Merge pull request #7693 from mandy-chessell/code2023

Remove certs & application.properties from main jar

open-metadata-implementation/server-chassis/server-chassis-spring/src/main/resources/application.properties → application.properties

@@ -1,31 +1,49 @@
 # SPDX-License-Identifier: Apache-2.0
 # Copyright Contributors to the ODPi Egeria project.
 
+# ========================================================================================================
+# The application.properties file is used to configure the OMAG Server Platform which is implemented as
+# a spring boot application.
 
+###############################################
+### Default port for the OMAG Server Platform
+################################################
 server.port=9443
-server.ssl.key-store=classpath:keystore.p12
+
+################################################
+### SSL security.
+# The keystore determines the information sent out by the server to identify itself.
+# The truststore is where the certificates of trusted servers the platform is calling are located.
+# (Note SSL certificate checking is performed on client-side only.)
+################################################
+server.ssl.key-store=keystore.p12
 server.ssl.key-store-password=egeria
 server.ssl.keyStoreType=PKCS12
 server.ssl.keyAlias=egeriaserverchassis
 
 server.ssl.trust-store=truststore.p12
 server.ssl.trust-store-password=egeria
 
-# WARNING! setting 'false' allows java clients to open https connections without checking certificates validity
+# WARNING! setting 'strict.ssl=false' allows java clients to open https connections without checking the validity of
+# certificates from the servers it is calling.
 # Alternate you can import self signed certificates into java truststore or setup an truststore only for this app
 # by adding the store into server.ssl.trust-store parameter
 strict.ssl=true
+# Comma separated values of http headers to be added to ThreadLocal
+header.name.list=
 
 ################################################
-### startup servers configuration
+### Which java packages should be scanned to locate the Spring resource definitions that define the REST APIs?
 ################################################
 scan.packages=org.odpi.openmetadata.*
-#userId used to startup the list of configured servers default is 'system'
+
+################################################
+### startup servers configuration
+################################################
+#userId used to start up the list of configured servers default is 'system'
 startup.user=system
-# Comma separated names of servers to be started
+# Comma separated names of servers to be started.  The server names should be unquoted.
 startup.server.list=
-# Comma separated values of http headers to be added to ThreadLocal
-header.name.list=
 
 ################################################
 ### Logging

open-metadata-distribution/open-metadata-assemblies/build.gradle

@@ -104,10 +104,6 @@ dependencies {
     implementation project(':open-metadata-resources:open-metadata-samples:governance-services-sample')
 
 }
-// Path to the SSL key for OMAG server to function as a client to itself
-String keyDirPath = project(':open-metadata-implementation:server-chassis:server-chassis-spring').projectDir.getAbsolutePath() +  '/src/main/resources'
-File keyDir = file(keyDirPath)
-//println keyDirPath
 
 distributions {
     egeriaomag {
@@ -183,13 +179,11 @@ distributions {
                     include 'NOTICE'
                     include 'LICENSE'
                     include 'truststore.p12'
+                    include 'keystore.p12'
+                    include 'application.properties'
                     include 'content-packs/*'
                     include 'sample-data/*/*'
                 }
-//               copy key to root of targz file
-                from (keyDir) {
-                    include 'keystore.p12'
-                }
                 fileMode = 0755
             }
         }

open-metadata-implementation/adapters/authentication-plugins/http-helper/src/main/java/org/odpi/openmetadata/http/HttpRequestHeadersFilter.java

@@ -10,6 +10,7 @@
 import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -25,8 +26,16 @@ public class HttpRequestHeadersFilter implements Filter {
     /**
      * @param headerNames list of http header names
      */
-    public HttpRequestHeadersFilter(List<String> headerNames) {
-        this.headerNames = headerNames;
+    public HttpRequestHeadersFilter(List<String> headerNames)
+    {
+        if (headerNames == null)
+        {
+            this.headerNames = new ArrayList<>();
+        }
+        else
+        {
+            this.headerNames = headerNames;
+        }
     }
 
