Repository: airavata Updated Branches: refs/heads/master 555b0adbf -> dded7acff
Merging TLS code into master branch - AIRAVATA-1800 Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/dded7acf Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/dded7acf Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/dded7acf Branch: refs/heads/master Commit: dded7acff1326a4cc7624f14f9e436cc95ac98c6 Parents: 555b0ad Author: Suresh Marru <[email protected]> Authored: Mon Aug 31 10:09:12 2015 -0400 Committer: Suresh Marru <[email protected]> Committed: Mon Aug 31 10:09:12 2015 -0400 ---------------------------------------------------------------------- .../airavata/api/server/AiravataAPIServer.java | 20 ++++++++++++++---- .../airavata/common/utils/ServerSettings.java | 22 +++++++++++++------- .../main/resources/airavata-server.properties | 7 +++++++ 3 files changed, 37 insertions(+), 12 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/dded7acf/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/AiravataAPIServer.java ---------------------------------------------------------------------- diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/AiravataAPIServer.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/AiravataAPIServer.java index ca4e345..d4eee2c 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/AiravataAPIServer.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/AiravataAPIServer.java @@ -74,11 +74,23 @@ public class AiravataAPIServer implements IServer{ TServerTransport serverTransport; - if (serverHost == null) { - serverTransport = new TServerSocket(serverPort); + if(ServerSettings.isAPIServerTLSEnabled()) { + logger.info("Starting API Server with TLS Security.."); + + String keystore = ServerSettings.getApiServerKeystore(); + String keystorePWD = ServerSettings.getApiServerKeystorePasswd(); + TSSLTransportFactory.TSSLTransportParameters tlsParams = + new TSSLTransportFactory.TSSLTransportParameters(); + tlsParams.setKeyStore(keystore, keystorePWD); + serverTransport = TSSLTransportFactory.getServerSocket(serverPort, 10000, + InetAddress.getByName(serverHost), tlsParams); } else { - InetSocketAddress inetSocketAddress = new InetSocketAddress(serverHost, serverPort); - serverTransport = new TServerSocket(inetSocketAddress); + if(serverHost == null){ + serverTransport = new TServerSocket(serverPort); + }else{ + InetSocketAddress inetSocketAddress = new InetSocketAddress(serverHost, serverPort); + serverTransport = new TServerSocket(inetSocketAddress); + } } TThreadPoolServer.Args options = new TThreadPoolServer.Args(serverTransport); http://git-wip-us.apache.org/repos/asf/airavata/blob/dded7acf/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java ---------------------------------------------------------------------- diff --git a/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java b/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java index 783353e..becad00 100644 --- a/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java +++ b/modules/commons/src/main/java/org/apache/airavata/common/utils/ServerSettings.java @@ -37,8 +37,12 @@ public class ServerSettings extends ApplicationSettings { private static final String DEFAULT_USER_GATEWAY = "default.registry.gateway"; private static final String LOCAL_DATA_DIR = "local.data.dir"; - private static final String SERVER_CONTEXT_ROOT = "server.context-root"; public static final String IP = "ip"; + + private static final String API_SERVER_TLS_ENABLED = "apiserver.tls.enabled"; + private static final String API_SERVER_KEYSTORE = "apiserver.keystore"; + private static final String API_SERVER_KEYSTORE_PASSWD = "apiserver.keystore.password"; + // Orchestrator Constants public static final String ORCHESTRATOR_SERVER_HOST = "orchestrator.server.host"; public static final String ORCHESTRATOR_SERVER_PORT = "orchestrator.server.port"; @@ -68,7 +72,6 @@ public class ServerSettings extends ApplicationSettings { private static final String REGISTRY_DB_USER = "registry.jdbc.user"; private static final String REGISTRY_DB_PASSWORD = "registry.jdbc.password"; private static final String REGISTRY_DB_DRIVER = "registry.jdbc.driver"; - private static final String ENABLE_HTTPS = "enable.https"; private static final String HOST_SCHEDULER = "host.scheduler"; private static final String MY_PROXY_SERVER = "myproxy.server"; private static final String MY_PROXY_USER = "myproxy.user"; @@ -122,10 +125,6 @@ public class ServerSettings extends ApplicationSettings { return getSetting(DEFAULT_USER_GATEWAY); } - public static String getServerContextRoot() { - return getSetting(SERVER_CONTEXT_ROOT, "axis2"); - } - public static String getCredentialStoreDBUser() throws ApplicationSettingsException { try { return getSetting(CREDENTIAL_STORE_DB_USER); @@ -159,14 +158,21 @@ public class ServerSettings extends ApplicationSettings { } - public static boolean isEnableHttps() { + public static boolean isAPIServerTLSEnabled() { try { - return Boolean.parseBoolean(getSetting(ENABLE_HTTPS)); + return Boolean.parseBoolean(getSetting(API_SERVER_TLS_ENABLED)); } catch (ApplicationSettingsException e) { return false; } } + public static String getApiServerKeystorePasswd() throws ApplicationSettingsException{ + return getSetting(API_SERVER_KEYSTORE_PASSWD); + } + + public static String getApiServerKeystore() throws ApplicationSettingsException{ + return getSetting(API_SERVER_KEYSTORE); + } public static String getHostScheduler() throws ApplicationSettingsException { return getSetting(HOST_SCHEDULER); http://git-wip-us.apache.org/repos/asf/airavata/blob/dded7acf/modules/configuration/server/src/main/resources/airavata-server.properties ---------------------------------------------------------------------- diff --git a/modules/configuration/server/src/main/resources/airavata-server.properties b/modules/configuration/server/src/main/resources/airavata-server.properties index 34648a3..cb4d93d 100644 --- a/modules/configuration/server/src/main/resources/airavata-server.properties +++ b/modules/configuration/server/src/main/resources/airavata-server.properties @@ -84,6 +84,13 @@ apiserver.port=8930 apiserver.min.threads=50 ########################################################################### +# API Server SSL Configurations +########################################################################### +apiserver.tls.enabled=false +apiserver.keystore=/path/to/airavata.jks +apiserver.keystore.password=airavata + +########################################################################### # Orchestrator Server Configurations ########################################################################### orchestrator=org.apache.airavata.orchestrator.server.OrchestratorServer
