summaryrefslogtreecommitdiffstats
path: root/catalog-fe/src/main/java/org
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2023-05-05 11:57:56 +0100
committerVasyl Razinkov <vasyl.razinkov@est.tech>2023-05-08 13:11:02 +0000
commita2feaf9b65cbba66181fb560b5815a62427d65cc (patch)
treebe49cc57d447f7bb94e717e1ee970d4b095e1473 /catalog-fe/src/main/java/org
parentaf3fdfce91aeea1804c76a8571c102b78dde3794 (diff)
Support SIP TLS
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Icbadd04cfa87302491c59f2e4a39ef92aaafcaa3 Issue-ID: SDC-4483
Diffstat (limited to 'catalog-fe/src/main/java/org')
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java29
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java2
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java33
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java26
4 files changed, 53 insertions, 37 deletions
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
index e1b4572a05..b095a1cde7 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/impl/PluginStatusBL.java
@@ -21,8 +21,6 @@ package org.openecomp.sdc.fe.impl;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
import org.apache.http.HttpStatus;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
@@ -43,6 +41,8 @@ import org.openecomp.sdc.fe.config.ConfigurationManager;
import org.openecomp.sdc.fe.config.PluginsConfiguration;
import org.openecomp.sdc.fe.config.PluginsConfiguration.Plugin;
+import java.io.IOException;
+
public class PluginStatusBL {
private static final Logger log = Logger.getLogger(PluginStatusBL.class.getName());
@@ -74,23 +74,24 @@ public class PluginStatusBL {
private boolean hasSecuredPlugins() {
if (this.getPluginsList() != null) {
return pluginsConfiguration.getPluginsList().stream()
- .anyMatch(plugin -> plugin.getPluginDiscoveryUrl().toLowerCase().startsWith("https"));
+ .anyMatch(plugin -> plugin.getPluginDiscoveryUrl().toLowerCase().startsWith("https"));
}
return false;
}
- private CloseableHttpClient getPooledClient(boolean isSecured) throws GeneralSecurityException, IOException {
+ private CloseableHttpClient getPooledClient(final boolean isSecured) throws Exception {
final PoolingHttpClientConnectionManager poolingConnManager;
- if (!isSecured) {
- poolingConnManager = new PoolingHttpClientConnectionManager();
- } else {
- SSLConnectionSocketFactory s = new SSLConnectionSocketFactory(JettySSLUtils.getSslContext(), new NoopHostnameVerifier());
- Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", new PlainConnectionSocketFactory()).register("https", s).build();
+ if (isSecured) {
+ final SSLConnectionSocketFactory s = new SSLConnectionSocketFactory(JettySSLUtils.getSslContext(), new NoopHostnameVerifier());
+ final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
+ .register("http", new PlainConnectionSocketFactory())
+ .register("https", s).build();
poolingConnManager = new PoolingHttpClientConnectionManager(registry);
+ } else {
+ poolingConnManager = new PoolingHttpClientConnectionManager();
}
- int maxTotal = System.getProperties().containsKey(MAX_CONNECTION_POOL) ? Integer.parseInt(System.getProperty(MAX_CONNECTION_POOL)) : 5;
- int routeMax = System.getProperties().containsKey(MAX_ROUTE_POOL) ? Integer.parseInt(System.getProperty(MAX_ROUTE_POOL)) : 20;
+ final int maxTotal = System.getProperties().containsKey(MAX_CONNECTION_POOL) ? Integer.parseInt(System.getProperty(MAX_CONNECTION_POOL)) : 5;
+ final int routeMax = System.getProperties().containsKey(MAX_ROUTE_POOL) ? Integer.parseInt(System.getProperty(MAX_ROUTE_POOL)) : 20;
poolingConnManager.setMaxTotal(maxTotal);
poolingConnManager.setDefaultMaxPerRoute(routeMax);
return HttpClients.custom().setConnectionManager(poolingConnManager).setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
@@ -115,9 +116,9 @@ public class PluginStatusBL {
log.debug("The value returned from getConfig is {}", pluginsConfiguration);
Integer connectionTimeout = pluginsConfiguration.getConnectionTimeout();
this.requestConfig = RequestConfig.custom().setSocketTimeout(connectionTimeout).setConnectTimeout(connectionTimeout)
- .setConnectionRequestTimeout(connectionTimeout).build();
+ .setConnectionRequestTimeout(connectionTimeout).build();
Plugin wantedPlugin = pluginsConfiguration.getPluginsList().stream().filter(plugin -> plugin.getPluginId().equals(pluginId)).findAny()
- .orElse(null);
+ .orElse(null);
if (wantedPlugin != null) {
result = gson.toJson(checkPluginAvailability(wantedPlugin));
