Skip to content

Commit

Permalink
Add SciTags support
Browse files Browse the repository at this point in the history
  • Loading branch information
Luca Bassi committed Oct 16, 2024
1 parent 577ec80 commit 1b47d77
Show file tree
Hide file tree
Showing 30 changed files with 623 additions and 44 deletions.
14 changes: 14 additions & 0 deletions doc/tpc.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,3 +56,17 @@ STORM_WEBDAV_AUTHZ_SERVER_MAX_TOKEN_LIFETIME_SEC="43200"
STORM_WEBDAV_REQUIRE_CLIENT_CERT="false"
```
For other configuration options, see the /etc/sysconfig/storm-webdav file.

## SciTags

StoRM WebDAV supports the `SciTag` header.
To correctly mark the network packets and/or network flows, you need to install [flowd](https://github.com/scitags/flowd) and configure it to use the `np_api` plugin.

Example flowd configuration (`/etc/flowd/flowd.cfg`):

```
PLUGIN='np_api'
BACKEND='udp_firefly'
FLOW_MAP_API='https://www.scitags.org/api.json'
IP_DISCOVERY_ENABLED=True
```
49 changes: 49 additions & 0 deletions src/main/java/org/italiangrid/storm/webdav/scitag/SciTag.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
/**
* Copyright (c) Istituto Nazionale di Fisica Nucleare, 2014-2023.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.italiangrid.storm.webdav.scitag;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class SciTag {

public static final Logger LOG = LoggerFactory.getLogger(SciTag.class);
public static final String SCITAG_HEADER = "SciTag";
public static final String SCITAG_ATTRIBUTE = "scitag";

private final int experimentId;
private final int activityId;
private final boolean remoteAddressIsSource;

public SciTag(int experimentId, int activityId, boolean remoteAddressIsSource) {
this.experimentId = experimentId;
this.activityId = activityId;
this.remoteAddressIsSource = remoteAddressIsSource;
}

public int experimentId() {
return experimentId;
}

public int activityId() {
return activityId;
}

public boolean remoteAddressIsSource() {
return remoteAddressIsSource;
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
/**
* Copyright (c) Istituto Nazionale di Fisica Nucleare, 2014-2023.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.italiangrid.storm.webdav.scitag;

import java.io.File;
import java.io.IOException;
import java.io.RandomAccessFile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class SciTagTransfer {

public static final Logger LOG = LoggerFactory.getLogger(SciTagTransfer.class);
public static final String SCITAG_TRANSFER_ATTRIBUTE = "scitagTransfer";

private static final String FLOWD_PIPE_NAME = "/var/run/flowd";
private SciTag scitag;
private String sourceAddress;
private int sourcePort;
private String destinationAddress;
private int destinationPort;
private File flowdPipeFile;

public SciTagTransfer(SciTag scitag, String localAddress, int localPort, String remoteAddress,
int remotePort) {
this(scitag, localAddress, localPort, remoteAddress, remotePort, new File(FLOWD_PIPE_NAME));
}

public SciTagTransfer(SciTag scitag, String localAddress, int localPort, String remoteAddress,
int remotePort, File flowdPipeFile) {
this.scitag = scitag;
if (scitag.remoteAddressIsSource()) {
this.sourceAddress = remoteAddress;
this.sourcePort = remotePort;
this.destinationAddress = localAddress;
this.destinationPort = localPort;
} else {
this.sourceAddress = localAddress;
this.sourcePort = localPort;
this.destinationAddress = remoteAddress;
this.destinationPort = remotePort;
}
this.flowdPipeFile = flowdPipeFile;
}

private String flowdEntry() {
return " tcp " + sourceAddress + " " + sourcePort + " " + destinationAddress + " "
