added svcapi ui and camunda code

[it/otf.git] / otf-camunda / src / main / java / org / oran / otf / spring / configuration / HttpSecurityConfiguration.java
diff --git a/otf-camunda/src/main/java/org/oran/otf/spring/configuration/HttpSecurityConfiguration.java b/otf-camunda/src/main/java/org/oran/otf/spring/configuration/HttpSecurityConfiguration.java

new file mode 100644 (file)

index 0000000..56b5901
--- /dev/null
+++ b/otf-camunda/src/main/java/org/oran/otf/spring/configuration/HttpSecurityConfiguration.java
@@ -0,0 +1,66 @@
+/*  Copyright (c) 2019 AT&T Intellectual Property.                             #\r
+#                                                                              #\r
+#   Licensed under the Apache License, Version 2.0 (the "License");            #\r
+#   you may not use this file except in compliance with the License.           #\r
+#   You may obtain a copy of the License at                                    #\r
+#                                                                              #\r
+#       http://www.apache.org/licenses/LICENSE-2.0                             #\r
+#                                                                              #\r
+#   Unless required by applicable law or agreed to in writing, software        #\r
+#   distributed under the License is distributed on an "AS IS" BASIS,          #\r
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #\r
+#   See the License for the specific language governing permissions and        #\r
+#   limitations under the License.                                             #\r
+##############################################################################*/\r
+\r
+\r
+package org.oran.otf.spring.configuration;\r
+\r
+import org.apache.catalina.Context;\r
+import org.apache.catalina.connector.Connector;\r
+import org.apache.tomcat.util.descriptor.web.SecurityCollection;\r
+import org.apache.tomcat.util.descriptor.web.SecurityConstraint;\r
+import org.springframework.beans.factory.annotation.Value;\r
+import org.springframework.boot.context.properties.EnableConfigurationProperties;\r
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;\r
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory;\r
+import org.springframework.context.annotation.Bean;\r
+import org.springframework.context.annotation.Configuration;\r
+\r
+@Configuration\r
+@EnableConfigurationProperties\r
+public class HttpSecurityConfiguration {\r
+    @Value("${security.server.port.http}")\r
+    private int httpPort;\r
+\r
+    @Value("${security.server.port}")\r
+    private int httpsPort;\r
+\r
+    @Value("${security.https-only}")\r
+    private boolean httpsOnly;\r
+    @Bean\r
+    public ServletWebServerFactory servletContainer() {\r
+        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {\r
+            @Override\r
+            protected void postProcessContext(Context context) {\r
+                SecurityConstraint securityConstraint = new SecurityConstraint();\r
+                if(httpsOnly){ securityConstraint.setUserConstraint("CONFIDENTIAL");}\r
+                SecurityCollection collection = new SecurityCollection();\r
+                collection.addPattern("/*");\r
+                securityConstraint.addCollection(collection);\r
+                context.addConstraint(securityConstraint);\r
+            }\r
+        };\r
+        tomcat.addAdditionalTomcatConnectors(redirectConnector());\r
+        return tomcat;\r
+    }\r
+\r
+    private Connector redirectConnector() {\r
+        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");\r
+        connector.setScheme("http");\r
+        connector.setPort(httpPort);\r
+        connector.setSecure(false);\r
+        if(httpsOnly) { connector.setRedirectPort(httpsPort); }\r
+        return connector;\r
+    }\r
+}
+\ No newline at end of file