summaryrefslogtreecommitdiff
path: root/eaaf-springboot-utils
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf-springboot-utils')
-rw-r--r--eaaf-springboot-utils/checks/spotbugs-exclude.xml11
-rw-r--r--eaaf-springboot-utils/pom.xml130
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java100
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java145
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java72
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java94
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java99
-rw-r--r--eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java42
-rw-r--r--eaaf-springboot-utils/src/main/resources/tomcat.properties15
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java73
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java41
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java96
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java23
-rw-r--r--eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummySpringBootApp.java26
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/config1.properties15
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt10
-rw-r--r--eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties19
-rw-r--r--eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml28
18 files changed, 1039 insertions, 0 deletions
diff --git a/eaaf-springboot-utils/checks/spotbugs-exclude.xml b/eaaf-springboot-utils/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..7bb320ee
--- /dev/null
+++ b/eaaf-springboot-utils/checks/spotbugs-exclude.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- Paths and URLs only loaded from configuration -->
+ <Class name="at.gv.egiz.eaaf.utils.springboot.ajp.TomcatAjpConfiguration" />
+ <Method name="servletContainer" />
+ <OR>
+ <Bug pattern="PATH_TRAVERSAL_IN" />
+ </OR>
+ </Match>
+</FindBugsFilter>
diff --git a/eaaf-springboot-utils/pom.xml b/eaaf-springboot-utils/pom.xml
new file mode 100644
index 00000000..a9d05417
--- /dev/null
+++ b/eaaf-springboot-utils/pom.xml
@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>at.gv.egiz</groupId>
+ <artifactId>eaaf</artifactId>
+ <version>1.2.1-SNAPSHOT</version>
+ </parent>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-springboot-utils</artifactId>
+ <name>EAAF SpringBoot Utils</name>
+ <description>Common utils for SpringBoot applications</description>
+
+ <licenses>
+ <license>
+ <name>European Union Public License, version 1.2 (EUPL-1.2)</name>
+ <url>https://opensource.org/licenses/EUPL-1.2</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
+
+ <developers>
+ <developer>
+ <name>Thomas Lenz</name>
+ <email>thomas.lenz@egiz.gv.at</email>
+ <organization>eGovernment Innovation Center (EGIZ)</organization>
+ <organizationUrl>https://www.egiz.gv.at</organizationUrl>
+ </developer>
+ </developers>
+
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-actuator</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-configuration-processor</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-access</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-to-slf4j</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
+
+ <!-- Test dependencies -->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-module-junit4</artifactId>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-api-mockito2</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <finalName>eaaf-springboot-utils</finalName>
+
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ </resource>
+ </resources>
+
+ <plugins>
+ <plugin>
+ <groupId>com.github.spotbugs</groupId>
+ <artifactId>spotbugs-maven-plugin</artifactId>
+ <version>${spotbugs-maven-plugin.version}</version>
+ <configuration>
+ <failOnError>true</failOnError>
+ <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ </build>
+
+</project> \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java
new file mode 100644
index 00000000..3b2e3fe7
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/actuator/HsmFacadeProviderHealthCheck.java
@@ -0,0 +1,100 @@
+package at.gv.egiz.eaaf.utils.springboot.actuator;
+
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Executors;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.TimeoutException;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.HealthIndicator;
+import org.springframework.stereotype.Service;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Implements a Spring-Actuator HealthCheck for HSM-Facade from A-SIT+.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+@Service("HsmFacadeProvider")