     @Override

open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/OMAGServerPlatform.java

@@ -31,9 +31,13 @@
 import java.util.*;
 
 
+/**
+ * OMAGServerPlatform provides the main program for the OMAG Server Platform.
+ */
 @SpringBootApplication(
-        scanBasePackages = {"${scan.packages}"}
+        scanBasePackages = {"${scan.packages:org.odpi.openmetadata.*}"}
 )
+
 @OpenAPIDefinition(
         info = @Info(
                 title = "Egeria's Open Metadata and Governance (OMAG) Server Platform",
@@ -65,19 +69,18 @@
         externalDocs = @ExternalDocumentation(description = "OMAG Server Platform documentation",
                 url="https://egeria-project.org/concepts/omag-server-platform/")
         )
-
 public class OMAGServerPlatform
 {
-    @Value("${strict.ssl}")
+    @Value("${strict.ssl:true}") // Default value is true
     Boolean strictSSL;
 
-    @Value("${startup.user}")
+    @Value("${startup.user:system}") // Default value is "system"
     String sysUser;
 
-    @Value("${startup.server.list}")
+    @Value("${startup.server.list:}") // Default value is zero length string
     String startupServers;
 
-    @Value("${header.name.list}")
+    @Value("${header.name.list:}") // Default value is zero length string
     List<String> headerNames;
 
     @Autowired
@@ -88,27 +91,56 @@ public class OMAGServerPlatform
 
     private boolean triggeredRuntimeHalt = false;
     private String startupMessage = "";
-    private OMAGServerOperationalServices operationalServices = new OMAGServerOperationalServices();
+    private final OMAGServerOperationalServices operationalServices = new OMAGServerOperationalServices();
 
     private static final Logger log = LoggerFactory.getLogger(OMAGServerPlatform.class);
 
-    public static void main(String[] args) {
+
+    /**
+     * Java main
+     * @param args program arguments used to override environment variables
+     */
+    public static void main(String[] args)
+    {
         SpringApplication.run(OMAGServerPlatform.class, args);
     }
 
+
+    /**
+     * Make adjustments to the local environment.
+     *
+     * @return bean
+     */
     @Bean
     public InitializingBean getInitialize()
     {
-        return () -> {
+        return () ->
+        {
+            log.info("Working directory is: " + System.getProperty("user.dir"));
+
             if (!strictSSL)
             {
-                log.warn("strict.ssl is set to false! Invalid certificates will be accepted for connection!");
+                log.warn("Option strict.ssl is set to false! Invalid certificates will be accepted for connection!");
                 HttpHelper.noStrictSSL();
-            } else if( System.getProperty("javax.net.ssl.trustStore")==null ) {
-                //load the 'javax.net.ssl.trustStore' and
-                //'javax.net.ssl.trustStorePassword' from application.properties
-                System.setProperty("javax.net.ssl.trustStore", env.getProperty("server.ssl.trust-store"));
-                System.setProperty("javax.net.ssl.trustStorePassword", env.getProperty("server.ssl.trust-store-password"));
+            }
+
+            if (System.getProperty("javax.net.ssl.trustStore") == null)
+            {
+                log.warn("Java trust store 'javax.net.ssl.trustStore' is null - this is needed by Tomcat - using 'server.ssl.trust-store'");
+
+                /*
+                 * load the 'javax.net.ssl.trustStore' and 'javax.net.ssl.trustStorePassword' from application.properties.
+                 * Note, these variables should only used for mutual SSL.  This function is provided for backward compatibility.
+                 * Also note that there is an NPE if the java variables are set to null.
+                 */
+                if (env.getProperty("server.ssl.trust-store") != null)
+                {
+                    System.setProperty("javax.net.ssl.trustStore", env.getProperty("server.ssl.trust-store"));
+                }
+                if (env.getProperty("server.ssl.trust-store-password") != null)
+                {
+                    System.setProperty("javax.net.ssl.trustStorePassword", env.getProperty("server.ssl.trust-store-password"));
+                }
             }
         };
     }
@@ -167,7 +199,7 @@ private void autoStartConfig()
 
