRequest() {
+ when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/onboarding-api/gg%20g?subtype=VF");
+ String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/onboarding-api/gg%20g?subtype=VF";
+ String expectedChangedUrl = ONBOARDING_BE_PROTOCOL + "://" + ONBOARDING_BE_HOST + ":" + ONBOARDING_BE_PORT + "/onboarding-api/gg%20g?subtype=VF";
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
+
+ when(servletRequest.getContextPath()).thenReturn("/sdc1");
+ when(servletRequest.getServletPath()).thenReturn("/feProxy/onboarding-api/gg%20g?subtype=VF");
+
+ String rewriteURI = feProxy.rewriteTarget(servletRequest);
+
+ assertEquals(expectedChangedUrl, rewriteURI);
+ }
+
+ @Test
+ void testRewriteURIWithQureyParam_APIRequest() {
+ when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/dcae-api/gg%20g?subtype=VF");
+ String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/dcae-api/gg%20g?subtype=VF";
+ String expectedChangedUrl = (sslEnabled ? BE_PROTOCOL_SSL : BE_PROTOCOL) + "://" + BE_HOST + ":" + (sslEnabled ? BE_PORT_SSL : BE_PORT) + "/dcae-api/gg%20g?subtype=VF";
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
+
+ when(servletRequest.getContextPath()).thenReturn("/sdc1");
+ when(servletRequest.getServletPath()).thenReturn("/feProxy/dcae-api/gg%20g?subtype=VF");
+
+ String rewriteURI = feProxy.rewriteTarget(servletRequest);
+
+ assertEquals(expectedChangedUrl, rewriteURI);
+ }
+
+ @Test
+ void testRewriteTargetWithRedeirectAPIRequest() {
+ when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/rest/gg%20g?subtype=VF");
+ String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/rest/gg%20g?subtype=VF";
+ String expectedChangedUrl = (sslEnabled ? BE_PROTOCOL_SSL : BE_PROTOCOL) + "://" + BE_HOST + ":" + (sslEnabled ? BE_PORT_SSL : BE_PORT) + "/sdc2/rest/gg%20g?subtype=VF";
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
+
+ when(servletRequest.getContextPath()).thenReturn("/sdc1");
+ when(servletRequest.getServletPath()).thenReturn("/feProxy/rest/gg%20g?subtype=VF");
+
+ String rewriteURI = feProxy.rewriteTarget(servletRequest);
+
+ assertEquals(expectedChangedUrl, rewriteURI);
+ }
+
+ @Test
+ void testRewriteURIWithWFAPIRequest() {
+ when(servletRequest.getRequestURI()).thenReturn("/sdc1/feProxy/wf/workflows");
+ String requestResourceUrl = "http://localhost:8080/sdc1/feProxy/wf/workflows";
+ String expectedChangedUrl = WF_PROTOCOL + "://" + WF_HOST + ":" + WF_PORT + "/wf/workflows";
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(requestResourceUrl));
+
+ when(servletRequest.getContextPath()).thenReturn("/sdc1");
+ when(servletRequest.getServletPath()).thenReturn("/feProxy/wf/workflows");
+
+ String rewriteURI = feProxy.rewriteTarget(servletRequest);
+
+ assertEquals(expectedChangedUrl, rewriteURI);
+ }
+
+ @Test
+ void testRedirectToMSWhenMsUrlExists() throws MalformedURLException {
+ final String urlParams = "x=1&y=2&z=3";
+ final String url = "http//test.com:8080/uicache/v1/catalog";
+ setUpConfigMocks();
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
+ when(servletRequest.getQueryString()).thenReturn(urlParams);
+ assertTrue(feProxy.isMsRequest(url + urlParams));
+ assertEquals(msUrl + "/uicache/v1/catalog?" + urlParams,
+ feProxy.redirectMsRequestToMservice(servletRequest, configuration));
+ }
+
+ @Test
+ void testRedirectToMSWhenMsUrlExistsWithoutParams() throws MalformedURLException {
+ final String uri = "/uicache/v1/home";
+ final String url = String.format("http//test.com:8080%s", uri);
+ setUpConfigMocks();
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
+ when(servletRequest.getRequestURI()).thenReturn(uri);
+ assertTrue(feProxy.isMsRequest(url));
+ assertEquals(msUrl + "/uicache/v1/home", feProxy.redirectMsRequestToMservice(servletRequest, configuration));
+ }
+
+ @Test
+ void testRedirectToBeOnToggleOff() throws MalformedURLException {
+ final String uri = "/uicache/v1/catalog";
+ final String url = String.format("http//test.com:8080%s", uri);
+ when(catalogFacadeMsConfig.getPath()).thenReturn(null);
+
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
+ when(servletRequest.getRequestURI()).thenReturn(uri);
+ assertTrue(feProxy.isMsRequest(url));
+ String expectedUrl = String.format("%s://%s:%s/rest/v1/screen?excludeTypes=VFCMT&excludeTypes=Configuration",
+ (sslEnabled ? BE_PROTOCOL_SSL : BE_PROTOCOL), BE_HOST, (sslEnabled ? BE_PORT_SSL : BE_PORT));
+ assertEquals(expectedUrl, feProxy.redirectMsRequestToMservice(servletRequest, configuration));
+ }
+
+ @Test
+ void testRedirectToMSWhenMsUrlExistsButItIsNotCatalogRequest() throws MalformedURLException {
+ final String url = "http//test.com:8080/rest/v1/sc";
+ final String urlParams = "x=1&y=2&z=3";
+ setUpConfigMocks();
+ when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url));
+ when(servletRequest.getQueryString()).thenReturn(urlParams);
+ assertFalse(feProxy.isMsRequest(url));
+ assertThrows(StringIndexOutOfBoundsException.class, () -> feProxy.redirectMsRequestToMservice(servletRequest, configuration));
+ }
+
+ private void setUpConfigMocks() {
+ when(catalogFacadeMsConfig.getPath()).thenReturn(msPath);
+ when(catalogFacadeMsConfig.getProtocol()).thenReturn(msProtocol);
+ when(catalogFacadeMsConfig.getHost()).thenReturn(msHost);
+ when(catalogFacadeMsConfig.getPort()).thenReturn(msPort);
+ when(catalogFacadeMsConfig.getHealthCheckUri()).thenReturn(msHealth);
+ }
+
+ /* class for testing only exposes the protected method.*/
+ public static class FeProxyServletForTest extends FeProxyServlet {
+ private static final long serialVersionUID = 1L;
+
+ @Override
+ public String rewriteTarget(HttpServletRequest request) {
+ return super.rewriteTarget(request);
+ }
+
+ @Override
+ boolean isMsRequest(String currentUrl) {
+ return super.isMsRequest(currentUrl);
+ }
+ }
}
diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml
index dc9b5fb256..6f1ec78165 100644
--- a/common-app-api/pom.xml
+++ b/common-app-api/pom.xml
@@ -394,6 +394,12 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.onap.sdc.common</groupId>
+ <artifactId>onap-configuration-management-api</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ </dependency>
</dependencies>
<build>
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/be/config/ConfigurationManager.java b/common-app-api/src/main/java/org/openecomp/sdc/be/config/ConfigurationManager.java
index 7241decd62..03cbc5952a 100644
--- a/common-app-api/src/main/java/org/openecomp/sdc/be/config/ConfigurationManager.java
+++ b/common-app-api/src/main/java/org/openecomp/sdc/be/config/ConfigurationManager.java
@@ -20,8 +20,6 @@
package org.openecomp.sdc.be.config;
import com.google.common.annotations.VisibleForTesting;
-import java.util.HashMap;
-import java.util.Map;
import org.openecomp.sdc.be.config.validation.ArtifactConfigValidator;
import org.openecomp.sdc.common.api.ArtifactTypeEnum;
import org.openecomp.sdc.common.api.BasicConfiguration;
@@ -31,11 +29,14 @@ import org.openecomp.sdc.common.api.FileChangeCallback;
import org.openecomp.sdc.common.config.EcompErrorConfiguration;
import org.openecomp.sdc.common.config.IEcompConfigurationManager;
+import java.util.HashMap;
+import java.util.Map;
+
public class ConfigurationManager implements FileChangeCallback, IEcompConfigurationManager {
private static ConfigurationManager instance;