+public class HsmFacadeProviderHealthCheck implements HealthIndicator {
+
+ private static final String CONFIG_PROP_HEALTHCHECK_DEADLINE = "security.hsmfacade.healthcheck.deadline";
+ private static final int DEFAULT_HEALTHCHECK_DEADLINE = 10;
+
+ @Autowired(required = false) EaafKeyStoreFactory factory;
+ @Autowired(required = false) IConfiguration basicConfig;
+
+ @Override
+ public Health health() {
+ if (factory != null && factory.isHsmFacadeInitialized()) {
+ int deadline = getIntegerFromConfig(CONFIG_PROP_HEALTHCHECK_DEADLINE, DEFAULT_HEALTHCHECK_DEADLINE);
+ CompletableFuture<Health> asynchTestOperation = new CompletableFuture<>();
+ Executors.newCachedThreadPool().submit(() -> runHsmTest(asynchTestOperation));
+ try {
+ return asynchTestOperation.get(deadline, TimeUnit.SECONDS);
+
+ } catch (InterruptedException | ExecutionException | TimeoutException e) {
+ log.warn("Receive no respose from Health-Check after {} seconds.", deadline, e);
+ return Health.outOfService().withException(e).build();
+
+ }
+
+
+ } else {
+ log.trace("No {} or HSM-Facade is not initialized. Skipping healthCheck ...",
+ EaafKeyStoreFactory.class.getName());
+
+ }
+
+ return Health.unknown().build();
+
+ }
+
+ private void runHsmTest(CompletableFuture<Health> completableFuture) {
+ try {
+ HsmFacadeStatus status = factory.checkHsmFacadeStatus();
+ log.trace("Current HSM-Facade status: {}", status);
+ if (HsmFacadeStatus.UP.equals(status)) {
+ completableFuture.complete(Health.up().build());
+
+ } else if (HsmFacadeStatus.DOWN.equals(status)) {
+ completableFuture.complete(Health.down().build());
+
+ }
+
+ } catch (Exception e) {
+ log.warn("HSM-Facaden Health-Check has an error", e);
+ completableFuture.complete(Health.down(e).build());
+
+ }
+
+ }
+
+ private int getIntegerFromConfig(String key, int defaultValue) {
+ if (basicConfig == null) {
+ log.info("Using default-value: {} for Config. Property: {}", defaultValue, key);
+ return defaultValue;
+
+ } else {
+ String value = basicConfig.getBasicConfiguration(key, String.valueOf(defaultValue));
+ try {
+ return Integer.parseInt(value);
+
+ } catch (NumberFormatException e) {
+ log.warn("Config. Property: {} with value: {} is NO valid Integer", key, value, e);
+ log.info("Using default-value: {} for Config. Property: {}", defaultValue, key);
+ return defaultValue;
+
+ }
+ }
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java
new file mode 100644
index 00000000..c665edb3
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatAjpConfiguration.java
@@ -0,0 +1,145 @@
+package at.gv.egiz.eaaf.utils.springboot.ajp;
+
+import java.io.File;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Map;
+
+import org.apache.catalina.connector.Connector;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.coyote.AbstractProtocol;
+import org.apache.coyote.ProtocolHandler;
+import org.apache.coyote.ajp.AbstractAjpProtocol;
+import org.apache.tomcat.util.net.NioChannel;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+
+import at.gv.egiz.eaaf.utils.springboot.ajp.logging.LoggingProperties;
+import at.gv.egiz.eaaf.utils.springboot.ajp.logging.MdcEnhancerFilter;
+import ch.qos.logback.access.tomcat.LogbackValve;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Configuration
+@EnableConfigurationProperties(value = {LoggingProperties.class, TomcatProperties.class})
+@PropertySource("classpath:tomcat.properties")
+@PropertySource(value = "classpath:tomcat-${spring.profiles.active}.properties", ignoreResourceNotFound = true)
+public class TomcatAjpConfiguration {
+ private static final String PROTOCOL = "AJP/1.3";
+
+ @Autowired
+ private LoggingProperties loggingProperties;
+
+ @Autowired
+ private TomcatProperties tomcatProperties;
+
+ @Value("${tomcat.workingdir:./work}")
+ String tomcatWorkDirectory;
+
+ /**
+ * Set MDC variables for embedded Tomcat access-logging.
+ *
+ * @param filter {@link MdcEnhancerFilter} that injects MDS variables
+ * @return
+ */
+ @Bean
+ public FilterRegistrationBean<MdcEnhancerFilter> enhacedMdcFilter(@Autowired MdcEnhancerFilter filter) {
+ FilterRegistrationBean<MdcEnhancerFilter> registration = new FilterRegistrationBean<>(filter);
+ registration.setEnabled(loggingProperties.getMdc().isEnabled());
+ return registration;
+
+ }
+
+ /**
+ * Adds AJP Connector to embedded Tomcat.
