Search in sources :

Example 1 with ReverseProxyTarget

use of org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget in project openliberty-domino by OpenNTF.

the class AdminNSFProxyConfigProvider method createConfiguration.

@SuppressWarnings("unchecked")
@Override
public ReverseProxyConfig createConfiguration() {
    ReverseProxyConfig result = new ReverseProxyConfig();
    RuntimeConfigurationProvider runtimeConfig = OpenLibertyUtil.findRequiredExtension(RuntimeConfigurationProvider.class);
    result.dominoHostName = runtimeConfig.getDominoHostName();
    result.dominoHttpPort = runtimeConfig.getDominoPort();
    result.dominoHttps = runtimeConfig.isDominoHttps();
    try {
        DominoThreadFactory.getExecutor().submit(() -> {
            try {
                Session session = NotesFactory.createSession();
                try {
                    Database adminNsf = AdminNSFUtil.getAdminDatabase(session);
                    Document config = AdminNSFUtil.getConfigurationDocument(adminNsf);
                    // Load the main config
                    boolean connectorHeaders = runtimeConfig.isUseDominoConnectorHeaders();
                    readConfigurationDocument(result, config, connectorHeaders);
                    if (!result.isGlobalEnabled()) {
                        return;
                    }
                    Collection<String> namesList = AdminNSFUtil.getCurrentServerNamesList();
                    // Look for proxy-enabled webapps
                    View targetsView = adminNsf.getView(VIEW_REVERSEPROXYTARGETS);
                    targetsView.setAutoUpdate(false);
                    targetsView.refresh();
                    ViewNavigator nav = targetsView.createViewNav();
                    nav.setEntryOptions(ViewNavigator.VN_ENTRYOPT_NOCOUNTDATA);
                    ViewEntry entry = nav.getFirst();
                    while (entry != null) {
                        Vector<?> columnValues = entry.getColumnValues();
                        List<String> dominoServers;
                        Object dominoServersObj = columnValues.get(4);
                        if (dominoServersObj instanceof String) {
                            dominoServers = Arrays.asList((String) dominoServersObj);
                        } else {
                            dominoServers = (List<String>) dominoServersObj;
                        }
                        boolean shouldRun = AdminNSFUtil.isNamesListMatch(namesList, dominoServers);
                        if (shouldRun) {
                            // Format: http://localhost:80
                            String baseUri = (String) columnValues.get(1);
                            // $NON-NLS-1$
                            boolean useXForwardedFor = "Y".equals(columnValues.get(2));
                            // $NON-NLS-1$
                            boolean useWsHeaders = "Y".equals(columnValues.get(3));
                            // Now read the children to build targets
                            ViewEntry childEntry = nav.getChild(entry);
                            while (childEntry != null) {
                                Vector<?> childValues = childEntry.getColumnValues();
                                // Format: foo
                                String contextPath = (String) childValues.get(0);
                                // $NON-NLS-1$
                                URI uri = URI.create(baseUri + "/" + contextPath);
                                ReverseProxyTarget target = new ReverseProxyTarget(uri, useXForwardedFor, useWsHeaders);
                                result.addTarget(contextPath, target);
                                childEntry.recycle(childValues);
                                ViewEntry tempChild = childEntry;
                                childEntry = nav.getNextSibling(childEntry);
                                tempChild.recycle();
                            }
                        }
                        entry.recycle(columnValues);
                        ViewEntry tempEntry = entry;
                        entry = nav.getNextSibling(entry);
                        tempEntry.recycle();
                    }
                } finally {
                    session.recycle();
                }
                return;
            } catch (Throwable e) {
                e.printStackTrace(OpenLibertyLog.instance.out);
                throw new RuntimeException(e);
            }
        }).get();
        if (result.isGlobalEnabled()) {
            // Determine the local server port from the server doc
            DominoThreadFactory.getExecutor().submit(() -> {
                try {
                    Session session = NotesFactory.createSession();
                    try {
                        String serverName = session.getUserName();
                        // $NON-NLS-1$ //$NON-NLS-2$
                        Database names = session.getDatabase("", "names.nsf");
                        // $NON-NLS-1$
                        View servers = names.getView("$Servers");
                        Document serverDoc = servers.getDocumentByKey(serverName);
                        // Mirror Domino's maximum entity size
                        // $NON-NLS-1$
                        long maxEntitySize = serverDoc.getItemValueInteger("HTTP_MaxContentLength");
                        if (maxEntitySize == 0) {
                            maxEntitySize = Long.MAX_VALUE;
                        }
                        result.maxEntitySize = maxEntitySize;
                    } finally {
                        session.recycle();
                    }
                } catch (Exception e) {
                    e.printStackTrace(OpenLibertyLog.instance.out);
                    throw new RuntimeException(e);
                }
            }).get();
        }
    } catch (InterruptedException | ExecutionException e) {
        e.printStackTrace(OpenLibertyLog.instance.out);
        throw new RuntimeException(e);
    }
    return result;
}
Also used : ReverseProxyTarget(org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget) ViewNavigator(lotus.domino.ViewNavigator) RuntimeConfigurationProvider(org.openntf.openliberty.domino.config.RuntimeConfigurationProvider) Document(lotus.domino.Document) View(lotus.domino.View) URI(java.net.URI) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyStoreException(java.security.KeyStoreException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) NotesException(lotus.domino.NotesException) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) CertificateException(java.security.cert.CertificateException) ExecutionException(java.util.concurrent.ExecutionException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) ReverseProxyConfig(org.openntf.openliberty.domino.reverseproxy.ReverseProxyConfig) ViewEntry(lotus.domino.ViewEntry) Database(lotus.domino.Database) Collection(java.util.Collection) List(java.util.List) ExecutionException(java.util.concurrent.ExecutionException) Vector(java.util.Vector) Session(lotus.domino.Session)