final Map<String, Object> configurations = new HashMap<>();
- ConfigurationSource configurationSource = null;
+ private ConfigurationSource configurationSource;
@VisibleForTesting
public ConfigurationManager() {
@@ -67,7 +68,7 @@ public class ConfigurationManager implements FileChangeCallback, IEcompConfigura
final Object configurationObj = configurations.get(getKey(Configuration.class));
if (configurationObj instanceof Configuration) {
final ArtifactConfigValidator artifactConfigValidator = new ArtifactConfigValidator((Configuration) configurationObj,
- ArtifactTypeEnum.getBaseArtifacts());
+ ArtifactTypeEnum.getBaseArtifacts());
artifactConfigValidator.validate();
}
}
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpClientFactory.java b/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpClientFactory.java
index d45deb328b..599c43ac67 100644
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpClientFactory.java
+++ b/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpClientFactory.java
@@ -23,15 +23,17 @@ import org.apache.http.client.HttpRequestRetryHandler;
import org.apache.http.client.UserTokenHandler;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.conn.HttpClientConnectionManager;
-import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
+import org.onap.config.api.JettySSLUtils;
import org.openecomp.sdc.common.api.Constants;
import org.openecomp.sdc.common.http.config.ClientCertificate;
-import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class HttpClientFactory {
- private static final Logger logger = Logger.getLogger(HttpClientFactory.class.getName());
+ private static final Logger LOGGER = LoggerFactory.getLogger(HttpClientFactory.class);
private static final UserTokenHandler userTokenHandler = context -> null;
private final HttpConnectionMngFactory connectionMngFactory;
@@ -40,13 +42,25 @@ public class HttpClientFactory {
}
HttpClient createClient(String protocol, HttpClientConfigImmutable config) {
- logger.debug("Create {} client based on {}", protocol, config);
- ClientCertificate clientCertificate = Constants.HTTPS.equals(protocol) ? config.getClientCertificate() : null;
- HttpClientConnectionManager connectionManager = connectionMngFactory.getOrCreate(clientCertificate);
- RequestConfig requestConfig = createClientTimeoutConfiguration(config);
- CloseableHttpClient client = HttpClients.custom().setDefaultRequestConfig(requestConfig).setConnectionManager(connectionManager)
- .setUserTokenHandler(userTokenHandler).setRetryHandler(resolveRetryHandler(config)).build();
- return new HttpClient(client, config);
+ LOGGER.debug("Create {} client based on {}", protocol, config);
+ final ClientCertificate clientCertificate = Constants.HTTPS.equals(protocol) ? config.getClientCertificate() : null;
+ final HttpClientConnectionManager connectionManager = connectionMngFactory.getOrCreate(clientCertificate);
+ final RequestConfig requestConfig = createClientTimeoutConfiguration(config);
+
+ try {
+ final HttpClientBuilder httpClientBuilder = HttpClients.custom()
+ .setDefaultRequestConfig(requestConfig)
+ .setConnectionManager(connectionManager)
+ .setUserTokenHandler(userTokenHandler)
+ .setRetryHandler(resolveRetryHandler(config));
+ if (clientCertificate != null) {
+ httpClientBuilder.setSSLContext(JettySSLUtils.getSslContext());
+ }
+ return new HttpClient(httpClientBuilder.build(), config);
+ } catch (Exception e) {
+ LOGGER.error("Failed to createClient", e);
+ throw new RuntimeException(e);
+ }
}
private HttpRequestRetryHandler resolveRetryHandler(HttpClientConfigImmutable config) {
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpResponse.java b/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpResponse.java
index 573c97f130..bd5990eed5 100644
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpResponse.java
+++ b/common-app-api/src/main/java/org/openecomp/sdc/common/http/client/api/HttpResponse.java
@@ -19,8 +19,12 @@
*/
package org.openecomp.sdc.common.http.client.api;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
import org.apache.commons.lang3.StringUtils;
+@Getter
+@AllArgsConstructor
public class HttpResponse<T> {
private final T response;
@@ -28,39 +32,11 @@ public class HttpResponse<T> {
private final String description;
public HttpResponse(T response, int statusCode) {
- this.response = response;
- this.statusCode = statusCode;
- this.description = StringUtils.EMPTY;
- }
-
- public HttpResponse(T response, int statusCode, String description) {
- this.response = response;
- this.statusCode = statusCode;
- this.description = description;
- }
-
- public T getResponse() {
- return response;
- }
-
- public int getStatusCode() {
- return statusCode;
- }
-
- public String getDescription() {
- return description;
+ this(response, statusCode, StringUtils.EMPTY);
}
@Override
public String toString() {
- StringBuilder builder = new StringBuilder();
- builder.append("HttpResponse [response=");
- builder.append(response);
- builder.append(", statusCode=");
- builder.append(statusCode);
- builder.append(", description=");
- builder.append(description);
- builder.append("]");
- return builder.toString();
+ return "HttpResponse [response=" + response + ", statusCode=" + statusCode + ", description=" + description + "]";
}
}
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/listener/AppContextListener.java b/common-app-api/src/main/java/org/openecomp/sdc/common/listener/AppContextListener.java
index 70a94fd460..d85dab0db6 100644
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/listener/AppContextListener.java
+++ b/common-app-api/src/main/java/org/openecomp/sdc/common/listener/AppContextListener.java
@@ -39,6 +39,7 @@ public class AppContextListener implements ServletContextListener {
private static Logger log = Logger.getLogger(AppContextListener.class.getName());
+ @Override
public void contextInitialized(ServletContextEvent context) {
log.debug("ServletContextListener initialized ");
log.debug("After read values from Manifest {}", getManifestInfo(context.getServletContext()));
@@ -57,6 +58,7 @@ public class AppContextListener implements ServletContextListener {
ExternalConfiguration.listenForChanges();
}
+ @Override
public void contextDestroyed(ServletContextEvent context) {
log.debug("ServletContextListener destroyed");
ExternalConfiguration.stopListenForFileChanges();
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogRequestInterceptor.java b/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogRequestInterceptor.java
deleted file mode 100644
index 82bf295762..0000000000
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogRequestInterceptor.java
+++ /dev/null
@@ -1,63 +0,0 @@
-package org.openecomp.sdc.common.log.interceptors;
-
-import java.io.IOException;
-import java.net.URI;
-import org.apache.http.HttpException;
-import org.apache.http.HttpMessage;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpRequestInterceptor;
-import org.apache.http.HttpResponse;
-import org.apache.http.protocol.HttpContext;
-import org.onap.logging.filter.base.AbstractMetricLogFilter;
-import org.onap.logging.ref.slf4j.ONAPLogConstants;
-import org.openecomp.sdc.common.log.elements.LogFieldsMdcHandler;
-
-public class ApacheClientLogRequestInterceptor extends AbstractMetricLogFilter<HttpRequest, HttpResponse, HttpMessage> implements
