diff options
Diffstat (limited to 'eaaf-springboot-utils/src/main/java/at')
6 files changed, 552 insertions, 0 deletions
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java new file mode 100644 index 00000000..3b2e3fe7 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java @@ -0,0 +1,100 @@ +package at.gv.egiz.eaaf.utils.springboot.actuator; + +import java.util.concurrent.CompletableFuture; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.Executors; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; +import org.springframework.stereotype.Service; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus; +import lombok.extern.slf4j.Slf4j; + +/** + * Implements a Spring-Actuator HealthCheck for HSM-Facade from A-SIT+. + * + * @author tlenz + * + */ +@Slf4j +@Service("HsmFacadeProvider") +public class HsmFacadeProviderHealthCheck implements HealthIndicator { + + private static final String CONFIG_PROP_HEALTHCHECK_DEADLINE = "security.hsmfacade.healthcheck.deadline"; + private static final int DEFAULT_HEALTHCHECK_DEADLINE = 10; + + @Autowired(required = false) EaafKeyStoreFactory factory; + @Autowired(required = false) IConfiguration basicConfig; + + @Override + public Health health() { + if (factory != null && factory.isHsmFacadeInitialized()) { + int deadline = getIntegerFromConfig(CONFIG_PROP_HEALTHCHECK_DEADLINE, DEFAULT_HEALTHCHECK_DEADLINE); + CompletableFuture<Health> asynchTestOperation = new CompletableFuture<>(); + Executors.newCachedThreadPool().submit(() -> runHsmTest(asynchTestOperation)); + try { + return asynchTestOperation.get(deadline, TimeUnit.SECONDS); + + } catch (InterruptedException | ExecutionException | TimeoutException e) { + log.warn("Receive no respose from Health-Check after {} seconds.", deadline, e); + return Health.outOfService().withException(e).build(); + + } + + + } else { + log.trace("No {} or HSM-Facade is not initialized. Skipping healthCheck ...", + EaafKeyStoreFactory.class.getName()); + + } + + return Health.unknown().build(); + + } + + private void runHsmTest(CompletableFuture<Health> completableFuture) { + try { + HsmFacadeStatus status = factory.checkHsmFacadeStatus(); + log.trace("Current HSM-Facade status: {}", status); + if (HsmFacadeStatus.UP.equals(status)) { + completableFuture.complete(Health.up().build()); + + } else if (HsmFacadeStatus.DOWN.equals(status)) { + completableFuture.complete(Health.down().build()); + + } + + } catch (Exception e) { + log.warn("HSM-Facaden Health-Check has an error", e); + completableFuture.complete(Health.down(e).build()); + + } + + } + + private int getIntegerFromConfig(String key, int defaultValue) { + if (basicConfig == null) { + log.info("Using default-value: {} for Config. Property: {}", defaultValue, key); + return defaultValue; + + } else { + String value = basicConfig.getBasicConfiguration(key, String.valueOf(defaultValue)); + try { + return Integer.parseInt(value); + + } catch (NumberFormatException e) { + log.warn("Config. Property: {} with value: {} is NO valid Integer", key, value, e); + log.info("Using default-value: {} for Config. Property: {}", defaultValue, key); + return defaultValue; + + } + } + } + +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java new file mode 100644 index 00000000..c665edb3 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java @@ -0,0 +1,145 @@ +package at.gv.egiz.eaaf.utils.springboot.ajp; + +import java.io.File; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.util.Map; + +import org.apache.catalina.connector.Connector; +import org.apache.commons.lang3.StringUtils; +import org.apache.coyote.AbstractProtocol; +import org.apache.coyote.ProtocolHandler; +import org.apache.coyote.ajp.AbstractAjpProtocol; +import org.apache.tomcat.util.net.NioChannel; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; + +import at.gv.egiz.eaaf.utils.springboot.ajp.logging.LoggingProperties; +import at.gv.egiz.eaaf.utils.springboot.ajp.logging.MdcEnhancerFilter; +import ch.qos.logback.access.tomcat.LogbackValve; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@Configuration +@EnableConfigurationProperties(value = {LoggingProperties.class, TomcatProperties.class}) +@PropertySource("classpath:tomcat.properties") +@PropertySource(value = "classpath:tomcat-${spring.profiles.active}.properties", ignoreResourceNotFound = true) +public class TomcatAjpConfiguration { + private static final String PROTOCOL = "AJP/1.3"; + + @Autowired + private LoggingProperties loggingProperties; + + @Autowired + private TomcatProperties tomcatProperties; + + @Value("${tomcat.workingdir:./work}") + String tomcatWorkDirectory; + + /** + * Set MDC variables for embedded Tomcat access-logging. + * + * @param filter {@link MdcEnhancerFilter} that injects MDS variables + * @return + */ + @Bean + public FilterRegistrationBean<MdcEnhancerFilter> enhacedMdcFilter(@Autowired MdcEnhancerFilter filter) { + FilterRegistrationBean<MdcEnhancerFilter> registration = new FilterRegistrationBean<>(filter); + registration.setEnabled(loggingProperties.getMdc().isEnabled()); + return registration; + + } + + /** + * Adds AJP Connector to embedded Tomcat. + * + * @return + */ + @Bean + public