Allow disabling HTTP in Neo4j server

Before this change, HTTP connector had to be enabled in order to start the database. HTTPS and Bolt connectors were optional. This commit allows disabling the HTTP connector via: ``` dbms.connector.http.enabled=false ``` setting. It is also possible to disable both HTTP and HTTPS making the database only accessible via Bolt: ``` dbms.connector.http.enabled=false dbms.connector.https.enabled=false ``` Such configuration will make Neo4j not start an embedded Jetty server. Neo4j browser and REST endpoints will thus not be accessible on the usual addresses 'http://localhost:7474' and 'https://localhost:7473'. Disabling HTTP can be useful when operators need to enforce only secure connections. HTTP connector was mandatory because server bootstrappers were only able to instantiate Neo4j server, which created the database. So lifecycle of the core database was managed entirely by the server. This commit makes bootstrappers able to create core database separately from a server component. Based on connector configuration bootstrappers can decide if server component is needed or not. Dummy `DisabledNeoServer` is instantiated when HTTP and HTTPS are turned off. `AbstractNeoServer`, which is the base for all server implementations, is now able to start when either HTTP or HTTPS is enabled.
neo4j · Sep 18, 2018 · 34dd061 · 34dd061
1 parent 48c4ee1
commit 34dd061
Show file tree

Hide file tree

Showing 42 changed files with 1,226 additions and 633 deletions.
diff --git a/community/bolt/src/main/java/org/neo4j/bolt/BoltServer.java b/community/bolt/src/main/java/org/neo4j/bolt/BoltServer.java
@@ -119,7 +119,7 @@ public void start() throws Throwable
 
         BoltProtocolFactory boltProtocolFactory = createBoltProtocolFactory( boltConnectionFactory, boltStateMachineFactory );
 
-        if ( !config.enabledBoltConnectors().isEmpty() && !config.get( GraphDatabaseSettings.disconnected ) )
+        if ( !config.enabledBoltConnectors().isEmpty() )
         {
             NettyServer server = new NettyServer( jobScheduler.threadFactory( Group.BOLT_NETWORK_IO ),
                     createConnectors( boltProtocolFactory, throttleGroup, log ), connectorPortRegister, userLog );

diff --git a/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java b/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java
@@ -146,11 +146,6 @@ public class GraphDatabaseSettings implements LoadableConfig
     @Internal
     public static final Setting<String> editionName = setting( "unsupported.dbms.edition", STRING, Edition.unknown.toString() );
 
-    @Title( "Disconnected" )
-    @Internal
-    @Description( "Disable all protocol connectors." )
-    public static final Setting<Boolean> disconnected = setting( "unsupported.dbms.disconnected", BOOLEAN, FALSE );
-
     @Description( "Print out the effective Neo4j configuration after startup." )
     @Internal
     public static final Setting<Boolean> dump_configuration = setting( "unsupported.dbms.report_configuration",

diff --git a/community/kernel/src/main/java/org/neo4j/helpers/PortBindException.java b/community/kernel/src/main/java/org/neo4j/helpers/PortBindException.java
@@ -30,13 +30,28 @@ public class PortBindException extends BindException
 {
     public PortBindException( ListenSocketAddress address, Throwable original )
     {
-        super( String.format("Address %s is already in use, cannot bind to it.", address) );
+        this( address, null, original );
-        setStackTrace( original.getStackTrace() );
     }
 