- HttpRequestInterceptor {
-
- private String previousInvocationId;
-
- @Override
- protected void addHeader(HttpMessage httpMessage, String s, String s1) {
- httpMessage.addHeader(s, s1);
- }
-
- @Override
- protected String getTargetServiceName(HttpRequest httpRequest) {
- return httpRequest.getRequestLine().getUri();
- }
-
- @Override
- protected String getServiceName(HttpRequest httpRequest) {
- return URI.create(httpRequest.getRequestLine().getUri()).getPath();
- }
-
- @Override
- protected int getHttpStatusCode(HttpResponse httpResponse) {
- return httpResponse.getStatusLine().getStatusCode();
- }
-
- @Override
- protected String getResponseCode(HttpResponse httpResponse) {
- return String.valueOf(httpResponse.getStatusLine().getStatusCode());
- }
-
- @Override
- protected String getTargetEntity(HttpRequest httpRequest) {
- //fallback to default value that provided by AbstractMetricLogFilter
- return null;
- }
-
- @Override
- protected void additionalPre(HttpRequest httpRequest, HttpMessage httpMessage) {
- String outgoingInvocationId = httpMessage.getFirstHeader(ONAPLogConstants.Headers.INVOCATION_ID).getValue();
- LogFieldsMdcHandler.getInstance().setOutgoingInvocationId(outgoingInvocationId);
- LogFieldsMdcHandler.getInstance().setKeyInvocationId(previousInvocationId);
- }
-
- @Override
- public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
- previousInvocationId = LogFieldsMdcHandler.getInstance().getKeyInvocationId();
- super.pre(httpRequest, httpRequest);
- }
-}
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogResponseInterceptor.java b/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogResponseInterceptor.java
deleted file mode 100644
index 26c7c2540b..0000000000
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/log/interceptors/ApacheClientLogResponseInterceptor.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package org.openecomp.sdc.common.log.interceptors;
-
-import java.io.IOException;
-import java.net.URI;
-import org.apache.http.HttpException;
-import org.apache.http.HttpMessage;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
-import org.apache.http.HttpResponseInterceptor;
-import org.apache.http.protocol.HttpContext;
-import org.onap.logging.filter.base.AbstractMetricLogFilter;
-
-public class ApacheClientLogResponseInterceptor extends AbstractMetricLogFilter<HttpRequest, HttpResponse, HttpMessage> implements
- HttpResponseInterceptor {
-
- @Override
- protected void addHeader(HttpMessage httpMessage, String s, String s1) {
- httpMessage.addHeader(s, s1);
- }
-
- @Override
- protected String getTargetServiceName(HttpRequest httpRequest) {
- return httpRequest.getRequestLine().getUri();
- }
-
- @Override
- protected String getServiceName(HttpRequest httpRequest) {
- return URI.create(httpRequest.getRequestLine().getUri()).getPath();
- }
-
- @Override
- protected int getHttpStatusCode(HttpResponse httpResponse) {
- return httpResponse.getStatusLine().getStatusCode();
- }
-
- @Override
- protected String getResponseCode(HttpResponse httpResponse) {
- return String.valueOf(httpResponse.getStatusLine().getStatusCode());
- }
-
- @Override
- protected String getTargetEntity(HttpRequest httpRequest) {
- //fallback to default value that provided by AbstractMetricLogFilter
- return null;
- }
-
- @Override
- public void process(HttpResponse httpResponse, HttpContext httpContext) throws HttpException, IOException {
- super.post(null, httpResponse);
- }
-}
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/util/StreamUtils.java b/common-app-api/src/main/java/org/openecomp/sdc/common/util/StreamUtils.java
deleted file mode 100644
index 37769fbaef..0000000000
--- a/common-app-api/src/main/java/org/openecomp/sdc/common/util/StreamUtils.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.common.util;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Spliterator;
-import java.util.Spliterators.AbstractSpliterator;
-import java.util.function.Consumer;
-import java.util.function.Predicate;
-import java.util.stream.Stream;
-import java.util.stream.StreamSupport;
-
-/**
- * Utility Class For Actions On Streams
- *
- * @author mshitrit
- */
-public final class StreamUtils {
-
- private StreamUtils() {
- throw new UnsupportedOperationException();
- }
-
- /**
- * Breaks the stream when the predicate is not met.<br> Does not evaluate elements after the stream breaks.<br> This method evaluates the
- * stream.<br>
- *
- * @param stream
- * @param predicate
- * @return
- */
- public static <T> Stream<T> takeWhilePlusOneNoEval(Stream<T> stream, Predicate<T> predicate) {
- List<T> results = new ArrayList<>();
- Consumer<T> listAdder = results::add;
- stream.map(e -> {
- listAdder.accept(e);
- return e;
- }).filter(e -> !predicate.test(e)).findFirst();
- return results.stream();
- }
-
- public static <T> Stream<T> takeWhile(Stream<T> stream, Predicate<T> predicate) {
- return StreamSupport.stream(takeWhile(stream.spliterator(), predicate), false);
- }
-
- public static <T> Stream<T> takeWhilePlusOne(Stream<T> stream, Predicate<T> predicate) {
- return StreamSupport.stream(takeWhile(stream.spliterator(), new StopAfterFailPredicate<>(predicate)), false);
- }
-
- private static <T> Spliterator<T> takeWhile(Spliterator<T> splitr, Predicate<T> predicate) {
- return new MySplitIterator<>(splitr, predicate);
- }
-
- public static class MySplitIterator<T> extends AbstractSpliterator<T> implements Spliterator<T> {
-
- boolean stillGoing = true;
- private Spliterator<T> innerItr;
- private Predicate<T> innerPred;
-
- private MySplitIterator(Spliterator<T> splitItr, Predicate<T> pred) {
- super(splitItr.estimateSize(), 0);
- innerItr = splitItr;
- innerPred = pred;
- }
-
- @Override
- public boolean tryAdvance(Consumer<? super T> action) {
- boolean canAdvance = true;
- if (stillGoing) {
- stillGoing = innerItr.tryAdvance(createConsumerWrapper(action));
- } else {
- canAdvance = false;
- }
- return canAdvance;
- }
-
- private Consumer<? super T> createConsumerWrapper(Consumer<? super T> action) {
- return new Consumer<T>() {
- @Override
- public void accept(T t) {
- stillGoing = innerPred.test(t);
- if (stillGoing) {
- action.accept(t);
- }
- }
- };
- }
- }
-
- public static class StopAfterFailPredicate<T> implements Predicate<T> {
-
- boolean hasNotFailed;
- Predicate<T> innerPredicate;
-
- private StopAfterFailPredicate(Predicate<T> pred) {
- hasNotFailed = true;
- innerPredicate = pred;
- }
-
- ;
-
- @Override
- public boolean test(T t) {
- boolean isPassed;
- if (hasNotFailed) {
- isPassed = true;
- hasNotFailed = innerPredicate.test(t);
- } else {
- isPassed = false;
- }
- return isPassed;
- }
- }
-}
diff --git a/common-app-api/src/main/java/org/openecomp/sdc/fe/config/ConfigurationManager.java b/common-app-api/src/main/java/org/openecomp/sdc/fe/config/ConfigurationManager.java
index 0d5cf62cb1..798bacf9a3 100644
--- a/common-app-api/src/main/java/org/openecomp/sdc/fe/config/ConfigurationManager.java
+++ b/common-app-api/src/main/java/org/openecomp/sdc/fe/config/ConfigurationManager.java
@@ -34,8 +34,8 @@ public class ConfigurationManager implements FileChangeCallback, IEcompConfigura
private static final Logger log = Logger.getLogger(ConfigurationManager.class.getName());
private static ConfigurationManager instance;
