2 * Copyright (c) 2016 Cisco and/or its affiliates.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package io.fd.honeycomb.northbound.restconf;
19 import com.google.inject.Inject;
20 import io.fd.honeycomb.binding.init.ProviderTrait;
21 import io.fd.honeycomb.northbound.CredentialsConfiguration;
23 import java.util.Collections;
24 import org.eclipse.jetty.security.ConstraintMapping;
25 import org.eclipse.jetty.security.ConstraintSecurityHandler;
26 import org.eclipse.jetty.security.HashLoginService;
27 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
28 import org.eclipse.jetty.server.Server;
29 import org.eclipse.jetty.server.handler.gzip.GzipHandler;
30 import org.eclipse.jetty.servlet.ServletHolder;
31 import org.eclipse.jetty.util.security.Constraint;
32 import org.eclipse.jetty.util.security.Password;
33 import org.eclipse.jetty.util.thread.QueuedThreadPool;
34 import org.eclipse.jetty.webapp.WebAppContext;
35 import org.glassfish.jersey.server.ResourceConfig;
36 import org.glassfish.jersey.servlet.ServletContainer;
37 import org.opendaylight.netconf.sal.rest.impl.JsonNormalizedNodeBodyReader;
38 import org.opendaylight.netconf.sal.rest.impl.NormalizedNodeJsonBodyWriter;
39 import org.opendaylight.netconf.sal.rest.impl.NormalizedNodeXmlBodyWriter;
40 import org.opendaylight.netconf.sal.rest.impl.RestconfApplication;
41 import org.opendaylight.netconf.sal.rest.impl.RestconfDocumentedExceptionMapper;
42 import org.opendaylight.netconf.sal.rest.impl.XmlNormalizedNodeBodyReader;
43 import org.opendaylight.netconf.sal.restconf.impl.ControllerContext;
44 import org.opendaylight.netconf.sal.restconf.impl.RestconfImpl;
46 final class JettyServerProvider extends ProviderTrait<Server> {
48 private static final String REALM = "HCRealm";
49 // Mime types to be compressed when requested
50 private static final String[] GZIP_MIME_TYPES = {"application/xml",
52 "application/yang.data+xml",
54 "application/yang.data+json"};
55 public static final String RESTCONF_APP_NAME = "JAXRSRestconf";
58 private RestconfConfiguration cfg;
61 private CredentialsConfiguration credentialsCfg;
64 private RestconfApplication restconfApplication;
67 private RestconfImpl restconf;
70 private ControllerContext controllerContext;
73 protected Server create() {
74 Server server = new Server(new QueuedThreadPool(cfg.restPoolMaxSize.get(), cfg.restPoolMinSize.get()));
76 // Load Realm for basic auth
77 HashLoginService service = new HashLoginService(REALM);
78 // Reusing the name as role
79 service.putUser(credentialsCfg.username, new Password(credentialsCfg.password),
80 new String[]{credentialsCfg.username});
81 server.addBean(service);
83 final URL resource = getClass().getResource("/");
84 WebAppContext webapp = new WebAppContext(resource.getPath(), cfg.restconfRootPath.get());
86 // Create Restconf application implementation for server
87 ResourceConfig resourceConfig = new ResourceConfig();
88 resourceConfig.setApplicationName(RESTCONF_APP_NAME);
89 resourceConfig = resourceConfig.registerInstances(restconf, new NormalizedNodeJsonBodyWriter(),
90 new NormalizedNodeXmlBodyWriter(), new XmlNormalizedNodeBodyReader(controllerContext),
91 new JsonNormalizedNodeBodyReader(controllerContext),
92 new RestconfDocumentedExceptionMapper(controllerContext));
93 // register Restconf Application classes
94 resourceConfig.registerClasses(restconfApplication.getClasses());
96 // Create Servlet container which holds configured application
97 ServletContainer servlet = new ServletContainer(resourceConfig);
98 ServletHolder servletHolder = new ServletHolder(RESTCONF_APP_NAME, servlet);
100 servletHolder.setInitOrder(1);
101 // set service handler
102 server.setHandler(getGzip(service, webapp));
104 //add servlet with "/*" mapping
105 webapp.addServlet(servletHolder, "/*");
109 private GzipHandler getGzip(final HashLoginService service, final WebAppContext webapp) {
110 final GzipHandler gzipHandler = new GzipHandler();
111 gzipHandler.setIncludedMimeTypes(GZIP_MIME_TYPES);
112 gzipHandler.setHandler(getBaseAuth(service, webapp));
116 private ConstraintSecurityHandler getBaseAuth(HashLoginService service, WebAppContext webapp) {
117 Constraint constraint = new Constraint();
118 constraint.setName("auth");
119 constraint.setAuthenticate(true);
120 constraint.setRoles(new String[]{credentialsCfg.username});
122 ConstraintMapping mapping = new ConstraintMapping();
123 mapping.setPathSpec("/*");
124 mapping.setConstraint(constraint);
126 ConstraintSecurityHandler security = new ConstraintSecurityHandler();
127 security.setConstraintMappings(Collections.singletonList(mapping));
128 security.setAuthenticator(new BasicAuthenticator());
129 security.setLoginService(service);
131 security.setHandler(webapp);