use of org.carapaceproxy.configstore.ConfigurationStore in project carapaceproxy by diennea.
the class CertificatesTest method testUploadTypedCertificatesWithDaysBeforeRenewal.
@Test
@Parameters({ "acme", "manual" })
public void testUploadTypedCertificatesWithDaysBeforeRenewal(String type) throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dynCertsMan = server.getDynamicCertificatesManager();
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
// Create
HttpResponse resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(10, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost-negative", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost-default", "type=" + type, chainData, client, credentials);
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost-default");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// Update
uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=45", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(45, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost2", "type=" + type, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// changing the type (acme <-> manual)
String other = type.equals("manual") ? "acme" : "manual";
uploadCertificate("localhost2", "type=" + other, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
SSLCertificateConfiguration config = server.getCurrentConfiguration().getCertificates().get("localhost2");
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, config.getDaysBeforeRenewal());
// checking for "certificate.X.daysbeforerenewal" property delete
ConfigurationStore store = server.getDynamicConfigurationStore();
assertEquals(other.equals("acme"), store.anyPropertyMatches((k, v) -> {
if (k.matches("certificate\\.[0-9]+\\.hostname") && v.equals("localhost2")) {
return store.getProperty(k.replace("hostname", "daysbeforerenewal"), null) != null;
}
return false;
}));
}
}
use of org.carapaceproxy.configstore.ConfigurationStore in project carapaceproxy by diennea.
the class DynamicCertificatesManagerTest method testWidlcardCertificateStateManagement.
@Test
// E) challenge failed -> record deleted
@Parameters({ "challenge_creation_failed", "challenge_check_limit_expired", "challenge_ready", "challenge_verified", "challenge_failed" })
public void testWidlcardCertificateStateManagement(String runCase) throws Exception {
System.setProperty("carapace.acme.dnschallengereachabilitycheck.limit", "2");
// ACME mocking
ACMEClient ac = mock(ACMEClient.class);
Order o = mock(Order.class);
when(o.getLocation()).thenReturn(new URL("https://localhost/index"));
Login login = mock(Login.class);
when(login.bindOrder(any())).thenReturn(o);
when(ac.getLogin()).thenReturn(login);
when(ac.createOrderForDomain(any())).thenReturn(o);
Session session = mock(Session.class);
Connection conn = mock(Connection.class);
when(conn.readJsonResponse()).thenReturn(JSON.parse("{\"url\": \"https://localhost/index\", \"type\": \"dns-01\"}"));
when(session.connect()).thenReturn(conn);
when(login.getSession()).thenReturn(session);
when(login.getKeyPair()).thenReturn(KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE));
Dns01Challenge c = mock(Dns01Challenge.class);
when(c.getDigest()).thenReturn("");
when(c.getJSON()).thenReturn(JSON.parse("{\"url\": \"https://localhost/index\", \"type\": \"dns-01\", \"token\": \"mytoken\"}"));
when(ac.getChallengeForOrder(any(), eq(true))).thenReturn(c);
when(ac.checkResponseForChallenge(any())).thenReturn(runCase.equals("challenge_failed") ? INVALID : VALID);
KeyPair keyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate cert = mock(Certificate.class);
