NAME, the name of the mariadb image, default value is validation
TAG_PRE, the first part of the image version, default value is ui
TAG_VER, the last part of the image version, default value is latest
-JENKINS_URL, the URL of the Jenkins instance (http or https must be defined), this variable is required
-JENKINS_USERNAME, the Jenkins user name, this variable is required
-JENKINS_USER_PASSWORD, the Jenkins user password, this variable is required
-JENKINS_JOB_NAME, the name of Jenkins job capable of executing the blueprint validation tests, this variable is required
+JENKINS_URL, the URL of the Jenkins instance (http or https must be defined), the default value is 'https://jenkins.akraino.org/'
+JENKINS_USERNAME, the Jenkins user name, the default value is 'demo' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins user)
+JENKINS_USER_PASSWORD, the Jenkins user password, the default value is 'demo' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins user password)
+JENKINS_JOB_NAME, the name of Jenkins job capable of executing the blueprint validation tests, the default value is 'validation' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins job name)
NEXUS_PROXY, the needed proxy in order for the Nexus server to be reachable, default value is none
JENKINS_PROXY, the needed proxy in order for the Jenkins server to be reachable, default value is none
+CERTDIR, the directory where the SSL certificates can be found, default value is the working directory where self signed certificates exist only for demo purposes
Note that, for a functional UI, the following prerequisites are needed:
- The mariadb container in up and running state
-- A Jenkins instance capable of running the blueprint validation test
+- A Jenkins instance capable of running the blueprint validation test (this is optional and is needed only for UI full control loop mode)
- A Nexus repo in which all the test results are stored.
More info can be found at the UI README file.
.. code-block:: console
cd validation/docker/ui
- ./deploy.sh DB_IP_PORT=172.17.0.3:3306 MARIADB_AKRAINO_PASSWORD=akraino_password JENKINS_URL=http://192.168.2.2:8080 JENKINS_USERNAME=name JENKINS_USER_PASSWORD=jenkins_pwd JENKINS_JOB_NAME=job1
+ ./deploy.sh DB_IP_PORT=172.17.0.3:3306 MARIADB_AKRAINO_PASSWORD=akraino_password
The kube-conformance container
==============================
# Use this script if the persistent storage does not exist
+set -ex
+
DOCKER_VOLUME_NAME="akraino-validation-mariadb"
# Container name
CONTAINER_NAME="akraino-validation-mariadb"
# Use this script if the persistent storage already exists and you want to use its data
+set -ex
+
DOCKER_VOLUME_NAME="akraino-validation-mariadb"
# Container name
CONTAINER_NAME="akraino-validation-mariadb"
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICDDCCAXUCFDAcQKQ5fjn4ychr842t+36KyYOjMA0GCSqGSIb3DQEBCwUAMEUx
+CzAJBgNVBAYTAkdSMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTkwOTIzMTQ0NjQ3WhcNMjAwOTIyMTQ0
+NjQ3WjBFMQswCQYDVQQGEwJHUjETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
+CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQC2fdHMv0uDqQf9DpiHcjNVd6ulo8I8rlg2MvHQyKefridEqE/g5gSA
+Pup7lTkC/JupxJsu0SPKEsioz4JcIJSg6WeVBHD6AgqJlKnnG+Y0uBijRDFZteQr
+xgEtWt5Q0qZyqn4KlBlXpnb5YhPhbfE9QnqkPa3J1Rho7a6TG9TLrwIDAQABMA0G
+CSqGSIb3DQEBCwUAA4GBAJnM7Rk40ohvL8+O/PObnEvlWUigH4fPei1mYEn6sEDs
+ZNRFDQ1PoaIvs3XZc4VfaOksHspj5NP5ESWG61HQ573PvbpRs/CXCdnUSbHvCw8N
+ZtkZRPwWP2M2H5UdrvErpsrTCESu8dpIURtj2pt7YNN1Yx2GZ5yD4gORYTMBDPv3
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWAIBAAKBgQC2fdHMv0uDqQf9DpiHcjNVd6ulo8I8rlg2MvHQyKefridEqE/g
+5gSAPup7lTkC/JupxJsu0SPKEsioz4JcIJSg6WeVBHD6AgqJlKnnG+Y0uBijRDFZ
+teQrxgEtWt5Q0qZyqn4KlBlXpnb5YhPhbfE9QnqkPa3J1Rho7a6TG9TLrwIDAQAB
+An8xL7hcdzLjSavdiRGTcDRl1NtuybSQpm0gLpr+qxaC822iE7tz4otUBaEtrgqv
+w2YxW8x30ebTkDyFQ2jfa+ijAXcBVU8yEbW/2XdL+yw8uRLLKTx3m+qZwG5G9aS5
+lvmKybpX+QV81AO83A2XJywcWS/CIu0bQ53KoG8ybe1hAkEA6ArFjuirZVHC1zoP
+yziNyENxZnmdCqFZfQkz4f+jnyl2S8vCPe02LC5FlvT5WX/eyLbuqroVP71GSfSm
