search

smallAreaHealthStatisticsUnit / rapidInquiryFacility

The Rapid Inquiry Facility (RIF) helps epidemiologists and public health researchers in environmental health activities.
GNU Lesser General Public License v3.0
14 stars 5 forks source link

Statistics Service does not support TLS connections from the rifServices middleware #155

Open peterhambly opened 5 years ago

peterhambly commented 5 years ago

Statistics Service does not support TLS connections from the rifServices middleware. Code from the Taxonomy services needs to be integrated to allow for specification of the network location of the statistics service server:

#
# Network location of the taxonomy services server.
# Use when:
#
# * The taxonomy services is not running on the same server as rifServices
# * HTTPS is used
#
# You do NOT need to do anything if you are running without TLS (i.e. on a laptop)
#
# If set to: https://localhost:8080 as suggested then host validation is disabled; otherwise
# you must set up JAVA TLS host verification with fully signed certificates; typical errors include:
#
# java.security.cert.CertificateException: No name matching a.b.com found
# [This means you need create a correctly signed certificate and add to the keystore]
#
# javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building
# failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification
# path to requested target
# [This means there is a certificate but it is not correctly signed]
#
# You can also typically get meessages that Java cannot find the keystore and/or TLS is not setup
# correctly]
#
# http://java.globinch.com/enterprise-java/security/pkix-path-building-failed-validation-sun-security-validatorexception/
#
# For most purposes; localhost will do fine; as long as Tomcat is setup to run on localhost

# taxonomyServicesServer=http://localhost:8080
peterhambly commented 5 years ago

Comments on the changes required.

The properties file above is: RIFServiceStartupProperties.properties. A similar property called statisticsServiceServer would need to be added.

The code to supports the taxonomyServicesServer property is in:

C:\Users\peter_2\Documents\GitHub\rapidInquiryFacility>findstr /s /c:"taxonomyServicesServer" *.java
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:     * @param taxonomyServicesServer [from RIF ServiceStartupProperties.java parameter] (required; may be NULL)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                  final String taxonomyServicesServer)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                  if (taxonomyServicesServer != null && !taxonomyServicesServer.equals("")) {
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                          rifLogger.info(this.getClass(), "Using taxonomyServicesServer parameter for base URL: " +
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                                  taxonomyServicesServer);
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                          this.url =taxonomyServicesServer;
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:     * @param taxonomyServicesServer (required)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                  final String taxonomyServicesServer,
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:          if (taxonomyServicesServer != null &
& !taxonomyServicesServer.equals("")) {
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\GetStudyJSON.java:                  this.url =taxonomyServicesServer;
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:     * @param String taxonomyServicesServer [parameter] (required)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:                    final String taxonomyServicesServer)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:                                            connection, user, studyID, locale, url, taxonomyServicesServer,
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:                    final String taxonomyServicesServer,
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:                    getStudyJSON, locale, 1 /* headerLevel */, url, taxonomyServicesServer);
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:                    final String taxonomyServicesServer)
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:
        JSONObject taxonomyObject = getStudyJSON.getHealthCodeDescription(url, taxonomyServicesServer, value);
rifServices\src\main\java\org\sahsu\rif\services\datastorage\common\RifZipFile.java:
        JSONObject taxonomyObject = getStudyJSON.getHealthCodeDescription(url, taxonomyServicesServer, value);
rifServices\src\main\java\org\sahsu\rif\services\system\RIFServiceStartupOptions.java:  private String taxonomyServicesServer;
rifServices\src\main\java\org\sahsu\rif\services\system\RIFServiceStartupOptions.java:                  taxonomyServicesServer = properties.getTaxonomyServicesServer();
rifServices\src\main\java\org\sahsu\rif\services\system\RIFServiceStartupOptions.java:          return taxonomyServicesServer;

rifServices\src\main\java\org\sahsu\rif\services\system\RIFServiceStartupProperties.java:               return getOptionalRIfServiceProperty("taxonomyServicesServer");

Similar code would need to be added where the RIF calls the statistics service in StatisticsProcessing.java `to support the ``statisticsServiceServer``` property

        String statsServiceUrl = url + "/statistics/service/script";

        rifLogger.info(getClass(), "About to call statistics service on " + statsServiceUrl);

and:

        // Make sure Jersey converts our native bean-style object to JSON.
        ClientConfig clientConfig = new DefaultClientConfig();
        clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, true);
        Client client = Client.create(clientConfig);
        WebResource resource = client.resource(statsServiceUrl);
        ClientResponse response = resource.accept(MediaType.APPLICATION_JSON)
                                          .type(MediaType.APPLICATION_JSON)
                                          .post(ClientResponse.class, parameters);

        rifLogger.info(getClass(), "Statistics service called: " + response.toString());

and also RunStudyThread.java where the base URL is set

        try {
            statisticsProcessing.performStep(connection, studySubmission, studyID, url);
            String statusMessage
                = RIFServiceMessages.getMessage(
                    "studyState.studyResultsComputed.description");
            updateStudyStatusState(statusMessage);
        }