TomcatServletWebServerFactory servletContainer() { + final TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); + + //set working directory + final File workDirFile = new File(tomcatWorkDirectory); + checkBasekDirectory(workDirFile); + tomcat.setBaseDirectory(workDirFile); + log.info("Set embedded Tomcat workingDirectory to: {}", + workDirFile.getAbsolutePath()); + + //set logger configuration + if (loggingProperties.getAccessLog().isEnabled()) { + LogbackValve valve = new LogbackValve(); + valve.setFilename(loggingProperties.getAccessLog().getFilename()); + tomcat.addEngineValves(valve); + } + + final TomcatProperties.Ajp ajp = tomcatProperties.getAjp(); + if (ajp != null && ajp.isEnabled()) { + final Connector ajpConnector = new Connector(PROTOCOL); + ajpConnector.setPort(ajp.getPort()); + ajpConnector.setSecure(ajp.isSecure()); + ajpConnector.setAllowTrace(ajp.isAllowTrace()); + ajpConnector.setScheme(ajp.getScheme()); + setNetworkAddress(ajpConnector.getProtocolHandler(), + ajp.getNetworkAddress()); + + if (ajp.getAdditionalAttributes() != null) { + for (final Map.Entry<String, String> entry : + ajp.getAdditionalAttributes().entrySet()) { + log.debug("Set Tomcat AJP property: {} with value: {}", + entry.getKey(), entry.getValue()); + ajpConnector.setAttribute(entry.getKey(), entry.getValue()); + } + } + log.debug("AJP connector requires secret: {}", + ((AbstractAjpProtocol<?>) ajpConnector.getProtocolHandler()).getSecretRequired()); + + tomcat.addAdditionalTomcatConnectors(ajpConnector); + } + + return tomcat; + } + + private void setNetworkAddress(ProtocolHandler protocolHandler, String address) { + log.trace("Set network address: {} to ProtocolHandler: {}", address, protocolHandler.getClass().getName()); + if (StringUtils.isNotEmpty(address) + && protocolHandler instanceof AbstractProtocol<?>) { + try { + ((AbstractProtocol<NioChannel>) protocolHandler).setAddress(InetAddress.getByName(address)); + log.info("Bind connector: {} to address: {}", PROTOCOL, address); + + } catch (UnknownHostException e) { + log.error("Can NOT set network address: {} to connector: {}", address, PROTOCOL); + + } + + } else { + log.debug("Bind connector: {} to default address", PROTOCOL); + + } + } + + private void checkBasekDirectory(File workDirFile) { + if (!workDirFile.exists()) { + log.debug("Embedded Tomcat workingDirectory: {} not exist. Create it ... ", + workDirFile.getAbsolutePath()); + if (workDirFile.mkdirs()) { + log.info("Embedded Tomcat workingDirectory created"); + + } + } + + if (!workDirFile.isDirectory()) { + log.error("Path to embedded Tomcat workingDirectory: {} is NOT directory", + workDirFile.getAbsolutePath()); + + } + } + +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java new file mode 100644 index 00000000..acddafa0 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java @@ -0,0 +1,72 @@ +package at.gv.egiz.eaaf.utils.springboot.ajp; + +import java.util.Map; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +import lombok.Getter; +import lombok.Setter; + +/** + * Embedded tomcat configuration properties. + */ +@ConfigurationProperties(prefix = "tomcat", ignoreInvalidFields = true) +@Getter +@Setter +public class TomcatProperties { + + /** + * AJP connector properties. + */ + private Ajp ajp; + + /** + * AJP connector properties. + */ + @Getter + @Setter + public static class Ajp { + + /** + * Should the AJP port be enabled. + */ + private boolean enabled; + + /** + * AJP protocol. + */ + private String protocol = "AJP/1.3"; + + /** + * AJP port. + */ + private int port = 8009; + + /** + * Secure connection flag. + */ + private boolean secure; + + /** + * Flag, to disable or enable the TRACE HTTP method. + */ + private boolean allowTrace; + + /** + * Scheme that will be assigned to requests received through this connector. + */ + private String scheme = "http"; + + /** + * Network address to bind this connector. + */ + private String networkAddress = null; + + /** + * Additional AJP Connector Attributes e.g. packetSize. + */ + private Map<String, String> additionalAttributes; + + } + +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java new file mode 100644 index 00000000..b3d5d846 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java @@ -0,0 +1,94 @@ +package at.gv.egiz.eaaf.utils.springboot.ajp.logging; + +import java.util.Collections; +import java.util.List; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +import lombok.Getter; +import lombok.Setter; + +/** + * Logger configuration for embedded Tomcat. + * + * @author BRZ development team + * @author tlenz + * + */ +@ConfigurationProperties(prefix = "logging") +@Getter +@Setter +public class LoggingProperties { + /** + * Whether to log in JSON format. + */ + private boolean json = true; + /** + * Whether to log in plain text. + */ + private boolean text = false; + /** + * Default Logback Pattern. + */ + private String pattern = "### unused property ###"; + /** + * Logback Mapped Diagnostic Context. + */ + private Mdc mdc = new Mdc(); + + /** + * Logback Mapped Diagnostic Context. + */ + + @Getter + @Setter + public static class Mdc { + /** + * Whether to use Logback's MDC. + */ + private