You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ro...@apache.org on 2018/07/26 07:29:28 UTC
[cloudstack] branch master updated: server: Make HTTP handler of
embedded server to be configured (#2762)
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/master by this push:
new 1960124 server: Make HTTP handler of embedded server to be configured (#2762)
1960124 is described below
commit 1960124819f0891299d5b4760fa68ba5cfae96fb
Author: Khosrow Moossavi <kh...@gmail.com>
AuthorDate: Thu Jul 26 03:29:25 2018 -0400
server: Make HTTP handler of embedded server to be configured (#2762)
This is to have the possibility to completely disable HTTP and only use HTTPS.
---
client/conf/server.properties.in | 2 +
.../java/org/apache/cloudstack/ServerDaemon.java | 79 ++++++++++++++--------
2 files changed, 54 insertions(+), 27 deletions(-)
diff --git a/client/conf/server.properties.in b/client/conf/server.properties.in
index f255128..7550520 100644
--- a/client/conf/server.properties.in
+++ b/client/conf/server.properties.in
@@ -22,6 +22,7 @@ bind.interface=::
context.path=/client
# The HTTP port to be used by the management server
+http.enable=true
http.port=8080
# Max inactivity time in minutes for the session
@@ -33,6 +34,7 @@ session.timeout=30
# keystore file should exists and be readable by the management server.
https.enable=false
https.port=8443
+
# The keystore and manager passwords are assumed to be same.
https.keystore=/etc/cloudstack/management/cloud.jks
https.keystore.password=vmops.com
diff --git a/client/src/main/java/org/apache/cloudstack/ServerDaemon.java b/client/src/main/java/org/apache/cloudstack/ServerDaemon.java
index 985b67b..1a5e8ff 100644
--- a/client/src/main/java/org/apache/cloudstack/ServerDaemon.java
+++ b/client/src/main/java/org/apache/cloudstack/ServerDaemon.java
@@ -66,6 +66,7 @@ public class ServerDaemon implements Daemon {
private static final String BIND_INTERFACE = "bind.interface";
private static final String CONTEXT_PATH = "context.path";
private static final String SESSION_TIMEOUT = "session.timeout";
+ private static final String HTTP_ENABLE = "http.enable";
private static final String HTTP_PORT = "http.port";
private static final String HTTPS_ENABLE = "https.enable";
private static final String HTTPS_PORT = "https.port";
@@ -80,6 +81,7 @@ public class ServerDaemon implements Daemon {
private Server server;
+ private boolean httpEnable = true;
private int httpPort = 8080;
private int httpsPort = 8443;
private int sessionTimeout = 30;
@@ -105,8 +107,8 @@ public class ServerDaemon implements Daemon {
public void init(final DaemonContext context) {
final File confFile = PropertiesUtil.findConfigFile("server.properties");
if (confFile == null) {
- LOG.warn(String.format("Server configuration file not found. Initializing server daemon on %s:%s, with https.enabled=%s, https.port=%s, context.path=%s",
- bindInterface, httpPort, httpsEnable, httpsPort, contextPath));
+ LOG.warn(String.format("Server configuration file not found. Initializing server daemon on %s, with http.enable=%s, http.port=%s, https.enable=%s, https.port=%s, context.path=%s",
+ bindInterface, httpEnable, httpPort, httpsEnable, httpsPort, contextPath));
return;
}
@@ -119,6 +121,7 @@ public class ServerDaemon implements Daemon {
}
setBindInterface(properties.getProperty(BIND_INTERFACE, ""));
setContextPath(properties.getProperty(CONTEXT_PATH, "/client"));
+ setHttpEnable(Boolean.valueOf(properties.getProperty(HTTP_ENABLE, "true")));
setHttpPort(Integer.valueOf(properties.getProperty(HTTP_PORT, "8080")));
setHttpsEnable(Boolean.valueOf(properties.getProperty(HTTPS_ENABLE, "false")));
setHttpsPort(Integer.valueOf(properties.getProperty(HTTPS_PORT, "8443")));