+ destinationPort + " " + scitag.experimentId() + " " + scitag.activityId() + "\n";
}

public void writeStart() {
try (RandomAccessFile flowdPipe = new RandomAccessFile(flowdPipeFile, "rw")) {
flowdPipe.writeBytes("start" + this.flowdEntry());
} catch (IOException e) {
LOG.warn(e.getMessage(), e);
}
}

public void writeEnd() {
try (RandomAccessFile flowdPipe = new RandomAccessFile(flowdPipeFile, "rw")) {
flowdPipe.writeBytes("end" + this.flowdEntry());
} catch (IOException e) {
LOG.warn(e.getMessage(), e);
}
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@
import org.italiangrid.storm.webdav.milton.StoRMResourceFactory;
import org.italiangrid.storm.webdav.milton.util.ReplaceContentStrategy;
import org.italiangrid.storm.webdav.server.PathResolver;
import org.italiangrid.storm.webdav.scitag.SciTag;
import org.italiangrid.storm.webdav.scitag.SciTagTransfer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
Expand Down Expand Up @@ -133,11 +135,23 @@ public void doMilton(HttpServletRequest request, HttpServletResponse response) {
Request miltonReq = new StoRMMiltonRequest(request, servletContext);

Response miltonRes = new io.milton.servlet.ServletResponse(response);
SciTag scitag = (SciTag) request.getAttribute(SciTag.SCITAG_ATTRIBUTE);
if (scitag != null) {
SciTagTransfer scitagTransfer = new SciTagTransfer(scitag, request.getLocalAddr(),
request.getLocalPort(), request.getRemoteAddr(), request.getRemotePort());
scitagTransfer.writeStart();
request.setAttribute(SciTagTransfer.SCITAG_TRANSFER_ATTRIBUTE, scitagTransfer);
}
miltonHTTPManager.process(miltonReq, miltonRes);

} finally {

MiltonServlet.clearThreadlocals();
SciTagTransfer scitagTransfer =
(SciTagTransfer) request.getAttribute(SciTagTransfer.SCITAG_TRANSFER_ATTRIBUTE);
if (scitagTransfer != null) {
scitagTransfer.writeEnd();
}

try {

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
/**
* Copyright (c) Istituto Nazionale di Fisica Nucleare, 2014-2023.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.italiangrid.storm.webdav.server.servlet;

import java.io.IOException;
import java.util.Optional;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.italiangrid.storm.webdav.scitag.SciTag;
import org.italiangrid.storm.webdav.tpc.TransferConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class SciTagFilter implements Filter {

public static final Logger logger = LoggerFactory.getLogger(SciTagFilter.class);

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
if (req.getHeader(SciTag.SCITAG_HEADER) != null) {
Optional<String> source = Optional.ofNullable(req.getHeader(TransferConstants.SOURCE_HEADER));
boolean remoteAddressIsSource =
req.getMethod().equals("PUT") || (req.getMethod().equals("COPY") && source.isPresent());
// state prot src_ip src_port dst_ip dst_port exp act
// If the active party receives an HTTP-TPC COPY request with a SciTag request header with
// a valid value then the server SHOULD mark the resulting network traffic with the
// experiment ID and activity ID encoded in the value.
int scitagValue = Integer.parseInt(req.getHeader(SciTag.SCITAG_HEADER));
// Valid value is a single positive integer > 64 and <65536 (16bit). Any other value is
// considered invalid.
if (scitagValue > 64 && scitagValue < 65536) {
request.setAttribute(SciTag.SCITAG_ATTRIBUTE,
new SciTag(scitagValue >> 6, scitagValue & ((1 << 6) - 1), remoteAddressIsSource));
} else {
// If the active party receives an HTTP-TPC COPY request with a SciTag request header
// with an invalid value then the server SHOULD mark the resulting network traffic with
// the 0 as the experiment ID and the activity ID.