+iSaXEQJBAMlVWXvJIK+fenYlGHBTzGzTR0HH9OUzM/rwcnV0QL3gq6B6JFiHLSqB
+9wr4Iq1wY/bOcZfVH3iz+O0XVPZktr8CQHSCBBPvSy/CT7xVUNzO9pGZG3VCltFh
+llcrqbtN6k/eN6FzG4KQemTQjuxu8Ew54hiRkWBzsnugg4xapMu0bqECQCPfVjNN
+EcrY8nvsfh89fxYAyxh4ZTUVW3ShtPMihIqQZmQQfzta0nxZbcgBkEQw207VV74C
+1jmub3LnDldceIcCP2dP2MmTUl1VCPXaZeWmw6yKIPCKpVnvL+bnIctHfhYR8vOp
+b4PBcWLRPmSZgj9FY/H7Nu3EKWq67ROvamf+WA==
+-----END RSA PRIVATE KEY-----
# See the License for the specific language governing permissions and
# limitations under the License.
+set -ex
+
# Container name
CONTAINER_NAME="akraino-validation-ui"
# Image data
TAG_VER=latest
# Container input parameters
MARIADB_AKRAINO_PASSWORD=""
-JENKINS_URL=""
-JENKINS_USERNAME=""
-JENKINS_USER_PASSWORD=""
-JENKINS_JOB_NAME=""
+JENKINS_URL="https://jenkins.akraino.org/"
+JENKINS_USERNAME="demo"
+JENKINS_USER_PASSWORD="demo"
+JENKINS_JOB_NAME="validation"
DB_IP_PORT=""
NEXUS_PROXY=""
JENKINS_PROXY=""
+CERTDIR=$(pwd)
for ARGUMENT in "$@"
do
CONTAINER_NAME) CONTAINER_NAME=${VALUE} ;;
NEXUS_PROXY) NEXUS_PROXY=${VALUE} ;;
JENKINS_PROXY) JENKINS_PROXY=${VALUE} ;;
+ CERTDIR) CERTDIR=${VALUE} ;;
*)
esac
done
exit 1
fi
-if [ -z "$JENKINS_URL" ]
- then
- echo "ERROR: You must specify the Jenkins Url"
- exit 1
-fi
-
-if [ -z "$JENKINS_USERNAME" ]
- then
- echo "ERROR: You must specify the Jenkins username"
- exit 1
-fi
-
-if [ -z "$JENKINS_USER_PASSWORD" ]
- then
- echo "ERROR: You must specify the Jenkins user password"
- exit 1
-fi
-
-if [ -z "$JENKINS_JOB_NAME" ]
- then
- echo "ERROR: You must specify the Jenkins job name"
- exit 1
-fi
-
IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER"
-docker run --detach --name $CONTAINER_NAME --network="host" -e DB_IP_PORT="$DB_IP_PORT" -e MARIADB_AKRAINO_PASSWORD="$MARIADB_AKRAINO_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" $IMAGE
+docker run --detach --name $CONTAINER_NAME --network="host" -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MARIADB_AKRAINO_PASSWORD="$MARIADB_AKRAINO_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" $IMAGE
sleep 10
--- /dev/null
+<%--
+Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+--%>
+
+<% response.sendRedirect("/bluvalui"); %>
+
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License. You may obtain a copy
+ of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
+ by applicable law or agreed to in writing, software distributed under the
+ License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+ OF ANY KIND, either express or implied. See the License for the specific
+ language governing permissions and limitations under the License. -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <Listener
+ className="org.apache.catalina.startup.VersionLoggerListener" />
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" /> -->
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener
+ className="org.apache.catalina.core.AprLifecycleListener"
+ SSLEngine="on" />
+ <!-- Prevent memory leaks due to use of particular java/javax APIs -->
+ <Listener
+ className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener
+ className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener
+ className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources Documentation at /docs/jndi-resources-howto.html -->
+ <GlobalNamingResources>
+ <!-- Editable user database that can also be used by UserDatabaseRealm
+ to authenticate users -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container", so you
+ may not define subcomponents such as "Valves" at this level. Documentation
+ at /docs/config/service.html -->
+ <Service name="Catalina">
+
+ <!--The connectors can use a shared executor, you can define one
+ or more named thread pools -->
+ <!-- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
+ maxThreads="150" minSpareThreads="4"/> -->
+
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html
+ Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html
+ Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 -->
+ <Connector port="8080" protocol="HTTP/1.1"