- ConfigurationSource configurationSource = null;
- Map<String, Object> configurations = new HashMap<>();
+ private final ConfigurationSource configurationSource;
+ private final Map<String, Object> configurations = new HashMap<>();
public ConfigurationManager(ConfigurationSource configurationSource) {
super();
@@ -101,6 +101,7 @@ public class ConfigurationManager implements FileChangeCallback, IEcompConfigura
return (Configuration) configurations.get(getKey(Configuration.class));
}
+ @Override
public void reconfigure(BasicConfiguration obj) {
//
diff --git a/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpClientFactoryTest.java b/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpClientFactoryTest.java
index 4958202811..feb49d0cc8 100644
--- a/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpClientFactoryTest.java
+++ b/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpClientFactoryTest.java
@@ -20,11 +20,11 @@
package org.openecomp.sdc.common.http.client.api;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
import org.onap.sdc.security.SecurityUtil;
import org.openecomp.sdc.common.http.config.BasicAuthorization;
import org.openecomp.sdc.common.http.config.ClientCertificate;
@@ -36,15 +36,15 @@ import java.util.Map;
import static junit.framework.TestCase.assertNotNull;
-@RunWith(MockitoJUnitRunner.class)
-public class HttpClientFactoryTest {
+@ExtendWith(MockitoExtension.class)
+class HttpClientFactoryTest {
@Mock
- HttpConnectionMngFactory httpConnectionMngFactory;
+ private HttpConnectionMngFactory httpConnectionMngFactory;
@Test
- public void validateNewClientCreationReturnsValidClient() throws HttpExecuteException {
- HttpClient httpClient = new HttpClientFactory(httpConnectionMngFactory).createClient("Http",prepareTestClientConfigImmutable());
+ void validateNewClientCreationReturnsValidClient() {
+ final HttpClient httpClient = new HttpClientFactory(httpConnectionMngFactory).createClient("Http", prepareTestClientConfigImmutable());
assertNotNull(httpClient);
httpClient.close();
}
diff --git a/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpResponseTest.java b/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpResponseTest.java
index d96f071e3c..85246a1b45 100644
--- a/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpResponseTest.java
+++ b/common-app-api/src/test/java/org/openecomp/sdc/common/http/client/api/HttpResponseTest.java
@@ -21,38 +21,38 @@
package org.openecomp.sdc.common.http.client.api;
import org.apache.http.HttpStatus;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
-public class HttpResponseTest {
+class HttpResponseTest {
@Test
- public void validateNoDescriptionConstructor() {
+ void validateNoDescriptionConstructor() {
final String testResponse = "test response";
HttpResponse<String> httpResponseTest = new HttpResponse<>(testResponse, HttpStatus.SC_OK);
- assertEquals(httpResponseTest.getStatusCode(),HttpStatus.SC_OK);
- assertEquals(httpResponseTest.getResponse(),testResponse);
- assertEquals(httpResponseTest.getDescription(),"");
+ assertEquals(httpResponseTest.getStatusCode(), HttpStatus.SC_OK);
+ assertEquals(httpResponseTest.getResponse(), testResponse);
+ assertEquals(httpResponseTest.getDescription(), "");
}
@Test
- public void validateAllArgsConstructor() {
+ void validateAllArgsConstructor() {
final String testResponse = "test response";
final String testDescription = "test description";
HttpResponse<String> httpResponseTest = new HttpResponse<>(testResponse, HttpStatus.SC_OK, testDescription);
- assertEquals(httpResponseTest.getStatusCode(),HttpStatus.SC_OK);
- assertEquals(httpResponseTest.getResponse(),testResponse);
- assertEquals(httpResponseTest.getDescription(),testDescription);
+ assertEquals(httpResponseTest.getStatusCode(), HttpStatus.SC_OK);
+ assertEquals(httpResponseTest.getResponse(), testResponse);
+ assertEquals(httpResponseTest.getDescription(), testDescription);
}
@Test
- public void validateToStringConstructor() {
+ void validateToStringConstructor() {
final String testResponse = "test response";
final String testDescription = "test description";
diff --git a/common-app-api/src/test/java/org/openecomp/sdc/common/util/StreamUtilsTests.java b/common-app-api/src/test/java/org/openecomp/sdc/common/util/StreamUtilsTests.java
deleted file mode 100644
index 5ee8f42b6b..0000000000
--- a/common-app-api/src/test/java/org/openecomp/sdc/common/util/StreamUtilsTests.java
+++ /dev/null
@@ -1,142 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.openecomp.sdc.common.util;
-
-import fj.data.Either;
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.function.Function;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-import static org.junit.Assert.assertTrue;
-
-public class StreamUtilsTests {
- @Test
- public void testTakeWhilePredicateNotMet() {
- List<Either<Integer, Boolean>> list = buildListWith10Integers();
-
- assertEquals(10, StreamUtils.takeWhile(list.stream(), Either::isLeft).count());
- }
-
- @Test
- public void testTakeWhilePredicateIsMet() {
- List<Either<Integer, Boolean>> list = buildListWith10Integers();
- addToBooleansToList(list);
-
- final Stream<Either<Integer, Boolean>> takeWhileStream = StreamUtils.takeWhile(list.stream(), Either::isLeft);
- assertEquals(0, takeWhileStream.filter(Either::isRight).count());
- }
-
- @Test
- public <T> void testTakeErrorEvalOnlyOnce() {
- List<Integer> bucket = new ArrayList<>();
- // API
- Function<Integer, Either<Integer, Boolean>> cons = num -> {
- Either<Integer, Boolean> ret;
- bucket.add(num);
- if (num > 5) {
- ret = Either.right(false);
- } else {
- ret = Either.left(num);
- }
- ;
- return ret;
- };
-
- List<Integer> num1to10 = Arrays.asList(1, 2, 3, 4, 5, 6, 7, 8, 9, 10);
- Stream<Either<Integer, Boolean>> streamEithers = num1to10.stream().map(cons::apply);
- List<Either<Integer, Boolean>> collect = StreamUtils.takeWhilePlusOneNoEval(streamEithers, Either::isLeft)
- .collect(Collectors.toList());
- assertTrue(bucket.size() <= 6);
- assertTrue(collect.size() <= 6);
- assertEquals(1, collect.stream().filter(Either::isRight).count());
-
- }
-
- @Test
- public void testTakeWhilePlusOnePredicateNotMet() {
- List<Either<Integer, Boolean>> list = buildListWith10Integers();
-
- assertEquals(10, StreamUtils.takeWhilePlusOne(list.stream(), Either::isLeft).count());
- }
-
- @Test
- public void testTakeWhilePlusOnePredicateIsMet() {
- List<Either<Integer, Boolean>> list = buildListWith10Integers();
- addToBooleansToList(list);
-
- final Stream<Either<Integer, Boolean>> takeWhilePlusOneStream = StreamUtils.takeWhilePlusOne(list.stream(),
- Either::isLeft);
- assertEquals(1, takeWhilePlusOneStream.filter(Either::isRight).count());
- }
-
- private void addToBooleansToList(List<Either<Integer, Boolean>> list) {
- list.add(Either.right(false));
- list.add(Either.right(false));
- }
-
- private List<Either<Integer, Boolean>> buildListWith10Integers() {
- List<Either<Integer, Boolean>> list = new ArrayList<>();
- for (int i = 0; i < 10; i++) {
- list.add(Either.left(i));
- }
- return list;
- }
-
- @Test
- public void myTest() {
- List<Integer> list = new ArrayList<>();
- for (int i = 0; i < 10; i++) {
- list.add(i);
- }
-
- List<Either<Integer, Boolean>> container = new ArrayList<>();
- list.stream().map(e -> myBusinessLogic(e, container)).filter(Either::isRight).findAny();
