diff options
Diffstat (limited to 'infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf')
5 files changed, 0 insertions, 291 deletions
diff --git a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpConnectorProvider.java b/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpConnectorProvider.java deleted file mode 100644 index 678791c63..000000000 --- a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpConnectorProvider.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.infra.distro.restconf; - -import com.google.inject.Inject; -import io.fd.honeycomb.binding.init.ProviderTrait; -import io.fd.honeycomb.infra.distro.cfgattrs.HoneycombConfiguration; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.ServerConnector; - -final class HttpConnectorProvider extends ProviderTrait<ServerConnector> { - - @Inject - private HoneycombConfiguration cfg; - @Inject - private Server server; - - @Override - protected ServerConnector create() { - ServerConnector httpConnector = - new ServerConnector(server, cfg.acceptorsSize.get(), cfg.selectorsSize.get()); - httpConnector.setHost(cfg.restconfBindingAddress.get()); - httpConnector.setPort(cfg.restconfPort.get()); - server.addConnector(httpConnector); - return httpConnector; - } -} diff --git a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.java b/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.java deleted file mode 100644 index 3387c0f3b..000000000 --- a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.infra.distro.restconf; - -import com.google.inject.Inject; -import io.fd.honeycomb.binding.init.ProviderTrait; -import io.fd.honeycomb.infra.distro.cfgattrs.HoneycombConfiguration; -import java.net.URL; -import org.eclipse.jetty.http.HttpVersion; -import org.eclipse.jetty.server.HttpConnectionFactory; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.ServerConnector; -import org.eclipse.jetty.server.SslConnectionFactory; -import org.eclipse.jetty.util.ssl.SslContextFactory; - -final class HttpsConnectorProvider extends ProviderTrait<ServerConnector> { - - @Inject - private HoneycombConfiguration cfg; - @Inject - private Server server; - - @Override - protected ServerConnector create() { - // SSL Context Factory - // Based on: - // https://github.com/eclipse/jetty.project/blob/jetty-9.3.x/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java - // https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Loading_Keys_and_Certificates_via_PKCS12 - // Keystore created with: - // openssl genrsa -des3 -out honeycomb.key - // openssl req -new -x509 -key honeycomb.key -out honeycomb.crt - // openssl pkcs12 -inkey honeycomb.key -in honeycomb.crt -export -out honeycomb.pkcs12 - // keytool -importkeystore -srckeystore honeycomb.pkcs12 -srcstoretype PKCS12 -destkeystore honeycomb-keystore - SslContextFactory sslContextFactory = new SslContextFactory(); - URL keystoreURL = getClass().getResource(cfg.restconfKeystore.get()); - sslContextFactory.setKeyStorePath(keystoreURL.getPath()); - sslContextFactory.setKeyStorePassword(cfg.keystorePassword.get()); - sslContextFactory.setKeyManagerPassword((cfg.keystoreManagerPassword.get())); - URL truststoreURL = getClass().getResource(cfg.restconfTruststore.get()); - sslContextFactory.setTrustStorePath(truststoreURL.getPath()); - sslContextFactory.setTrustStorePassword((cfg.truststorePassword.get())); - // TODO HONEYCOMB-167 make this more configurable - sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", - "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); - - // SSL Connector - ServerConnector sslConnector = - new ServerConnector(server, cfg.httpsAcceptorsSize.get(), cfg.httpsSelectorsSize.get(), - // The ssl connection factory delegates the real processing to http connection factory - new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), - // That's why http connection factory is also required here - // Order is IMPORTANT here - new HttpConnectionFactory() - ); - sslConnector.setHost(cfg.restconfHttpsBindingAddress.get()); - sslConnector.setPort(cfg.restconfHttpsPort.get()); - server.addConnector(sslConnector); - return sslConnector; - } -} diff --git a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java b/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java deleted file mode 100644 index e596b276d..000000000 --- a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.infra.distro.restconf; - -import com.google.inject.Inject; -import io.fd.honeycomb.binding.init.ProviderTrait; -import io.fd.honeycomb.infra.distro.cfgattrs.HoneycombConfiguration; -import io.fd.honeycomb.northbound.CredentialsConfiguration; -import java.net.URL; -import java.util.Collections; -import org.eclipse.jetty.security.ConstraintMapping; -import org.eclipse.jetty.security.ConstraintSecurityHandler; -import org.eclipse.jetty.security.HashLoginService; -import