+ connectionTimeout="20000" redirectPort="8443" />
+ <!-- A "Connector" using the shared thread pool -->
+ <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1"
+ connectionTimeout="20000" redirectPort="8443" /> -->
+ <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 This connector
+ uses the NIO implementation. The default SSLImplementation will depend on
+ the presence of the APR/native library and the useOpenSSL attribute of the
+ AprLifecycleListener. Either JSSE or OpenSSL style configuration may be used
+ regardless of the SSLImplementation selected. JSSE style configuration is
+ used below. -->
+ <!--<Connector-->
+ <!--protocol="org.apache.coyote.http11.Http11NioProtocol"
+ port="8443" maxThreads="200" scheme="https" secure="true"
+ SSLEnabled="true" keystoreFile="/usr/local/tomcat/.keystore"
+ clientAuth="false" sslProtocol="TLS" />-->
+ <Connector
+ protocol="org.apache.coyote.http11.Http11NioProtocol"
+ port="8443" maxThreads="200"
+ scheme="https" secure="true" SSLEnabled="true"
+ SSLCertificateFile="/usr/local/tomcat/bluval.crt"
+ SSLCertificateKeyFile="/usr/local/tomcat/bluval.key"
+ SSLVerifyClient="none" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>
+ <!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
+ maxThreads="150" SSLEnabled="true"> <SSLHostConfig> <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
+ type="RSA" /> </SSLHostConfig> </Connector> -->
+ <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
+ This connector uses the APR/native implementation which always uses OpenSSL
+ for TLS. Either JSSE or OpenSSL style configuration may be used. OpenSSL
+ style configuration is used below. -->
+ <!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
+ maxThreads="150" SSLEnabled="true" > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"
+ /> <SSLHostConfig> <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
+ certificateFile="conf/localhost-rsa-cert.pem" certificateChainFile="conf/localhost-rsa-chain.pem"
+ type="RSA" /> </SSLHostConfig> </Connector> -->
+
+ <!-- Define an AJP 1.3 Connector on port 8009 -->
+ <Connector port="8009" protocol="AJP/1.3"
+ redirectPort="8443" />
+
+
+ <!-- An Engine represents the entry point (within Catalina) that
+ processes every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them on to
+ the appropriate Host (virtual host). Documentation at /docs/config/engine.html -->
+
+ <!-- You should set jvmRoute to support load-balancing via AJP ie
+ : <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> -->
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!--For clustering, please take a look at documentation at: /docs/cluster-howto.html
+ (simple how to) /docs/config/cluster.html (reference documentation) -->
+ <!-- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> -->
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm
+ className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global
+ JNDI resources under the key "UserDatabase". Any edits that are performed
+ against this UserDatabase are immediately available for use by the Realm. -->
+ <Realm
+ className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase" />
+ </Realm>
+
+ <Host name="localhost" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
+
+ <!-- SingleSignOn valve, share authentication between web
+ applications Documentation at: /docs/config/valve.html -->
+ <!-- <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ /> -->
+
+ <!-- Access log processes all example. Documentation at:
+ /docs/config/valve.html Note: The pattern used is equivalent to using pattern="common" -->
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log"
+ suffix=".txt"
+ pattern="%h %l %u %t "%r" %s %b" />
+
+ </Host>
+ </Engine>
+ </Service>
+</Server>
- The UI searches for results only under the 'bluval_results' directory in Nexus
### Removed
+
+## [0.3.2-SNAPSHOT] - 24 September 2019
+### Added
+- Redirection of all HTTP requests to the corresponding HTTPS resource.
