added svcapi ui and camunda code

[it/otf.git] / otf-service-api / src / main / java / org / oran / otf / api / config / HttpSecurityConfiguration.java
diff --git a/otf-service-api/src/main/java/org/oran/otf/api/config/HttpSecurityConfiguration.java b/otf-service-api/src/main/java/org/oran/otf/api/config/HttpSecurityConfiguration.java

new file mode 100644 (file)

index 0000000..2646431
--- /dev/null
+++ b/otf-service-api/src/main/java/org/oran/otf/api/config/HttpSecurityConfiguration.java
@@ -0,0 +1,68 @@
+/*  Copyright (c) 2019 AT&T Intellectual Property.                             #\r
+#                                                                              #\r
+#   Licensed under the Apache License, Version 2.0 (the "License");            #\r
+#   you may not use this file except in compliance with the License.           #\r
+#   You may obtain a copy of the License at                                    #\r
+#                                                                              #\r
+#       http://www.apache.org/licenses/LICENSE-2.0                             #\r
+#                                                                              #\r
+#   Unless required by applicable law or agreed to in writing, software        #\r
+#   distributed under the License is distributed on an "AS IS" BASIS,          #\r
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #\r
+#   See the License for the specific language governing permissions and        #\r
+#   limitations under the License.                                             #\r
+##############################################################################*/\r
+\r
+\r
+package org.oran.otf.api.config;\r
+\r
+import org.apache.catalina.Context;\r
+import org.apache.catalina.connector.Connector;\r
+import org.apache.tomcat.util.descriptor.web.SecurityCollection;\r
+import org.apache.tomcat.util.descriptor.web.SecurityConstraint;\r
+import org.springframework.beans.factory.annotation.Value;\r
+import org.springframework.boot.context.properties.EnableConfigurationProperties;\r
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;\r
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory;\r
+import org.springframework.context.annotation.Bean;\r
+import org.springframework.context.annotation.Configuration;\r
+\r
+@Configuration\r
+@EnableConfigurationProperties\r
+public class HttpSecurityConfiguration {\r
+  @Value("${server.port.http}")\r
+  private int httpPort;\r
+\r
+  @Value("${server.port}")\r
+  private int httpsPort;\r
+\r
+  @Value("${ssl.flag}")\r
+  private boolean httpsOnly;\r
+\r
+  @Bean\r
+  public ServletWebServerFactory servletContainer() {\r
+    TomcatServletWebServerFactory tomcat =\r
+        new TomcatServletWebServerFactory(){\r
+          @Override\r
+          protected void postProcessContext(Context context) {\r
+            SecurityConstraint securityConstraint = new SecurityConstraint();\r
+            if(httpsOnly){ securityConstraint.setUserConstraint("CONFIDENTIAL");}\r
+            SecurityCollection collection = new SecurityCollection();\r
+            collection.addPattern("/*");\r
+            securityConstraint.addCollection(collection);\r
+            context.addConstraint(securityConstraint);\r
+          }\r
+        };\r
+    tomcat.addAdditionalTomcatConnectors(redirectConnector());\r
+    return tomcat;\r
+  }\r
+\r
+  private Connector redirectConnector() {\r
+    Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");\r
+    connector.setScheme("http");\r
+    connector.setPort(httpPort);\r
+    connector.setSecure(false);\r
+    if(httpsOnly) { connector.setRedirectPort(httpsPort); }\r
+    return connector;\r
+  }\r
+}\r