feat: disable SNI check when not in production mode

obiba · Oct 6, 2024 · ed0a1bd · ed0a1bd
1 parent 70333bb
commit ed0a1bd
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/opal-core-ws/src/main/java/org/obiba/opal/web/system/SystemResource.java b/opal-core-ws/src/main/java/org/obiba/opal/web/system/SystemResource.java
@@ -261,7 +261,7 @@ public Response enableAllowRPackageManagement() {
     if (!conf.isAllowRPackageManagement()) {
       conf.setAllowRPackageManagement(true);
       opalGeneralConfigService.save(conf);
-      }
+    }
     return Response.ok().build();
   }
 

diff --git a/opal-httpd/src/main/java/org/obiba/opal/server/httpd/OpalJettyServer.java b/opal-httpd/src/main/java/org/obiba/opal/server/httpd/OpalJettyServer.java
@@ -82,6 +82,8 @@ public class OpalJettyServer {
 
   private String contextPath = "/";
 
+  private boolean productionMode = true;
+
   public void start() throws Exception {
     init();
     log.info("Starting Opal HTTP/s Server on ports {}/{}", httpPort, httpsPort);
@@ -100,6 +102,7 @@ private void init() throws IOException, URISyntaxException {
     jettyServer.setStopAtShutdown(false);
 
     Properties properties = loadProperties();
+    productionMode = Boolean.valueOf(properties.getProperty("productionMode", "true"));
     httpPort = properties.getProperty("org.obiba.opal.http.port");
     httpsPort = properties.getProperty("org.obiba.opal.https.port");
     int maxIdleTime = Integer.valueOf(properties.getProperty("org.obiba.opal.maxIdleTime", MAX_IDLE_TIME));
@@ -172,6 +175,11 @@ private HttpConfiguration createHttpConfiguration(int maxIdleTime) {
     httpConfig.setSendServerVersion(false);
     httpConfig.setRequestHeaderSize(REQUEST_HEADER_SIZE);
     httpConfig.setIdleTimeout(maxIdleTime);
+    if (!productionMode) {
+      SecureRequestCustomizer customizer = new SecureRequestCustomizer();
+      customizer.setSniHostCheck(false);
+      httpConfig.addCustomizer(customizer);
+    }
     return httpConfig;
   }