SEPIA-Framework
diff --git a/‎pom.xml‎
Lines changed: 10 additions & 4 deletions b/‎pom.xml‎
Lines changed: 10 additions & 4 deletions
diff --git a/‎settings/proxy.properties‎
Lines changed: 8 additions & 1 deletion b/‎settings/proxy.properties‎
Lines changed: 8 additions & 1 deletion
diff --git a/‎src/main/java/net/b07z/sepia/proxies/PathHandlerWithIpFilter.java‎
Lines changed: 0 additions & 50 deletions b/‎src/main/java/net/b07z/sepia/proxies/PathHandlerWithIpFilter.java‎
Lines changed: 0 additions & 50 deletions
diff --git a/‎src/main/java/net/b07z/sepia/proxies/Start.java‎
Lines changed: 92 additions & 21 deletions b/‎src/main/java/net/b07z/sepia/proxies/Start.java‎
Lines changed: 92 additions & 21 deletions
@@ -2,7 +2,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>net.b07z.sepia.proxies</groupId>
 	<artifactId>sepia-reverse-proxy</artifactId>
-	<version>0.2.0</version>
+	<version>0.3.0</version>
 	<packaging>jar</packaging>
 
     <properties>
@@ -20,7 +20,7 @@
 				<executions>
 					<execution>
 						<id>copy-dependencies</id>
-						<phase>prepare-package</phase>
+						<phase>install</phase>
 						<goals>
 							<goal>copy-dependencies</goal>
 						</goals>
@@ -55,7 +55,7 @@
 				<executions>
 					<execution>
 						<id>copy-resources-1</id>
-						<phase>validate</phase>
+						<phase>install</phase>
 						<goals>
 							<goal>copy-resources</goal>
 						</goals>
@@ -71,7 +71,7 @@
 					</execution>
 					<execution>
 						<id>copy-resources-2</id>
-						<phase>validate</phase>
+						<phase>install</phase>
 						<goals>
 							<goal>copy-resources</goal>
 						</goals>
@@ -98,5 +98,11 @@
 	    	<artifactId>undertow-core</artifactId>
 			<version>2.0.1.Final</version>
 		</dependency>
+		
+		<dependency>
+	        <groupId>org.slf4j</groupId>
+	        <artifactId>slf4j-simple</artifactId>
+	        <version>1.7.21</version>
+	    </dependency>
   	</dependencies>
 </project>
@@ -1,9 +1,16 @@
 # Entries have to be of format: action_type_name, e.g.: redirect_path_1
 # Redirects must have 3 types per name: path, target, public
+# NOTE: The name "redirect" has to be understood in the context of proxy forwarding not 30x redirect ^^. 
 
 # SEPIA defaults for custom-bundle:
-host=localhost
+
+# host=localhost
+host=0.0.0.0
 port=20726
+
+ssl_keystore=../letsencrypt/sepia-proxy-keystore.jks
+ssl_keystore_pwd=noextrapwdhere
+ssl_support_http=false
 
 redirect_path_1=/sepia/assist
 redirect_target_1=http://localhost:20721
 
@@ -3,44 +3,72 @@
 import java.io.BufferedInputStream;
 import java.io.FileInputStream;
 import java.io.IOException;
+import java.security.KeyStore;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Properties;
 
+import javax.net.ssl.SSLContext;
+
+import net.b07z.sepia.proxies.security.SSLContextBuilder;
+
 /**
  * Command-line interface to start a proxy.
  * 
  * @author Florian Quirin
  *
  */
 public class Start {
-
-	//defaults
+	
+	//Overwrite JBoss logger
+	//private static Logger logger;
+	static{
+		System.setProperty("org.jboss.logging.provider", "slf4j");
+		//logger = LoggerFactory.getLogger(Start.class);
+	}
+	
+	//Defaults
 	private static String host = "localhost";
 	private static int port = 20726;
+	private static boolean ssl = false;
+	private static boolean sslSupportHttp = false;
+	private static String sslKeystore = "";
+	private static String sslKeystorePwd = "";
+	
+	private static String SETTINGS_FILE = "settings/proxy.properties";
 
 	//Command-line parameters have priority
 	private static boolean ignoreSettingsHost = false;
 	private static boolean ignoreSettingsPort = false;
 
+	public static void info(String msg){
+		System.out.println(msg);
+	}
+	public static void error(String msg){
+		//logger.error(msg);
+		System.out.println(msg);
+	}
+	
 	/**
 	 * Run a proxy.
 	 * @param args
 	 * @throws Exception 
 	 */
 	public static void main(String[] args) throws Exception {
+
 		String proxy = "";
 
 		//Check if arguments are given
 		if (args == null || args.length == 0){
-			System.out.println("Missing proxy-name to run, e.g. 'tiny'.");
+			error("Missing proxy-name to run, e.g. 'tiny'.");
 			help();
-			return;
+			System.exit(1);
 		}
 
 		//Proxy to run:
 		if (args[0].equals("tiny")){
 			proxy = "tiny";
+			info("Starting tiny proxy ...");
 
 			for (String arg : args){
 				//Port
@@ -52,47 +80,82 @@ public static void main(String[] args) throws Exception {
 				}else if (arg.startsWith("-host=")){
 					host = arg.replaceFirst(".*?=", "").trim();
 					ignoreSettingsHost = true;
+					
+				//SSL
+				}else if (arg.startsWith("-ssl=")){
+					ssl = Boolean.parseBoolean(arg.replaceFirst(".*?=", "").trim());
 
