Examples with SecurityConfig com.couchbase.client.core.env.SecurityConfig used on opensource projects

Search in sources :

Example 1 with SecurityConfig

use of com.couchbase.client.core.env.SecurityConfig in project spring-boot by spring-projects.

the class CouchbaseAutoConfigurationTests method enableSslNoEnabledFlag.

@Test
void enableSslNoEnabledFlag() {
    testClusterEnvironment((env) -> {
        SecurityConfig securityConfig = env.securityConfig();
        assertThat(securityConfig.tlsEnabled()).isTrue();
        assertThat(securityConfig.trustManagerFactory()).isNotNull();
    }, "spring.couchbase.env.ssl.keyStore=classpath:test.jks", "spring.couchbase.env.ssl.keyStorePassword=secret");
}
Also used : SecurityConfig(com.couchbase.client.core.env.SecurityConfig) Test(org.junit.jupiter.api.Test)

Example 2 with SecurityConfig

use of com.couchbase.client.core.env.SecurityConfig in project spring-boot by spring-projects.

the class CouchbaseAutoConfigurationTests method disableSslEvenWithKeyStore.

@Test
void disableSslEvenWithKeyStore() {
    testClusterEnvironment((env) -> {
        SecurityConfig securityConfig = env.securityConfig();
        assertThat(securityConfig.tlsEnabled()).isFalse();
        assertThat(securityConfig.trustManagerFactory()).isNull();
    }, "spring.couchbase.env.ssl.enabled=false", "spring.couchbase.env.ssl.keyStore=classpath:test.jks", "spring.couchbase.env.ssl.keyStorePassword=secret");
}
Also used : SecurityConfig(com.couchbase.client.core.env.SecurityConfig) Test(org.junit.jupiter.api.Test)

Example 3 with SecurityConfig

use of com.couchbase.client.core.env.SecurityConfig in project couchbase-jdbc-driver by couchbaselabs.

the class ConnectionManager method clusterForCoordinate.

private Cluster clusterForCoordinate(final ConnectionCoordinate coordinate) {
    synchronized (this) {
        if (environment == null) {
            // This logger config makes sure the SDK also uses java.util.Logging.
            LoggerConfig.Builder loggerConfig = LoggerConfig.builder().disableSlf4J(true).fallbackToConsole(false);
            SecurityConfig.Builder securityConfig = SecurityConfig.builder();
            if (Boolean.parseBoolean(CouchbaseDriverProperty.SSL.get(coordinate.properties()))) {
                securityConfig = securityConfig.enableTls(true);
                if ("no-verify".equals(CouchbaseDriverProperty.SSL_MODE.get(coordinate.properties()))) {
                    securityConfig = securityConfig.trustManagerFactory(InsecureTrustManagerFactory.INSTANCE);
                } else {
                    if ("verify-ca".equals(CouchbaseDriverProperty.SSL_MODE.get(coordinate.properties()))) {
                        securityConfig = securityConfig.enableHostnameVerification(false);
                    }
                    String certPath = CouchbaseDriverProperty.SSL_CERT_PATH.get(coordinate.properties());
                    if (!isNullOrEmpty(certPath)) {
                        securityConfig.trustCertificate(Paths.get(certPath));
                    }
                    String keyStorePath = CouchbaseDriverProperty.SSL_KEYSTORE_PATH.get(coordinate.properties());
                    if (!isNullOrEmpty(keyStorePath)) {
                        String keyStorePassword = CouchbaseDriverProperty.SSL_KEYSTORE_PASSWORD.get(coordinate.properties());
                        if (isNull(keyStorePassword)) {
                            throw new IllegalArgumentException("If a keystore is provided, the password also needs to be provided");
                        }
                        securityConfig.trustStore(Paths.get(keyStorePath), keyStorePassword, Optional.empty());
                    }
                }
            }
            environment = ClusterEnvironment.builder().load((PropertyLoader<CoreEnvironment.Builder>) builder -> new SystemPropertyPropertyLoader(coordinate.properties()).load(builder)).loggerConfig(loggerConfig).securityConfig(securityConfig).retryStrategy(new InterceptingRetryStrategy()).build();
        }
        long newHandleCount = openHandles.compute(coordinate, (k, v) -> {
            if (v == null) {
                return 1L;
            } else {
                return v + 1;
            }
        });
        LOGGER.fine("Incrementing Handle Count to " + newHandleCount + " for Coordinate " + coordinate);
        return clusterCache.computeIfAbsent(coordinate, s -> {
            Cluster c = Cluster.connect(coordinate.connectionString(), clusterOptions(coordinate.authenticator()).environment(environment));
            maybeWaitUntilReady(coordinate, c);
            return c;
        });
    }
}
Also used : SystemPropertyPropertyLoader(com.couchbase.client.core.env.SystemPropertyPropertyLoader) SecurityConfig(com.couchbase.client.core.env.SecurityConfig) CoreEnvironment(com.couchbase.client.core.env.CoreEnvironment) Cluster(com.couchbase.client.java.Cluster) SystemPropertyPropertyLoader(com.couchbase.client.core.env.SystemPropertyPropertyLoader) PropertyLoader(com.couchbase.client.core.env.PropertyLoader) LoggerConfig(com.couchbase.client.core.env.LoggerConfig)