Example 2 with ReverseProxyTarget

use of org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget in project openliberty-domino by OpenNTF.

the class StandaloneReverseProxyService method startServer.

private synchronized Undertow startServer() {
    PathHandler pathHandler = new PathHandler();
    // Add handlers for each target
    Map<String, ReverseProxyTarget> targets = this.config.getTargets();
    if (targets != null) {
        for (Map.Entry<String, ReverseProxyTarget> target : targets.entrySet()) {
            // $NON-NLS-1$
            String contextRoot = "/" + target.getKey();
            URI targetUri = target.getValue().getUri();
            LoadBalancingProxyClient appProxy = new LoadBalancingProxyClient().addHost(targetUri);
            ProxyHandler.Builder proxyHandler = ProxyHandler.builder().setProxyClient(appProxy);
            if (target.getValue().isUseWsHeaders()) {
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRH"), RemoteHostAttribute.INSTANCE);
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRA"), RemoteIPAttribute.INSTANCE);
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSC"), RequestSchemeAttribute.INSTANCE);
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSPR"), RequestProtocolAttribute.INSTANCE);
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSP"), LocalPortAttribute.INSTANCE);
                // $NON-NLS-1$
                proxyHandler.addRequestHeader(HttpString.tryFromString("$WSIS"), SecureExchangeAttribute.INSTANCE);
            }
            if (log.isLoggable(Level.FINE)) {
                log.fine(MessageFormat.format("Reverse proxy: adding prefix path for {0}", contextRoot));
            }
            pathHandler.addPrefixPath(contextRoot, proxyHandler.build());
        }
    }
    // Construct the Domino proxy
    {
        boolean dominoHttps = config.dominoHttps;
        String dominoHostName = config.dominoHostName;
        int dominoHttpPort = config.dominoHttpPort;
        // $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
        String dominoUri = MessageFormat.format("http{0}://{1}:{2}", dominoHttps ? "s" : "", dominoHostName, Integer.toString(dominoHttpPort));
        LoadBalancingProxyClient dominoProxy = new LoadBalancingProxyClient().addHost(URI.create(dominoUri));
        ProxyHandler.Builder proxyHandler = ProxyHandler.builder().setProxyClient(dominoProxy);
        if (config.useDominoConnectorHeaders) {
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("X-ConnectorHeaders-Secret"), new StringAttribute(config.dominoConnectorHeadersSecret));
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRH"), RemoteHostAttribute.INSTANCE);
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSRA"), RemoteIPAttribute.INSTANCE);
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSC"), RequestSchemeAttribute.INSTANCE);
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSPR"), RequestProtocolAttribute.INSTANCE);
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSSP"), LocalPortAttribute.INSTANCE);