- // Actual Results are in container
- assertEquals(6, container.size());
-
- }
-
- private Either<Integer, Boolean> myBusinessLogic(int e, List<Either<Integer, Boolean>> cobtainerList) {
- Either<Integer, Boolean> eitherElement = similuteDBAccess(e);
- // Keep The results in external List
- cobtainerList.add(eitherElement);
-
- return eitherElement;
- }
-
- private Either<Integer, Boolean> similuteDBAccess(int e) {
- Either<Integer, Boolean> eitherElement;
- if (e < 5) {
- // DB Success
- eitherElement = Either.left(e);
- } else {
- // DB Fail
- eitherElement = Either.right(true);
- }
- return eitherElement;
- }
-}
diff --git a/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml b/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml
index 36bff43532..f8fc085b1f 100644
--- a/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml
+++ b/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml
@@ -24,6 +24,11 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.projectlombok</groupId>
+ <artifactId>lombok</artifactId>
+ <version>${lombok.version}</version>
+ </dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
diff --git a/common/onap-common-configuration-management/onap-configuration-management-api/src/main/java/org/onap/config/api/JettySSLUtils.java b/common/onap-common-configuration-management/onap-configuration-management-api/src/main/java/org/onap/config/api/JettySSLUtils.java
index 44280cf105..ad3395f720 100644
--- a/common/onap-common-configuration-management/onap-configuration-management-api/src/main/java/org/onap/config/api/JettySSLUtils.java
+++ b/common/onap-common-configuration-management/onap-configuration-management-api/src/main/java/org/onap/config/api/JettySSLUtils.java
@@ -19,59 +19,61 @@
*/
package org.onap.config.api;
-import java.io.File;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.NoArgsConstructor;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
+import org.apache.http.ssl.SSLContexts;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.SSLContext;
import java.io.FileInputStream;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
+import java.io.InputStream;
import java.security.KeyStore;
import java.util.Properties;
-import javax.net.ssl.SSLContext;
-import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
-import org.apache.http.ssl.SSLContexts;
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
public class JettySSLUtils {
+ private static final Logger LOGGER = LoggerFactory.getLogger(JettySSLUtils.class);
+ private static final String JETTY_BASE = System.getenv("JETTY_BASE");
- private JettySSLUtils() {
- }
-
- public static JettySslConfig getSSLConfig() throws IOException {
- Properties sslProperties = new Properties();
- String sslPropsPath = System.getenv("JETTY_BASE") + File.separator + "/start.d/ssl.ini";
- File sslPropsFile = new File(sslPropsPath);
- try (FileInputStream fis = new FileInputStream(sslPropsFile)) {
+ public static JettySslConfig getSSLConfig() {
+ final Properties sslProperties = new Properties();
+ final String sslPropsPath = JETTY_BASE + "/start.d/ssl.ini";
+ try (final InputStream fis = new FileInputStream(sslPropsPath)) {
sslProperties.load(fis);
+ } catch (Exception e) {
+ LOGGER.error("Failed to read '{}'", sslPropsPath, e);
}
return new JettySslConfig(sslProperties);
}
- public static SSLContext getSslContext() throws GeneralSecurityException, IOException {
- JettySslConfig sslProperties = JettySSLUtils.getSSLConfig();
- KeyStore trustStore = KeyStore.getInstance(sslProperties.getTruststoreType());
- try (FileInputStream instream = new FileInputStream(new File(sslProperties.getTruststorePath()));) {
- trustStore.load(instream, (sslProperties.getTruststorePass()).toCharArray());
+ public static SSLContext getSslContext() throws Exception {
+ final JettySslConfig sslProperties = getSSLConfig();
+ final KeyStore trustStore = KeyStore.getInstance(sslProperties.getTruststoreType());
+ try (final InputStream fis = new FileInputStream(sslProperties.getTruststorePath())) {
+ trustStore.load(fis, (sslProperties.getTruststorePass()).toCharArray());
}
- KeyStore keystore = KeyStore.getInstance(sslProperties.getKeystoreType());
- try (FileInputStream instream = new FileInputStream(new File(sslProperties.getKeystorePath()));) {
- keystore.load(instream, sslProperties.getKeystorePass().toCharArray());
+
+ final KeyStore keystore = KeyStore.getInstance(sslProperties.getKeystoreType());
+ try (final InputStream fis = new FileInputStream(sslProperties.getKeystorePath())) {
+ keystore.load(fis, sslProperties.getKeystorePass().toCharArray());
}
// Trust own CA and all self-signed certs
- return SSLContexts.custom().loadKeyMaterial(keystore, sslProperties.getKeystorePass().toCharArray())
- .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).build();
+ return SSLContexts.custom()
+ .loadKeyMaterial(keystore, sslProperties.getKeystorePass().toCharArray())
+ .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy())
+ .build();
}
+ @AllArgsConstructor
public static class JettySslConfig {
- static final String JETTY_BASE = System.getenv("JETTY_BASE");
- static final String KEY_STORE_TYPE_PROPERTY_NAME = "jetty.sslContext.keyStoreType";
- static final String TRUST_STORE_TYPE_PROPERTY_NAME = "jetty.sslContext.trustStoreType";
- Properties sslProperties;
+ private final Properties sslProperties;
- JettySslConfig(Properties sslProperties) {
- this.sslProperties = sslProperties;
- }
-
- public String getJettyBase() {
- return JettySslConfig.JETTY_BASE;
+ public String getJettyBase(){
+ return JETTY_BASE;
}
public String getKeystorePath() {
@@ -83,7 +85,7 @@ public class JettySSLUtils {
}
public String getKeystoreType() {
- return sslProperties.getProperty(KEY_STORE_TYPE_PROPERTY_NAME, KeyStore.getDefaultType());
+ return sslProperties.getProperty("jetty.sslContext.keyStoreType", KeyStore.getDefaultType());
}
public String getTruststorePath() {
@@ -95,10 +97,10 @@ public class JettySSLUtils {
}
public String getTruststoreType() {
- return sslProperties.getProperty(TRUST_STORE_TYPE_PROPERTY_NAME, KeyStore.getDefaultType());
+ return sslProperties.getProperty("jetty.sslContext.trustStoreType", KeyStore.getDefaultType());
}
- public String getKeyStoreManager() {
+ public String getKeyManagerPassword() {
return sslProperties.getProperty("jetty.sslContext.keyManagerPassword");
}
@@ -110,8 +112,5 @@ public class JettySSLUtils {
}
}
- public String getProperty(String key) {
- return sslProperties.getProperty(key);
- }
}
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml
index 2ccfa6d156..18de9b88b2 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml
@@ -110,6 +110,11 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ <version>${httpcore.version}</version>
+ </dependency>
</dependencies>
</project>
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/src/main/java/org/openecomp/sdcrests/vsp/rest/services/VnfPackageRepositoryImpl.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/src/main/java/org/openecomp/sdcrests/vsp/rest/services/VnfPackageRepositoryImpl.java
index 5bfd29affa..754199ac29 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/src/main/java/org/openecomp/sdcrests/vsp/rest/services/VnfPackageRepositoryImpl.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/src/main/java/org/openecomp/sdcrests/vsp/rest/services/VnfPackageRepositoryImpl.java