}
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
index 877d637a3e..79ef07a5da 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/listen/FEAppContextListener.java
@@ -38,6 +38,7 @@ public class FEAppContextListener extends AppContextListener implements ServletC
private static final int PROBE_INTERVALE = 15;
private static Logger log = Logger.getLogger(FEAppContextListener.class.getName());
+ @Override
public void contextInitialized(ServletContextEvent context) {
super.contextInitialized(context);
ConfigurationManager configurationManager = new ConfigurationManager(ExternalConfiguration.getConfigurationSource());
@@ -61,6 +62,7 @@ public class FEAppContextListener extends AppContextListener implements ServletC
log.debug("After executing {}", this.getClass());
}
+ @Override
public void contextDestroyed(ServletContextEvent context) {
ExecutorService executorPool = (ExecutorService) context.getServletContext().getAttribute(Constants.THREAD_EXECUTOR_ATTR);
if (executorPool != null) {
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
index 0ef435311f..1bec4e48c4 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java
@@ -19,13 +19,7 @@
*/
package org.openecomp.sdc.fe.servlets;
-import static org.apache.commons.lang3.StringUtils.isEmpty;
-
import com.google.common.annotations.VisibleForTesting;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.Base64;
-import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.NotImplementedException;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.client.api.Request;
@@ -44,6 +38,13 @@ import org.openecomp.sdc.fe.config.PluginsConfiguration.Plugin;
import org.openecomp.sdc.fe.impl.LogHandler;
import org.openecomp.sdc.fe.utils.BeProtocol;
+import javax.servlet.http.HttpServletRequest;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Base64;
+
+import static org.apache.commons.lang3.StringUtils.isEmpty;
+
public class FeProxyServlet extends SSLProxyServlet {
public static final String UUID = "uuid";
@@ -101,7 +102,7 @@ public class FeProxyServlet extends SSLProxyServlet {
BasicAuthConfig basicAuth = config.getBasicAuth();
if (basicAuth.isEnabled()) {
proxyRequest.header(HttpHeader.AUTHORIZATION,
- "Basic " + Base64.getEncoder().encodeToString((basicAuth.getUserName() + ":" + basicAuth.getUserPass()).getBytes()));
+ "Basic " + Base64.getEncoder().encodeToString((basicAuth.getUserName() + ":" + basicAuth.getUserPass()).getBytes()));
}
super.addProxyHeaders(clientRequest, proxyRequest);
}
@@ -127,7 +128,7 @@ public class FeProxyServlet extends SSLProxyServlet {
}
private String getModifiedUrl(Configuration config, PluginsConfiguration pluginConf, String uri, String queryString)
- throws MalformedURLException {
+ throws MalformedURLException {
if (config == null) {
log.error(EcompLoggerErrorCode.UNKNOWN_ERROR, "FeProxyServlet getModifiedUrl", "sdc-FE", "failed to retrieve configuration.");
throw new RuntimeException("failed to read FE configuration");
@@ -153,8 +154,8 @@ public class FeProxyServlet extends SSLProxyServlet {
} else if (uri.contains(WORKFLOW_CONTEXT)) {
uri = uri.replace(SDC1_FE_PROXY + WORKFLOW_CONTEXT, WORKFLOW_CONTEXT);
String workflowPluginURL = pluginConf.getPluginsList().stream()
- .filter(plugin -> plugin.getPluginId().equalsIgnoreCase(PLUGIN_ID_WORKFLOW)).map(Plugin::getPluginDiscoveryUrl).findFirst()
- .orElse(null);
+ .filter(plugin -> plugin.getPluginId().equalsIgnoreCase(PLUGIN_ID_WORKFLOW)).map(Plugin::getPluginDiscoveryUrl).findFirst()
+ .orElse(null);
java.net.URL workflowURL = new URL(workflowPluginURL);
protocol = workflowURL.getProtocol();
host = workflowURL.getHost();
@@ -192,7 +193,7 @@ public class FeProxyServlet extends SSLProxyServlet {
private PluginsConfiguration getPluginConfiguration(HttpServletRequest request) {
return ((ConfigurationManager) request.getSession().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getPluginsConfiguration();
+ .getPluginsConfiguration();
}
private boolean isMsToggleOn(Configuration config) {
@@ -224,7 +225,7 @@ public class FeProxyServlet extends SSLProxyServlet {
String facadeSuffix = String.format("%s%s", FACADE_PATH_IDENTIFIER, CATALOG_REQUEST_IDENTIFIER);
String nonFacadeUrl = currentURI.replace(facadeSuffix, "rest/v1/screen");
redirectValue = getModifiedUrl(config, getPluginConfiguration(request), nonFacadeUrl,
- "excludeTypes=VFCMT&excludeTypes=Configuration");
+ "excludeTypes=VFCMT&excludeTypes=Configuration");