X509Certificate _cert = (X509Certificate) generateSampleChain(keyPair, false)[0];
when(cert.getCertificateChain()).thenReturn(Arrays.asList(_cert));
when(ac.fetchCertificateForOrder(any())).thenReturn(cert);
HttpProxyServer parent = mock(HttpProxyServer.class);
when(parent.getListeners()).thenReturn(mock(Listeners.class));
DynamicCertificatesManager man = new DynamicCertificatesManager(parent);
man.attachGroupMembershipHandler(new NullGroupMembershipHandler());
Whitebox.setInternalState(man, ac);
// Route53Cliente mocking
man.initAWSClient("access", "secret");
Route53Client r53Client = mock(Route53Client.class);
when(r53Client.createDnsChallengeForDomain(any(), any())).thenReturn(!runCase.startsWith("challenge_creation_failed"));
when(r53Client.isDnsChallengeForDomainAvailable(any(), any())).thenReturn(!(runCase.equals("challenge_creation_failed_n_reboot") || runCase.equals("challenge_check_limit_expired")));
Whitebox.setInternalState(man, r53Client);
// Store mocking
ConfigurationStore store = mock(ConfigurationStore.class);
when(store.loadKeyPairForDomain(anyString())).thenReturn(keyPair);
// certificate to order
String domain = "*.localhost";
CertificateData cd1 = new CertificateData(domain, "", "", WAITING, "", "");
when(store.loadCertificateForDomain(eq(domain))).thenReturn(cd1);
man.setConfigurationStore(store);
// Manager setup
Properties props = new Properties();
props.setProperty("certificate.1.hostname", domain);
props.setProperty("certificate.1.mode", "acme");
props.setProperty("certificate.1.daysbeforerenewal", "0");
props.setProperty("dynamiccertificatesmanager.domainschecker.ipaddresses", "127.0.0.1, 0:0:0:0:0:0:0:1");
ConfigurationStore configStore = new PropertiesConfigurationStore(props);
RuntimeServerConfiguration conf = new RuntimeServerConfiguration();
conf.configure(configStore);
man.reloadConfiguration(conf);
CertificateData certData = man.getCertificateDataForDomain(domain);
assertThat(certData.isWildcard(), is(true));
// at every run the certificate has to be saved to the db (whether not AVAILABLE).
int saveCounter = 0;
// WAITING
assertCertificateState(domain, WAITING, man);
man.run();
verify(store, times(++saveCounter)).saveCertificate(any());
if (runCase.equals("challenge_creation_failed")) {
// WAITING
assertCertificateState(domain, WAITING, man);
} else {
// DNS_CHALLENGE_WAIT
assertCertificateState(domain, DNS_CHALLENGE_WAIT, man);
man.run();
verify(store, times(++saveCounter)).saveCertificate(any());
if (runCase.equals("challenge_check_limit_expired")) {
assertCertificateState(domain, DNS_CHALLENGE_WAIT, man);
man.run();
verify(store, times(++saveCounter)).saveCertificate(any());
assertCertificateState(domain, REQUEST_FAILED, man);
// check dns-challenge-record deleted
verify(r53Client, times(1)).deleteDnsChallengeForDomain(any(), any());
} else {
// VERIFYING
assertCertificateState(domain, VERIFYING, man);
man.run();
verify(store, times(++saveCounter)).saveCertificate(any());
if (runCase.equals("challenge_failed")) {
// REQUEST_FAILED
assertCertificateState(domain, REQUEST_FAILED, man);
// check dns-challenge-record deleted
verify(r53Client, times(1)).deleteDnsChallengeForDomain(any(), any());
} else if (runCase.equals("challenge_verified")) {
// VERIFIED
assertCertificateState(domain, VERIFIED, man);
// check dns-challenge-record deleted
verify(r53Client, times(1)).deleteDnsChallengeForDomain(any(), any());
}
}
}
}
use of org.carapaceproxy.configstore.ConfigurationStore in project carapaceproxy by diennea.
the class StartAPIServerTest method testCertificates.