@@ -16,24 +16,6 @@
*/
package org.openecomp.sdcrests.vsp.rest.services;
-import static javax.ws.rs.core.HttpHeaders.CONTENT_DISPOSITION;
-import static org.openecomp.core.utilities.file.FileUtils.getFileExtension;
-import static org.openecomp.core.utilities.file.FileUtils.getNetworkPackageName;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.nio.charset.StandardCharsets;
-import java.security.GeneralSecurityException;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.util.List;
-import java.util.Objects;
-import java.util.Optional;
-import javax.inject.Named;
-import javax.net.ssl.SSLContext;
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.core.Response;
import org.onap.config.api.ConfigurationManager;
import org.onap.config.api.JettySSLUtils;
import org.openecomp.core.utilities.orchestration.OnboardingTypesEnum;
@@ -57,6 +39,20 @@ import org.openecomp.sdcrests.vsp.rest.mapping.MapUploadFileResponseToUploadFile
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
+import javax.inject.Named;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+import javax.ws.rs.core.Response;
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+
+import static javax.ws.rs.core.HttpHeaders.CONTENT_DISPOSITION;
+import static org.openecomp.core.utilities.file.FileUtils.getFileExtension;
+import static org.openecomp.core.utilities.file.FileUtils.getNetworkPackageName;
+
/**
* Enables integration API interface with VNF Repository (VNFSDK).
* <ol>
@@ -77,17 +73,15 @@ public class VnfPackageRepositoryImpl implements VnfPackageRepository {
private static Client trustSSLClient() {
try {
- SSLContext sslcontext = JettySSLUtils.getSslContext();
- return ClientBuilder.newBuilder().sslContext(sslcontext).hostnameVerifier((requestedHost, remoteServerSession)
- -> requestedHost.equalsIgnoreCase(remoteServerSession.getPeerHost())).build();
-
- } catch (IOException | GeneralSecurityException e) {
+ return ClientBuilder.newBuilder()
+ .sslContext(JettySSLUtils.getSslContext())
+ .hostnameVerifier((requestedHost, remoteServerSession) -> requestedHost.equalsIgnoreCase(remoteServerSession.getPeerHost())).build();
+ } catch (final Exception e) {
LOGGER.error("Failed to initialize SSL context", e);
}
return ClientBuilder.newClient();
}
-
private final Configuration config;
public VnfPackageRepositoryImpl(Configuration config) {
@@ -126,15 +120,15 @@ public class VnfPackageRepositoryImpl implements VnfPackageRepository {
private Response uploadVnfPackage(final String vspId, final String versionId, final String csarId, final byte[] payload) {
try {
final OrchestrationTemplateCandidateManager candidateManager = OrchestrationTemplateCandidateManagerFactory.getInstance()
- .createInterface();
+ .createInterface();
final String filename = formatFilename(csarId);
final String fileExtension = getFileExtension(filename);
final OnboardPackageInfo onboardPackageInfo = new OnboardPackageInfo(getNetworkPackageName(filename), fileExtension,
- ByteBuffer.wrap(payload), OnboardingTypesEnum.getOnboardingTypesEnum(fileExtension));
+ ByteBuffer.wrap(payload), OnboardingTypesEnum.getOnboardingTypesEnum(fileExtension));
final VspDetails vspDetails = new VspDetails(vspId, getVersion(vspId, versionId));
final UploadFileResponse response = candidateManager.upload(vspDetails, onboardPackageInfo);
final UploadFileResponseDto uploadFileResponse = new MapUploadFileResponseToUploadFileResponseDto()
- .applyMapping(response, UploadFileResponseDto.class);
+ .applyMapping(response, UploadFileResponseDto.class);
return Response.ok(uploadFileResponse).build();
} catch (final Exception e) {
ErrorCode error = new GeneralErrorBuilder().build();
@@ -172,7 +166,7 @@ public class VnfPackageRepositoryImpl implements VnfPackageRepository {
if (LOGGER.isErrorEnabled()) {
String body = response.hasEntity() ? response.readEntity(String.class) : "";
LOGGER.error("Unexpected response status while {}: URI={}, status={}, body={}", action, uri, response.getStatus(), body,
- new CoreException(error));
+ new CoreException(error));
}
return generateInternalServerError(error);
}
diff --git a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
index 78d2236a08..166f4604a8 100644
--- a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
+++ b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
@@ -14,12 +14,6 @@
<dependencies>
<dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>1.7.25</version>
- </dependency>
-
- <dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-crypto</artifactId>
<version>1.0.0</version>
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
index f0f9d5fa42..cc34c81f09 100644
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
@@ -1,4 +1,4 @@
-FROM onap/integration-java11:9.0.0
+FROM onap/integration-java11:10.0.0
USER root
ARG JETTY_FOLDER=/app/jetty
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
index 074584a6e8..d2a40942e8 100644
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
@@ -5,15 +5,19 @@ default['FE'][:http_port] = 8181
default['FE'][:https_port] = 9443
default['disableHttp'] = true
default['cassandra'][:truststore_password] = "Aa123456"
+
+default['jetty']['keystore_path'] = "etc/org.onap.sdc.p12"
default['jetty'][:keystore_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31"
default['jetty'][:keymanager_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31"
+default['jetty']['truststore_path'] = "etc/org.onap.sdc.trust.jks"
+# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION
+# MUST BE ALSO CHANGE IN THE startup.sh FILE
default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0"
-default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore"
default['VnfRepo']['vnfRepoPort'] = 8702
default['VnfRepo']['vnfRepoHost'] = "refrepo"
-#Cassandra
+# Cassandra
default['cassandra']['cassandra_port'] = 9042
default['cassandra']['datacenter_name'] = "DC-"
default['cassandra']['cluster_name'] = "SDC-CS-"
@@ -21,12 +25,12 @@ default['cassandra']['socket_read_timeout'] = 20000
default['cassandra']['socket_connect_timeout'] = 20000
default['cassandra']['janusgraph_connection_timeout'] = 10000
-#Basicauth
+# Basicauth
default['basic_auth']['enabled'] = true
default['basic_auth'][:user_name] = "testName"
default['basic_auth'][:user_pass] = "testPass"
default['basic_auth']['excludedUrls'] = "/v1.0/healthcheck"
-#ExternalTesting
+# ExternalTesting
default['EXTTEST']['ep1_config'] = "vtp,VTP,true,http://refrepo:8702/onapapi/vnfsdk-marketplace,onap.*"
default['EXTTEST']['ep2_config'] = "repository,Repository,false,,.*"
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb
index 6b2b79b49c..2e51402016 100644
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb
@@ -1,4 +1,4 @@
-#Set the http module option
+# Set the http module option
if node['disableHttp']
http_option = "#--module=http"
else
@@ -18,12 +18,11 @@ template "http-ini" do
group "#{ENV['JETTY_GROUP']}"
mode "0755"
variables ({
- :http_option => http_option ,
+ :http_option => http_option,
:http_port => "#{node['ONBOARDING_BE'][:http_port]}"
})
-
-end
+end
template "https-ini" do
path "#{ENV['JETTY_BASE']}/start.d/https.ini"
@@ -34,7 +33,6 @@ template "https-ini" do
variables :https_port => "#{node['ONBOARDING_BE'][:https_port]}"
end
-
template "ssl-ini" do