-    public PortBindException( ListenSocketAddress address, ListenSocketAddress other, Throwable original )
+    public PortBindException( ListenSocketAddress address1, ListenSocketAddress address2, Throwable original )
     {
-        super( String.format("At least one of the addresses %s or %s is already in use, cannot bind to it.", address, other) );
+        super( createMessage( address1, address2 ) );
         setStackTrace( original.getStackTrace() );
     }
+
+    private static String createMessage( ListenSocketAddress address1, ListenSocketAddress address2 )
+    {
+        if ( address1 == null && address2 == null )
+        {
+            throw new IllegalArgumentException( "At least one address should not be null" );
+        }
+        else if ( address1 != null && address2 != null )
+        {
+            return String.format( "At least one of the addresses %s or %s is already in use, cannot bind to it.", address1, address2 );
+        }
+        else
+        {
+            return String.format( "Address %s is already in use, cannot bind to it.", address1 != null ? address1 : address2 );
+        }
+    }
 }
diff --git a/community/kernel/src/main/java/org/neo4j/kernel/configuration/Config.java b/community/kernel/src/main/java/org/neo4j/kernel/configuration/Config.java
@@ -44,15 +44,15 @@
 import org.neo4j.configuration.ConfigOptions;
 import org.neo4j.configuration.ConfigValue;
 import org.neo4j.configuration.LoadableConfig;
-import org.neo4j.internal.diagnostics.DiagnosticsPhase;
-import org.neo4j.internal.diagnostics.DiagnosticsProvider;
 import org.neo4j.graphdb.config.BaseSetting;
 import org.neo4j.graphdb.config.Configuration;
 import org.neo4j.graphdb.config.InvalidSettingException;
 import org.neo4j.graphdb.config.Setting;
 import org.neo4j.graphdb.config.SettingValidator;
 import org.neo4j.graphdb.factory.GraphDatabaseSettings;
 import org.neo4j.helpers.collection.MapUtil;
+import org.neo4j.internal.diagnostics.DiagnosticsPhase;
+import org.neo4j.internal.diagnostics.DiagnosticsProvider;
 import org.neo4j.kernel.configuration.HttpConnector.Encryption;
 import org.neo4j.kernel.impl.util.CopyOnWriteHashMap;
 import org.neo4j.logging.BufferingLog;
@@ -208,9 +208,6 @@ public Builder withServerDefaults()
             overriddenDefaults.put( https.enabled.name(), TRUE );
             overriddenDefaults.put( bolt.enabled.name(), TRUE );
 
-            // Add server validator
-            validators.add( new ServerConfigurationValidator() );
-
             return this;
         }
 

diff --git a/...ity/kernel/src/main/java/org/neo4j/kernel/configuration/ServerConfigurationValidator.java b/...ity/kernel/src/main/java/org/neo4j/kernel/configuration/ServerConfigurationValidator.java
diff --git a/...kernel/src/test/java/org/neo4j/kernel/configuration/ServerConfigurationValidatorTest.java b/...kernel/src/test/java/org/neo4j/kernel/configuration/ServerConfigurationValidatorTest.java
diff --git a/...o4j/server/plugins/PluginManagerTest.java → ...ver/plugins/DefaultPluginManagerTest.java b/...o4j/server/plugins/PluginManagerTest.java → ...ver/plugins/DefaultPluginManagerTest.java
@@ -19,14 +19,14 @@
  */
 package org.neo4j.server.plugins;
 
-import java.util.List;
-import java.util.Map;
-import javax.ws.rs.core.MediaType;
-
 import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.Test;
 
+import java.util.List;
+import java.util.Map;
+import javax.ws.rs.core.MediaType;
+
 import org.neo4j.graphdb.GraphDatabaseService;
 import org.neo4j.kernel.internal.GraphDatabaseAPI;
 import org.neo4j.logging.NullLogProvider;
@@ -37,7 +37,7 @@
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertThat;
 
-public class PluginManagerTest
+public class DefaultPluginManagerTest
 {
     private static PluginManager manager;
     private static GraphDatabaseAPI graphDb;
@@ -46,7 +46,7 @@ public class PluginManagerTest
     public static void loadExtensionManager()
     {
         graphDb = (GraphDatabaseAPI) new TestGraphDatabaseFactory().newImpermanentDatabase();
-        manager = new PluginManager( null, NullLogProvider.getInstance() );
+        manager = new DefaultPluginManager( NullLogProvider.getInstance() );
     }
 
     @AfterClass