+ *
+ * @return
+ */
+ @Bean
+ public TomcatServletWebServerFactory servletContainer() {
+ final TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
+
+ //set working directory
+ final File workDirFile = new File(tomcatWorkDirectory);
+ checkBasekDirectory(workDirFile);
+ tomcat.setBaseDirectory(workDirFile);
+ log.info("Set embedded Tomcat workingDirectory to: {}",
+ workDirFile.getAbsolutePath());
+
+ //set logger configuration
+ if (loggingProperties.getAccessLog().isEnabled()) {
+ LogbackValve valve = new LogbackValve();
+ valve.setFilename(loggingProperties.getAccessLog().getFilename());
+ tomcat.addEngineValves(valve);
+ }
+
+ final TomcatProperties.Ajp ajp = tomcatProperties.getAjp();
+ if (ajp != null && ajp.isEnabled()) {
+ final Connector ajpConnector = new Connector(PROTOCOL);
+ ajpConnector.setPort(ajp.getPort());
+ ajpConnector.setSecure(ajp.isSecure());
+ ajpConnector.setAllowTrace(ajp.isAllowTrace());
+ ajpConnector.setScheme(ajp.getScheme());
+ setNetworkAddress(ajpConnector.getProtocolHandler(),
+ ajp.getNetworkAddress());
+
+ if (ajp.getAdditionalAttributes() != null) {
+ for (final Map.Entry<String, String> entry :
+ ajp.getAdditionalAttributes().entrySet()) {
+ log.debug("Set Tomcat AJP property: {} with value: {}",
+ entry.getKey(), entry.getValue());
+ ajpConnector.setAttribute(entry.getKey(), entry.getValue());
+ }
+ }
+ log.debug("AJP connector requires secret: {}",
+ ((AbstractAjpProtocol<?>) ajpConnector.getProtocolHandler()).getSecretRequired());
+
+ tomcat.addAdditionalTomcatConnectors(ajpConnector);
+ }
+
+ return tomcat;
+ }
+
+ private void setNetworkAddress(ProtocolHandler protocolHandler, String address) {
+ log.trace("Set network address: {} to ProtocolHandler: {}", address, protocolHandler.getClass().getName());
+ if (StringUtils.isNotEmpty(address)
+ && protocolHandler instanceof AbstractProtocol<?>) {
+ try {
+ ((AbstractProtocol<NioChannel>) protocolHandler).setAddress(InetAddress.getByName(address));
+ log.info("Bind connector: {} to address: {}", PROTOCOL, address);
+
+ } catch (UnknownHostException e) {
+ log.error("Can NOT set network address: {} to connector: {}", address, PROTOCOL);
+
+ }
+
+ } else {
+ log.debug("Bind connector: {} to default address", PROTOCOL);
+
+ }
+ }
+
+ private void checkBasekDirectory(File workDirFile) {
+ if (!workDirFile.exists()) {
+ log.debug("Embedded Tomcat workingDirectory: {} not exist. Create it ... ",
+ workDirFile.getAbsolutePath());
+ if (workDirFile.mkdirs()) {
+ log.info("Embedded Tomcat workingDirectory created");
+
+ }
+ }
+
+ if (!workDirFile.isDirectory()) {
+ log.error("Path to embedded Tomcat workingDirectory: {} is NOT directory",
+ workDirFile.getAbsolutePath());
+
+ }
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java
new file mode 100644
index 00000000..acddafa0
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/TomcatProperties.java
@@ -0,0 +1,72 @@
+package at.gv.egiz.eaaf.utils.springboot.ajp;
+
+import java.util.Map;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import lombok.Getter;
+import lombok.Setter;
+
+/**
+ * Embedded tomcat configuration properties.
+ */
+@ConfigurationProperties(prefix = "tomcat", ignoreInvalidFields = true)
+@Getter
+@Setter
+public class TomcatProperties {
+
+ /**
+ * AJP connector properties.
+ */
+ private Ajp ajp;
+
+ /**
+ * AJP connector properties.
+ */
+ @Getter
+ @Setter
+ public static class Ajp {
+
+ /**
+ * Should the AJP port be enabled.
+ */
+ private boolean enabled;
+
+ /**
+ * AJP protocol.
+ */
+ private String protocol = "AJP/1.3";
+
+ /**
+ * AJP port.
+ */
+ private int port = 8009;
+
+ /**
+ * Secure connection flag.
+ */
+ private boolean secure;
+
+ /**
+ * Flag, to disable or enable the TRACE HTTP method.
+ */
+ private boolean allowTrace;
+
+ /**
+ * Scheme that will be assigned to requests received through this connector.
+ */
+ private String scheme = "http";
+
+ /**
+ * Network address to bind this connector.
