From b2bfa0ea4eda5867d9fec8edc1e8ca11e648f194 Mon Sep 17 00:00:00 2001 From: JvD_Ericsson Date: Tue, 10 Oct 2023 13:35:20 +0100 Subject: Upgrade vunerable depenecncies can't upgrade springframework to 6.0.12 since 6.0.12 requires java 17 Issue-ID: SDC-4653 Signed-off-by: JvD_Ericsson Change-Id: I041fb124472b6385d50877d25cb989303f3dbb08 --- .../org/onap/workflow/web/SSLProxyServlet.java | 32 ++++++++++++---------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'sdc-workflow-designer-ui') diff --git a/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java b/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java index 775706d2..91d456d1 100644 --- a/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java +++ b/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java @@ -22,21 +22,23 @@ package org.onap.workflow.web; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Enumeration; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.eclipse.jetty.client.HttpClient; import org.eclipse.jetty.client.api.Request; +import org.eclipse.jetty.client.dynamic.HttpClientTransportDynamic; +import org.eclipse.jetty.http.HttpFields; import org.eclipse.jetty.http.HttpHeader; import org.eclipse.jetty.http.HttpScheme; +import org.eclipse.jetty.io.ClientConnector; import org.eclipse.jetty.proxy.ProxyServlet; import org.eclipse.jetty.util.URIUtil; import org.eclipse.jetty.util.ssl.SslContextFactory; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.Enumeration; - /*** * Class that provides the proxy implementation for both secured and unsecured backend connections. @@ -85,8 +87,9 @@ public class SSLProxyServlet extends ProxyServlet { private void initProxyUrl() throws ServletException, MalformedURLException { - if (SSLProxyServlet.proxyUrl != null) + if (SSLProxyServlet.proxyUrl != null) { return; + } String proxyUrlStr = System.getProperty(PROXY_TO); if (proxyUrlStr == null) { throw new ServletException("-D" + PROXY_TO + " must be specified"); @@ -113,12 +116,12 @@ public class SSLProxyServlet extends ProxyServlet { Enumeration headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = headerNames.nextElement(); - if (!proxyRequest.getHeaders().containsKey(headerName)) { + if (!proxyRequest.getHeaders().contains(headerName)) { String headerVal = request.getHeader(headerName); proxyRequest.header(headerName, headerVal); } } - proxyRequest.getHeaders().remove(HttpHeader.HOST); + ((HttpFields.Mutable) proxyRequest.getHeaders()).remove(HttpHeader.HOST); super.sendProxyRequest(request, response, proxyRequest); } @@ -131,7 +134,7 @@ public class SSLProxyServlet extends ProxyServlet { proxyUrl.getProtocol().equalsIgnoreCase(HttpScheme.HTTPS.toString())); if ((isSecureClient)) { String trustAll = System.getProperty(TRUST_ALL); - SslContextFactory sslContextFactory = null; + SslContextFactory.Client sslContextFactory = null; if (trustAll != null && Boolean.parseBoolean(trustAll) == Boolean.TRUE) { sslContextFactory = new SslContextFactory.Client(true); } else { @@ -157,8 +160,9 @@ public class SSLProxyServlet extends ProxyServlet { sslContextFactory.setIncludeCipherSuites(System.getProperty(KEYSTORE_CYPHER)); } } - - return new HttpClient(sslContextFactory); + ClientConnector clientConnector = new ClientConnector(); + clientConnector.setSslContextFactory(sslContextFactory); + return new HttpClient(new HttpClientTransportDynamic(clientConnector)); } else { return super.newHttpClient(); @@ -178,7 +182,6 @@ public class SSLProxyServlet extends ProxyServlet { HttpClient client = super.createHttpClient(); setTimeout(TIMEOUT); client.setIdleTimeout(TIMEOUT); - client.setStopTimeout(TIMEOUT); if (System.getProperty(MAX_POOL_CONNECTIONS) != null) { client.setMaxConnectionsPerDestination( Integer.valueOf(System.getProperty(MAX_POOL_CONNECTIONS))); @@ -188,7 +191,6 @@ public class SSLProxyServlet extends ProxyServlet { } - @Override protected String rewriteTarget(HttpServletRequest request) { -- cgit 1.2.3-korg