IDM authentication with ssl fixed

OPSILab · Oct 12, 2018 · 9271b7c · 9271b7c
1 parent 1510cf6
commit 9271b7c
Show file tree

Hide file tree

Showing 5 changed files with 133 additions and 143 deletions.
diff --git a/Idra/src/main/java/it/eng/idra/api/AdministrationAPI.java b/Idra/src/main/java/it/eng/idra/api/AdministrationAPI.java
@@ -756,7 +756,7 @@ public Response loginGet(@DefaultValue("") @QueryParam("code") String code,
 					// session.setAttribute("loggedin", token);
 					// session.setAttribute("refresh_token", refresh_token);
 					// session.setAttribute("username", info.getDisplayName());
-					return Response.seeOther(URI.create("/IdraPortal"))
+					return Response.seeOther(URI.create(PropertyManager.getProperty(ODFProperty.IDRA_CATALOGUE_BASEPATH)))
 							.cookie(new NewCookie("loggedin", (String) token, "/", "", "comment", 100, false))
 							.cookie(new NewCookie("refresh_token", refresh_token, "/", "", "comment", 100, false))
 							.cookie(new NewCookie("username", info.getDisplayName(), "/", "", "comment", 100, false))
@@ -814,7 +814,7 @@ public Response loginPost(@Context HttpServletRequest httpRequest) {
 					session.setAttribute("username", info.getDisplayName());
 				}
 
-				return Response.temporaryRedirect(URI.create(httpRequest.getContextPath() + "/IdraPortal")).build();
+				return Response.temporaryRedirect(URI.create(httpRequest.getContextPath() + PropertyManager.getProperty(ODFProperty.IDRA_CATALOGUE_BASEPATH))).build();
 
 			default:
 				String input = IOUtils.toString(httpRequest.getInputStream(), Charset.defaultCharset());

diff --git a/Idra/src/main/java/it/eng/idra/api/CORSResponseFilter.java b/Idra/src/main/java/it/eng/idra/api/CORSResponseFilter.java
@@ -36,7 +36,7 @@ public void filter(ContainerRequestContext requestContext, ContainerResponseCont
 
 		headers.add("Access-Control-Allow-Origin", "*");
 		headers.add("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");			
-		headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia");
+		headers.add("Access-Control-Allow-Headers", "*");
 	}
 
 }
diff --git a/Idra/src/main/java/it/eng/idra/beans/ODFProperty.java b/Idra/src/main/java/it/eng/idra/beans/ODFProperty.java
@@ -55,7 +55,8 @@ public enum ODFProperty {
 	ENABLE_STATISTICS("idra.statistics.enable"),
 	AUTHENTICATION_METHOD("idra.authentication.method"),
 	ORION_FILE_DUMP_PATH("idra.orion.orionDumpFilePath"),
-	ORION_INTERNAL_API("idra.orion.orionInternalAPI");
+	ORION_INTERNAL_API("idra.orion.orionInternalAPI"),
+	IDRA_CATALOGUE_BASEPATH("idra.catalogue.basepath");
 
 
 	private final String text;