Example 4 with SecurityConfig

use of com.couchbase.client.core.env.SecurityConfig in project couchbase-jvm-clients by couchbase.

the class BaseEndpoint method reconnect.

/**
 * This method performs the actual connecting logic.
 *
 * <p>It is called reconnect since it works both in the case where an initial attempt is made
 * but also when the underlying channel is closed or the previous connect attempt was
 * unsuccessful.</p>
 */
private void reconnect() {
    if (disconnect.get()) {
        return;
    }
    state.transition(EndpointState.CONNECTING);
    final EndpointContext endpointContext = this.endpointContext.get();
    final AtomicLong attemptStart = new AtomicLong();
    Mono.defer((Supplier<Mono<Channel>>) () -> {
        CoreEnvironment env = endpointContext.environment();
        long connectTimeoutMs = env.timeoutConfig().connectTimeout().toMillis();
        if (eventLoopGroup.isShutdown()) {
            throw new IllegalStateException("Event Loop is already shut down, not pursuing connect attempt!");
        }
        final Bootstrap channelBootstrap = new Bootstrap().remoteAddress(remoteAddress()).group(eventLoopGroup).channel(channelFrom(eventLoopGroup)).option(ChannelOption.CONNECT_TIMEOUT_MILLIS, (int) connectTimeoutMs).handler(new ChannelInitializer<Channel>() {

