--- /dev/null
+/* Copyright (c) 2019 AT&T Intellectual Property. #\r
+# #\r
+# Licensed under the Apache License, Version 2.0 (the "License"); #\r
+# you may not use this file except in compliance with the License. #\r
+# You may obtain a copy of the License at #\r
+# #\r
+# http://www.apache.org/licenses/LICENSE-2.0 #\r
+# #\r
+# Unless required by applicable law or agreed to in writing, software #\r
+# distributed under the License is distributed on an "AS IS" BASIS, #\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #\r
+# See the License for the specific language governing permissions and #\r
+# limitations under the License. #\r
+##############################################################################*/\r
+\r
+\r
+package org.oran.otf.api.config;\r
+\r
+import org.apache.catalina.Context;\r
+import org.apache.catalina.connector.Connector;\r
+import org.apache.tomcat.util.descriptor.web.SecurityCollection;\r
+import org.apache.tomcat.util.descriptor.web.SecurityConstraint;\r
+import org.springframework.beans.factory.annotation.Value;\r
+import org.springframework.boot.context.properties.EnableConfigurationProperties;\r
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;\r
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory;\r
+import org.springframework.context.annotation.Bean;\r
+import org.springframework.context.annotation.Configuration;\r
+\r
+@Configuration\r
+@EnableConfigurationProperties\r
+public class HttpSecurityConfiguration {\r
+ @Value("${server.port.http}")\r
+ private int httpPort;\r
+\r
+ @Value("${server.port}")\r
+ private int httpsPort;\r
+\r
+ @Value("${ssl.flag}")\r
+ private boolean httpsOnly;\r
+\r
+ @Bean\r
+ public ServletWebServerFactory servletContainer() {\r
+ TomcatServletWebServerFactory tomcat =\r
+ new TomcatServletWebServerFactory(){\r
+ @Override\r
+ protected void postProcessContext(Context context) {\r
+ SecurityConstraint securityConstraint = new SecurityConstraint();\r
+ if(httpsOnly){ securityConstraint.setUserConstraint("CONFIDENTIAL");}\r
+ SecurityCollection collection = new SecurityCollection();\r
+ collection.addPattern("/*");\r
+ securityConstraint.addCollection(collection);\r
+ context.addConstraint(securityConstraint);\r
+ }\r
+ };\r
+ tomcat.addAdditionalTomcatConnectors(redirectConnector());\r
+ return tomcat;\r
+ }\r
+\r
+ private Connector redirectConnector() {\r
+ Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");\r
+ connector.setScheme("http");\r
+ connector.setPort(httpPort);\r
+ connector.setSecure(false);\r
+ if(httpsOnly) { connector.setRedirectPort(httpsPort); }\r
+ return connector;\r
+ }\r
+}\r