aboutsummaryrefslogtreecommitdiffstats
path: root/utils
diff options
context:
space:
mode:
authorMichaelMorris <michael.morris@est.tech>2023-06-02 11:38:36 +0000
committerVasyl Razinkov <vasyl.razinkov@est.tech>2023-06-02 16:21:12 +0000
commit222555c7995645416a47bc52ed8837e3afde8e21 (patch)
tree0eae25247dfbc06538a9170dc5ab9a8addeb5bb3 /utils
parent9fb750f15ee84c4318d729c91c4ba50b61d73b3e (diff)
Revert "Support SIP TLS"
This reverts commit a2feaf9b65cbba66181fb560b5815a62427d65cc. Reason for revert: deployment issue Change-Id: Ic21e213493f51d0c11778187ab054881bba7c21e Issue-ID: SDC-4483 Signed-off-by: MichaelMorris <michael.morris@est.tech>
Diffstat (limited to 'utils')
-rw-r--r--utils/webseal-simulator/sdc-simulator/Dockerfile2
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb6
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb8
-rw-r--r--utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java102
4 files changed, 48 insertions, 70 deletions
diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile b/utils/webseal-simulator/sdc-simulator/Dockerfile
index 16d1ab0afb..bd3c1695f6 100644
--- a/utils/webseal-simulator/sdc-simulator/Dockerfile
+++ b/utils/webseal-simulator/sdc-simulator/Dockerfile
@@ -1,4 +1,4 @@
-FROM onap/integration-java11:10.0.0
+FROM onap/integration-java11:9.0.0
USER root
ARG JETTY_FOLDER=/app/jetty
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
index 34c874e8c4..ab6c5aabdb 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
@@ -53,11 +53,9 @@ template "ssl-ini" do
mode "0755"
variables({
:https_port => "8443",
- :jetty_keystore_path => "etc/org.onap.sdc.p12" ,
- :jetty_keystore_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31",
- :jetty_truststore_path => "etc/org.onap.sdc.trust.jks",
:jetty_truststore_pwd => "z+KEj;t+,KN^iimSiS89e#p0",
- :jetty_keymanager_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31"
+ :jetty_keystore_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31",
+ :jetty_keymanager_pwd => "?(kP!Yur![*!Y5!E^f(ZKc31",
})
end
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
index c489825c7b..278fdea2ae 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
@@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %>
## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
## Keystore file path (relative to $jetty.base)
-jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %>
+jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
## Truststore file path (relative to $jetty.base)
-jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %>
+jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
-jetty.sslContext.keyStoreType=JKS
+# jetty.sslContext.keyStoreType=JKS
# jetty.sslContext.keyStoreProvider=
## KeyManager password
@@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
-jetty.sslContext.trustStoreType=JKS
+# jetty.sslContext.trustStoreType=JKS
# jetty.sslContext.trustStoreProvider=
## whether client certificate authentication is required
diff --git a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
index c2cb5b58ae..6112d983ea 100644
--- a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
+++ b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/SdcProxy.java
@@ -20,6 +20,34 @@
package org.openecomp.sdc.webseal.simulator;
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.zip.GZIPInputStream;
+import javax.net.ssl.SSLContext;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import lombok.AllArgsConstructor;
import lombok.Getter;
import org.apache.commons.lang3.StringUtils;
@@ -46,47 +74,17 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
-import org.onap.config.api.JettySSLUtils;
import org.openecomp.sdc.webseal.simulator.conf.Conf;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.net.ssl.SSLContext;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.net.URLEncoder;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.stream.Collectors;
-import java.util.zip.GZIPInputStream;
-
-import static java.nio.charset.StandardCharsets.UTF_8;
-
public class SdcProxy extends HttpServlet {
private static final Logger LOGGER = LoggerFactory.getLogger(SdcProxy.class);
private static final long serialVersionUID = 1L;
private static final Set<String> RESERVED_HEADERS =
- Arrays.stream(ReservedHeaders.values()).map(ReservedHeaders::getValue).collect(Collectors.toSet());
+ Arrays.stream(ReservedHeaders.values()).map(ReservedHeaders::getValue).collect(Collectors.toSet());
private static final String USER_ID = "USER_ID";
private static final String HTTP_IV_USER = "HTTP_IV_USER";
private static final String SDC1 = "/sdc1";
@@ -176,13 +174,6 @@ public class SdcProxy extends HttpServlet {
HttpRequestBase httpMethod = createHttpMethod(request, methodEnum, uri);
addHeadersToMethod(httpMethod, user, request);
- try {
- httpClient = buildRestClient();
- } catch (Exception e) {
- LOGGER.error("Failed to buildRestClient", e);
- throw new RuntimeException(e);
- }
-
try (CloseableHttpResponse closeableHttpResponse = httpClient.execute(httpMethod)) {
response.setStatus(closeableHttpResponse.getStatusLine().getStatusCode());
if (request.getRequestURI().indexOf(".svg") > -1) {
@@ -387,37 +378,26 @@ public class SdcProxy extends HttpServlet {
private CloseableHttpClient buildRestClient() throws NoSuchAlgorithmException, KeyStoreException {
final var builder = new SSLContextBuilder();
- SSLContext sslContext;
- try {
- sslContext = JettySSLUtils.getSslContext();
- } catch (Exception e) {
- LOGGER.error("Failed to getSslContext", e);
- throw new RuntimeException(e);
- }
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
- SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
+ SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(SSLContext.getDefault(),
+ NoopHostnameVerifier.INSTANCE);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
- .register("http", new PlainConnectionSocketFactory())
- .register("https", sslsf)
- .build();
+ .register("http", new PlainConnectionSocketFactory())
+ .register("https", sslsf)
+ .build();
+ PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry);
return HttpClients.custom()
- .setSSLSocketFactory(sslsf)
- .setConnectionManager(new PoolingHttpClientConnectionManager(registry))
- .build();
+ .setSSLSocketFactory(sslsf)
+ .setConnectionManager(cm)
+ .build();
}
@AllArgsConstructor
@Getter
enum ReservedHeaders {
- HTTP_IV_USER(SdcProxy.HTTP_IV_USER),
- USER_ID(SdcProxy.USER_ID),
- HTTP_CSP_FIRSTNAME("HTTP_CSP_FIRSTNAME"),
- HTTP_CSP_EMAIL("HTTP_CSP_EMAIL"),
- HTTP_CSP_LASTNAME("HTTP_CSP_LASTNAME"),
- HTTP_IV_REMOTE_ADDRESS("HTTP_IV_REMOTE_ADDRESS"),
- HTTP_CSP_WSTYPE("HTTP_CSP_WSTYPE"),
- HOST("Host"),
- CONTENTLENGTH("Content-Length");
+ HTTP_IV_USER(SdcProxy.HTTP_IV_USER), USER_ID(SdcProxy.USER_ID), HTTP_CSP_FIRSTNAME("HTTP_CSP_FIRSTNAME"), HTTP_CSP_EMAIL(
+ "HTTP_CSP_EMAIL"), HTTP_CSP_LASTNAME("HTTP_CSP_LASTNAME"), HTTP_IV_REMOTE_ADDRESS("HTTP_IV_REMOTE_ADDRESS"), HTTP_CSP_WSTYPE(
+ "HTTP_CSP_WSTYPE"), HOST("Host"), CONTENTLENGTH("Content-Length");
private final String value;