@Test
public void testCertificates() throws Exception {
final String dynDomain = "dynamic.test.tld";
Properties properties = new Properties(HTTP_ADMIN_SERVER_CONFIG);
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] originalChain = generateSampleChain(endUserKeyPair, false);
X509Certificate certificate = (X509Certificate) originalChain[0];
String serialNumber1 = certificate.getSerialNumber().toString(16).toUpperCase();
String expiringDate1 = certificate.getNotAfter().toString();
byte[] keystoreData = createKeystore(originalChain, endUserKeyPair.getPrivate());
File mock1 = tmpFolder.newFile("mock1.p12");
Files.write(mock1.toPath(), keystoreData);
properties.put("certificate.1.hostname", "localhost");
properties.put("certificate.1.file", mock1.getAbsolutePath());
properties.put("certificate.1.password", KEYSTORE_PW);
endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
originalChain = generateSampleChain(endUserKeyPair, true);
certificate = (X509Certificate) originalChain[0];
String serialNumber2 = certificate.getSerialNumber().toString(16).toUpperCase();
String expiringDate2 = certificate.getNotAfter().toString();
keystoreData = createKeystore(originalChain, endUserKeyPair.getPrivate());
File mock2 = tmpFolder.newFile("mock2.p12");
Files.write(mock2.toPath(), keystoreData);
properties.put("certificate.2.hostname", "127.0.0.1");
properties.put("certificate.2.file", mock2.getAbsolutePath());
properties.put("certificate.2.password", KEYSTORE_PW);
// Acme certificate
properties.put("certificate.3.hostname", dynDomain);
properties.put("certificate.3.mode", "acme");
startServer(properties);
DynamicCertificatesManager man = server.getDynamicCertificatesManager();
// need to explicitly add 'cause DynamicCertificatesManager never run
ConfigurationStore store = server.getDynamicConfigurationStore();
endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
originalChain = generateSampleChain(endUserKeyPair, false);
certificate = (X509Certificate) originalChain[0];
String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
String expiringDate = certificate.getNotAfter().toString();
String dynChain = Base64.getEncoder().encodeToString(createKeystore(originalChain, endUserKeyPair.getPrivate()));
store.saveCertificate(new CertificateData(dynDomain, "", dynChain, WAITING, "", ""));
// this reloads certificates from the store
man.setStateOfCertificate(dynDomain, WAITING);
// Static certificates
try (RawHttpClient client = new RawHttpClient("localhost", 8761)) {
// full list request
RawHttpClient.HttpResponse response = client.get("/api/certificates", credentials);
String json = response.getBodyString();
assertThat(json, containsString("localhost"));
assertThat(json, containsString("\"mode\":\"static\""));
assertThat(json, containsString("\"dynamic\":false"));
assertThat(json, containsString("\"status\":\"available\""));
assertThat(json, containsString("\"sslCertificateFile\":\"" + mock1.getAbsolutePath() + "\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber1 + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate1 + "\""));
assertThat(json, containsString("127.0.0.1"));
assertThat(json, containsString("\"mode\":\"static\""));
assertThat(json, containsString("\"dynamic\":false"));
assertThat(json, containsString("\"status\":\"expired\""));
assertThat(json, containsString("\"sslCertificateFile\":\"" + mock2.getAbsolutePath() + "\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber2 + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate2 + "\""));
// single cert request to /{certId}
response = client.get("/api/certificates/127.0.0.1", credentials);
json = response.getBodyString();
assertThat(json, not(containsString("localhost")));
assertThat(json, containsString("\"mode\":\"static\""));
assertThat(json, containsString("\"dynamic\":false"));
assertThat(json, containsString("\"status\":\"expired\""));
assertThat(json, containsString("\"sslCertificateFile\":\"" + mock2.getAbsolutePath() + "\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber2 + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate2 + "\""));
}
// Acme certificate
try (RawHttpClient client = new RawHttpClient("localhost", 8761)) {
// full list request
RawHttpClient.HttpResponse response = client.get("/api/certificates", credentials);
String json = response.getBodyString();
assertThat(json, containsString(dynDomain));
assertThat(json, containsString("\"mode\":\"acme\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"waiting\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// single cert request to /{certId}
response = client.get("/api/certificates/" + dynDomain, credentials);
json = response.getBodyString();
assertThat(json, containsString(dynDomain));
assertThat(json, containsString("\"mode\":\"acme\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"waiting\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// Changing dynamic certificate state
for (DynamicCertificateState state : DynamicCertificateState.values()) {
