diff --git a/docker/Dockerfile.soda b/docker/Dockerfile.soda
index 305e9df2464ed88351bcebf05513ab0bc27842fa..8c9f052c7e78d081b78f32b24863f8ed1074c78c 100644
--- a/docker/Dockerfile.soda
+++ b/docker/Dockerfile.soda
@@ -29,8 +29,9 @@ COPY vlkb-${VLKB_VERSION}.deb ./
COPY vlkb-soda-${VLKB_VERSION}.war ${WEBAPP_DIR}/
RUN dpkg -i vlkb-${VLKB_VERSION}.deb \
&& cd ${WEBAPP_DIR} && unzip vlkb-soda-${VLKB_VERSION}.war \
- && apt-get autoremove && apt-get clean
-
+ && apt-get autoremove && apt-get clean \
+ && rm -f $WEBAPP_DIR/WEB-INF/lib/jjwt-*0.11*.jar
+# remove jjwt used by IA2 (IA2 and IAM token filters used different ver of jjwt)
# configure build instance
@@ -58,6 +59,11 @@ WORKDIR ${CATALINA_HOME}
RUN chmod -R +rX .; chmod 1777 /var/log/tomcat9 /var/cache/tomcat9
WORKDIR ${CATALINA_BASE}
RUN chmod -R a+rwX conf
+
+# enable SKA IAM token filter update
+RUN chmod a+rw ${WEBAPP_DIR}/WEB-INF/web.xml \
+ && chmod a+rw ${WEBAPP_DIR}/WEB-INF/classes/iamtoken.properties
+
RUN chmod +rx /root && chmod +rx /root/start-soda.sh
USER 1000:1000
CMD ["sh", "-c", "/root/start-soda.sh"]
diff --git a/docker/Dockerfile.soda.temurin-jammy b/docker/Dockerfile.soda.temurin-jammy
index 709444e3e87029aa68b15c750cc75c3653800ef8..add2aa41a922fdb62242619f4229e7a1905d8bf6 100644
--- a/docker/Dockerfile.soda.temurin-jammy
+++ b/docker/Dockerfile.soda.temurin-jammy
@@ -25,9 +25,9 @@ ARG VLKB_VERSION
COPY vlkb-${VLKB_VERSION}.deb ./
COPY vlkb-soda-${VLKB_VERSION}.war ${WEBAPP_DIR}/
RUN dpkg -i vlkb-${VLKB_VERSION}.deb \
- && cd ${WEBAPP_DIR} && unzip vlkb-soda-${VLKB_VERSION}.war
-
-
+ && cd ${WEBAPP_DIR} && unzip vlkb-soda-${VLKB_VERSION}.war \
+ && rm -f $WEBAPP_DIR/WEB-INF/lib/jjwt-*0.11*.jar
+# remove jjwt used by IA2 (IA2 and IAM token filters used different ver of jjwt)
# configure instance
@@ -45,6 +45,10 @@ COPY deps/setenv.sh ${CATALINA_BASE}/bin/
WORKDIR ${CATALINA_BASE}
RUN chmod -R a+rwX conf
+# enable SKA IAM token filter update
+RUN chmod a+rw ${WEBAPP_DIR}/WEB-INF/web.xml \
+ && chmod a+rw ${WEBAPP_DIR}/WEB-INF/classes/iamtoken.properties
+
env ACCESS_CONTEXT_ROOT=datasets
# configure during start-up
COPY start-soda.sh.soda /root/start-soda.sh
diff --git a/docker/start-soda.sh.soda b/docker/start-soda.sh.soda
index 5f722c9d76869f6a18a1a181f952180ec71da333..2ee927a81fca6f3258f6b7253a48a00ca733ee0b 100755
--- a/docker/start-soda.sh.soda
+++ b/docker/start-soda.sh.soda
@@ -13,6 +13,22 @@ env
mkdir -p $CATALINA_BASE/conf/Catalina/localhost
cp $WEBAPP_DIR/META-INF/context.xml $CATALINA_BASE/conf/Catalina/localhost/$ACCESS_CONTEXT_ROOT.xml
+
+# env SECURITY (deprecated)
+
+case $SECURITY in
+ iamtoken)
+ echo "SECURITY is set: "$SECURITY
+ cd $WEBAPP_DIR/WEB-INF/ && rm -f web.xml && cp web-cutout-$SECURITY.xml web.xml && cd -
+ cp /etc/pki/tls/server-connector.xml $CATALINA_BASE/conf
+ cp /etc/pki/tls/iamtoken.properties $WEBAPP_DIR/WEB-INF/classes/
+ ;;
+ *)
+ echo "SECURITY not configured."
+ ;;
+esac
+
+
# configure TLS
if [ -f /etc/pki/tls/keystore.jks ] && [ -f /etc/pki/tls/keystore.pwd ];
@@ -22,24 +38,30 @@ fi
case $KEYSTORE_ALIAS in
*)
- echo $KEYSTORE_ALIAS
+ echo "KEYSTORE_ALIAS: "$KEYSTORE_ALIAS
sed -i "s/tomcat/$KEYSTORE_ALIAS/" $CATALINA_BASE/conf/server-connector.xml
;;
esac
-# env SECURITY (deprecated)
-case $SECURITY in
- iamtoken)
- cd $WEBAPP_DIR/WEB-INF/ && rm -f web.xml && cp web-cutout-$SECURITY.xml web.xml && cd -
- cp /etc/pki/tls/server-connector.xml $CATALINA_BASE/conf
- cp /etc/pki/tls/iamtoken.properties $WEBAPP_DIR/WEB-INF/classes/
- rm -f $WEBAPP_DIR/WEB-INF/lib/jjwt-*0.11*.jar
- ;;
- *)
- echo "SECURITY not configured."
- ;;
-esac
+# configure SKA IAM
+
+if [ -z "$SKAIAM_INTROSPECT" ] || [ -z "$SKAIAM_CLIENT" ] || [ -z "$SKAIAM_PASSWORD" ];
+then
+ echo "Some of SKAIAM_ is not set."
+ echo "url: "$SKAIAM_INTROSPECT
+ echo "cli: "$SKAIAM_CLIENT
+ echo "pwd: "$SKAIAM_PASSWORD
+else
+ echo "Config SKA IAM ..."
+ {
+ echo "introspect=$SKAIAM_INTROSPECT"
+ echo "client_name=$SKAIAM_CLIENT"
+ echo "client_password=$SKAIAM_PASSWORD"
+ } > $WEBAPP_DIR/WEB-INF/classes/iamtoken.properties
+ cp $WEBAPP_DIR/WEB-INF/web-cutout-iamtoken.xml $WEBAPP_DIR/WEB-INF/web.xml
+fi
+
date
} 1> /tmp/start-soda.log 2>&1