 				//Paths
 				}else if (arg.startsWith("-defaultPaths=")){
 					String paths = arg.replaceFirst(".*?=", "").trim();
 					if (!paths.equals("true")){
-						System.out.println("Sorry any other than the default paths are not yet supported via command-line interface!");
-						return;
+						error("Sorry any other than the default paths are not yet supported via command-line interface!");
+						System.exit(1);
 					}
 					//TODO: add a way to define custom prefix-path combinations (best: load from config and give config-file here as value)
 				}
 			}
 
 			//Read settings
 			List<ProxyAction> actions = null;
+			KeyStore ks = null;
+			SSLContext sslContext = null;
 			try{
-				actions = loadSettings("settings/proxy.properties");
+				info("Loading settings from '" + SETTINGS_FILE + "' ...");
+				actions = loadSettings(SETTINGS_FILE);
 			}catch(Exception e){
-				System.out.println("Could not read 'settings/proxy.properties' file! Error: " + e.getMessage());
-				return;
+				error("Could not read '" + SETTINGS_FILE + "' file! Error: " + e.getMessage());
+				System.exit(1);
+			}
+			//Check SSL settings and keystore
+			if (ssl && (sslKeystore.isEmpty() || sslKeystorePwd.isEmpty())){
+				error("Missing SSL keystore and/or keystore password!");
+				System.exit(1);
+			}else if (ssl){
+				try{
+					ks = SSLContextBuilder.loadKeyStore(sslKeystore, sslKeystorePwd);
+				}catch (Exception e){
+					error("Could not load keystore located at: " + sslKeystore + " - check path and password!");
+					error("Error msg.: " + e.getMessage());
+					System.exit(1);
+				}
+				try{
+					sslContext = SSLContextBuilder.create(ks, null, sslKeystorePwd);
+				}catch (Exception e){
+					error("Could not create SSLContext from keystore!");
+					error("Error msg.: " + e.getMessage());
+					System.exit(1);
+				}
 			}
 
 			//Create tiny reverse proxy
-			TinyReverseProxy reverseProxy = new TinyReverseProxy(host, port);
+			TinyReverseProxy reverseProxy = new TinyReverseProxy(host, port, ssl, sslContext);
+			reverseProxy.setSslHttpSupport(sslSupportHttp, (port + 1)); 		//HTTP support is done via listener on PORT+1
 
 			//Add actions
 			for (ProxyAction pa : actions){
 				if (pa.actionType.equals("redirect")){
-					reverseProxy.addPrefixPath(pa.redirectPath, pa.redirectTarget);
+					reverseProxy.addPrefixPath(pa.redirectPath, pa.redirectTarget, pa.targetIsPublic);
 				}
 			}
 			/*	
-			reverseProxy.addPrefixPath("/sepia/assist", "http://localhost:20721");
-			reverseProxy.addPrefixPath("/sepia/teach", "http://localhost:20722");
-			reverseProxy.addPrefixPath("/sepia/chat", "http://localhost:20723");
+			reverseProxy.addPrefixPath("/sepia/assist", "http://localhost:20721", true);
 			*/
 
 			//Start proxy
 			reverseProxy.start();
 
 			//Note
-			System.out.println("\nSEPIA '" + proxy + "' reverse proxy started as: " + host + ":" + port);
+			info("\nSEPIA '" + proxy + "' reverse proxy started as: " + host + ":" + port);
+			info("Using SSL: " + ssl);
+			if (ssl){
+				info("SSL keystore: " + sslKeystore);
+				if (sslSupportHttp){
+					info("NOTE: All calls to simple HTTP are available at port: " + (port + 1));
+				}else{
+					info("NOTE: All calls to simple HTTP are deactivated when SSL is active!");
+				}
+			}
 
 			return;
 
@@ -107,11 +170,12 @@ public static void main(String[] args) throws Exception {
 	 * Command-line interface help.
 	 */
 	private static void help(){
-		System.out.println("\nUsage:");
-		System.out.println("[proxy-name] [arguments]");
-		System.out.println("\nProxies:");
-		System.out.println("tiny - args: -defaultPaths=true, -port=20726, -host=localhost");
-		System.out.println("");
+		info("\nUsage:");
+		info("[proxy-name] [arguments]");
+		info("\nProxies:");
+		info("tiny - args: -defaultPaths=true, -port=20726, -host=localhost, -ssl=true");
+		info("\nConfiguration is done via 'settings/proxy.properties' file.");
+		info("");
 	}
 
 	/**
@@ -158,14 +222,21 @@ private static List<ProxyAction> loadSettings(String configFile) throws IOExcept
 					String name = info[2];
 					String path = config.getProperty("redirect_path_" + name);
 					String target = config.getProperty("redirect_target_" + name);
-					boolean isPublic = Boolean.getBoolean(config.getProperty("redirect_public_" + name));
+					boolean isPublic = Boolean.parseBoolean(config.getProperty("redirect_public_" + name));
 					actions.add(new ProxyAction().setRedirect(path, target, isPublic));
 				}
 
 			}else if (entry.equals("host") && !ignoreSettingsHost){
 				host = config.getProperty(entry);
 			}else if (entry.equals("port") && !ignoreSettingsPort){
 				port = Integer.parseInt(config.getProperty(entry));
+			
+			}else if (entry.equals("ssl_keystore")){
+				sslKeystore = config.getProperty(entry);
+			}else if (entry.equals("ssl_keystore_pwd")){
+				sslKeystorePwd = config.getProperty(entry);
+			}else if (entry.equals("ssl_support_http")){
+				sslSupportHttp = Boolean.parseBoolean(config.getProperty(entry));
 			}
 		}
 		return actions;