man.setStateOfCertificate(dynDomain, state);
response = client.get("/api/certificates", credentials);
json = response.getBodyString();
assertThat(json, containsString(dynDomain));
assertThat(json, containsString("\"mode\":\"acme\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"" + certificateStateToString(state) + "\""));
response = client.get("/api/certificates/" + dynDomain, credentials);
json = response.getBodyString();
assertThat(json, containsString(dynDomain));
assertThat(json, containsString("\"mode\":\"acme\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"" + certificateStateToString(state) + "\""));
}
// Downloading
CertificateData cert = store.loadCertificateForDomain(dynDomain);
byte[] newKeystore = createKeystore(generateSampleChain(endUserKeyPair, false), KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE).getPrivate());
cert.setChain(Base64.getEncoder().encodeToString(newKeystore));
store.saveCertificate(cert);
man.setStateOfCertificate(dynDomain, DynamicCertificateState.AVAILABLE);
response = client.get("/api/certificates/" + dynDomain + "/download", credentials);
assertTrue(Arrays.equals(newKeystore, response.getBody()));
}
// Manual certificate
try (RawHttpClient client = new RawHttpClient("localhost", 8761)) {
String manualDomain = "manual.test.tld";
int certsCount = server.getCurrentConfiguration().getCertificates().size();
// Uploading trash-stuff
RawHttpClient.HttpResponse resp = uploadCertificate(manualDomain, null, "fake-chain".getBytes(), client, credentials);
String s = resp.getBodyString();
assertTrue(s.contains("ERROR"));
// Uploading real certificate
endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
originalChain = generateSampleChain(endUserKeyPair, false);
certificate = (X509Certificate) originalChain[0];
serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
expiringDate = certificate.getNotAfter().toString();
byte[] chain1 = createKeystore(originalChain, endUserKeyPair.getPrivate());
resp = uploadCertificate(manualDomain, null, chain1, client, credentials);
s = resp.getBodyString();
assertTrue(s.contains("SUCCESS"));
int certsCount2 = server.getCurrentConfiguration().getCertificates().size();
assertEquals(certsCount + 1, certsCount2);
// full list request
RawHttpClient.HttpResponse response = client.get("/api/certificates", credentials);
String json = response.getBodyString();
assertThat(json, containsString(manualDomain));
assertThat(json, containsString("\"mode\":\"manual\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"available\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// single cert request to /{certId}
response = client.get("/api/certificates/" + manualDomain, credentials);
json = response.getBodyString();
assertThat(json, containsString(manualDomain));
assertThat(json, containsString("\"mode\":\"manual\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"available\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// Downloading
response = client.get("/api/certificates/" + manualDomain + "/download", credentials);
assertTrue(Arrays.equals(chain1, response.getBody()));
// Certificate updating
// Uploading
endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
originalChain = generateSampleChain(endUserKeyPair, true);
certificate = (X509Certificate) originalChain[0];
serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
expiringDate = certificate.getNotAfter().toString();
byte[] chain2 = createKeystore(originalChain, endUserKeyPair.getPrivate());
assertFalse(Arrays.equals(chain1, chain2));
resp = uploadCertificate(manualDomain, null, chain2, client, credentials);
s = resp.getBodyString();
assertTrue(s.contains("SUCCESS"));
// check properties (certificate) not duplicated
int certsCount3 = server.getCurrentConfiguration().getCertificates().size();
assertEquals(certsCount2, certsCount3);
// full list request
response = client.get("/api/certificates", credentials);
json = response.getBodyString();
assertThat(json, containsString(manualDomain));
assertThat(json, containsString("\"mode\":\"manual\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"expired\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// single cert request to /{certId}
response = client.get("/api/certificates/" + manualDomain, credentials);
json = response.getBodyString();
assertThat(json, containsString(manualDomain));
assertThat(json, containsString("\"mode\":\"manual\""));
assertThat(json, containsString("\"dynamic\":true"));
assertThat(json, containsString("\"status\":\"expired\""));
assertThat(json, containsString("\"serialNumber\":\"" + serialNumber + "\""));
assertThat(json, containsString("\"expiringDate\":\"" + expiringDate + "\""));
// Downloading
response = client.get("/api/certificates/" + manualDomain + "/download", credentials);
assertTrue(Arrays.equals(chain2, response.getBody()));
}
}
use of org.carapaceproxy.configstore.ConfigurationStore in project carapaceproxy by diennea.
the class ServerMain method main.