boolean enabled = false; + /** + * List of HTTP Headers to make available in Logback's MDC. + */ + private List<String> headers = Collections.emptyList(); + private String headerPrefix = ""; + private String headerPostfix = ""; + /** + * List of HTTP Cookies to make available in Logback's MDC. + */ + private List<String> cookies = Collections.emptyList(); + private String cookiePrefix = ""; + private String cookiePostfix = ""; + /** + * List of HTTP Session Attributes to make available in Logback's MDC. + */ + private List<String> sessionAttributes = Collections.emptyList(); + private String sessionAttributePrefix = ""; + private String sessionAttributePostfix = ""; + /** + * Value to use if a configured MDC entry would be null. + */ + private String nullValue = null; + } + + /** + * Tomcat AccessLog. + */ + private AccessLog accessLog = new AccessLog(); + + /** + * Tomcat AccessLog. + */ + @Getter + @Setter + public static class AccessLog { + /** + * Enable AccessLog. + */ + private boolean enabled = false; + /** + * Logback access log filename. + */ + private String filename = "logback-access.xml"; + } +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java new file mode 100644 index 00000000..d63c47c9 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java @@ -0,0 +1,99 @@ +package at.gv.egiz.eaaf.utils.springboot.ajp.logging; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.MDC; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.stereotype.Component; + +@Component +@EnableConfigurationProperties(LoggingProperties.class) +public class MdcEnhancerFilter implements Filter { + + /** + * Logging properties. + */ + @Autowired + private LoggingProperties loggingProperties; + + /** + * {@inheritDoc} + */ + @Override + public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, + final FilterChain filterChain) throws IOException, ServletException { + final HttpServletRequest request = (HttpServletRequest) servletRequest; + + String key; + String value; + for (final String header : loggingProperties.getMdc().getHeaders()) { + key = loggingProperties.getMdc().getHeaderPrefix() + header + loggingProperties.getMdc() + .getHeaderPostfix(); + value = request.getHeader(header); + if (!StringUtils.isEmpty(value)) { + MDC.put(key, value); + } else if (loggingProperties.getMdc().getNullValue() != null) { + MDC.put(key, loggingProperties.getMdc().getNullValue()); + } + } + + for (final String cookie : loggingProperties.getMdc().getCookies()) { + key = loggingProperties.getMdc().getCookiePrefix() + cookie + loggingProperties.getMdc() + .getCookiePostfix(); + value = getCookie(cookie, request.getCookies()); + if (!StringUtils.isEmpty(value)) { + MDC.put(key, value); + } else if (loggingProperties.getMdc().getNullValue() != null) { + MDC.put(key, loggingProperties.getMdc().getNullValue()); + } + } + + Object object; + for (final String attribute : loggingProperties.getMdc().getSessionAttributes()) { + key = loggingProperties.getMdc().getSessionAttributePrefix() + attribute + loggingProperties.getMdc() + .getSessionAttributePostfix(); + object = request.getSession(true).getAttribute(attribute); + if (object != null) { + MDC.put(key, object.toString()); + } else if (loggingProperties.getMdc().getNullValue() != null) { + MDC.put(key, loggingProperties.getMdc().getNullValue()); + } + } + + try { + filterChain.doFilter(servletRequest, servletResponse); + } finally { + for (final String header : loggingProperties.getMdc().getHeaders()) { + MDC.remove(header); + } + for (final String cookie : loggingProperties.getMdc().getCookies()) { + MDC.remove(cookie); + } + for (final String attribute : loggingProperties.getMdc().getSessionAttributes()) { + MDC.remove(attribute); + } + } + } + + private static String getCookie(final String cookie, final Cookie[] cookies) { + if (cookies == null || StringUtils.isEmpty(cookie)) { + return null; + } + for (final Cookie c : cookies) { + if (c.getName().equals(cookie)) { + return c.getValue(); + } + } + return null; + } +}
\ No newline at end of file diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java new file mode 100644 index 00000000..9d996853 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java @@ -0,0 +1,42 @@ +package at.gv.egiz.eaaf.utils.springboot.utils; + +import java.util.Optional; + +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.ApplicationContext; +import org.springframework.stereotype.Service; + +/** + * SpringBoot based implementation of an application-version holder. + * + * @author tlenz + * + */ +@Service +public class VersionHolder { + + private final String version; + + /** + * Holder that extracts the current version of the SpringBoot application. + * + * @param context Spring ApplicationContext + */ + public VersionHolder(ApplicationContext context) { + version = context.getBeansWithAnnotation(SpringBootApplication.class).entrySet().stream() + .findFirst() + .flatMap(es -> Optional.ofNullable(es.getValue().getClass().getPackage().getImplementationVersion())) + .orElse("unknown"); + + } + + /** + * Get version of this application. + * + * @return version + */ + public String getVersion() { + return version; + + } +} |