diff --git a/datastore_server/etc/service.properties b/datastore_server/etc/service.properties
index 4358b46d500d720ee31c685c3ee3386ca44d0022..5469b6a909557393210b9664bec457e6442d6a14 100644
--- a/datastore_server/etc/service.properties
+++ b/datastore_server/etc/service.properties
@@ -13,14 +13,15 @@ port = 8889
# Session timeout in minutes
session-timeout = 30
-# Path to the keystore
-keystore.path = dist/etc/openBIS.keystore
+# Set to 'false' for development/testing without deployed server. In this mode datastore will not use
+# SSL when connecting to openbis. Otherwise all 'keystore' properties need to be set for SSL connection
+# (default when use-ssl property is not set so there is no need to specify it on production servers).
+use-ssl = false
-# Password of the keystore
-keystore.password = changeit
-
-# Key password of the keystore
-keystore.key-password = changeit
+# Path, password and key password for SSL connection
+#keystore.path = dist/etc/openBIS.keystore
+#keystore.password = changeit
+#keystore.key-password = changeit
# The check interval (in seconds)
check-interval = 5
@@ -50,7 +51,7 @@ username = etlserver
password = doesnotmatter
# The base URL for Web client access.
-download-url = https://localhost:8889
+download-url = http://localhost:8889
# SMTP properties (must start with 'mail' to be considered).
# mail.smtp.host = localhost
diff --git a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/ConfigParameters.java b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/ConfigParameters.java
index 23feb655f036d91ad08596438eeb9cfc65a23380..aeb989f7d0ffcecc574279a8ebe1e50ca0e75899 100644
--- a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/ConfigParameters.java
+++ b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/ConfigParameters.java
@@ -51,6 +51,8 @@ final class ConfigParameters
private static final String KEYSTORE = "keystore.";
+ static final String USE_SSL = "use-ssl";
+
static final String KEYSTORE_PATH_KEY = KEYSTORE + "path";
static final String KEYSTORE_PASSWORD_KEY = KEYSTORE + "password";
@@ -73,6 +75,8 @@ final class ConfigParameters
private final int sessionTimeout;
+ private final boolean useSSL;
+
private final String keystorePath;
private final String keystorePassword;
@@ -123,10 +127,18 @@ final class ConfigParameters
port = getMandatoryIntegerProperty(properties, PORT_KEY);
serverURL = PropertyUtils.getMandatoryProperty(properties, SERVER_URL_KEY);
sessionTimeout = getMandatoryIntegerProperty(properties, SESSION_TIMEOUT_KEY) * 60;
- keystorePath = PropertyUtils.getMandatoryProperty(properties, KEYSTORE_PATH_KEY);
- keystorePassword = PropertyUtils.getMandatoryProperty(properties, KEYSTORE_PASSWORD_KEY);
- keystoreKeyPassword =
- PropertyUtils.getMandatoryProperty(properties, KEYSTORE_KEY_PASSWORD_KEY);
+ useSSL = PropertyUtils.getBoolean(properties, USE_SSL, true);
+ if (useSSL == true)
+ {
+ keystorePath = PropertyUtils.getMandatoryProperty(properties, KEYSTORE_PATH_KEY);
+ keystorePassword =
+ PropertyUtils.getMandatoryProperty(properties, KEYSTORE_PASSWORD_KEY);
+ keystoreKeyPassword =
+ PropertyUtils.getMandatoryProperty(properties, KEYSTORE_KEY_PASSWORD_KEY);
+ } else
+ {
+ keystorePath = keystorePassword = keystoreKeyPassword = null;
+ }
pluginServlets = extractPluginServletsProperties(properties);
}
@@ -202,6 +214,11 @@ final class ConfigParameters
return pluginServlets;
}
+ public boolean isUseSSL()
+ {
+ return useSSL;
+ }
+
public final void log()
{
if (operationLog.isInfoEnabled())
@@ -209,7 +226,8 @@ final class ConfigParameters
operationLog.info(String.format("Store root directory: '%s'.", storePath));
operationLog.info(String.format("Port number: %d.", port));
operationLog.info(String.format("URL of openBIS server: '%s'.", serverURL));
- operationLog.info(String.format("Session timeout (minutes): %d.", sessionTimeout));
+ operationLog.info(String.format("Session timeout (seconds): %d.", sessionTimeout));
+ operationLog.info(String.format("Use SSL: '%s'.", useSSL));
operationLog.info(String.format("Keystore path: '%s'.", keystorePath));
for (PluginServlet pluginServlet : pluginServlets)
{
diff --git a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/DataStoreServer.java b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/DataStoreServer.java
index 2d23ab51290f8befb822c854dbfe404414fee4a1..f8e16e9a16acb8fab709f5be555702b6a6ebe6ff 100644
--- a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/DataStoreServer.java
+++ b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/DataStoreServer.java
@@ -193,19 +193,20 @@ public class DataStoreServer
private static SocketConnector createSocketConnector(ConfigParameters configParameters)
{
- SslSocketConnector socketConnector = new SslSocketConnector();
- socketConnector.setKeystore(configParameters.getKeystorePath());
- socketConnector.setPassword(configParameters.getKeystorePassword());
- socketConnector.setKeyPassword(configParameters.getKeystoreKeyPassword());
- return socketConnector;
+ if (configParameters.isUseSSL())
+ {
+ SslSocketConnector socketConnector = new SslSocketConnector();
+ socketConnector.setKeystore(configParameters.getKeystorePath());
+ socketConnector.setPassword(configParameters.getKeystorePassword());
+ socketConnector.setKeyPassword(configParameters.getKeystoreKeyPassword());
+ return socketConnector;
+ } else
+ {
+ operationLog.warn("creating connector to openBIS without SSL");
+ return new SocketConnector();
+ }
}
- // Uncomment to test connection from openBIS to DSS in hosted mode
- // private static SocketConnector createSocketConnector(ConfigParameters configParameters)
- // {
- // return new SocketConnector();
- // }
-
private final static void selfTest(final ApplicationContext applicationContext)
{
IEncapsulatedOpenBISService dataSetService = applicationContext.getDataSetService();
diff --git a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/EncapsulatedOpenBISService.java b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/EncapsulatedOpenBISService.java
index ae7b6e0fa10cc7ef8cf13719bcf9c08e78baa1b9..80fe876c035887078ca7a3afa404b9efa9b158bd 100644
--- a/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/EncapsulatedOpenBISService.java
+++ b/datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/EncapsulatedOpenBISService.java
@@ -76,6 +76,8 @@ public final class EncapsulatedOpenBISService implements IEncapsulatedOpenBISSer
private int port;
+ private boolean useSSL;
+
private String username;
private String password;
@@ -116,6 +118,19 @@ public final class EncapsulatedOpenBISService implements IEncapsulatedOpenBISSer
this.port = port;
}
+ public final void setUseSSL(String useSSL)
+ {
+ // NOTE: 'use-ssl' property is optional. If it is not specified in DS properties file
+ // String value passed by Spring is "${use-ssl}". Default value, which is 'true',
+ // should be used in such case.