+ */
+ private String networkAddress = null;
+
+ /**
+ * Additional AJP Connector Attributes e.g. packetSize.
+ */
+ private Map<String, String> additionalAttributes;
+
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java
new file mode 100644
index 00000000..b3d5d846
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/LoggingProperties.java
@@ -0,0 +1,94 @@
+package at.gv.egiz.eaaf.utils.springboot.ajp.logging;
+
+import java.util.Collections;
+import java.util.List;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import lombok.Getter;
+import lombok.Setter;
+
+/**
+ * Logger configuration for embedded Tomcat.
+ *
+ * @author BRZ development team
+ * @author tlenz
+ *
+ */
+@ConfigurationProperties(prefix = "logging")
+@Getter
+@Setter
+public class LoggingProperties {
+ /**
+ * Whether to log in JSON format.
+ */
+ private boolean json = true;
+ /**
+ * Whether to log in plain text.
+ */
+ private boolean text = false;
+ /**
+ * Default Logback Pattern.
+ */
+ private String pattern = "### unused property ###";
+ /**
+ * Logback Mapped Diagnostic Context.
+ */
+ private Mdc mdc = new Mdc();
+
+ /**
+ * Logback Mapped Diagnostic Context.
+ */
+
+ @Getter
+ @Setter
+ public static class Mdc {
+ /**
+ * Whether to use Logback's MDC.
+ */
+ private boolean enabled = false;
+ /**
+ * List of HTTP Headers to make available in Logback's MDC.
+ */
+ private List<String> headers = Collections.emptyList();
+ private String headerPrefix = "";
+ private String headerPostfix = "";
+ /**
+ * List of HTTP Cookies to make available in Logback's MDC.
+ */
+ private List<String> cookies = Collections.emptyList();
+ private String cookiePrefix = "";
+ private String cookiePostfix = "";
+ /**
+ * List of HTTP Session Attributes to make available in Logback's MDC.
+ */
+ private List<String> sessionAttributes = Collections.emptyList();
+ private String sessionAttributePrefix = "";
+ private String sessionAttributePostfix = "";
+ /**
+ * Value to use if a configured MDC entry would be null.
+ */
+ private String nullValue = null;
+ }
+
+ /**
+ * Tomcat AccessLog.
+ */
+ private AccessLog accessLog = new AccessLog();
+
+ /**
+ * Tomcat AccessLog.
+ */
+ @Getter
+ @Setter
+ public static class AccessLog {
+ /**
+ * Enable AccessLog.
+ */
+ private boolean enabled = false;
+ /**
+ * Logback access log filename.
+ */
+ private String filename = "logback-access.xml";
+ }
+}
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java
new file mode 100644
index 00000000..d63c47c9
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/ajp/logging/MdcEnhancerFilter.java
@@ -0,0 +1,99 @@
+package at.gv.egiz.eaaf.utils.springboot.ajp.logging;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.MDC;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@Component
+@EnableConfigurationProperties(LoggingProperties.class)
+public class MdcEnhancerFilter implements Filter {
+
+ /**
+ * Logging properties.
+ */
+ @Autowired
+ private LoggingProperties loggingProperties;
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
+ final FilterChain filterChain) throws IOException, ServletException {
+ final HttpServletRequest request = (HttpServletRequest) servletRequest;
+
+ String key;
+ String value;
+ for (final String header : loggingProperties.getMdc().getHeaders()) {
+ key = loggingProperties.getMdc().getHeaderPrefix() + header + loggingProperties.getMdc()
+ .getHeaderPostfix();
+ value = request.getHeader(header);
+ if (!StringUtils.isEmpty(value)) {
+ MDC.put(key, value);
+ } else if (loggingProperties.getMdc().getNullValue() != null) {
+ MDC.put(key, loggingProperties.getMdc().getNullValue());
+ }
+ }
+
+ for (final String cookie : loggingProperties.getMdc().getCookies()) {
+ key = loggingProperties.getMdc().getCookiePrefix() + cookie + loggingProperties.getMdc()
+ .getCookiePostfix();
+ value = getCookie(cookie, request.getCookies());
+ if (!StringUtils.isEmpty(value)) {
+ MDC.put(key, value);
+ } else if (loggingProperties.getMdc().getNullValue() != null) {
+ MDC.put(key, loggingProperties.getMdc().getNullValue());
+ }
+ }
+
+ Object object;
+ for (final String attribute : loggingProperties.getMdc().getSessionAttributes()) {
