aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPriyanshu <pagarwal@amdocs.com>2019-02-27 08:36:28 +0530
committerpriyanshu <pagarwal@amdocs.com>2019-02-27 08:36:28 +0530
commitee0b26c61e4eb9251fb3a2fcc31fb276dcae7865 (patch)
treec2ba0fbf48559c7316e1e4482895232e9915bda0
parenta51021d6021ca2168c4a4ac7b8959dea52fc8b51 (diff)
HTTPS support for workflow
1. Added support for both http and https on BE. 2. By default the HTTPS is not enabled. 3. Added some logging properties. 4. updated ReadMe. Change-Id: I5337b19d6fe5eeaf7ded47019dc6bd3fbdcca309 Issue-ID: SDC-2136 Signed-off-by: priyanshu <pagarwal@amdocs.com>
-rw-r--r--README.md14
-rw-r--r--workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/WebServerConfig.java28
-rw-r--r--workflow-designer-be/src/main/resources/application-dev.properties27
-rw-r--r--workflow-designer-be/src/main/resources/application.properties23
4 files changed, 86 insertions, 6 deletions
diff --git a/README.md b/README.md
index 4a84a7a3..87b980cb 100644
--- a/README.md
+++ b/README.md
@@ -98,7 +98,8 @@ messages. You can also see the logs of the initialization container using `docke
`docker run -d -e SDC_PROTOCL=http/https -e SDC_ENDPOINT=<sdc-host>:<sdc-port> -e SDC_USER=<sdc-username>
-e SDC_PASSWORD=<sdc-password> -e CS_HOSTS=<cassandra-hosts> -e CS_PORT=<cassandra-port>
-e CS_AUTHENTICATE=true/false -e CS_USER=<cassandra-user> -e CS_PASSWORD=<cassandra-password>
--e JAVA_OPTIONS=<jvm-options> nexus3.onap.org:10001/onap/workflow-backend:latest`
+-e SSL_ENABLED=true/false -e SSL_KEY_PASSWORD=<ssl_key_password> -e SSL_KEYSTORE_PATH=<ssl_keystore_path>
+-e SSL_KEYSTORE_TYPE=<ssl_keystore_type> -e JAVA_OPTIONS=<jvm-options> nexus3.onap.org:10001/onap/workflow-backend:latest`
### Environment Variables
@@ -122,12 +123,21 @@ assumed if this variable is not specified.
- CS_PASSWORD &mdash; Cassandra password if CS_AUTHENTICATE is *true*.
+- SSL_ENABLED &mdash; whether ssl authentication must be used to connect to application. A *false* will be
+assumed if this variable is not specified.
+
+- SSL_KEY_PASSWORD &mdash; SSL key password if SSL_ENABLED is *true*.
+
+- SSL_KEYSTORE_PATH &mdash; SSL Keystore path if SSL_ENABLED is *true*.
+
+- SSL_KEYSTORE_TYPE &mdash; SSL Keystore type if SSL_ENABLED is *true*.
+
- JAVA_OPTIONS &mdash; optionally, JVM (Java Virtual Machine) arguments.
### Example
Assuming you have a dedicated Cassandra container as described in Database section, and the access to it is not
-protected with a password. The following command will start a backend container:
+protected with a password. The following command will start a backend container without SSL support:
`docker run -d --name workflow-backend -e SDC_PROTOCOL=http
-e SDC_ENDPOINT=$(docker inspect sdc-BE --format={{.NetworkSettings.IPAddress}}):8080
diff --git a/workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/WebServerConfig.java b/workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/WebServerConfig.java
new file mode 100644
index 00000000..3ba3f810
--- /dev/null
+++ b/workflow-designer-be/src/main/java/org/onap/sdc/workflow/server/config/WebServerConfig.java
@@ -0,0 +1,28 @@
+package org.onap.sdc.workflow.server.config;
+
+import org.eclipse.jetty.server.ServerConnector;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.embedded.jetty.JettyServerCustomizer;
+import org.springframework.boot.web.embedded.jetty.JettyServletWebServerFactory;
+import org.springframework.boot.web.server.WebServerFactoryCustomizer;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class WebServerConfig implements WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> {
+
+ @Value("${http.port}")
+ private int httpPort;
+
+ @Override
+ public void customize(ConfigurableServletWebServerFactory container) {
+ if (container instanceof JettyServletWebServerFactory) {
+ JettyServletWebServerFactory containerFactory = (JettyServletWebServerFactory) container;
+ containerFactory.addServerCustomizers((JettyServerCustomizer) server -> {
+ ServerConnector connector = new ServerConnector(server);
+ connector.setPort(httpPort);
+ server.addConnector(connector);
+ });
+ }
+ }
+}
diff --git a/workflow-designer-be/src/main/resources/application-dev.properties b/workflow-designer-be/src/main/resources/application-dev.properties