diff --git a/Idra/src/main/java/it/eng/idra/utils/restclient/RestClientBaseImpl.java b/Idra/src/main/java/it/eng/idra/utils/restclient/RestClientBaseImpl.java
@@ -1,137 +1,122 @@
-/*******************************************************************************
- * Idra - Open Data Federation Platform
- *  Copyright (C) 2018 Engineering Ingegneria Informatica S.p.A.
- *  
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * at your option) any later version.
- *  
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *  
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- ******************************************************************************/
-package it.eng.idra.utils.restclient;
-
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.Map;
-import java.util.logging.Logger;
-
-import javax.ws.rs.core.MediaType;
-
-import it.eng.idra.utils.PropertyManager;
-
-import it.eng.idra.utils.restclient.builders.HttpDeleteBuilder;
-import it.eng.idra.utils.restclient.builders.HttpGetBuilder;
-import it.eng.idra.utils.restclient.builders.HttpHeadBuilder;
-import it.eng.idra.utils.restclient.builders.HttpPostBuilder;
-import it.eng.idra.utils.restclient.builders.HttpPutBuilder;
-import it.eng.idra.utils.restclient.configuration.RestProperty;
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpResponse;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.Credentials;
-import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.methods.HttpRequestBase;
-import org.apache.http.conn.params.ConnRoutePNames;
-import org.apache.http.impl.client.AbstractHttpClient;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.params.BasicHttpParams;
-import org.apache.http.params.HttpConnectionParams;
-import org.apache.http.params.HttpParams;
-
-import com.sun.research.ws.wadl.HTTPMethods;
-
-@SuppressWarnings("deprecation")
-public abstract class RestClientBaseImpl {
-
-	protected static final Logger logger = Logger.getLogger(RestClient.class.getName());
-	protected HttpClient httpclient = null;
-
-	protected HttpClient buildClient(){
-
-		final HttpParams httpParams = new BasicHttpParams();
-		HttpConnectionParams.setConnectionTimeout(httpParams, 300000);
-		HttpConnectionParams.setSoTimeout(httpParams, 900000);
-
-		httpclient = new DefaultHttpClient(httpParams);
-
-		/* Set an HTTP proxy if it is specified in system properties.
-		 * 
-		 * http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html
-		 * http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientExecuteProxy.java
-		 */
-		if (Boolean.parseBoolean(PropertyManager.getProperty(RestProperty.HTTP_PROXY_ENABLED).trim())
-				&& StringUtils.isNotBlank(PropertyManager.getProperty(RestProperty.HTTP_PROXY_HOST).trim())) {
-
-			int port = 80;
-			if (isSet(PropertyManager.getProperty(RestProperty.HTTP_PROXY_PORT))) {
-				port = Integer.parseInt(PropertyManager.getProperty(RestProperty.HTTP_PROXY_PORT));
-			}
-			HttpHost proxy = new HttpHost(PropertyManager.getProperty(RestProperty.HTTP_PROXY_HOST), port, "http");
-			httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
-			if (isSet(PropertyManager.getProperty(RestProperty.HTTP_PROXY_USER))) {
-				((AbstractHttpClient) httpclient).getCredentialsProvider().setCredentials(
-						new AuthScope(PropertyManager.getProperty(RestProperty.HTTP_PROXY_HOST), port),
-						(Credentials) new UsernamePasswordCredentials(
-								PropertyManager.getProperty(RestProperty.HTTP_PROXY_USER),
-								PropertyManager.getProperty(RestProperty.HTTP_PROXY_PASSWORD)));
-			}
-		}
-
-		return httpclient;
-	}
-
-	protected HttpResponse invoke(HTTPMethods method, String urlString, Map<String, String> headers, MediaType type, String data) 
-			throws MalformedURLException{
-
-		URL url = new URL(urlString);
-
-		HttpResponse response = null;
-		httpclient = buildClient();
-
-		try {
-			HttpRequestBase httpRequest = null;
-
-			switch(method){
-				case DELETE:
-					httpRequest = HttpDeleteBuilder.getInstance(url, headers);
-					break;
-				case GET:
-					httpRequest = HttpGetBuilder.getInstance(url, headers);
-					break;
-				case HEAD:
-					httpRequest = HttpHeadBuilder.getInstance(url, headers);
-					break;
-				case POST:
-					httpRequest = HttpPostBuilder.getInstance(url, headers, type, data);
-					break;
-				case PUT:
-					httpRequest = HttpPutBuilder.getInstance(url, headers, type, data);
-					break;
-				default:
-					throw new Exception("Method "+method.toString()+" not supported");
-			}
-
-			response = httpclient.execute(httpRequest);
-
-		} catch (Exception ioe) {
-			logger.info(ioe.toString());
-		} 
-
-		return response;
-
-	}
-
-	private static boolean isSet(String string) {
-		return string != null && string.length() > 0;
-	}
-}
+/*******************************************************************************
+ * Idra - Open Data Federation Platform
+ *  Copyright (C) 2018 Engineering Ingegneria Informatica S.p.A.
+ *  
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * at your option) any later version.
+ *  
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *  
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ ******************************************************************************/
+package it.eng.idra.utils.restclient;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Map;
+import java.util.logging.Logger;
+
+import javax.ws.rs.core.MediaType;
+
+import it.eng.idra.utils.restclient.builders.HttpDeleteBuilder;
+import it.eng.idra.utils.restclient.builders.HttpGetBuilder;
+import it.eng.idra.utils.restclient.builders.HttpHeadBuilder;
+import it.eng.idra.utils.restclient.builders.HttpPostBuilder;
+import it.eng.idra.utils.restclient.builders.HttpPutBuilder;
+import org.apache.http.HttpResponse;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContextBuilder;
+
+import com.sun.research.ws.wadl.HTTPMethods;
+
+public abstract class RestClientBaseImpl {
+
+	protected static final Logger logger = Logger.getLogger(RestClient.class.getName());
+	protected HttpClient httpclient = null;
+
+	protected HttpClient buildClient(){
+
+		SSLContextBuilder sshbuilder = new SSLContextBuilder();
+		try {
+			sshbuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
+			SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sshbuilder.build());
+
+			httpclient = HttpClients.custom()
+				.setSSLHostnameVerifier(new NoopHostnameVerifier())
+			    .setSSLSocketFactory(sslsf)
+			    .build();
+		} catch (NoSuchAlgorithmException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (KeyStoreException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (KeyManagementException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+
+
+		return httpclient;
+	}
+
+	protected HttpResponse invoke(HTTPMethods method, String urlString, Map<String, String> headers, MediaType type, String data) 
+			throws MalformedURLException{
+
+		URL url = new URL(urlString);
+
+		HttpResponse response = null;
+		httpclient = buildClient();
+
+		try {
+			HttpRequestBase httpRequest = null;
+
+			switch(method){
+				case DELETE:
+					httpRequest = HttpDeleteBuilder.getInstance(url, headers);
+					break;
+				case GET:
+					httpRequest = HttpGetBuilder.getInstance(url, headers);
+					break;
+				case HEAD:
+					httpRequest = HttpHeadBuilder.getInstance(url, headers);
+					break;
+				case POST:
+					httpRequest = HttpPostBuilder.getInstance(url, headers, type, data);
+					break;
+				case PUT:
+					httpRequest = HttpPutBuilder.getInstance(url, headers, type, data);
+					break;
+				default:
+					throw new Exception("Method "+method.toString()+" not supported");
+			}
+
+			response = httpclient.execute(httpRequest);
+
+		} catch (Exception ioe) {
+			logger.info(ioe.toString());
+		} 
+
+		return response;
+
+	}
+
+	private static boolean isSet(String string) {
+		return string != null && string.length() > 0;
+	}
+}
diff --git a/Idra/src/main/resources/configuration.properties b/Idra/src/main/resources/configuration.properties
@@ -56,7 +56,7 @@ idra.dump.onstart=false
 
