in ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java [121:384]
public void run() throws Exception {
// Initialize meta info before heartbeat monitor
ambariMetaInfo.init();
LOG.info("********* Meta Info initialized **********");
performStaticInjection();
addInMemoryUsers();
server = new Server();
serverForAgent = new Server();
checkDBVersion();
try {
ClassPathXmlApplicationContext parentSpringAppContext =
new ClassPathXmlApplicationContext();
parentSpringAppContext.refresh();
ConfigurableListableBeanFactory factory = parentSpringAppContext.
getBeanFactory();
factory.registerSingleton("guiceInjector",
injector);
factory.registerSingleton("passwordEncoder",
injector.getInstance(PasswordEncoder.class));
factory.registerSingleton("ambariLocalUserService",
injector.getInstance(AmbariLocalUserDetailsService.class));
factory.registerSingleton("ambariLdapAuthenticationProvider",
injector.getInstance(AmbariLdapAuthenticationProvider.class));
//Spring Security xml config depends on this Bean
String[] contextLocations = {SPRING_CONTEXT_LOCATION};
ClassPathXmlApplicationContext springAppContext = new
ClassPathXmlApplicationContext(contextLocations, parentSpringAppContext);
//setting ambari web context
ServletContextHandler root = new ServletContextHandler(server, CONTEXT_PATH,
ServletContextHandler.SECURITY | ServletContextHandler.SESSIONS);
//Changing session cookie name to avoid conflicts
root.getSessionHandler().getSessionManager().setSessionCookie("AMBARISESSIONID");
GenericWebApplicationContext springWebAppContext = new GenericWebApplicationContext();
springWebAppContext.setServletContext(root.getServletContext());
springWebAppContext.setParent(springAppContext);
/* Configure web app context */
root.setResourceBase(configs.getWebAppDir());
root.getServletContext().setAttribute(
WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE,
springWebAppContext);
certMan.initRootCert();
ServletContextHandler agentroot = new ServletContextHandler(serverForAgent,
"/", ServletContextHandler.SESSIONS );
ServletHolder rootServlet = root.addServlet(DefaultServlet.class, "/");
rootServlet.setInitOrder(1);
/* Configure default servlet for agent server */
rootServlet = agentroot.addServlet(DefaultServlet.class, "/");
rootServlet.setInitOrder(1);
//Spring Security Filter initialization
DelegatingFilterProxy springSecurityFilter = new DelegatingFilterProxy();
springSecurityFilter.setTargetBeanName("springSecurityFilterChain");
//session-per-request strategy for api and agents
root.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/api/*", 1);
agentroot.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/agent/*", 1);
agentroot.addFilter(SecurityFilter.class, "/*", 1);
if (configs.getApiAuthentication()) {
root.addFilter(new FilterHolder(springSecurityFilter), "/api/*", 1);
}
//Secured connector for 2-way auth
SslSelectChannelConnector sslConnectorTwoWay = new
SslSelectChannelConnector();
sslConnectorTwoWay.setPort(configs.getTwoWayAuthPort());
Map<String, String> configsMap = configs.getConfigsMap();
String keystore = configsMap.get(Configuration.SRVR_KSTR_DIR_KEY) +
File.separator + configsMap.get(Configuration.KSTR_NAME_KEY);
String srvrCrtPass = configsMap.get(Configuration.SRVR_CRT_PASS_KEY);
sslConnectorTwoWay.setKeystore(keystore);
sslConnectorTwoWay.setTruststore(keystore);
sslConnectorTwoWay.setPassword(srvrCrtPass);
sslConnectorTwoWay.setKeyPassword(srvrCrtPass);
sslConnectorTwoWay.setTrustPassword(srvrCrtPass);
sslConnectorTwoWay.setKeystoreType("PKCS12");
sslConnectorTwoWay.setTruststoreType("PKCS12");
sslConnectorTwoWay.setNeedClientAuth(configs.getTwoWaySsl());
//Secured connector for 1-way auth
//SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector();
SslContextFactory contextFactory = new SslContextFactory(true);
//sslConnectorOneWay.setPort(AGENT_ONE_WAY_AUTH);
contextFactory.setKeyStorePath(keystore);
// sslConnectorOneWay.setKeystore(keystore);
contextFactory.setTrustStore(keystore);
// sslConnectorOneWay.setTruststore(keystore);
contextFactory.setKeyStorePassword(srvrCrtPass);
// sslConnectorOneWay.setPassword(srvrCrtPass);
contextFactory.setKeyManagerPassword(srvrCrtPass);
// sslConnectorOneWay.setKeyPassword(srvrCrtPass);
contextFactory.setTrustStorePassword(srvrCrtPass);
//sslConnectorOneWay.setTrustPassword(srvrCrtPass);
contextFactory.setKeyStoreType("PKCS12");
//sslConnectorOneWay.setKeystoreType("PKCS12");
contextFactory.setTrustStoreType("PKCS12");
//sslConnectorOneWay.setTruststoreType("PKCS12");
contextFactory.setNeedClientAuth(false);
// sslConnectorOneWay.setWantClientAuth(false);
// sslConnectorOneWay.setNeedClientAuth(false);
SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector(contextFactory);
sslConnectorOneWay.setPort(configs.getOneWayAuthPort());
sslConnectorOneWay.setAcceptors(2);
sslConnectorTwoWay.setAcceptors(2);
serverForAgent.setConnectors(new Connector[]{ sslConnectorOneWay, sslConnectorTwoWay});
ServletHolder sh = new ServletHolder(ServletContainer.class);
sh.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