index 12a99021..97d81ac3 100644
--- a/workflow-designer-be/src/main/resources/application-dev.properties
+++ b/workflow-designer-be/src/main/resources/application-dev.properties
@@ -14,7 +14,18 @@
# limitations under the License.
#/
server.servlet.context-path=/
-server.port=${SERVER_PORT:8080}
+http.port=${HTTP_PORT:8080}
+
+server.port=${SERVER_PORT:8443}
+server.ssl.enabled=${SSL_ENABLED:false}
+server.ssl.key-password=${SSL_KEY_PASSWORD:}
+server.ssl.key-store=${SSL_KEYSTORE_PATH:}
+server.ssl.key-store-type=${SSL_KEYSTORE_TYPE:}
+
+sdc.be.protocol=${SDC_PROTOCOL:}
+sdc.be.endpoint=${SDC_ENDPOINT:}
+sdc.be.external.user=${SDC_USER:}
+sdc.be.external.password=${SDC_PASSWORD:}
#CASSANDRA
spring.data.cassandra.contact-points=${CS_HOSTS:localhost}
@@ -29,4 +40,16 @@ management.endpoint.health.show-details=always
#Headers are comma separated list
onap.logging.requestIdHeader=X-ECOMP-RequestID,X-ONAP-RequestID
-onap.logging.partnerNameHeader=USER_ID \ No newline at end of file
+onap.logging.partnerNameHeader=USER_ID
+
+logging.level.org.springframework=INFO
+logging.level.org.onap.sdc.workflow=INFO
+
+#output to a temp_folder/file
+logging.file=${java.io.tmpdir}/application.log
+
+# Logging pattern for the console
+logging.pattern.console= %d{yyyy-MM-dd HH:mm:ss} - %msg%n
+
+# Logging pattern for file
+logging.pattern.file= %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg% \ No newline at end of file
diff --git a/workflow-designer-be/src/main/resources/application.properties b/workflow-designer-be/src/main/resources/application.properties
index 5fa56d82..1ff8311a 100644
--- a/workflow-designer-be/src/main/resources/application.properties
+++ b/workflow-designer-be/src/main/resources/application.properties
@@ -14,7 +14,14 @@
# limitations under the License.
#/
server.servlet.context-path=/
-server.port=${SERVER_PORT:8080}
+http.port=${HTTP_PORT:8080}
+
+server.port=${SERVER_PORT:8443}
+server.ssl.enabled=${SSL_ENABLED:false}
+server.ssl.key-password=${SSL_KEY_PASSWORD:}
+server.ssl.key-store=${SSL_KEYSTORE_PATH:}
+server.ssl.key-store-type=${SSL_KEYSTORE_TYPE:}
+
sdc.be.protocol=${SDC_PROTOCOL:}
sdc.be.endpoint=${SDC_ENDPOINT:}
sdc.be.external.user=${SDC_USER:}
@@ -33,4 +40,16 @@ management.endpoint.health.show-details=always
#Headers are comma separated list
onap.logging.requestIdHeader=X-ECOMP-RequestID,X-ONAP-RequestID
-onap.logging.partnerNameHeader=USER_ID \ No newline at end of file
+onap.logging.partnerNameHeader=USER_ID
+
+logging.level.org.springframework=INFO
+logging.level.org.onap.sdc.workflow=INFO
+
+#output to a temp_folder/file
+logging.file=${java.io.tmpdir}/application.log
+
+# Logging pattern for the console
+logging.pattern.console= %d{yyyy-MM-dd HH:mm:ss} - %msg%n
+
+# Logging pattern for file
+logging.pattern.file= %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg% \ No newline at end of file