+
+### Changed
+
+### Removed
+
Deploying
~~~~~~~~~
-The pom.xml file supports the building of an appropriate container image using the produced war file. Also, a script has been developed, namely validation/docker/ui/deploy.sh which easily deploys the container.
+The pom.xml file supports the building of an appropriate container image using the produced war file.
-This script accepts the following as input parameters:
+In order to build the image, the following commands should be executed:
+
+.. code-block:: console
+
+ cd validation/ui
+ mvn docker:build -Ddocker.filter=akraino/validation:dev-ui-latest
+
+Also, a script has been developed, namely validation/docker/ui/deploy.sh which easily deploys the container. This script accepts the following as input parameters:
CONTAINER_NAME, the name of the contaner, default value is akraino-validation-ui
DB_IP_PORT, the IP and port of the maridb instance, this variable is required
NAME, the name of the mariadb image, default value is validation
TAG_PRE, the first part of the image version, default value is ui
TAG_VER, the last part of the image version, default value is latest
-JENKINS_URL, the URL of the Jenkins instance (http or https must be defined), this variable is required
-JENKINS_USERNAME, the Jenkins user name, this variable is required
-JENKINS_USER_PASSWORD, the Jenkins user password, this variable is required
-JENKINS_JOB_NAME, the name of Jenkins job capable of executing the blueprint validation tests, this variable is required
+JENKINS_URL, the URL of the Jenkins instance (http or https must be defined), the default value is 'https://jenkins.akraino.org/'
+JENKINS_USERNAME, the Jenkins user name, the default value is 'demo' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins user)
+JENKINS_USER_PASSWORD, the Jenkins user password, the default value is 'demo' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins user password)
+JENKINS_JOB_NAME, the name of Jenkins job capable of executing the blueprint validation tests, the default value is 'validation' (in the context of UI full control loop mode, this parameter must be changed to include a real Jenkins job name)
NEXUS_PROXY, the needed proxy in order for the Nexus server to be reachable, default value is none
JENKINS_PROXY, the needed proxy in order for the Jenkins server to be reachable, default value is none
+CERTDIR, the directory where the SSL certificates can be found, default value is the working directory where self signed certificates exist only for demo purposes
-In order to build the image using only the required parameters, the following data is needed:
+So, for a functional UI, the following prerequisites are needed:
-- The mariadb akraino user password (look at the Database subsection)
-- The IP and port of the mariadb
-- The Jenkins url
-- The Jenkins username and password
-- The name of Jenkins Job
+- The mariadb container in up and running state
+- A Jenkins instance capable of running the blueprint validation test (this is optional and is needed only for UI full control loop mode)
+- A Nexus repo in which all the test results are stored.