"com.sun.jersey.api.core.PackagesResourceConfig");
sh.setInitParameter("com.sun.jersey.config.property.packages",
"org.apache.ambari.server.api.rest;" +
"org.apache.ambari.server.api.services;" +
"org.apache.ambari.eventdb.webservice;" +
"org.apache.ambari.server.api");
sh.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
"true");
if (configs.csrfProtectionEnabled()) {
sh.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
"com.sun.jersey.api.container.filter.CsrfProtectionFilter");
}
root.addServlet(sh, "/api/v1/*");
sh.setInitOrder(2);
ServletHolder agent = new ServletHolder(ServletContainer.class);
agent.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
"com.sun.jersey.api.core.PackagesResourceConfig");
agent.setInitParameter("com.sun.jersey.config.property.packages",
"org.apache.ambari.server.agent.rest;" + "org.apache.ambari.server.api");
agent.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
"true");
agentroot.addServlet(agent, "/agent/v1/*");
agent.setInitOrder(3);
ServletHolder cert = new ServletHolder(ServletContainer.class);
cert.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
"com.sun.jersey.api.core.PackagesResourceConfig");
cert.setInitParameter("com.sun.jersey.config.property.packages",
"org.apache.ambari.server.security.unsecured.rest;" + "org.apache.ambari.server.api");
cert.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
"true");
agentroot.addServlet(cert, "/*");
cert.setInitOrder(4);
ServletHolder resources = new ServletHolder(ServletContainer.class);
resources.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
"com.sun.jersey.api.core.PackagesResourceConfig");
resources.setInitParameter("com.sun.jersey.config.property.packages",
"org.apache.ambari.server.resources.api.rest;" + "org.apache.ambari.server.api");
resources.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
"true");
root.addServlet(resources, "/resources/*");
resources.setInitOrder(6);
//Set jetty thread pool
serverForAgent.setThreadPool(new QueuedThreadPool(25));
server.setThreadPool(new QueuedThreadPool(25));
/* Configure the API server to use the NIO connectors */
SelectChannelConnector apiConnector;
if (configs.getApiSSLAuthentication()) {
String httpsKeystore = configsMap.get(Configuration.CLIENT_API_SSL_KSTR_DIR_NAME_KEY) +
File.separator + configsMap.get(Configuration.CLIENT_API_SSL_KSTR_NAME_KEY);
LOG.info("API SSL Authentication is turned on. Keystore - " + httpsKeystore);
String httpsCrtPass = configsMap.get(Configuration.CLIENT_API_SSL_CRT_PASS_KEY);
SslSelectChannelConnector sapiConnector = new SslSelectChannelConnector();
sapiConnector.setPort(configs.getClientSSLApiPort());
sapiConnector.setKeystore(httpsKeystore);
sapiConnector.setTruststore(httpsKeystore);
sapiConnector.setPassword(httpsCrtPass);
sapiConnector.setKeyPassword(httpsCrtPass);
sapiConnector.setTrustPassword(httpsCrtPass);
sapiConnector.setKeystoreType("PKCS12");
sapiConnector.setTruststoreType("PKCS12");
sapiConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
apiConnector = sapiConnector;
}
else {
apiConnector = new SelectChannelConnector();
apiConnector.setPort(configs.getClientApiPort());
apiConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
}
server.addConnector(apiConnector);
server.setStopAtShutdown(true);
serverForAgent.setStopAtShutdown(true);
springAppContext.start();
String osType = getServerOsType();
if (osType == null || osType.isEmpty()) {
throw new RuntimeException(Configuration.OS_VERSION_KEY + " is not "
+ " set in the ambari.properties file");
}
//Start action scheduler
LOG.info("********* Initializing Clusters **********");
Clusters clusters = injector.getInstance(Clusters.class);
StringBuilder clusterDump = new StringBuilder();
clusters.debugDump(clusterDump);
LOG.info("********* Current Clusters State *********");
LOG.info(clusterDump.toString());
LOG.info("********* Initializing ActionManager **********");
ActionManager manager = injector.getInstance(ActionManager.class);
LOG.info("********* Initializing Controller **********");
AmbariManagementController controller = injector.getInstance(
AmbariManagementController.class);
clusterController = controller;
// FIXME need to figure out correct order of starting things to
// handle restart-recovery correctly
/*
* Start the server after controller state is recovered.
*/
server.start();
serverForAgent.start();
LOG.info("********* Started Server **********");
manager.start();
LOG.info("********* Started ActionManager **********");
//TODO: Remove this code when APIs are ready for testing.
// RequestInjectorForTest testInjector = new RequestInjectorForTest(controller, clusters);
// Thread testInjectorThread = new Thread(testInjector);
// testInjectorThread.start();
server.join();
LOG.info("Joined the Server");
} catch (BadPaddingException bpe){
LOG.error("Bad keystore or private key password. " +
"HTTPS certificate re-importing may be required.");
throw bpe;
} catch(BindException bindException) {
LOG.error("Could not bind to server port - instance may already be running. " +
"Terminating this instance.", bindException);
throw bindException;
}
}