+ boolean booleanValue = true;
+ if (useSSL.equalsIgnoreCase("false"))
+ {
+ booleanValue = false;
+ }
+ this.useSSL = booleanValue;
+ }
+
public final void setUsername(String username)
{
this.username = username;
@@ -168,6 +183,7 @@ public final class EncapsulatedOpenBISService implements IEncapsulatedOpenBISSer
}
DataStoreServerInfo dataStoreServerInfo = new DataStoreServerInfo();
dataStoreServerInfo.setPort(port);
+ dataStoreServerInfo.setUseSSL(useSSL);
dataStoreServerInfo.setDataStoreCode(dataStoreCode);
dataStoreServerInfo.setDownloadUrl(downloadUrl);
dataStoreServerInfo.setSessionToken(sessionTokenManager.drawSessionToken());
diff --git a/datastore_server/source/java/dssApplicationContext.xml b/datastore_server/source/java/dssApplicationContext.xml
index 13580c66641c91b978de7c15edb32f9aedb3d6c8..2436745d1e842d7775630d8a0a930354b711ec83 100644
--- a/datastore_server/source/java/dssApplicationContext.xml
+++ b/datastore_server/source/java/dssApplicationContext.xml
@@ -26,6 +26,7 @@
<property name="username" value="${username}"/>
<property name="password" value="${password}"/>
<property name="port" value="${port}"/>
+ <property name="useSSL" value="${use-ssl}"/>
<property name="downloadUrl" value="${download-url}"/>
<property name="dataStoreCode" value="${data-store-server-code}"/>
<constructor-arg ref="plugin-tasks" />
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/ETLService.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/ETLService.java
index ab333e57df458c5b32bb23a4e342c98829786490..b8ecb2aa690a8cea6ec840c9324c2b9993b2fa38 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/ETLService.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/ETLService.java
@@ -152,7 +152,7 @@ public class ETLService extends AbstractCommonServer<IETLService> implements IET
{
int port = info.getPort();
String remoteHost = session.getRemoteHost() + ":" + port;
- String dssURL = "https://" + remoteHost;
+ String dssURL = (info.isUseSSL() ? "https://" : "http://") + remoteHost;
checkVersion(dssSessionToken, dssURL);
return dssURL;
}
@@ -505,7 +505,7 @@ public class ETLService extends AbstractCommonServer<IETLService> implements IET
return ExternalDataTranslator.translate(externalDataBO.getExternalData(),
dataStoreBaseURLProvider.getDataStoreBaseURL(), session.getBaseIndexURL());
}
-
+
public void checkDataSetAccess(String sessionToken, String dataSetCode)
throws UserFailureException
{
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/DataStoreServerInfo.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/DataStoreServerInfo.java
index 8feb1068d5dbc83cdaaec93d5c6d086ea5124d02..cf87e244d767b875b0a5d742010b6ed6478770c4 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/DataStoreServerInfo.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/DataStoreServerInfo.java
@@ -35,7 +35,7 @@ import ch.systemsx.cisd.openbis.generic.shared.IServer;
* <li>the unique code of the DSS.
* </ul>
*
- * @author Franz-Josef Elmer
+ * @author Franz-Josef Elmer
*/
public class DataStoreServerInfo implements Serializable
{
@@ -43,6 +43,8 @@ public class DataStoreServerInfo implements Serializable
private int port;
+ private boolean useSSL;
+
private String dataStoreCode;
private String downloadUrl;
@@ -61,6 +63,16 @@ public class DataStoreServerInfo implements Serializable
this.port = port;
}
+ public boolean isUseSSL()
+ {
+ return useSSL;
+ }
+
+ public void setUseSSL(boolean useSSL)
+ {
+ this.useSSL = useSSL;
+ }
+
public final String getDataStoreCode()
{
return dataStoreCode;
@@ -100,4 +112,5 @@ public class DataStoreServerInfo implements Serializable
{
this.servicesDescriptions = servicesDescriptions;
}
+
}