+ key = loggingProperties.getMdc().getSessionAttributePrefix() + attribute + loggingProperties.getMdc()
+ .getSessionAttributePostfix();
+ object = request.getSession(true).getAttribute(attribute);
+ if (object != null) {
+ MDC.put(key, object.toString());
+ } else if (loggingProperties.getMdc().getNullValue() != null) {
+ MDC.put(key, loggingProperties.getMdc().getNullValue());
+ }
+ }
+
+ try {
+ filterChain.doFilter(servletRequest, servletResponse);
+ } finally {
+ for (final String header : loggingProperties.getMdc().getHeaders()) {
+ MDC.remove(header);
+ }
+ for (final String cookie : loggingProperties.getMdc().getCookies()) {
+ MDC.remove(cookie);
+ }
+ for (final String attribute : loggingProperties.getMdc().getSessionAttributes()) {
+ MDC.remove(attribute);
+ }
+ }
+ }
+
+ private static String getCookie(final String cookie, final Cookie[] cookies) {
+ if (cookies == null || StringUtils.isEmpty(cookie)) {
+ return null;
+ }
+ for (final Cookie c : cookies) {
+ if (c.getName().equals(cookie)) {
+ return c.getValue();
+ }
+ }
+ return null;
+ }
+} \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java
new file mode 100644
index 00000000..9d996853
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/utils/VersionHolder.java
@@ -0,0 +1,42 @@
+package at.gv.egiz.eaaf.utils.springboot.utils;
+
+import java.util.Optional;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
+/**
+ * SpringBoot based implementation of an application-version holder.
+ *
+ * @author tlenz
+ *
+ */
+@Service
+public class VersionHolder {
+
+ private final String version;
+
+ /**
+ * Holder that extracts the current version of the SpringBoot application.
+ *
+ * @param context Spring ApplicationContext
+ */
+ public VersionHolder(ApplicationContext context) {
+ version = context.getBeansWithAnnotation(SpringBootApplication.class).entrySet().stream()
+ .findFirst()
+ .flatMap(es -> Optional.ofNullable(es.getValue().getClass().getPackage().getImplementationVersion()))
+ .orElse("unknown");
+
+ }
+
+ /**
+ * Get version of this application.
+ *
+ * @return version
+ */
+ public String getVersion() {
+ return version;
+
+ }
+}
diff --git a/eaaf-springboot-utils/src/main/resources/tomcat.properties b/eaaf-springboot-utils/src/main/resources/tomcat.properties
new file mode 100644
index 00000000..38ab5a64
--- /dev/null
+++ b/eaaf-springboot-utils/src/main/resources/tomcat.properties
@@ -0,0 +1,15 @@
+tomcat.ajp.enabled=true
+#tomcat.ajp.port=41009
+#tomcat.ajp.additionalAttributes.secretrequired=true
+#tomcat.ajp.additionalAttributes.secret=
+
+server.tomcat.accesslog.buffered=false
+server.tomcat.accesslog.prefix=tomcat-access_log
+server.tomcat.accesslog.directory=logs/
+server.tomcat.accesslog.enabled=true
+server.tomcat.accesslog.file-date-format=.yyyy-MM-dd
+server.tomcat.accesslog.pattern=common
+server.tomcat.accesslog.rename-on-rotate=false
+server.tomcat.accesslog.request-attributes-enabled=true
+server.tomcat.accesslog.rotate=true
+server.tomcat.accesslog.suffix=.log \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java
new file mode 100644
index 00000000..e0c478af
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/SimpleSpringBootStarterTest.java
@@ -0,0 +1,73 @@
+package at.gv.egiz.eaaf.utils.springboot.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+
+import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.HttpClients;
+import org.junit.Assert;
+import org.junit.Test;
+import org.springframework.boot.ExitCodeGenerator;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.context.ConfigurableApplicationContext;
+
+import at.gv.egiz.eaaf.utils.springboot.test.dummy.DummySpringBootApp;
+import at.gv.egiz.eaaf.utils.springboot.utils.VersionHolder;
+
+public class SimpleSpringBootStarterTest {
+
+ @Test
+ public void Test() throws ClientProtocolException, IOException {
+
+ DummySpringBootApp.main(new String[] {
+ "--spring.config.location=classpath:/config/jUnit_application.properties"});
+
+ ConfigurableApplicationContext ctx = DummySpringBootApp.getCtx();
+ Assert.assertNotNull("SpringBootContext", ctx);
+
+ // check if AJP Connector config was set
+ TomcatServletWebServerFactory ajp = ctx.getBean(TomcatServletWebServerFactory.class);
