Example 1 with ReverseProxyTarget
use of org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget in project openliberty-domino by OpenNTF.
the class AdminNSFProxyConfigProvider method createConfiguration.
@SuppressWarnings("unchecked")
@Override
public ReverseProxyConfig createConfiguration() {
ReverseProxyConfig result = new ReverseProxyConfig();
RuntimeConfigurationProvider runtimeConfig = OpenLibertyUtil.findRequiredExtension(RuntimeConfigurationProvider.class);
result.dominoHostName = runtimeConfig.getDominoHostName();
result.dominoHttpPort = runtimeConfig.getDominoPort();
result.dominoHttps = runtimeConfig.isDominoHttps();
try {
DominoThreadFactory.getExecutor().submit(() -> {
try {
Session session = NotesFactory.createSession();
try {
Database adminNsf = AdminNSFUtil.getAdminDatabase(session);
Document config = AdminNSFUtil.getConfigurationDocument(adminNsf);
// Load the main config
boolean connectorHeaders = runtimeConfig.isUseDominoConnectorHeaders();
readConfigurationDocument(result, config, connectorHeaders);
if (!result.isGlobalEnabled()) {
return;
}
Collection<String> namesList = AdminNSFUtil.getCurrentServerNamesList();
// Look for proxy-enabled webapps
View targetsView = adminNsf.getView(VIEW_REVERSEPROXYTARGETS);
targetsView.setAutoUpdate(false);
targetsView.refresh();
ViewNavigator nav = targetsView.createViewNav();
nav.setEntryOptions(ViewNavigator.VN_ENTRYOPT_NOCOUNTDATA);
ViewEntry entry = nav.getFirst();
while (entry != null) {
Vector<?> columnValues = entry.getColumnValues();
List<String> dominoServers;
Object dominoServersObj = columnValues.get(4);
if (dominoServersObj instanceof String) {
dominoServers = Arrays.asList((String) dominoServersObj);
} else {
dominoServers = (List<String>) dominoServersObj;
}
boolean shouldRun = AdminNSFUtil.isNamesListMatch(namesList, dominoServers);
if (shouldRun) {
// Format: http://localhost:80
String baseUri = (String) columnValues.get(1);
// $NON-NLS-1$
boolean useXForwardedFor = "Y".equals(columnValues.get(2));
// $NON-NLS-1$
boolean useWsHeaders = "Y".equals(columnValues.get(3));
// Now read the children to build targets
ViewEntry childEntry = nav.getChild(entry);
while (childEntry != null) {
Vector<?> childValues = childEntry.getColumnValues();
// Format: foo
String contextPath = (String) childValues.get(0);
// $NON-NLS-1$
URI uri = URI.create(baseUri + "/" + contextPath);
ReverseProxyTarget target = new ReverseProxyTarget(uri, useXForwardedFor, useWsHeaders);
result.addTarget(contextPath, target);
childEntry.recycle(childValues);
ViewEntry tempChild = childEntry;
childEntry = nav.getNextSibling(childEntry);
tempChild.recycle();
}
}
entry.recycle(columnValues);
ViewEntry tempEntry = entry;
entry = nav.getNextSibling(entry);
tempEntry.recycle();
}
} finally {
session.recycle();
}
return;
} catch (Throwable e) {
e.printStackTrace(OpenLibertyLog.instance.out);
throw new RuntimeException(e);
}
}).get();
if (result.isGlobalEnabled()) {
// Determine the local server port from the server doc
DominoThreadFactory.getExecutor().submit(() -> {
try {
Session session = NotesFactory.createSession();
try {
String serverName = session.getUserName();
// $NON-NLS-1$ //$NON-NLS-2$
Database names = session.getDatabase("", "names.nsf");
// $NON-NLS-1$
View servers = names.getView("$Servers");
Document serverDoc = servers.getDocumentByKey(serverName);
// Mirror Domino's maximum entity size
// $NON-NLS-1$
long maxEntitySize = serverDoc.getItemValueInteger("HTTP_MaxContentLength");
if (maxEntitySize == 0) {
maxEntitySize = Long.MAX_VALUE;
}
result.maxEntitySize = maxEntitySize;
} finally {
session.recycle();
}
} catch (Exception e) {
e.printStackTrace(OpenLibertyLog.instance.out);
throw new RuntimeException(e);
}
}).get();
}
} catch (InterruptedException | ExecutionException e) {
e.printStackTrace(OpenLibertyLog.instance.out);
throw new RuntimeException(e);
}
return result;
}
Also used :
ReverseProxyTarget(org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget)
ViewNavigator(lotus.domino.ViewNavigator)
RuntimeConfigurationProvider(org.openntf.openliberty.domino.config.RuntimeConfigurationProvider)
Document(lotus.domino.Document)
View(lotus.domino.View)
URI(java.net.URI)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
KeyStoreException(java.security.KeyStoreException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
NotesException(lotus.domino.NotesException)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
ReverseProxyConfig(org.openntf.openliberty.domino.reverseproxy.ReverseProxyConfig)
ViewEntry(lotus.domino.ViewEntry)
Database(lotus.domino.Database)
Collection(java.util.Collection)
List(java.util.List)
ExecutionException(java.util.concurrent.ExecutionException)
Vector(java.util.Vector)
Session(lotus.domino.Session)
Example 2 with ReverseProxyTarget
use of org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget in project openliberty-domino by OpenNTF.
