1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.logging.log4j.audit.service.config;
18
19 import java.io.File;
20 import java.io.IOException;
21 import java.util.Arrays;
22 import java.util.List;
23
24 import com.fasterxml.jackson.databind.ObjectMapper;
25
26 import com.fasterxml.jackson.databind.ser.impl.SimpleFilterProvider;
27 import com.jcraft.jsch.JSch;
28 import com.jcraft.jsch.JSchException;
29 import com.jcraft.jsch.Session;
30 import com.jcraft.jsch.UserInfo;
31 import org.apache.logging.log4j.LogManager;
32 import org.apache.logging.log4j.Logger;
33 import org.apache.logging.log4j.audit.AuditLogger;
34 import org.apache.logging.log4j.audit.catalog.CatalogManager;
35 import org.apache.logging.log4j.audit.service.catalog.AuditCatalogManager;
36 import org.apache.logging.log4j.audit.service.catalog.AuditManager;
37 import org.apache.logging.log4j.audit.service.security.LocalAuthorizationInterceptor;
38 import org.apache.logging.log4j.audit.util.JsonObjectMapperFactory;
39 import org.apache.logging.log4j.catalog.api.dao.CatalogDao;
40 import org.apache.logging.log4j.catalog.api.CatalogReader;
41 import org.apache.logging.log4j.catalog.api.dao.ClassPathCatalogReader;
42 import org.apache.logging.log4j.catalog.api.util.CatalogEventFilter;
43 import org.apache.logging.log4j.catalog.git.dao.GitCatalogDao;
44 import org.eclipse.jgit.api.TransportConfigCallback;
45 import org.eclipse.jgit.transport.CredentialsProvider;
46 import org.eclipse.jgit.transport.JschConfigSessionFactory;
47 import org.eclipse.jgit.transport.OpenSshConfig;
48 import org.eclipse.jgit.transport.SshSessionFactory;
49 import org.eclipse.jgit.transport.SshTransport;
50 import org.eclipse.jgit.transport.Transport;
51 import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider;
52 import org.eclipse.jgit.util.FS;
53 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
54 import org.springframework.beans.factory.annotation.Autowired;
55 import org.springframework.beans.factory.annotation.Value;
56 import org.springframework.context.MessageSource;
57 import org.springframework.context.annotation.Bean;
58 import org.springframework.context.annotation.ComponentScan;
59 import org.springframework.context.annotation.Configuration;
60 import org.springframework.context.annotation.PropertySource;
61 import org.springframework.context.support.ResourceBundleMessageSource;
62 import org.springframework.http.client.ClientHttpRequestInterceptor;
63 import org.springframework.http.converter.HttpMessageConverter;
64 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
65 import org.springframework.scheduling.annotation.EnableScheduling;
66 import org.springframework.web.servlet.ViewResolver;
67 import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
68 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
69 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
70 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
71 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
72 import org.springframework.web.servlet.view.InternalResourceViewResolver;
73 import org.springframework.web.servlet.view.JstlView;
74 import static org.apache.commons.lang3.StringUtils.isNotBlank;
75
76
77 @Configuration
78 @EnableWebMvc
79 @EnableScheduling
80 @ComponentScan(basePackages = {"org.apache.logging.log4j.catalog.jpa", "org.apache.logging.log4j.audit.service"})
81 @PropertySource(value= " classpath:catalog-${env:}config.properties", ignoreResourceNotFound = true)
82 public class WebMvcAppContext extends WebMvcConfigurerAdapter {
83
84 private static final Logger LOGGER = LogManager.getLogger(WebMvcAppContext.class);
85
86 @Autowired
87 ConfigurationService configurationService;
88
89 @Override
90 public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
91 configurer.enable();
92 }
93
94 @Override
95 public void addResourceHandlers(final ResourceHandlerRegistry registry) {
96 registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/");
97 registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
98 }
99
100 @Override
101 public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
102 converters.add(jsonMessageConverter());
103 }
104
105
106 @Override
107 public void addInterceptors(InterceptorRegistry registry) {
108 registry.addInterceptor(localAuthorizationInterceptor())
109 .addPathPatterns("/api/**")
110 .excludePathPatterns("/swagger**")
111 .excludePathPatterns("/v2/api-docs**")
112 .excludePathPatterns("/configuration/security**")
113 .excludePathPatterns("/configuration/ui**")
114 .excludePathPatterns("/webjars/**");
115 }
116
117 @Bean
118 public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
119 DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
120 proxyCreator.setProxyTargetClass(true);
121 return proxyCreator;
122 }
123
124 @Bean
125 public ViewResolver viewResolver() {
126 InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
127 viewResolver.setViewClass(JstlView.class);
128 viewResolver.setPrefix("/WEB-INF/views/");
129 viewResolver.setSuffix(".jsp");
130 return viewResolver;
131 }
132
133 @Bean
134 public MessageSource messageSource() {
135 ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
136 messageSource.setBasename("messages");
137 return messageSource;
138 }
139
140 @Bean
141 public LocalAuthorizationInterceptor localAuthorizationInterceptor() {
142
143 return new LocalAuthorizationInterceptor(configurationService.getAuditServiceAuthToken());
144 }
145
146 @Bean
147 public ObjectMapper objectMapper() {
148 ObjectMapper mapper = JsonObjectMapperFactory.createMapper();
149 SimpleFilterProvider filterProvider = new SimpleFilterProvider();
150 filterProvider.addFilter("catalogEvent", new CatalogEventFilter());
151 mapper.setFilterProvider(filterProvider);
152 return mapper;
153 }
154
155 @Bean
156 public MappingJackson2HttpMessageConverter jsonMessageConverter() {
157 return new MappingJackson2HttpMessageConverter(objectMapper());
158 }
159
160 @Bean
161 public List<ClientHttpRequestInterceptor> restInterceptors() {
162 return Arrays.asList(new ClientHttpRequestInterceptor[] {});
163 }
164
165 @Bean
166 public CatalogReader catalogReader() {
167 try {
168 return new ClassPathCatalogReader();
169 } catch (IOException ioe) {
170 LOGGER.error("Unable to create ClassPathCatalogReader", ioe);
171 return null;
172 }
173 }
174
175 @Bean
176 public AuditManager auditManager() {
177 return new AuditCatalogManager(catalogReader());
178 }
179
180 @Bean
181 AuditLogger auditLogger() {
182 AuditLogger auditLogger = new AuditLogger();
183 auditLogger.setCatalogManager(auditManager());
184 return auditLogger;
185 }
186
187 }