+ Assert.assertNotNull("No AJP connector", ajp);
+
+ // check simple http calls
+ testSimpleHttpCall();
+
+ // check version holder
+ checkVersionHolder(ctx);
+
+
+ SpringApplication.exit(ctx, new ExitCodeGenerator() {
+ @Override
+ public int getExitCode() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+ });
+ }
+
+ private void testSimpleHttpCall() throws ClientProtocolException, IOException {
+ // check if authentication works on actuator end-point
+ final HttpClientBuilder builder = HttpClients.custom();
+ final CloseableHttpClient client = builder.build();
+ assertNotNull("httpClient", client);
+
+ final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/junit");
+ final CloseableHttpResponse httpResp1 = client.execute(httpGet1);
+ assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode());
+
+ }
+
+ private void checkVersionHolder(ConfigurableApplicationContext ctx) {
+ VersionHolder versionHolder = ctx.getBean(VersionHolder.class);
+ assertEquals("can not extract version", "unknown", versionHolder.getVersion());
+
+ }
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java
new file mode 100644
index 00000000..9d3c0d02
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest.java
@@ -0,0 +1,41 @@
+package at.gv.egiz.eaaf.utils.springboot.test.actuator;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.Status;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_spring_actuator.xml")
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class HsmFacadeProviderHealthCheckNoKeyStoreFactoryTest {
+
+ @Mock
+ private EaafKeyStoreFactory keyStoreFactory;
+
+ @InjectMocks
+ @Autowired
+ private HsmFacadeProviderHealthCheck check;
+
+ @Test
+ public void noEaafKeyStoreFactoryBean() {
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java
new file mode 100644
index 00000000..d6bdf26a
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/actuator/HsmFacadeProviderHealthCheckTest.java
@@ -0,0 +1,96 @@
+package at.gv.egiz.eaaf.utils.springboot.test.actuator;
+
+import static org.mockito.Mockito.when;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.Status;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory.HsmFacadeStatus;
+import at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_spring_actuator.xml")
+public class HsmFacadeProviderHealthCheckTest {
+
+ @Mock
+ private EaafKeyStoreFactory keyStoreFactory = Mockito.mock(EaafKeyStoreFactory.class);
+
+ @InjectMocks
+ @Autowired
+ private HsmFacadeProviderHealthCheck check;
+
+ @Before
+ public void initMocks() {
+ MockitoAnnotations.initMocks(this);
+
+ }
+
+ @Test
+ public void hsmFacadeStatusUnknown() {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(false);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UNKNOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusUp() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UP);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.UP.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusDown() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.DOWN);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.DOWN.getCode(), status.getStatus().getCode());
+
+ }
+
+ @Test
+ public void statusUnknown() throws Exception {
+ //set-up test result
+ when(keyStoreFactory.isHsmFacadeInitialized()).thenReturn(true);
+ when(keyStoreFactory.checkHsmFacadeStatus()).thenReturn(HsmFacadeStatus.UNKNOWN);
+
+ //get current status
+ Health status = check.health();
+
+ //validate result
+ Assert.assertEquals("wrong statusCode", Status.OUT_OF_SERVICE.getCode(), status.getStatus().getCode());
+
+ }
+
+
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java
new file mode 100644
index 00000000..65dcf5c1
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummyController.java
@@ -0,0 +1,23 @@
+package at.gv.egiz.eaaf.utils.springboot.test.dummy;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+
+@Controller
+public class DummyController {
+
+ @RequestMapping(value = {"/junit"},
+ method = { RequestMethod.POST, RequestMethod.GET })
+ public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp)
+ throws IOException {
+ resp.setStatus(200);
+
+ }
+}
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummySpringBootApp.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummySpringBootApp.java