 
     /**
-     *  Deactivate all servers that were started automatically
+     * Deactivate all servers that were started automatically
      */
     private void temporaryDeactivateServers()
     {
@@ -183,45 +215,64 @@ private void temporaryDeactivateServers()
         }
     }
 
+
+    /**
+     * ApplicationContextListener detects various events during the lifetime of the OMAGServerPlatform run.
+     */
     @Component
     public class ApplicationContextListener
     {
 
+        /**
+         * Print out message to say that the platform is ready.
+         */
         @EventListener(ApplicationReadyEvent.class)
-        public void applicationReady() {
+        public void applicationReady()
+        {
             autoStartConfig();
             System.out.println(OMAGServerPlatform.this.startupMessage);
 
-            if(triggeredRuntimeHalt){
+            if (triggeredRuntimeHalt)
+            {
                 Runtime.getRuntime().halt(43);
             }
             System.out.println(new Date() + " OMAG server platform ready for more configuration");
         }
 
+
+        /**
+         * Detect platform shutdown.
+         *
+         * @param event unused event information
+         */
         @EventListener
         public void onApplicationEvent(ContextClosedEvent event)
         {
             temporaryDeactivateServers();
         }
     }
 
+    /**
+     * Detect failures
+     */
     @Component
     public class CustomSpringEventListener implements ApplicationListener<StartupFailEvent>
     {
         @Override
-        public void onApplicationEvent(StartupFailEvent event) {
+        public void onApplicationEvent(StartupFailEvent event)
+        {
             log.info("Received startup fail event with message: {} " + event.getMessage());
             temporaryDeactivateServers();
         }
-
     }
 
     /**
      * Initialization of HttpRequestHeadersFilter. headerNames is a list of headers defined in application properties.
      * @return bean of an initialized FilterRegistrationBean
      */
     @Bean
-    public FilterRegistrationBean<HttpRequestHeadersFilter> getRequestHeadersFilter() {
+    public FilterRegistrationBean<HttpRequestHeadersFilter> getRequestHeadersFilter()
+    {
         FilterRegistrationBean<HttpRequestHeadersFilter> registrationBean = new FilterRegistrationBean<>();
 
         registrationBean.setFilter(new HttpRequestHeadersFilter(headerNames));
@@ -230,5 +281,4 @@ public FilterRegistrationBean<HttpRequestHeadersFilter> getRequestHeadersFilter(
 
         return registrationBean;
     }
-
 }

open-metadata-implementation/server-chassis/server-chassis-spring/src/main/java/org/odpi/openmetadata/serverchassis/springboot/StartupFailEvent.java

@@ -4,27 +4,54 @@
 
 import org.springframework.context.ApplicationEvent;
 
+import java.io.Serial;
+
 /**
  *   Application event used for the case of startup list fails
  */
-public class StartupFailEvent extends ApplicationEvent {
+public class StartupFailEvent extends ApplicationEvent
+{
 
+    @Serial
     private static final long serialVersionUID = 1L;
 
-    private Object source;
-    private String message;
+    private final Object source;
+    private final String message;
+
 
-    public StartupFailEvent(Object source, String message) {
+    /**
+     * Constructor
+     *
+     * @param source source
+     * @param message message
+     */
+    public StartupFailEvent(Object source, String message)
+    {
         super(source);
         this.source = source;
         this.message = message;
     }
 
-    public Object getSource() {
+
+    /**
+     * Return the source.
+     *
+     * @return object
+     */
+    @Override
+    public Object getSource()
+    {
         return source;
     }
 
-    public String getMessage() {
+
+    /**
+     * Return the message.
+     *
+     * @return string
+     */
+    public String getMessage()
+    {
         return message;
     }
 }