aboutsummaryrefslogtreecommitdiffstats
path: root/utils
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2022-10-04 18:16:26 +0100
committerVasyl Razinkov <vasyl.razinkov@est.tech>2022-10-04 18:54:54 +0000
commit0899720f168c09d037e577109d7cab665fe1fb91 (patch)
treec6c210914a6fb029841d28de92cb760cdad6088d /utils
parentca487f60c2ca67794b16c0ff0cf5cc6deca556fc (diff)
Fix bug 'X-Frame-Options not configured: Lack of clickjacking protection'
Add new Filter (ContentSecurityPolicyHeaderFilter) Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ic8151df64e4b95b3d59b44a5f74dd12210f55e87 Issue-ID: SDC-4192
Diffstat (limited to 'utils')
-rw-r--r--utils/webseal-simulator/pom.xml12
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb4
-rw-r--r--utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb4
-rw-r--r--utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/ContentSecurityPolicyHeaderFilter.java32
-rw-r--r--utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/conf/Conf.java100
-rw-r--r--utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml11
6 files changed, 101 insertions, 62 deletions
diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml
index 9aba026299..8b2fa980a8 100644
--- a/utils/webseal-simulator/pom.xml
+++ b/utils/webseal-simulator/pom.xml
@@ -23,6 +23,18 @@
<dependencies>
<dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>common-app-api</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>${javax.servlet.version}</version>
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
index 3769a1f723..9ee166364c 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
@@ -6,7 +6,6 @@ else
fe_url="http://#{node['Nodes']['FE']}:#{node['FE'][:http_port]}"
end
-
template "webseal.conf" do
path "#{ENV['JETTY_BASE']}/config/sdc-simulator/webseal.conf"
source "SDC-Simulator-webseal.conf.erb"
@@ -14,6 +13,7 @@ template "webseal.conf" do
group "#{ENV['JETTY_GROUP']}"
mode "0755"
variables({
- :fe_url =>"#{fe_url}"
+ :fe_url =>"#{fe_url}",
+ :permittedAncestors => "#{ENV['permittedAncestors']}"
})
end
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
index f6e634481f..f72c3ae270 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
@@ -2,6 +2,8 @@
webseal {
fe="<%= @fe_url %>"
portalCookieName="EPService"
+ #Space separated list of permitted ancestors
+ permittedAncestors="<%= @permittedAncestors %>"
users = [
{
userId="cs0008"
@@ -9,7 +11,7 @@
firstName="Carlos"
lastName="Santana"
role="Designer"
- email="csantana@sdc.com"
+ email="csantana@sdc.com"
},
{
userId="jh0003"
diff --git a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/ContentSecurityPolicyHeaderFilter.java b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/ContentSecurityPolicyHeaderFilter.java
new file mode 100644
index 0000000000..ed4b4c1c39
--- /dev/null
+++ b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/ContentSecurityPolicyHeaderFilter.java
@@ -0,0 +1,32 @@
+/*
+ * ============LICENSE_START=======================================================
+ * SDC
+ * ================================================================================
+ * Copyright (C) 2022 Nordix Foundation. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.openecomp.sdc.webseal.simulator;
+
+import org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilterAbstract;
+import org.openecomp.sdc.webseal.simulator.conf.Conf;
+
+public class ContentSecurityPolicyHeaderFilter extends ContentSecurityPolicyHeaderFilterAbstract {
+
+ @Override