            // $NON-NLS-1$
            proxyHandler.addRequestHeader(HttpString.tryFromString("$WSIS"), SecureExchangeAttribute.INSTANCE);
        }
        // $NON-NLS-1$
        pathHandler.addPrefixPath("/", proxyHandler.build());
    }
    Undertow.Builder serverBuilder = Undertow.builder().setHandler(pathHandler).setServerOption(UndertowOptions.ENABLE_HTTP2, true).setServerOption(UndertowOptions.HTTP2_SETTINGS_ENABLE_PUSH, true).setServerOption(UndertowOptions.MAX_ENTITY_SIZE, config.maxEntitySize).setServerOption(UndertowOptions.ALLOW_ENCODED_SLASH, true);
    if (config.proxyHttpPort != -1) {
        if (config.redirectHttpToHttps) {
            if (config.proxyHttpsPort == ReverseProxyConfig.PORT_DISABLED) {
                throw new IllegalStateException("HTTP-to-HTTPS redirection cannot be enabled when HTTPS is disabled");
            }
            serverBuilder.addHttpListener(config.proxyHttpPort, config.proxyHostName, new RedirectHandler(new HttpRedirectAttribute(config.proxyHttpsPort)));
        } else {
            serverBuilder.addHttpListener(config.proxyHttpPort, config.proxyHostName);
        }
    }
    if (config.proxyHttpsPort != -1) {
        serverBuilder.addHttpsListener(config.proxyHttpsPort, config.proxyHostName, config.proxyHttpsContext);
    }
    Undertow server = serverBuilder.build();
    server.start();
    if (log.isLoggable(Level.INFO)) {
        log.info(MessageFormat.format("Reverse proxy listening on {0}:{1}", config.proxyHostName, Integer.toString(config.proxyHttpPort)));
    }
    return server;
}
Also used : ReverseProxyTarget(org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget) ProxyHandler(io.undertow.server.handlers.proxy.ProxyHandler) RedirectHandler(io.undertow.server.handlers.RedirectHandler) PathHandler(io.undertow.server.handlers.PathHandler) HttpString(io.undertow.util.HttpString) URI(java.net.URI) LoadBalancingProxyClient(io.undertow.server.handlers.proxy.LoadBalancingProxyClient) Map(java.util.Map) Undertow(io.undertow.Undertow)

Aggregations

URI (java.net.URI)2 ReverseProxyTarget (org.openntf.openliberty.domino.reverseproxy.ReverseProxyTarget)2 Undertow (io.undertow.Undertow)1 PathHandler (io.undertow.server.handlers.PathHandler)1 RedirectHandler (io.undertow.server.handlers.RedirectHandler)1 LoadBalancingProxyClient (io.undertow.server.handlers.proxy.LoadBalancingProxyClient)1 ProxyHandler (io.undertow.server.handlers.proxy.ProxyHandler)1 HttpString (io.undertow.util.HttpString)1 IOException (java.io.IOException)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 InvalidKeyException (java.security.InvalidKeyException)1 KeyManagementException (java.security.KeyManagementException)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 UnrecoverableKeyException (java.security.UnrecoverableKeyException)1 CertificateException (java.security.cert.CertificateException)1 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1 Collection (java.util.Collection)1 List (java.util.List)1 Map (java.util.Map)1