request.setAttribute(SciTag.SCITAG_ATTRIBUTE, new SciTag(0, 0, remoteAddressIsSource));
}
}
chain.doFilter(request, response);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
public class StoRMServlet extends DefaultServlet {

/**
*
*
*/
private static final long serialVersionUID = 4204673943980786498L;

Expand Down Expand Up @@ -74,6 +74,12 @@ public Resource getResource(String pathInContext) {

}

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
resourceService.doGet(request, response);

Check notice

Code scanning / SonarCloud

Exceptions should not be thrown from servlet methods Low

Handle the following exceptions that could be thrown by "doGet": ServletException, IOException. See more on SonarCloud
}

@Override
protected void doHead(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,16 @@
import java.io.FileNotFoundException;
import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.eclipse.jetty.http.HttpContent;
import org.eclipse.jetty.server.ResourceService;
import org.eclipse.jetty.util.URIUtil;
import org.italiangrid.storm.webdav.scitag.SciTag;
import org.italiangrid.storm.webdav.scitag.SciTagTransfer;

public class StormResourceService extends ResourceService {

Expand All @@ -50,6 +53,23 @@ private String pathInContext(HttpServletRequest request) {
return URIUtil.addPaths(servletPath, pathInfo);
}

@Override
public boolean doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
SciTag scitag = (SciTag) request.getAttribute(SciTag.SCITAG_ATTRIBUTE);
SciTagTransfer scitagTransfer = null;
if (scitag != null) {
scitagTransfer = new SciTagTransfer(scitag, request.getLocalAddr(), request.getLocalPort(),
request.getRemoteAddr(), request.getRemotePort());
scitagTransfer.writeStart();
}
boolean result = super.doGet(request, response);
if (scitagTransfer != null) {
scitagTransfer.writeEnd();
}
return result;
}

public boolean doHead(HttpServletRequest request, HttpServletResponse response)
throws IOException {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,6 @@
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
Expand Down Expand Up @@ -92,6 +90,8 @@
import org.italiangrid.storm.webdav.server.util.CANLListener;
import org.italiangrid.storm.webdav.tpc.LocalURLService;
import org.italiangrid.storm.webdav.tpc.StaticHostListLocalURLService;
import org.italiangrid.storm.webdav.tpc.TpcPlainConnectionSocketFactory;
import org.italiangrid.storm.webdav.tpc.TpcSSLConnectionSocketFactory;
import org.italiangrid.storm.webdav.tpc.TransferConstants;
import org.italiangrid.storm.webdav.tpc.http.SuperLaxRedirectStrategy;
import org.italiangrid.voms.util.CertificateValidatorBuilder;
Expand Down Expand Up @@ -263,8 +263,8 @@ HttpClientConnectionManager tpcClientConnectionManager(ThirdPartyCopyProperties
ctx.init(null, new TrustManager[] {tm}, null);
}

ConnectionSocketFactory sf = PlainConnectionSocketFactory.getSocketFactory();
LayeredConnectionSocketFactory tlsSf = new SSLConnectionSocketFactory(ctx);
ConnectionSocketFactory sf = TpcPlainConnectionSocketFactory.getSocketFactory();
LayeredConnectionSocketFactory tlsSf = new TpcSSLConnectionSocketFactory(ctx);

Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>create()
.register(HTTP, sf)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import org.italiangrid.storm.webdav.server.servlet.MiltonFilter;
import org.italiangrid.storm.webdav.server.servlet.MoveRequestSanityChecksFilter;
import org.italiangrid.storm.webdav.server.servlet.SAIndexServlet;
import org.italiangrid.storm.webdav.server.servlet.SciTagFilter;
import org.italiangrid.storm.webdav.server.servlet.StoRMServlet;
import org.italiangrid.storm.webdav.server.servlet.resource.StormResourceService;
import org.italiangrid.storm.webdav.server.tracing.LogbackAccessAuthnInfoFilter;
Expand Down Expand Up @@ -69,11 +70,12 @@ public class ServletConfiguration {
public static final Logger LOG = LoggerFactory.getLogger(ServletConfiguration.class);

static final int REQUEST_ID_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1000;
static final int LOGBACK_ACCESS_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1002;
static final int LOG_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1003;
static final int REDIRECT_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1004;
static final int CHECKSUM_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1005;
static final int MACAROON_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1006;
static final int LOGBACK_ACCESS_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1001;
static final int LOG_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1002;
static final int REDIRECT_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1003;
static final int CHECKSUM_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1004;
static final int MACAROON_REQ_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1005;
static final int SCITAG_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1006;
static final int TPC_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1007;
static final int MOVE_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1008;
static final int DELETE_FILTER_ORDER = DEFAULT_FILTER_ORDER + 1009;
Expand Down Expand Up @@ -151,6 +153,15 @@ FilterRegistrationBean<MacaroonRequestFilter> macaroonRequestFilter(ObjectMapper
return filter;
}

@Bean
@ConditionalOnProperty(name = "storm.scitag.enabled", havingValue = "true")
FilterRegistrationBean<SciTagFilter> scitagFilter() {
LOG.info("SciTag filter enabled");
FilterRegistrationBean<SciTagFilter> filter = new FilterRegistrationBean<>(new SciTagFilter());
filter.setOrder(SCITAG_FILTER_ORDER);
return filter;
}

@Bean
FilterRegistrationBean<MiltonFilter> miltonFilter(FilesystemAccess fsAccess,
ExtendedAttributesHelper attrsHelper, PathResolver resolver, ReplaceContentStrategy rcs) {
Expand Down
Loading

0 comments on commit 1b47d77

Please sign in to comment.