+ protected String getPermittedAncestors() {
+ return Conf.getInstance().getPermittedAncestors();
+ }
+}
diff --git a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/conf/Conf.java b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/conf/Conf.java
index 449fe62f49..eb498c975e 100644
--- a/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/conf/Conf.java
+++ b/utils/webseal-simulator/src/main/java/org/openecomp/sdc/webseal/simulator/conf/Conf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,75 +22,59 @@ package org.openecomp.sdc.webseal.simulator.conf;
import com.typesafe.config.Config;
import com.typesafe.config.ConfigFactory;
-import org.openecomp.sdc.webseal.simulator.User;
-
import java.io.File;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import lombok.Getter;
+import lombok.Setter;
+import org.openecomp.sdc.webseal.simulator.User;
+@Getter
+@Setter
public class Conf {
- private static Conf conf = new Conf();
- private String feHost;
- private Map<String,User> users = new HashMap<String,User>();
+ private static Conf conf = new Conf();
+ private String feHost;
+ private Map<String, User> users = new HashMap<String, User>();
private String portalCookieName;
+ private String permittedAncestors; // Space separated list of permitted ancestors
- private void setPortalCookieName(String portalCookieName) {
- this.portalCookieName = portalCookieName;
+ private Conf() {
+ initConf();
}
- public String getPortalCookieName() {
- return portalCookieName;
- }
+ private void initConf() {
+ try {
+ String confPath = System.getProperty("config.resource");
+ if (confPath == null) {
+ System.out.println("config.resource is empty - goint to get it from config.home");
+ confPath = System.getProperty("config.home") + "/webseal.conf";
+ }
+ System.out.println("confPath=" + confPath);
+ final Config confFile = ConfigFactory.parseFileAnySyntax(new File(confPath));
+ final Config resolve = confFile.resolve();
+ setFeHost(resolve.getString("webseal.fe"));
+ setPortalCookieName(resolve.getString("webseal.portalCookieName"));
+ final List<? extends Config> list = resolve.getConfigList("webseal.users");
- private Conf(){
- initConf();
- }
-
- private void initConf() {
- try{
- String confPath = System.getProperty("config.resource");
- if (confPath == null){
- System.out.println("config.resource is empty - goint to get it from config.home");
- confPath = System.getProperty("config.home") + "/webseal.conf";
- }
- System.out.println("confPath=" + confPath );
- Config confFile = ConfigFactory.parseFileAnySyntax(new File(confPath));
- Config resolve = confFile.resolve();
- setFeHost(resolve.getString("webseal.fe"));
- setPortalCookieName(resolve.getString("webseal.portalCookieName"));
- List<? extends Config> list = resolve.getConfigList("webseal.users");
+ for (final Config config : list) {
+ String userId = config.getString("userId");
+ String password = config.getString("password");
+ String firstName = config.getString("firstName");
+ String lastName = config.getString("lastName");
+ String email = config.getString("email");
+ String role = config.getString("role");
+ users.put(userId, new User(firstName, lastName, email, userId, role, password));
+ }
- for (Config conf : list ){
- String userId = conf.getString("userId");
- String password = conf.getString("password");
- String firstName = conf.getString("firstName");
- String lastName = conf.getString("lastName");
- String email = conf.getString("email");
- String role = conf.getString("role");