org.eclipse.jetty.security.authentication.BasicAuthenticator; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.handler.gzip.GzipHandler; -import org.eclipse.jetty.util.security.Constraint; -import org.eclipse.jetty.util.security.Password; -import org.eclipse.jetty.util.thread.QueuedThreadPool; -import org.eclipse.jetty.webapp.WebAppContext; - -final class JettyServerProvider extends ProviderTrait<Server> { - - private static final String REALM = "HCRealm"; - // Mime types to be compressed when requested - private static final String[] GZIP_MIME_TYPES = {"application/xml", - "xml", - "application/yang.data+xml", - "application/json", - "application/yang.data+json"}; - - @Inject - private HoneycombConfiguration cfg; - - @Inject - private CredentialsConfiguration credentialsCfg; - - @Override - protected Server create() { - Server server = new Server(new QueuedThreadPool(cfg.restPoolMaxSize.get(), cfg.restPoolMinSize.get())); - - // Load Realm for basic auth - HashLoginService service = new HashLoginService(REALM); - // Reusing the name as role - service.putUser(credentialsCfg.username, new Password(credentialsCfg.password), - new String[]{credentialsCfg.username}); - server.addBean(service); - - final URL resource = getClass().getResource("/"); - WebAppContext webapp = new WebAppContext(resource.getPath(), cfg.restconfRootPath.get()); - - server.setHandler(getGzip(service, webapp)); - return server; - } - - private GzipHandler getGzip(final HashLoginService service, final WebAppContext webapp) { - final GzipHandler gzipHandler = new GzipHandler(); - gzipHandler.setIncludedMimeTypes(GZIP_MIME_TYPES); - gzipHandler.setHandler(getBaseAuth(service, webapp)); - return gzipHandler; - } - - private ConstraintSecurityHandler getBaseAuth(HashLoginService service, WebAppContext webapp) { - Constraint constraint = new Constraint(); - constraint.setName("auth"); - constraint.setAuthenticate(true); - constraint.setRoles(new String[]{credentialsCfg.username}); - - ConstraintMapping mapping = new ConstraintMapping(); - mapping.setPathSpec("/*"); - mapping.setConstraint(constraint); - - ConstraintSecurityHandler security = new ConstraintSecurityHandler(); - security.setConstraintMappings(Collections.singletonList(mapping)); - security.setAuthenticator(new BasicAuthenticator()); - security.setLoginService(service); - - security.setHandler(webapp); - return security; - } -} diff --git a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfModule.java b/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfModule.java deleted file mode 100644 index 7799d7fde..000000000 --- a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfModule.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.infra.distro.restconf; - -import com.google.inject.AbstractModule; -import com.google.inject.Singleton; -import com.google.inject.name.Names; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.ServerConnector; -import org.opendaylight.netconf.sal.rest.api.RestConnector; - -public class RestconfModule extends AbstractModule { - - public static final String RESTCONF_HTTP = "restconf-http"; - public static final String RESTCONF_HTTPS = "restconf-https"; - - protected void configure() { - bind(Server.class).toProvider(JettyServerProvider.class).in(Singleton.class); - bind(ServerConnector.class).annotatedWith(Names.named(RESTCONF_HTTP)).toProvider(HttpConnectorProvider.class) - .in(Singleton.class); - bind(ServerConnector.class).annotatedWith(Names.named(RESTCONF_HTTPS)).toProvider(HttpsConnectorProvider.class) - .in(Singleton.class); - bind(RestConnector.class).toProvider(RestconfProvider.class).in(Singleton.class); - } -} diff --git a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfProvider.java b/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfProvider.java deleted file mode 100644 index 01f177e27..000000000 --- a/infra/minimal-distribution-core/src/main/java/io/fd/honeycomb/infra/distro/restconf/RestconfProvider.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2016 Cisco and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package io.fd.honeycomb.infra.distro.restconf; - -import com.google.inject.Inject; -import io.fd.honeycomb.binding.init.ProviderTrait; -import io.fd.honeycomb.infra.distro.cfgattrs.HoneycombConfiguration; -import org.opendaylight.controller.sal.core.api.Broker; -import org.opendaylight.netconf.sal.rest.api.RestConnector; -import org.opendaylight.netconf.sal.restconf.impl.RestconfProviderImpl; -import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber; - -final class RestconfProvider extends ProviderTrait<RestConnector> { - - @Inject - private HoneycombConfiguration cfg; - @Inject - private Broker domBroker; - - @Override - protected RestconfProviderImpl create() { - RestconfProviderImpl instance = new RestconfProviderImpl(); - instance.setWebsocketPort(new PortNumber(cfg.restconfWebsocketPort.get())); - domBroker.registerProvider(instance); - return instance; - } -} |