@@ -129,9 +132,15 @@ public class ServerDaemon implements Daemon {
setSessionTimeout(Integer.valueOf(properties.getProperty(SESSION_TIMEOUT, "30")));
} catch (final IOException e) {
LOG.warn("Failed to load configuration from server.properties file", e);
+ } finally {
+ // make sure that at least HTTP is enabled if both of them are set to false (misconfiguration)
+ if (!httpEnable && !httpsEnable) {
+ setHttpEnable(true);
+ LOG.warn("Server configuration malformed, neither http nor https is enabled, http will be enabled.");
+ }
}
- LOG.info(String.format("Initializing server daemon on %s:%s, with https.enabled=%s, https.port=%s, context.path=%s",
- bindInterface, httpPort, httpsEnable, httpsPort, contextPath));
+ LOG.info(String.format("Initializing server daemon on %s, with http.enable=%s, http.port=%s, https.enable=%s, https.port=%s, context.path=%s",
+ bindInterface, httpEnable, httpPort, httpsEnable, httpsPort, contextPath));
}
@Override
@@ -163,11 +172,7 @@ public class ServerDaemon implements Daemon {
httpConfig.setSendDateHeader(false);
// HTTP Connector
- final ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
- httpConnector.setPort(httpPort);
- httpConnector.setHost(bindInterface);
- httpConnector.setIdleTimeout(30000);
- server.addConnector(httpConnector);
+ createHttpConnector(httpConfig);
// Setup handlers
server.setHandler(createHandlers());
@@ -175,10 +180,43 @@ public class ServerDaemon implements Daemon {
// Extra config options
server.setStopAtShutdown(true);
+ // HTTPS Connector
+ createHttpsConnector(httpConfig);
+
+ server.start();
+ server.join();
+ }
+
+ @Override
+ public void stop() throws Exception {
+ server.stop();
+ }
+
+ @Override
+ public void destroy() {
+ server.destroy();
+ }
+
+ ///////////////////////////////////////////////////
+ /////////////// Private methods ///////////////////
+ ///////////////////////////////////////////////////
+
+ private void createHttpConnector(final HttpConfiguration httpConfig) {
+ if (httpEnable) {
+ final ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
+ httpConnector.setPort(httpPort);
+ httpConnector.setHost(bindInterface);
+ httpConnector.setIdleTimeout(30000);
+ server.addConnector(httpConnector);
+ }
+ }
+
+ private void createHttpsConnector(final HttpConfiguration httpConfig) {
// Configure SSL
if (httpsEnable && !Strings.isNullOrEmpty(keystoreFile) && new File(keystoreFile).exists()) {
// SSL Context
final SslContextFactory sslContextFactory = new SslContextFactory();
+
// Define keystore path and passwords
sslContextFactory.setKeyStorePath(keystoreFile);
sslContextFactory.setKeyStorePassword(keystorePassword);
@@ -188,7 +226,7 @@ public class ServerDaemon implements Daemon {
final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
- // HTTPS connector
+ // HTTPS Connector
final ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(httpsConfig));
@@ -196,25 +234,8 @@ public class ServerDaemon implements Daemon {
sslConnector.setHost(bindInterface);
server.addConnector(sslConnector);
}
-
- server.start();
- server.join();
}
- @Override
- public void stop() throws Exception {
- server.stop();
- }
-
- @Override
- public void destroy() {
- server.destroy();
- }
-
- ///////////////////////////////////////////////////
- /////////////// Private methods ///////////////////
- ///////////////////////////////////////////////////
-
private HandlerCollection createHandlers() {
final WebAppContext webApp = new WebAppContext();
webApp.setContextPath(contextPath);
@@ -283,6 +304,10 @@ public class ServerDaemon implements Daemon {
this.httpPort = httpPort;
}
+ public void setHttpEnable(boolean httpEnable) {
+ this.httpEnable = httpEnable;
+ }
+
public void setHttpsPort(int httpsPort) {
this.httpsPort = httpsPort;
}