}
// Home
else if (currentURI.endsWith(HOME_REQUEST_IDENTIFIER)) {
@@ -249,10 +250,10 @@ public class FeProxyServlet extends SSLProxyServlet {
String facadeSuffix = String.format("%s%s", FACADE_PATH_IDENTIFIER, CATALOG_REQUEST_IDENTIFIER);
String nonFacadeUrl = currentURI.replace(facadeSuffix, "rest/v1/screen");
redirectValue = getModifiedUrl(config, getPluginConfiguration(request), nonFacadeUrl,
- "excludeTypes=VFCMT&excludeTypes=Configuration");
+ "excludeTypes=VFCMT&excludeTypes=Configuration");
} else {
String message = String
- .format("facade is toggled off, Could not rediret url %s with query params %s", currentURI, getQueryString(request));
+ .format("facade is toggled off, Could not rediret url %s with query params %s", currentURI, getQueryString(request));
log.error(message);
throw new NotImplementedException(message);
}
@@ -265,7 +266,7 @@ public class FeProxyServlet extends SSLProxyServlet {
if (StringUtils.isEmpty(msUrl)) {
// do that only once
msUrl = String.format(MS_URL, config.getCatalogFacadeMs().getProtocol(), config.getCatalogFacadeMs().getHost(),
- config.getCatalogFacadeMs().getPort());
+ config.getCatalogFacadeMs().getPort());
}
StringBuilder url;
String queryString;
@@ -293,7 +294,7 @@ public class FeProxyServlet extends SSLProxyServlet {
private Configuration getConfiguration(HttpServletRequest request) {
return ((ConfigurationManager) request.getSession().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getConfiguration();
+ .getConfiguration();
}
private String getAuthority(String host, String port) {
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
index 891bc4ae34..812be7f8ea 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/SSLProxyServlet.java
@@ -19,10 +19,12 @@
*/
package org.openecomp.sdc.fe.servlets;
-import javax.servlet.ServletException;
import org.eclipse.jetty.client.HttpClient;
+import org.eclipse.jetty.client.dynamic.HttpClientTransportDynamic;
+import org.eclipse.jetty.io.ClientConnector;
import org.eclipse.jetty.proxy.ProxyServlet;
import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.onap.config.api.JettySSLUtils;
import org.openecomp.sdc.common.api.Constants;
import org.openecomp.sdc.fe.config.Configuration;
import org.openecomp.sdc.fe.config.ConfigurationManager;
@@ -30,15 +32,17 @@ import org.openecomp.sdc.fe.utils.BeProtocol;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.servlet.ServletException;
+
public abstract class SSLProxyServlet extends ProxyServlet {
private static final long serialVersionUID = 1L;
- private static final Logger log = LoggerFactory.getLogger(SSLProxyServlet.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(SSLProxyServlet.class);
@Override
protected HttpClient createHttpClient() throws ServletException {
Configuration config = ((ConfigurationManager) getServletConfig().getServletContext().getAttribute(Constants.CONFIGURATION_MANAGER_ATTR))
- .getConfiguration();
+ .getConfiguration();
boolean isSecureClient = !config.getBeProtocol().equals(BeProtocol.HTTP.getProtocolName());
HttpClient client = (isSecureClient) ? getSecureHttpClient() : super.createHttpClient();
int requestTimeout = config.getRequestTimeout() * 1000;
@@ -47,22 +51,30 @@ public abstract class SSLProxyServlet extends ProxyServlet {
}
setTimeout(requestTimeout);
client.setIdleTimeout(requestTimeout);
- client.setStopTimeout(requestTimeout);
return client;
}
private HttpClient getSecureHttpClient() throws ServletException {
- // Instantiate HttpClient with the SslContextFactory
- final var httpClient = new HttpClient(new SslContextFactory.Client(true));
+ final SslContextFactory.Client sslContextFactory = new SslContextFactory.Client(true);
+ try {
+ sslContextFactory.setSslContext(JettySSLUtils.getSslContext());
+ } catch (Exception e) {
+ LOGGER.error("Exception thrown while getting SslContext", e);
+ throw new ServletException(e);
+ }
+ final ClientConnector clientConnector = new ClientConnector();
+ clientConnector.setSslContextFactory(sslContextFactory);
+ final HttpClient httpClient = new HttpClient(new HttpClientTransportDynamic(clientConnector));
// Configure HttpClient, for example:
httpClient.setFollowRedirects(false);
// Start HttpClient
try {
httpClient.start();
} catch (Exception x) {
- log.error("Exception thrown while starting httpClient", x);
+ LOGGER.error("Exception thrown while starting httpClient", x);
throw new ServletException(x);
}
return httpClient;
}
+
}