-Then, the following commands can be executed in order to build and deploy the UI container:
+Then, the following commands can be executed in order to deploy the UI container:
.. code-block:: console
-
- cd validation/ui
- mvn docker:build -Ddocker.filter=akraino/validation:dev-ui-latest
cd ../docker/ui
- ./deploy.sh TAG_PRE=dev-ui DB_IP_PORT=<IP and port of the mariadb> MARIADB_AKRAINO_PASSWORD=<mariadb akraino password> JENKINS_URL=<http://jenkinsIP:port> JENKINS_USERNAME=<Jenkins user> JENKINS_USER_PASSWORD=<Jenkins password> JENKINS_JOB_NAME=<Jenkins job name>
+ ./deploy.sh TAG_PRE=dev-ui DB_IP_PORT=<IP and port of the mariadb> MARIADB_AKRAINO_PASSWORD=<mariadb akraino password>
The content of the DB_IP_PORT can be for example '172.17.0.3:3306'.
The UI should be available in the following url:
- http://localhost:8080/bluvalui/
+ https://localhost:8443/bluvalui/
+
+Note that the deployment uses the network host mode, so the ports 8080 and 8443 must be available on the host.
-Note that the deployment uses the network host mode, so the 8080 must be available on the host.
+As far as the SSL certificates are concerned, self-signed built-in certificates exist in the 'validation/docker/ui' directory which are used by default. It should be noted that these
+certificates should be used only for demo purposes. If a user wants to use different ones which are more appropriate for a production environment, the directory that contains these new
+certificates must be defined using the 'CERTDIR' parameter of the 'validation/docker/ui/deploy.sh' script. It should be noted that the certificates must have specific names, that are 'bluval.crt'
+and 'bluval.key' for the certificate and the key respectively.
User's guide
-----------------
<groupId>org.akraino.validation</groupId>
<artifactId>ui</artifactId>
- <version>0.3.1-SNAPSHOT</version>
+ <version>0.3.2-SNAPSHOT</version>
<name>Bluval UI Maven Webapp</name>
<packaging>war</packaging>
throw new IllegalArgumentException("Could not retrieve lab : " + lab.toString());
}
ValidationDbTestResult vNexusResult = nexusService.getResult(name, version, labInfo.getSilo(), timestamp);
- if (!dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
- return null;
+ if (vNexusResult != null && dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
+ vNexusResult.setLab(labInfo);
+ return vNexusResult;
}
- vNexusResult.setLab(labInfo);
- return vNexusResult;
+ return null;
}
public ValidationDbTestResult getLastResultBasedOnOutcomeFromNexus(@Nonnull String name, @Nonnull String version,
}
ValidationDbTestResult vNexusResult = nexusService.getLastResultBasedOnOutcome(name, version, labInfo.getSilo(),
allLayers, optional, outcome);
- if (!dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
- return null;
+ if (vNexusResult != null && dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
+ vNexusResult.setLab(labInfo);
+ return vNexusResult;
}
- vNexusResult.setLab(labInfo);
- return vNexusResult;
+ return null;
}
public ValidationDbTestResult getLastResultBasedOnOutcomeFromNexus(@Nonnull String name, @Nonnull String version,
}
ValidationDbTestResult vNexusResult = nexusService.getLastResultBasedOnOutcome(name, version, labInfo.getSilo(),
layers, optional, outcome);
- if (!dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
- return null;
+ if (vNexusResult != null && dbAdapter.checkValidityOfNexusResult(vNexusResult)) {
+ vNexusResult.setLab(labInfo);
+ return vNexusResult;
}
- vNexusResult.setLab(labInfo);
- return vNexusResult;
+ return null;
}
public List<ValidationDbTestResult> getBasedOnDateFromNexus(@Nonnull String name, @Nonnull String version,
<location>/WEB-INF/jsp/error.jsp</location>
</error-page>
+ <!-- Require HTTPS for everything except /img (favicon) and /css. -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HTTPSOnly</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HTTPSOrHTTP</web-resource-name>
+ <url-pattern>*.ico</url-pattern>
+ <url-pattern>/img/*</url-pattern>
+ <url-pattern>/css/*</url-pattern>
+ </web-resource-collection>
+ <user-data-constraint>
+ <transport-guarantee>NONE</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
</web-app>
\ No newline at end of file
Code Review / validation.git / commitdiff