public static void main(String... args) {
try {
Properties configuration = new Properties();
File basePath = new File(System.getProperty("user.dir", "."));
boolean configFileFromParameter = false;
for (String arg : args) {
if (!arg.isEmpty()) {
File configFile = new File(arg).getAbsoluteFile();
LOG.log(Level.SEVERE, "Reading configuration from {0}", configFile);
try (InputStreamReader reader = new InputStreamReader(new FileInputStream(configFile), StandardCharsets.UTF_8)) {
configuration.load(reader);
}
basePath = configFile.getParentFile().getParentFile();
configFileFromParameter = true;
}
}
if (!configFileFromParameter) {
File configFile = new File("conf/server.properties").getAbsoluteFile();
System.out.println("Reading configuration from " + configFile);
if (configFile.isFile()) {
try (InputStreamReader reader = new InputStreamReader(new FileInputStream(configFile), StandardCharsets.UTF_8)) {
configuration.load(reader);
}
basePath = configFile.getParentFile().getParentFile();
}
}
LogManager.getLogManager().readConfiguration();
Thread.setDefaultUncaughtExceptionHandler((Thread arg0, Throwable arg1) -> {
LOG.log(Level.SEVERE, "Uncaught error, thread " + arg0, arg1);
});
Runtime.getRuntime().addShutdownHook(new Thread("ctrlc-hook") {
@Override
public void run() {
System.out.println("Ctrl-C trapped. Shutting down");
ServerMain _brokerMain = runningInstance;
if (_brokerMain != null) {
_brokerMain.close();
}
}
});
ConfigurationStore configurationStore = new PropertiesConfigurationStore(configuration);
runningInstance = new ServerMain(configurationStore, basePath);
runningInstance.start();
runningInstance.join();
} catch (Exception t) {
System.exit(1);
}
}
use of org.carapaceproxy.configstore.ConfigurationStore in project carapaceproxy by diennea.
the class HttpProxyServer method applyDynamicConfiguration.
private void applyDynamicConfiguration(ConfigurationStore newConfigurationStore, boolean atBoot) throws InterruptedException, ConfigurationChangeInProgressException {
if (atBoot && newConfigurationStore != null) {
throw new IllegalStateException();
}
if (!atBoot && newConfigurationStore == null) {
throw new IllegalStateException();
}
// at boot we are constructing a configuration from the database
// if the system is already "up" we have to only apply the new config
ConfigurationStore storeWithConfig = atBoot ? dynamicConfigurationStore : newConfigurationStore;
if (!configurationLock.tryLock()) {
throw new ConfigurationChangeInProgressException();
}
try {
RuntimeServerConfiguration newConfiguration = buildValidConfiguration(storeWithConfig);
EndpointMapper newMapper = buildMapper(newConfiguration.getMapperClassname(), storeWithConfig);
newMapper.setParent(this);
UserRealm newRealm = buildRealm(userRealmClassname, storeWithConfig);
this.filters = buildFilters(newConfiguration);
this.backendHealthManager.reloadConfiguration(newConfiguration, newMapper);
this.dynamicCertificatesManager.reloadConfiguration(newConfiguration);
this.ocspStaplingManager.reloadConfiguration(newConfiguration);
this.listeners.reloadConfiguration(newConfiguration);
this.cache.reloadConfiguration(newConfiguration);
this.requestsLogger.reloadConfiguration(newConfiguration);
this.realm = newRealm;
Map<String, BackendConfiguration> currentBackends = mapper != null ? mapper.getBackends() : Collections.emptyMap();
Map<String, BackendConfiguration> newBackends = newMapper.getBackends();
this.mapper = newMapper;
if (atBoot || !newBackends.equals(currentBackends) || isConnectionsConfigurationChanged(newConfiguration)) {
prometheusRegistry.clear();
Metrics.globalRegistry.clear();
proxyRequestsManager.reloadConfiguration(newConfiguration, newBackends.values());
}
if (!atBoot) {
dynamicConfigurationStore.commitConfiguration(newConfigurationStore);
}
this.currentConfiguration = newConfiguration;
} catch (ConfigurationNotValidException err) {
// impossible to have a non valid configuration here
throw new IllegalStateException(err);
} finally {
configurationLock.unlock();
}
}
Aggregations