- users.put(userId,new User(firstName,lastName,email,userId,role,password));
- }
-
- }catch(Exception e){
- e.printStackTrace();
- }
- }
-
- public static Conf getInstance(){
- return conf;
- }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
- public String getFeHost() {
- return feHost;
- }
+ public static Conf getInstance() {
+ return conf;
+ }
- public void setFeHost(String feHost) {
- this.feHost = feHost;
- }
-
- public Map<String,User> getUsers() {
- return users;
- }
-
}
diff --git a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
index a293d3c883..c23e265aae 100644
--- a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
+++ b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
@@ -38,9 +38,18 @@
<url-pattern>/create</url-pattern>
</servlet-mapping>
+ <filter>
+ <filter-name>contentSecurityPolicyHeaderFilter</filter-name>
+ <filter-class>org.openecomp.sdc.webseal.simulator.ContentSecurityPolicyHeaderFilter</filter-class>
+ <async-supported>true</async-supported>
+ </filter>
+ <filter-mapping>
+ <filter-name>contentSecurityPolicyHeaderFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
<welcome-file-list>
<welcome-file>login</welcome-file>
</welcome-file-list>
</web-app>
-
pan class="o">= 'INFO'; public static WARNING = 'WARNING'; public static ERROR = 'ERROR'; } export class PROPERTY_TYPES { public static STRING = 'string'; public static INTEGER = 'integer'; public static FLOAT = 'float'; public static BOOLEAN = 'boolean'; public static JSON = 'json'; public static MAP = 'map'; public static LIST = 'list'; public static SCALAR = 'scalar-unit'; public static SCALAR_FREQUENCY = 'scalar-unit.frequency'; public static SCALAR_SIZE = 'scalar-unit.size'; public static SCALAR_TIME = 'scalar-unit.time'; } export class SOURCES { public static A_AND_AI = 'A&AI'; public static ORDER = 'Order'; public static RUNTIME = 'Runtime'; } export class PROPERTY_DATA { public static TYPES = [PROPERTY_TYPES.STRING, PROPERTY_TYPES.INTEGER, PROPERTY_TYPES.FLOAT, PROPERTY_TYPES.BOOLEAN, PROPERTY_TYPES.JSON, PROPERTY_TYPES.SCALAR, PROPERTY_TYPES.SCALAR_FREQUENCY, PROPERTY_TYPES.SCALAR_SIZE, PROPERTY_TYPES.SCALAR_TIME, PROPERTY_TYPES.LIST, PROPERTY_TYPES.MAP]; public static SIMPLE_TYPES = [PROPERTY_TYPES.STRING, PROPERTY_TYPES.INTEGER, PROPERTY_TYPES.FLOAT, PROPERTY_TYPES.BOOLEAN, PROPERTY_TYPES.JSON, PROPERTY_TYPES.SCALAR, PROPERTY_TYPES.SCALAR_FREQUENCY, PROPERTY_TYPES.SCALAR_SIZE, PROPERTY_TYPES.SCALAR_TIME]; public static ROOT_DATA_TYPE = "tosca.datatypes.Root"; public static OPENECOMP_ROOT = "org.openecomp.datatypes.Root"; public static SUPPLEMENTAL_DATA = "supplemental_data"; public static SOURCES = [SOURCES.A_AND_AI, SOURCES.ORDER, SOURCES.RUNTIME]; } export class PROPERTY_VALUE_CONSTRAINTS { public static MAX_LENGTH = 2500; public static JSON_MAX_LENGTH = 4096; } export class Role { public static ADMIN = 'ADMIN'; public static DESIGNER = 'DESIGNER'; public static TESTER = 'TESTER'; public static OPS = 'OPS'; public static GOVERNOR = 'GOVERNOR'; } export enum FormState{ CREATE, UPDATE, IMPORT, VIEW } export class WorkspaceMode { public static CREATE = 'create'; public static EDIT = 'edit'; public static IMPORT = 'import'; public static VIEW = 'view'; } export class ImagesUrl { public static RESOURCE_ICONS = '/assets/styles/images/resource-icons/'; public static SERVICE_ICONS = '/assets/styles/images/service-icons/'; public static SELECTED_UCPE_INSTANCE = '/assets/styles/images/resource-icons/selectedUcpeInstance.png'; public static