 ################# ORION FILE DUMP DIRECTORY #############################
 idra.orion.orionDumpFilePath=/home/ubuntu/orionDumpPath/
-idra.orion.orionInternalAPI=http://localhost:8080/Idra/api/v1/client/executeOrionQuery
+idra.orion.orionInternalAPI=http://IDRA_HOST/Idra/api/v1/client/executeOrionQuery
 
 ################# WEB SCRAPER CONFIGURATION ######################
 idra.scraper.defaultStopValues=-,_,\\s
@@ -66,7 +66,7 @@ idra.statistics.enable=false
 
 ################# LOD MANAGER CONFIGURATION ######################
 idra.lod.enable=true
-idra.lod.repo.name=ODF
+idra.lod.repo.name=Idra
 idra.lod.server.uri=http\://localhost\:8080/rdf4j-server/repositories/
 idra.lod.server.uri.query=http\://localhost\:8080/rdf4j-workbench/repositories/Idra/query
 
@@ -102,3 +102,7 @@ idm.redirecturi=http://IDRA_HOST/Idra/api/v1/administration/login
 idm.logout.callback=http://IDRA_PORTAL_HOST/IdraPortal
 ### Role name that User must have in the IDM to be authenticated as Idra Administrator
 idm.admin.role.name=Admin
+
+#The name of the deployed application to be redirected after login
+#Leave blank if the application is deployed as ROOT e.g. in tomcat
+idra.catalogue.basepath=/IdraPortal