AuthenticationServerImpl.java example

Explorer
coprhd-controller-master
/*
 * Copyright (c) 2013-2014 EMC Corporation
 * All Rights Reserved
 */
package com.emc.storageos.auth.service.impl;

import java.util.Map;

import javax.ws.rs.core.MediaType;

import com.emc.storageos.security.keystore.impl.TrustStoreLoader;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.server.session.AbstractSessionManager;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.FilterMapping;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.filter.DelegatingFilterProxy;

import com.emc.storageos.auth.AuthenticationManager;
import com.emc.storageos.security.password.InvalidLoginManager;
import com.emc.storageos.auth.impl.CassandraTokenManager;
import com.emc.storageos.coordinator.client.beacon.ServiceBeacon;
import com.emc.storageos.coordinator.client.service.CoordinatorClient;
import com.emc.storageos.coordinator.client.service.DrUtil;
import com.emc.storageos.security.AbstractSecuredWebServer;
import com.emc.storageos.security.authentication.AuthSvcEndPointLocator;
import com.emc.storageos.security.authentication.StorageOSUserRepository;
import com.emc.storageos.security.ssl.ViPRSSLSocketFactory;
import com.emc.storageos.security.validator.Validator;
import com.sun.jersey.api.core.DefaultResourceConfig;
import com.sun.jersey.api.core.ResourceConfig;
import com.sun.jersey.spi.container.servlet.ServletContainer;

/**
 * Main class for authentication service
 */
public class AuthenticationServerImpl extends AbstractSecuredWebServer {
    private final String AUTH_DOCUMENT_ROOT = "storageos-authsvc/docs";
    private AuthenticationManager _authManager;
    private CassandraTokenManager _tokenManager;
    private InvalidLoginManager _invalidLoginManager;

    @Autowired
    private ServiceBeacon _svcBeacon;

    @Autowired
    private AuthSvcEndPointLocator _authSvcEndPointLocator;

    @Autowired
    private CoordinatorClient _coordinator;

    @Autowired
    StorageOSUserRepository _repository;

    @Autowired
    TrustStoreLoader _trustStoreLoader;
    
    @Autowired
    DrUtil _drUtil;

    public void setTrustStoreLoader(TrustStoreLoader trustStoreLoader) {
        _trustStoreLoader = trustStoreLoader;
    }

    public void setAuthManager(AuthenticationManager authManager) {
        _authManager = authManager;
    }

    public void setCassTokenManager(CassandraTokenManager tokenManager) {
        _tokenManager = tokenManager;
    }

    public void setInvalidLoginManager(InvalidLoginManager invalidLoginManager) {
        _invalidLoginManager = invalidLoginManager;
    }

    public synchronized void start() throws Exception {
        initServer();
        _server.start();
        initValidator();
        initViPRSSLSocketFactory();
        _svcBeacon.start();
        if (_drUtil.isActiveSite()) {
            _invalidLoginManager.init();
        }
    }

    public synchronized void stop() throws Exception {
        _server.stop();
        _dbClient.stop();
        _authManager.shutdown();
        if (_drUtil.isActiveSite()) {
            _invalidLoginManager.shutdown();
        }
    }

    private void initValidator() {
        Validator.setCoordinator(_coordinator);
        Validator.setAuthSvcEndPointLocator(_authSvcEndPointLocator);
        Validator.setStorageOSUserRepository(_repository);
    }

    private void initViPRSSLSocketFactory() {
        ViPRSSLSocketFactory.setCoordinatorClient(_coordinator);
    }

    @Override
    protected void initServer() throws Exception {
        ClassLoader loader = Thread.currentThread().getContextClassLoader();
        String authDocumentRoot = loader.getResource(AUTH_DOCUMENT_ROOT).toString();
        _server = new Server();

        initConnectors();

        // Static Pages
        ResourceHandler resourceHandler = new ResourceHandler();
        resourceHandler.setWelcomeFiles(new String[] { "*" });
        resourceHandler.setResourceBase(authDocumentRoot);

        // AuthN servlet filters

        ServletContextHandler rootHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);
        rootHandler.setContextPath("/");
        HandlerCollection handlerCollection = new HandlerCollection();
        handlerCollection.setHandlers(new Handler[] { resourceHandler, rootHandler });
        _server.setHandler(handlerCollection);
        ((AbstractSessionManager) rootHandler.getSessionHandler().getSessionManager()).setUsingCookies(false);

        final FilterHolder securityFilterHolder = new FilterHolder(new DelegatingFilterProxy(_secFilters));
        rootHandler.addFilter(securityFilterHolder, "/*", FilterMapping.REQUEST);

        // Add the REST resources
        if (_app != null) {
            ResourceConfig config = new DefaultResourceConfig();
            config.add(_app);
            Map<String, MediaType> type = config.getMediaTypeMappings();
            type.put("json", MediaType.APPLICATION_JSON_TYPE);
            type.put("xml", MediaType.APPLICATION_XML_TYPE);
            rootHandler.addServlet(new ServletHolder(new ServletContainer(config)), "/*");
        }

        // load trust store from file to zk. must do it before authmgr started, who holds the connection with ad.
        loadTrustStoreFromLocalFiles();

        _dbClient.start();
        _tokenManager.init();
        _authManager.init();
    }

    private void loadTrustStoreFromLocalFiles() {
        _trustStoreLoader.load();
    }
}