diff --git a/docker/config/application.tmpl b/docker/config/application.tmpl
index 0b8ee95bc4deffadc7c4243403a7ec94cdbabce2..0e5fc57061ee5a97a08b35f1a3172eaff552c404 100644
--- a/docker/config/application.tmpl
+++ b/docker/config/application.tmpl
@@ -47,7 +47,7 @@ frontend:
loginUrl: {{ default .Env.FRONTEND_LOGIN_URL "http://frontend/services/login/hbp" }}
redirectAfterLogoutUrl: {{ default .Env.FRONTEND_AFTER_LOGOUT_URL (default .Env.LOGIN_URI "http://frontend/services/login/hbp") }}
redirectAfterLoginUrl: {{ default .Env.FRONTEND_AFTER_LOGIN_URL "http://frontend/home" }}
-
+
logging:
level:
root: {{ default .Env.LOG_LEVEL "INFO" }}
@@ -88,4 +88,5 @@ services:
galaxyUsername: {{ default .Env.GALAXY_USERNAME "admin" }}
galaxyPassword: {{ default .Env.GALAXY_PASSWORD "password" }}
galaxyContext: {{ default .Env.GALAXY_CONTEXT "nativeGalaxy" }}
-
+ keycloak:
+ keycloakUrl: {{ default .Env.KEYCLOAK_URL "88.197.53.10"}}
diff --git a/src/main/java/eu/hbp/mip/MIPApplication.java b/src/main/java/eu/hbp/mip/MIPApplication.java
index df70ba78a5ba397676f1ad1533895e86a67c4f89..befb16ec91ee35a0bbd2c9a7631f30be9cde4b21 100644
--- a/src/main/java/eu/hbp/mip/MIPApplication.java
+++ b/src/main/java/eu/hbp/mip/MIPApplication.java
@@ -4,14 +4,23 @@
package eu.hbp.mip;
+
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
@SpringBootApplication
public class MIPApplication {
+ private static final Logger LOGGER = LoggerFactory.getLogger(MIPApplication.class);
+
public static void main(String[] args) {
SpringApplication.run(MIPApplication.class, args);
}
+
+
+
}
diff --git a/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java b/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java
index 675d5a2e0cd0de1ae5167394bc8c598c3feb17fc..bf17e55643a5bc013aabc14e4f05b2c7ccff6a36 100644
--- a/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java
@@ -65,6 +65,18 @@ import org.springframework.util.MultiValueMap;
import java.net.URI;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+
// See https://spring.io/guides/tutorials/spring-boot-oauth2/ for reference about configuring OAuth2 login
// also http://cscarioni.blogspot.ch/2013/04/pro-spring-security-and-oauth-2.html
@@ -120,6 +132,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
+ disableCertificateValidation();
// @formatter:off
http.addFilterBefore(new CORSFilter(), ChannelProcessingFilter.class);
@@ -309,6 +322,52 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
ResponseEntity<String> responseEntity = restTemplate.exchange(requestEntity, String.class);
}
-
+ @Value("#{'${services.keycloak.keycloakUrl:88.197.53.10}'}")
+ private String keycloakUrl;
+
+ // static {
+ // disableCertificateValidation();
+ // }
+
+ public void disableCertificateValidation() {
+ LOGGER.info("disabling certificate validation host : " + keycloakUrl);
+ // Create a trust manager that does not validate certificate chains
+ TrustManager[] trustAllCerts = new TrustManager[] {
+ new X509TrustManager() {
+ public X509Certificate[] getAcceptedIssuers() {
+ return new X509Certificate[0];
+ }
+ public void checkClientTrusted(X509Certificate[] certs, String authType) {}
+ public void checkServerTrusted(X509Certificate[] certs, String authType) {}
+ } };
+
+
+ // Ignore differences between given hostname and certificate hostname
+ HostnameVerifier hv = new HostnameVerifier() {
+ public boolean verify(String hostname, SSLSession session) {
+
+ // System.out.println("Warning: URL Host: " + hostname + " vs. "
+ // + session.getPeerHost());
+ if(hostname.equals(keycloakUrl) && session.getPeerHost().equals(keycloakUrl))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ };
+
+ // Install the all-trusting trust manager
+ try {
+ SSLContext sc = SSLContext.getInstance("SSL");
+ sc.init(null, trustAllCerts, new SecureRandom());
+ HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+ HttpsURLConnection.setDefaultHostnameVerifier(hv);
+ } catch (Exception e) {}
+
+ }
+
}
diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml
index d1875652cc7ba1694fefb4b757e97f770c30cb18..efd7a874adcd194ee0145465dca9c08c1f3f5c5d 100644
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -3,10 +3,13 @@
<file>logs/log1.txt</file>
<append>true</append>
<encoder>
- <pattern>%d{yyyy-MM-dd} %msg%n</pattern>
+ <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} %msg%n</pattern>
</encoder>
</appender>
+ <logger name="eu.hbp.mip">
+ <appender-ref ref="FILE1" />
+ </logger>
<logger name="org.springframework">
<appender-ref ref="FILE1" />
</logger>