SELECTED_CP_INSTANCE = '/assets/styles/images/resource-icons/selectedCPInstance.png'; public static SELECTED_VL_INSTANCE = '/assets/styles/images/resource-icons/selectedVLInstance.png'; public static CANVAS_PLUS_ICON = '/assets/styles/images/resource-icons/canvasPlusIcon.png'; public static MODULE_ICON = '/assets/styles/images/resource-icons/module.png'; public static OPEN_MODULE_ICON = '/assets/styles/images/resource-icons/openModule.png'; public static OPEN_MODULE_HOVER_ICON = '/assets/styles/images/resource-icons/openModuleHover.png'; public static CLOSE_MODULE_ICON = '/assets/styles/images/resource-icons/closeModule.png'; public static CLOSE_MODULE_HOVER_ICON = '/assets/styles/images/resource-icons/closeModuleHover.png'; } export class ModalType { static STANDARD = 'standard'; static ERROR = 'error'; static ALERT = 'alert'; } export class GraphColors { public static NOT_CERTIFIED_LINK = 'rgb(218,31,61)'; public static VL_LINK = 'rgb(216,216,216)'; public static ACTIVE_LINK = '#30bdf2'; public static BASE_LINK = 'rgb(55,55,55)'; public static NODE_BACKGROUND_COLOR = 'rgba(46, 162, 157, 0.24)'; public static NODE_SHADOW_COLOR = 'rgba(198, 230, 228, 0.7)'; public static NODE_OVERLAPPING_BACKGROUND_COLOR = 'rgba(179, 10, 60, 0.24)'; public static NODE_OVERLAPPING_SHADOW_COLOR = 'rgba(236, 194, 206, 0.7)'; public static NODE_UCPE_CP = '#9063cd'; public static NODE_UCPE = '#fbfbfb'; public static NODE_SELECTED_BORDER_COLOR = '#30bdf2'; } export class GraphTransactionLogText { public static REMOVE_TEMP_LINK = "remove tempLink"; public static DELETE_LINK = "delete link"; public static ADD_LINK = "delete link"; public static ADD_NODE = "adding node"; } export class GraphUIObjects { public static HANDLE_SIZE = 18; public static NODE_OVERLAP_MIN_SIZE = 30; public static DEFAULT_RESOURCE_WIDTH = 65; public static SMALL_RESOURCE_WIDTH = 21; public static LINK_MENU_HEIGHT = 420; public static TOP_HEADER_HEIGHT = 200; public static TOOLTIP_OFFSET_X = 50; public static TOOLTIP_OFFSET_Y = 145; public static TOOLTIP_LINK_OFFSET_X = 35; public static TOOLTIP_LINK_OFFSET_Y = 75; public static MENU_LINK_VL_HEIGHT_OFFSET = 250; public static MENU_LINK_VL_WIDTH_OFFSET = 200; public static MENU_LINK_SIMPLE_HEIGHT_OFFSET = 180; public static MENU_LINK_SIMPLE_WIDTH_OFFSET = 130; public static DIAGRAM_RIGHT_WIDTH_OFFSET = 248; public static DIAGRAM_HEADER_OFFSET = 103; public static DIAGRAM_PALETTE_WIDTH_OFFSET = 247; // public static COMPOSITION_HEADER_OFFSET = 50; // public static COMPOSITION_NODE_MENU_WIDTH = 230; // public static COMPOSITION_NODE_MENU_HEIGHT = 200; // public static COMPOSITION_RIGHT_PANEL_OFFSET = 300; } export class States { public static WORKSPACE_GENERAL = 'workspace.general'; public static WORKSPACE_ACTIVITY_LOG = 'workspace.activity_log'; public static WORKSPACE_DEPLOYMENT_ARTIFACTS = 'workspace.deployment_artifacts'; public static WORKSPACE_PROPERTIES = 'workspace.properties'; public static WORKSPACE_SERVICE_INPUTS = 'workspace.service_inputs'; public static WORKSPACE_RESOURCE_INPUTS = 'workspace.resource_inputs'; public static WORKSPACE_ATTRIBUTES = 'workspace.attributes'; public static WORKSPACE_INFORMATION_ARTIFACTS = 'workspace.information_artifacts'; public static WORKSPACE_TOSCA_ARTIFACTS = 'workspace.tosca_artifacts'; public static WORKSPACE_COMPOSITION = 'workspace.composition'; public static WORKSPACE_NETWORK_CALL_FLOW = 'workspace.network_call_flow'; public static WORKSPACE_MANAGEMENT_WORKFLOW = 