the class StandaloneReverseProxyService method startServer.
private synchronized Undertow startServer() {
PathHandler pathHandler = new PathHandler();
// Add handlers for each target
Map<String, ReverseProxyTarget> targets = this.config.getTargets();
if (targets != null) {
for (Map.Entry<String, ReverseProxyTarget> target : targets.entrySet()) {
// $NON-NLS-1$
String contextRoot = "/" + target.getKey();
URI targetUri = target.getValue().getUri();
LoadBalancingProxyClient appProxy = new LoadBalancingProxyClient().addHost(targetUri);
ProxyHandler.Builder proxyHandler = ProxyHandler.builder().setProxyClient(appProxy);
if (target.getValue().isUseWsHeaders()) {
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRH"), RemoteHostAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRA"), RemoteIPAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSC"), RequestSchemeAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSPR"), RequestProtocolAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSP"), LocalPortAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSIS"), SecureExchangeAttribute.INSTANCE);
}
if (log.isLoggable(Level.FINE)) {
log.fine(MessageFormat.format("Reverse proxy: adding prefix path for {0}", contextRoot));
}
pathHandler.addPrefixPath(contextRoot, proxyHandler.build());
}
}
// Construct the Domino proxy
{
boolean dominoHttps = config.dominoHttps;
String dominoHostName = config.dominoHostName;
int dominoHttpPort = config.dominoHttpPort;
// $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
String dominoUri = MessageFormat.format("http{0}://{1}:{2}", dominoHttps ? "s" : "", dominoHostName, Integer.toString(dominoHttpPort));
LoadBalancingProxyClient dominoProxy = new LoadBalancingProxyClient().addHost(URI.create(dominoUri));
ProxyHandler.Builder proxyHandler = ProxyHandler.builder().setProxyClient(dominoProxy);
if (config.useDominoConnectorHeaders) {
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("X-ConnectorHeaders-Secret"), new StringAttribute(config.dominoConnectorHeadersSecret));
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRH"), RemoteHostAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRA"), RemoteIPAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSC"), RequestSchemeAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSPR"), RequestProtocolAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSP"), LocalPortAttribute.INSTANCE);
// $NON-NLS-1$
proxyHandler.addRequestHeader(HttpString.tryFromString("$WSIS"), SecureExchangeAttribute.INSTANCE);
}
// $NON-NLS-1$
pathHandler.addPrefixPath("/", proxyHandler.build());
}
Undertow.Builder serverBuilder = Undertow.builder().setHandler(pathHandler).setServerOption(UndertowOptions.ENABLE_HTTP2, true).setServerOption(UndertowOptions.HTTP2_SETTINGS_ENABLE_PUSH, true).setServerOption(UndertowOptions.MAX_ENTITY_SIZE, config.maxEntitySize).setServerOption(UndertowOptions.ALLOW_ENCODED_SLASH, true);
if (config.proxyHttpPort != -1) {
if (config.redirectHttpToHttps) {
if (config.proxyHttpsPort == ReverseProxyConfig.PORT_DISABLED) {
throw new IllegalStateException("HTTP-to-HTTPS redirection cannot be enabled when HTTPS is disabled");
}
serverBuilder.addHttpListener(config.proxyHttpPort, config.proxyHostName, new RedirectHandler(new HttpRedirectAttribute(config.proxyHttpsPort)));
} else {
serverBuilder.addHttpListener(config.proxyHttpPort, config.proxyHostName);
}
}
if (config.proxyHttpsPort != -1) {
serverBuilder.addHttpsListener(config.proxyHttpsPort, config.proxyHostName, config.proxyHttpsContext);
}
Undertow server = serverBuilder.build();
server.start();
if (log.isLoggable(Level.INFO)) {
log.info(MessageFormat.format("Reverse proxy listening on {0}:{1}", config.proxyHostName, Integer.toString(config.proxyHttpPort)));
}
return server;
}
Also used :
ReverseProxyTarget(org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget)
ProxyHandler(io.undertow.server.handlers.proxy.ProxyHandler)
RedirectHandler(io.undertow.server.handlers.RedirectHandler)
PathHandler(io.undertow.server.handlers.PathHandler)
HttpString(io.undertow.util.HttpString)
URI(java.net.URI)
LoadBalancingProxyClient(io.undertow.server.handlers.proxy.LoadBalancingProxyClient)
Map(java.util.Map)
Undertow(io.undertow.Undertow)
Aggregations
URI (java.net.URI)2
ReverseProxyTarget (org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget)2
Undertow (io.undertow.Undertow)1
PathHandler (io.undertow.server.handlers.PathHandler)1
RedirectHandler (io.undertow.server.handlers.RedirectHandler)1
LoadBalancingProxyClient (io.undertow.server.handlers.proxy.LoadBalancingProxyClient)1
ProxyHandler (io.undertow.server.handlers.proxy.ProxyHandler)1
HttpString (io.undertow.util.HttpString)1
IOException (java.io.IOException)1
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1
InvalidKeyException (java.security.InvalidKeyException)1
KeyManagementException (java.security.KeyManagementException)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
UnrecoverableKeyException (java.security.UnrecoverableKeyException)1
CertificateException (java.security.cert.CertificateException)1
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1
Collection (java.util.Collection)1
List (java.util.List)1
Map (java.util.Map)1