path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
source "ssl-ini.erb"
@@ -42,9 +40,11 @@ template "ssl-ini" do
group "#{ENV['JETTY_GROUP']}"
mode "0755"
variables ({
- :https_port => "#{node['ONBOARDING_BE'][:https_port]}" ,
- :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
- :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+ :https_port => "#{node['ONBOARDING_BE'][:https_port]}",
+ :jetty_keystore_path => "#{node['jetty'][:keystore_path]}",
+ :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}",
+ :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}",
+ :jetty_truststore_path => "#{node['jetty'][:truststore_path]}",
:jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
})
end
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
index 278fdea2ae..c489825c7b 100644
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
@@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %>
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## Keystore file path (relative to $jetty.base)
-jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
+jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %>
## Truststore file path (relative to $jetty.base)
-jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
+jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %>
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
-# jetty.sslContext.keyStoreType=JKS
+jetty.sslContext.keyStoreType=JKS
# jetty.sslContext.keyStoreProvider=
## KeyManager password
@@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
-# jetty.sslContext.trustStoreType=JKS
+jetty.sslContext.trustStoreType=JKS
# jetty.sslContext.trustStoreProvider=
## whether client certificate authentication is required
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh
index 43aad8726a..6ee1b7b344 100644
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh
@@ -8,6 +8,8 @@ JAVA_OPTIONS="$JAVA_OPTIONS \
-Dconfiguration.yaml=$JETTY_BASE/config/onboarding-be/onboarding_configuration.yaml \
-Dfeatures.properties=$JETTY_BASE/config/onboarding-be/features.properties \
-XX:+HeapDumpOnOutOfMemoryError \
+ -Djavax.net.ssl.trustStore=$JETTY_BASE/etc/org.onap.sdc.trust.jks \
+ -Djavax.net.ssl.trustStorePassword=z+KEj;t+,KN^iimSiS89e#p0 \
-Dconfig.location=$JETTY_BASE/config/onboarding-be/."
cd $JETTY_BASE
@@ -16,6 +18,6 @@ cd $JETTY_BASE/chef-solo
chef-solo -c solo.rb -E ${ENVNAME}
cd $JETTY_HOME
-echo "jetty.httpConfig.sendServerVersion=false" >> $JETTY_HOME/start.d/start.ini
+echo "jetty.httpConfig.sendServerVersion=false" >>$JETTY_HOME/start.d/start.ini
java $JAVA_OPTIONS -jar "${JETTY_HOME}/start.jar"
diff --git a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml
index 3748ef8b26..ea2aa235e2 100644
--- a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml
@@ -19,11 +19,6 @@
<version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>${slf4j-api.version}</version>
- </dependency>
- <dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${logback.version}</version>
diff --git a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml
index dd9e77422e..fe4e1b70ae 100644
--- a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml
@@ -16,106 +16,110 @@
-->
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns="http://maven.apache.org/POM/4.0.0"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
- <name>openecomp-sdc-validation-impl</name>
- <artifactId>openecomp-sdc-validation-impl</artifactId>
+ <name>openecomp-sdc-validation-impl</name>
+ <artifactId>openecomp-sdc-validation-impl</artifactId>
- <parent>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-validation-lib</artifactId>
- <version>1.12.4-SNAPSHOT</version>
- </parent>
+ <parent>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-validation-lib</artifactId>
+ <version>1.12.4-SNAPSHOT</version>
+ </parent>
- <dependencies>
- <dependency>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- <version>${logback.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-logging-core</artifactId>
- <version>${project.version}</version>
- <scope>runtime</scope>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-logging-api</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-utilities-lib</artifactId>
- <version>${project.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-server</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-servlet</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-validation-api</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-common-lib</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-heat-lib</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>commons-io</groupId>
- <artifactId>commons-io</artifactId>
- <version>${commons.io.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-validation-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.onap.vnfsdk.validation</groupId>
- <artifactId>validation-pmdictionary</artifactId>
- <version>${onap.vnfsdk.validation.pmdictionary.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>io.vavr</groupId>
- <artifactId>vavr</artifactId>
- <version>${io.vavr.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpmime</artifactId>
- <version>${httpclient.version}</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpcore</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- </dependencies>
+ <dependencies>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>${logback.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-logging-core</artifactId>
+ <version>${project.version}</version>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-logging-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-utilities-lib</artifactId>
+ <version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-server</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlet</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-validation-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-common-lib</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-heat-lib</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>${commons.io.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-validation-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.vnfsdk.validation</groupId>
+ <artifactId>validation-pmdictionary</artifactId>
+ <version>${onap.vnfsdk.validation.pmdictionary.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>io.vavr</groupId>
+ <artifactId>vavr</artifactId>
+ <version>${io.vavr.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpmime</artifactId>
+ <version>${httpclient.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ <version>${httpcore.version}</version>
+ </dependency>
+ </dependencies>
</project>
diff --git a/pom.xml b/pom.xml
index 24ebf53a40..7844a524a1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,7 +60,6 @@ Modifications copyright (c) 2018-2019 Nokia
<wire-mock.version>2.26.3</wire-mock.version>
<ecomp.version>3.4.0</ecomp.version>
<cassandra.unit.version>4.3.1.0</cassandra.unit.version>
- <cadi.version>2.1.8</cadi.version>
<lombok.version>1.18.24</lombok.version>
<commons-beanutils>1.9.4</commons-beanutils>
<commons.io.version>2.8.0</commons.io.version>
@@ -80,8 +79,8 @@ Modifications copyright (c) 2018-2019 Nokia
<ws.rs.version>2.1.1</ws.rs.version>
<javax.validation.version>2.0.1.Final</javax.validation.version>
- <jetty.version>9.4.49.v20220914</jetty.version>