'workspace.management_workflow'; public static WORKSPACE_DEPLOYMENT = 'workspace.deployment'; public static WORKSPACE_DISTRIBUTION = 'workspace.distribution'; public static WORKSPACE_PROPERTIES_ASSIGNMENT = 'workspace.properties_assignment'; public static WORKSPACE_REQUIREMENTS_AND_CAPABILITIES = 'workspace.reqAndCap'; public static WORKSPACE_NG2 = 'workspace.ng2'; } export class EVENTS { static RESOURCE_LEFT_PALETTE_UPDATE_EVENT = "resourceLeftPanelUpdateEvent"; static RESOURCE_PNF_LEFT_PALETTE_UPDATE_EVENT = "resourcePNFLeftPanelUpdateEvent"; static SERVICE_LEFT_PALETTE_UPDATE_EVENT = "serviceLeftPanelUpdateEvent"; static VL_LEFT_PALETTE_UPDATE_EVENT = "vlLeftPanelUdateEvent"; static ON_CSAR_LOADING = "onCsarLoading"; static DOWNLOAD_ARTIFACT_FINISH_EVENT = "downloadArtifactFinishEvent"; static ON_WORKSPACE_SAVE_BUTTON_CLICK = "onWorkspaceSaveButtonClick"; static ON_WORKSPACE_SAVE_BUTTON_SUCCESS = "onWorkspaceSaveButtonSuccess"; static ON_WORKSPACE_SAVE_BUTTON_ERROR = "onWorkspaceSaveButtonError"; static ON_CHECKOUT = "onCheckout"; //Loader events static SHOW_LOADER_EVENT = "showLoaderEvent"; static HIDE_LOADER_EVENT = "hideLoaderEvent"; } export class UNIQUE_GROUP_PROPERTIES_NAME { public static MIN_VF_MODULE_INSTANCES = 'min_vf_module_instances'; public static MAX_VF_MODULE_INSTANCES = 'max_vf_module_instances'; public static INITIAL_COUNT = 'initial_count'; public static IS_BASE = 'isBase'; public static VF_MODULE_TYPE = 'vf_module_type'; public static VF_MODULE_LABEL = 'vf_module_label'; public static VF_MODULE_DESCRIPTION = 'vf_module_description'; public static VOLUME_GROUP = 'volume_group'; } export class GRAPH_EVENTS { static ON_COMPOSITION_GRAPH_DATA_LOADED = 'onCompositionGraphDataLoaded'; static ON_DEPLOYMENT_GRAPH_DATA_LOADED = 'onDeploymentGraphDataLoaded'; static ON_NODE_SELECTED = "onNodeSelected"; static ON_GRAPH_BACKGROUND_CLICKED = "onGraphBackgroundClicked"; static ON_PALETTE_COMPONENT_HOVER_IN = 'onPaletteComponentHoverIn'; static ON_PALETTE_COMPONENT_HOVER_OUT = 'onPaletteComponentHoverOut'; static ON_PALETTE_COMPONENT_DRAG_START = 'onPaletteComponentDragStart'; static ON_PALETTE_COMPONENT_DRAG_ACTION = 'onPaletteComponentDragAction'; static ON_COMPONENT_INSTANCE_NAME_CHANGED = 'onComponentInstanceNameChanged'; static ON_DELETE_COMPONENT_INSTANCE = 'onDeleteComponentInstance'; static ON_DELETE_MULTIPLE_COMPONENTS = 'onDeleteMultipleComponents'; static ON_DELETE_EDGE = 'onDeleteEdge'; static ON_INSERT_NODE_TO_UCPE = 'onInsertNodeToUCPE'; static ON_REMOVE_NODE_FROM_UCPE = 'onRemoveNodeFromUCPE'; static ON_VERSION_CHANGED = 'onVersionChanged'; static ON_CREATE_COMPONENT_INSTANCE = 'onCreateComponentInstance'; } export class COMPONENT_FIELDS { static COMPONENT_INSTANCES_PROPERTIES = "componentInstancesProperties"; static COMPONENT_INSTANCES_ATTRIBUTES = "componentInstancesAttributes"; static COMPONENT_ATTRIBUTES = "attributes"; static COMPONENT_INSTANCES = "componentInstances"; static COMPONENT_INSTANCES_RELATION = "componentInstancesRelations"; static COMPONENT_INPUTS = "inputs"; static COMPONENT_METADATA = "metadata"; static COMPONENT_DEPLOYMENT_ARTIFACTS = "deploymentArtifacts"; static COMPONENT_INFORMATIONAL_ARTIFACTS = "artifacts"; static COMPONENT_PROPERTIES = "properties"; static COMPONENT_CAPABILITIES = "capabilities"; static COMPONENT_REQUIREMENTS = "requirements"; static COMPONENT_TOSCA_ARTIFACTS = "toscaArtifacts"; static COMPONENT_GROUPS = "groups"; } export class API_QUERY_PARAMS { static INCLUDE = "include"; }