View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements. See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache license, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License. You may obtain a copy of the License at
8    *
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the license for the specific language governing permissions and
15   * limitations under the license.
16   */
17  package org.apache.logging.log4j.audit.service.config;
18  
19  import java.io.File;
20  import java.io.IOException;
21  import java.util.Arrays;
22  import java.util.List;
23  
24  import com.fasterxml.jackson.databind.ObjectMapper;
25  
26  import com.fasterxml.jackson.databind.ser.impl.SimpleFilterProvider;
27  import com.jcraft.jsch.JSch;
28  import com.jcraft.jsch.JSchException;
29  import com.jcraft.jsch.Session;
30  import com.jcraft.jsch.UserInfo;
31  import org.apache.logging.log4j.LogManager;
32  import org.apache.logging.log4j.Logger;
33  import org.apache.logging.log4j.audit.AuditLogger;
34  import org.apache.logging.log4j.audit.catalog.CatalogManager;
35  import org.apache.logging.log4j.audit.service.catalog.AuditCatalogManager;
36  import org.apache.logging.log4j.audit.service.catalog.AuditManager;
37  import org.apache.logging.log4j.audit.service.security.LocalAuthorizationInterceptor;
38  import org.apache.logging.log4j.audit.util.JsonObjectMapperFactory;
39  import org.apache.logging.log4j.catalog.api.dao.CatalogDao;
40  import org.apache.logging.log4j.catalog.api.CatalogReader;
41  import org.apache.logging.log4j.catalog.api.dao.ClassPathCatalogReader;
42  import org.apache.logging.log4j.catalog.api.util.CatalogEventFilter;
43  import org.apache.logging.log4j.catalog.git.dao.GitCatalogDao;
44  import org.eclipse.jgit.api.TransportConfigCallback;
45  import org.eclipse.jgit.transport.CredentialsProvider;
46  import org.eclipse.jgit.transport.JschConfigSessionFactory;
47  import org.eclipse.jgit.transport.OpenSshConfig;
48  import org.eclipse.jgit.transport.SshSessionFactory;
49  import org.eclipse.jgit.transport.SshTransport;
50  import org.eclipse.jgit.transport.Transport;
51  import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider;
52  import org.eclipse.jgit.util.FS;
53  import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
54  import org.springframework.beans.factory.annotation.Autowired;
55  import org.springframework.beans.factory.annotation.Value;
56  import org.springframework.context.MessageSource;
57  import org.springframework.context.annotation.Bean;
58  import org.springframework.context.annotation.ComponentScan;
59  import org.springframework.context.annotation.Configuration;
60  import org.springframework.context.annotation.PropertySource;
61  import org.springframework.context.support.ResourceBundleMessageSource;
62  import org.springframework.http.client.ClientHttpRequestInterceptor;
63  import org.springframework.http.converter.HttpMessageConverter;
64  import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
65  import org.springframework.scheduling.annotation.EnableScheduling;
66  import org.springframework.web.servlet.ViewResolver;
67  import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
68  import org.springframework.web.servlet.config.annotation.EnableWebMvc;
69  import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
70  import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
71  import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
72  import org.springframework.web.servlet.view.InternalResourceViewResolver;
73  import org.springframework.web.servlet.view.JstlView;
74  import static org.apache.commons.lang3.StringUtils.isNotBlank;
75  
76  
77  @Configuration
78  @EnableWebMvc
79  @EnableScheduling
80  @ComponentScan(basePackages = {"org.apache.logging.log4j.catalog.jpa", "org.apache.logging.log4j.audit.service"})
81  @PropertySource(value= " classpath:catalog-${env:}config.properties", ignoreResourceNotFound = true)
82  public class WebMvcAppContext extends WebMvcConfigurerAdapter {
83  
84      private static final Logger LOGGER = LogManager.getLogger(WebMvcAppContext.class);
85  
86      @Autowired
87      ConfigurationService configurationService;
88  
89      @Override
90      public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
91          configurer.enable();
92      }
93  
94      @Override
95      public void addResourceHandlers(final ResourceHandlerRegistry registry) {
96          registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/");
97          registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
98      }
99  
100     @Override
101     public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
102         converters.add(jsonMessageConverter());
103     }
104 
105 
106     @Override
107     public void addInterceptors(InterceptorRegistry registry) {
108         registry.addInterceptor(localAuthorizationInterceptor())
109                 .addPathPatterns("/api/**")
110                 .excludePathPatterns("/swagger**")
111                 .excludePathPatterns("/v2/api-docs**")
112                 .excludePathPatterns("/configuration/security**")
113                 .excludePathPatterns("/configuration/ui**")
114                 .excludePathPatterns("/webjars/**");
115     }
116 
117     @Bean
118     public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
119         DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
120         proxyCreator.setProxyTargetClass(true);
121         return proxyCreator;
122     }
123 
124     @Bean
125     public ViewResolver viewResolver() {
126         InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
127         viewResolver.setViewClass(JstlView.class);
128         viewResolver.setPrefix("/WEB-INF/views/");
129         viewResolver.setSuffix(".jsp");
130         return viewResolver;
131     }
132 
133     @Bean
134     public MessageSource messageSource() {
135         ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource();
136         messageSource.setBasename("messages");
137         return messageSource;
138     }
139 
140     @Bean
141     public LocalAuthorizationInterceptor localAuthorizationInterceptor() {
142 
143         return new LocalAuthorizationInterceptor(configurationService.getAuditServiceAuthToken());
144     }
145 
146     @Bean
147     public ObjectMapper objectMapper() {
148         ObjectMapper mapper = JsonObjectMapperFactory.createMapper();
149         SimpleFilterProvider filterProvider = new SimpleFilterProvider();
150         filterProvider.addFilter("catalogEvent", new CatalogEventFilter());
151         mapper.setFilterProvider(filterProvider);
152         return mapper;
153     }
154 
155     @Bean
156     public MappingJackson2HttpMessageConverter jsonMessageConverter() {
157         return new MappingJackson2HttpMessageConverter(objectMapper());
158     }
159 
160     @Bean
161     public List<ClientHttpRequestInterceptor> restInterceptors() {
162         return Arrays.asList(new ClientHttpRequestInterceptor[] {});
163     }
164 
165     @Bean
166     public CatalogReader catalogReader() {
167         try {
168             return new ClassPathCatalogReader();
169         } catch (IOException ioe) {
170             LOGGER.error("Unable to create ClassPathCatalogReader", ioe);
171             return null;
172         }
173     }
174 
175     @Bean
176     public AuditManager auditManager() {
177         return new AuditCatalogManager(catalogReader());
178     }
179 
180     @Bean
181     AuditLogger auditLogger() {
182         AuditLogger auditLogger = new AuditLogger();
183         auditLogger.setCatalogManager(auditManager());
184         return auditLogger;
185     }
186 
187 }