new file mode 100644
index 00000000..bc742371
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/dummy/DummySpringBootApp.java
@@ -0,0 +1,26 @@
+package at.gv.egiz.eaaf.utils.springboot.test.dummy;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.context.annotation.ComponentScan;
+
+import lombok.Getter;
+
+@ComponentScan(basePackages = {"at.gv.egiz.eaaf.utils.springboot"})
+@EnableAutoConfiguration
+@SpringBootApplication
+public class DummySpringBootApp {
+
+ @Getter
+ private static ConfigurableApplicationContext ctx;
+
+ public static void main(String[] args) {
+
+ final SpringApplication springApp = new SpringApplication(DummySpringBootApp.class);
+ ctx = springApp.run(args);
+
+ }
+
+}
diff --git a/eaaf-springboot-utils/src/test/resources/config/config1.properties b/eaaf-springboot-utils/src/test/resources/config/config1.properties
new file mode 100644
index 00000000..ca134cf4
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/config/config1.properties
@@ -0,0 +1,15 @@
+security.hsmfacade.host=eid.a-sit.at
+security.hsmfacade.port=9050
+security.hsmfacade.trustedsslcert=src/test/resources/config/hsm_facade_trust_root.crt
+security.hsmfacade.username=authhandler-junit
+security.hsmfacade.password=supersecret123
+
+client.http.connection.timeout.socket=2
+client.http.connection.timeout.connection=2
+client.http.connection.timeout.request=2
+
+core.pendingrequestid.maxlifetime=180
+core.pendingrequestid.digist.type=passphrase
+core.pendingrequestid.digist.secret=pendingReqIdSecret
+core.pendingrequestid.digist.keystore.name=
+core.pendingrequestid.digist.key.alias= \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt
new file mode 100644
index 00000000..01be3821
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/config/hsm_facade_trust_root.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBdDCCARqgAwIBAgIEXkz1yjAKBggqhkjOPQQDAjARMQ8wDQYDVQQDDAZlY3Jv
+b3QwHhcNMjAwMjE5MDg0NjAyWhcNMjEwMjE4MDg0NjAyWjARMQ8wDQYDVQQDDAZl
+Y3Jvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS8yvpVIWbPj4E7Lr87hwQR
+T9DZf9WY5LMV7gF6NKpnJ5JkEql/s7fqBVbrh8aSNo6gmfmSk4VYGhPJ+DCMzzQj
+o2AwXjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFOXafzYpIOlu6BgNU+Ee
+JWuJobgWMB0GA1UdDgQWBBTl2n82KSDpbugYDVPhHiVriaG4FjALBgNVHQ8EBAMC
+AQYwCgYIKoZIzj0EAwIDSAAwRQIgRt/51PKL/bATuLCdib95Ika+h845Jo0G+Sbn
+bzNwJAcCIQCVD1cxEBuUkKaiaLbTiNVsEjvQb6ti0TFbbQUH66jCGA==
+-----END CERTIFICATE-----
diff --git a/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties
new file mode 100644
index 00000000..dd7a77c1
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/config/jUnit_application.properties
@@ -0,0 +1,19 @@
+## embbeded Tomcat
+tomcat.workingdir=./target/work
+tomcat.ajp.enabled=true
+tomcat.ajp.port=8009
+tomcat.ajp.networkAddress=127.0.0.1
+tomcat.ajp.additionalAttributes.secretrequired=true
+tomcat.ajp.additionalAttributes.secret=junit
+
+#############################################################################
+## Embedded Tomcat Logging
+logging.accesslog.enabled=true
+logging.mdc.enabled=true
+logging.mdc.headers[0]=header1
+logging.mdc.headers[1]=header2
+logging.mdc.cookies[0]=cookie1
+logging.mdc.cookies[1]=cookie2
+logging.mdc.sessionAttributes[0]=attr1
+logging.mdc.sessionAttributes[1]=attr2
+logging.mdc.nullvalue=null \ No newline at end of file
diff --git a/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml
new file mode 100644
index 00000000..f41efac9
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/resources/spring/test_spring_actuator.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"
+ default-lazy-init="true">
+
+ <bean id="dummyAuthConfigMap"
+ class="at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap" >
+ <constructor-arg value="/config/config1.properties" />
+ </bean>
+
+ <!-- bean id="eaafKeyStoreFactory"
+ class="at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory" /-->
+
+ <bean id="eaafUtilsMessageSource"
+ class="at.gv.egiz.eaaf.core.impl.logging.EaafUtilsMessageSource" />
+
+ <bean id="HsmFacadeProvider"
+ class="at.gv.egiz.eaaf.utils.springboot.actuator.HsmFacadeProviderHealthCheck"/>
+
+</beans> \ No newline at end of file