- <jetty-distribution.version>${jetty.version}</jetty-distribution.version>
+ <jetty.version>10.0.14</jetty.version>
+ <jetty-distribution.version>9.4.51.v20230217</jetty-distribution.version>
<cxf.version>3.4.4</cxf.version>
<org.owasp.esapi.version>2.4.0.0</org.owasp.esapi.version>
@@ -110,8 +109,8 @@ Modifications copyright (c) 2018-2019 Nokia
<!-- Logging start -->
<!-- logback -->
- <logback.version>1.2.10</logback.version>
- <slf4j-api.version>1.7.25</slf4j-api.version>
+ <logback.version>1.2.12</logback.version>
+ <slf4j-api.version>1.7.36</slf4j-api.version>
<commons-codec>1.15</commons-codec>
<commons-logging>1.2</commons-logging>
<janino.version>3.0.6</janino.version>
@@ -357,6 +356,11 @@ Modifications copyright (c) 2018-2019 Nokia
<version>${keycloak.version}</version>
</dependency>
<dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>${slf4j-api.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-security-adapter</artifactId>
<version>${keycloak.version}</version>
@@ -881,6 +885,7 @@ Modifications copyright (c) 2018-2019 Nokia
<skipYamlJsonValidator>true</skipYamlJsonValidator>
<checkstyle.skip>true</checkstyle.skip>
<jacoco.skip>true</jacoco.skip>
+
<docker.skip.run>true</docker.skip.run>
<maven.antrun.skip>true</maven.antrun.skip>
<swagger.skip>true</swagger.skip>
diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile b/utils/webseal-simulator/sdc-simulator/Dockerfile
index 5f30e8cc7a..22e74dfdb3 100644
--- a/utils/webseal-simulator/sdc-simulator/Dockerfile
+++ b/utils/webseal-simulator/sdc-simulator/Dockerfile
@@ -1,4 +1,4 @@
-FROM onap/integration-java11:9.0.0
+FROM onap/integration-java11:10.0.0
USER root
ARG JETTY_FOLDER=/app/jetty
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
index ab6c5aabdb..34c874e8c4 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
@@ -53,9 +53,11 @@ template "ssl-ini" do
mode "0755"
variables({
:https_port => "8443",
- :jetty_truststore_pwd => "z+KEj;t+,KN^iimSiS89e#p0",
+ :jetty_keystore_path => "etc/org.onap.sdc.p12" ,
:jetty_keystore_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31",
- :jetty_keymanager_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31",
+ :jetty_truststore_path => "etc/org.onap.sdc.trust.jks",
+ :jetty_truststore_pwd => "z+KEj;t+,KN^iimSiS89e#p0",
+ :jetty_keymanager_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31"
})
end
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
index 278fdea2ae..c489825c7b 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
@@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %>
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## Keystore file path (relative to $jetty.base)
-jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
+jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %>
## Truststore file path (relative to $jetty.base)
-jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
+jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %>
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
-# jetty.sslContext.keyStoreType=JKS
+jetty.sslContext.keyStoreType=JKS
# jetty.sslContext.keyStoreProvider=
## KeyManager password
@@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
-# jetty.sslContext.trustStoreType=JKS
+jetty.sslContext.trustStoreType=JKS
# jetty.sslContext.trustStoreProvider=
## whether client certificate authentication is required
diff --git a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
index 6112d983ea..c2cb5b58ae 100644
--- a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
+++ b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
@@ -20,34 +20,6 @@
package org.openecomp.sdc.webseal.simulator;
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.URLEncoder;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.stream.Collectors;
-import java.util.zip.GZIPInputStream;
-import javax.net.ssl.SSLContext;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import lombok.AllArgsConstructor;
import lombok.Getter;
import org.apache.commons.lang3.StringUtils;
@@ -74,17 +46,47 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
+import org.onap.config.api.JettySSLUtils;
import org.openecomp.sdc.webseal.simulator.conf.Conf;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.net.ssl.SSLContext;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.zip.GZIPInputStream;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+
public class SdcProxy extends HttpServlet {
private static final Logger LOGGER = LoggerFactory.getLogger(SdcProxy.class);
private static final long serialVersionUID = 1L;
private static final Set<String> RESERVED_HEADERS =
- Arrays.stream(ReservedHeaders.values()).map(ReservedHeaders::getValue).collect(Collectors.toSet());
+ Arrays.stream(ReservedHeaders.values()).map(ReservedHeaders::getValue).collect(Collectors.toSet());
private static final String USER_ID = "USER_ID";
private static final String HTTP_IV_USER = "HTTP_IV_USER";
private static final String SDC1 = "/sdc1";
@@ -174,6 +176,13 @@ public class SdcProxy extends HttpServlet {
HttpRequestBase httpMethod = createHttpMethod(request, methodEnum, uri);
addHeadersToMethod(httpMethod, user, request);
+ try {
+ httpClient = buildRestClient();
+ } catch (Exception e) {
+ LOGGER.error("Failed to buildRestClient", e);
+ throw new RuntimeException(e);
+ }
+
try (CloseableHttpResponse closeableHttpResponse = httpClient.execute(httpMethod)) {
response.setStatus(closeableHttpResponse.getStatusLine().getStatusCode());
if (request.getRequestURI().indexOf(".svg") > -1) {
@@ -378,26 +387,37 @@ public class SdcProxy extends HttpServlet {
private CloseableHttpClient buildRestClient() throws NoSuchAlgorithmException, KeyStoreException {
final var builder = new SSLContextBuilder();
+ SSLContext sslContext;
+ try {
+ sslContext = JettySSLUtils.getSslContext();
+ } catch (Exception e) {
+ LOGGER.error("Failed to getSslContext", e);
+ throw new RuntimeException(e);
+ }
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
- SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(SSLContext.getDefault(),
- NoopHostnameVerifier.INSTANCE);
+ SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", new PlainConnectionSocketFactory())
- .register("https", sslsf)
- .build();
- PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
+ .register("http", new PlainConnectionSocketFactory())
+ .register("https", sslsf)
+ .build();
return HttpClients.custom()
- .setSSLSocketFactory(sslsf)
- .setConnectionManager(cm)
- .build();
+ .setSSLSocketFactory(sslsf)
+ .setConnectionManager(new PoolingHttpClientConnectionManager(registry))
+ .build();
}
@AllArgsConstructor
@Getter
enum ReservedHeaders {
- HTTP_IV_USER(SdcProxy.HTTP_IV_USER), USER_ID(SdcProxy.USER_ID), HTTP_CSP_FIRSTNAME("HTTP_CSP_FIRSTNAME"), HTTP_CSP_EMAIL(
- "HTTP_CSP_EMAIL"), HTTP_CSP_LASTNAME("HTTP_CSP_LASTNAME"), HTTP_IV_REMOTE_ADDRESS("HTTP_IV_REMOTE_ADDRESS"), HTTP_CSP_WSTYPE(
- "HTTP_CSP_WSTYPE"), HOST("Host"), CONTENTLENGTH("Content-Length");
+ HTTP_IV_USER(SdcProxy.HTTP_IV_USER),
+ USER_ID(SdcProxy.USER_ID),
+ HTTP_CSP_FIRSTNAME("HTTP_CSP_FIRSTNAME"),
+ HTTP_CSP_EMAIL("HTTP_CSP_EMAIL"),
+ HTTP_CSP_LASTNAME("HTTP_CSP_LASTNAME"),
+ HTTP_IV_REMOTE_ADDRESS("HTTP_IV_REMOTE_ADDRESS"),
+ HTTP_CSP_WSTYPE("HTTP_CSP_WSTYPE"),
+ HOST("Host"),
+ CONTENTLENGTH("Content-Length");
private final String value;