            @Override
            protected void initChannel(final Channel ch) {
                ChannelPipeline pipeline = ch.pipeline();
                SecurityConfig config = env.securityConfig();
                if (config.tlsEnabled()) {
                    try {
                        pipeline.addFirst(SslHandlerFactory.get(ch.alloc(), config, endpointContext));
                    } catch (Exception e) {
                        throw new SecurityException("Could not instantiate SSL Handler", e);
                    }
                }
                if (env.ioConfig().servicesToCapture().contains(serviceType)) {
                    pipeline.addLast(new TrafficCaptureHandler(endpointContext));
                }
                pipelineInitializer().init(BaseEndpoint.this, pipeline);
                pipeline.addLast(new PipelineErrorHandler(BaseEndpoint.this));
            }
        });
        if (env.ioConfig().tcpKeepAlivesEnabled() && !(eventLoopGroup instanceof DefaultEventLoopGroup)) {
            channelBootstrap.option(ChannelOption.SO_KEEPALIVE, true);
            if (eventLoopGroup instanceof EpollEventLoopGroup) {
                channelBootstrap.option(EpollChannelOption.TCP_KEEPIDLE, (int) TimeUnit.MILLISECONDS.toSeconds(env.ioConfig().tcpKeepAliveTime().toMillis()));
            }
        }
        state.transition(EndpointState.CONNECTING);
        attemptStart.set(System.nanoTime());
        return channelFutureIntoMono(channelBootstrap.connect());
    }).timeout(endpointContext.environment().timeoutConfig().connectTimeout()).onErrorResume(throwable -> {
        state.transition(EndpointState.DISCONNECTED);
        if (disconnect.get()) {
            endpointContext.environment().eventBus().publish(new EndpointConnectionAbortedEvent(Duration.ofNanos(System.nanoTime() - attemptStart.get()), endpointContext, ConnectTimings.toMap(channel)));
            return Mono.empty();
        } else {
            return Mono.error(throwable);
        }
    }).retryWhen(Retry.any().exponentialBackoff(Duration.ofMillis(32), Duration.ofMillis(4096)).retryMax(Long.MAX_VALUE).doOnRetry(retryContext -> {
        Throwable ex = retryContext.exception();
        // We drop the severity for the BucketNotFoundException because it shows up when
        // bootstrapping against MDS clusters and nodes with no kv service enabled on it
        // that is bucket aware. If a bucket really does not exist we'll get an auth
        // exception instead.
        Event.Severity severity = ex instanceof BucketNotFoundException ? Event.Severity.DEBUG : Event.Severity.WARN;
        Duration duration = ex instanceof TimeoutException ? endpointContext.environment().timeoutConfig().connectTimeout() : Duration.ofNanos(System.nanoTime() - attemptStart.get());
        ex = annotateConnectException(ex);
        endpointContext.environment().eventBus().publish(new EndpointConnectionFailedEvent(severity, duration, endpointContext, retryContext.iteration(), trimNettyFromStackTrace(ex)));
    }).toReactorRetry()).subscribe(channel -> {
        long now = System.nanoTime();
        if (disconnect.get()) {
            this.channel = null;
            endpointContext.environment().eventBus().publish(new EndpointConnectionIgnoredEvent(Duration.ofNanos(now - attemptStart.get()), endpointContext, ConnectTimings.toMap(channel)));
            closeChannel(channel);
        } else {
            this.channel = channel;
            Optional<HostAndPort> localSocket = Optional.empty();
            if (channel.localAddress() instanceof InetSocketAddress) {
                // it will always be an inet socket address, but to safeguard for testing mocks...
                InetSocketAddress so = (InetSocketAddress) channel.localAddress();
                localSocket = Optional.of(new HostAndPort(so.getHostString(), so.getPort()));
            }
            EndpointContext newContext = new EndpointContext(endpointContext, endpointContext.remoteSocket(), endpointContext.circuitBreaker(), endpointContext.serviceType(), localSocket, endpointContext.bucket(), Optional.ofNullable(channel.attr(ChannelAttributes.CHANNEL_ID_KEY).get()));
            this.endpointContext.get().environment().eventBus().publish(new EndpointConnectedEvent(Duration.ofNanos(now - attemptStart.get()), newContext, ConnectTimings.toMap(channel)));
            this.endpointContext.set(newContext);
            this.circuitBreaker.reset();
            lastConnectedAt = now;
            state.transition(EndpointState.CONNECTED);
        }
    }, error -> endpointContext.environment().eventBus().publish(new UnexpectedEndpointConnectionFailedEvent(Duration.ofNanos(System.nanoTime() - attemptStart.get()), endpointContext, error)));
}
Also used : ChannelFutureListener(com.couchbase.client.core.deps.io.netty.channel.ChannelFutureListener) Arrays(java.util.Arrays) SocketAddress(java.net.SocketAddress) EndpointDisconnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointDisconnectionFailedEvent) TimeoutException(java.util.concurrent.TimeoutException) Request(com.couchbase.client.core.msg.Request) EndpointConnectionAbortedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionAbortedEvent) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) ServiceType(com.couchbase.client.core.service.ServiceType) Duration(java.time.Duration) Map(java.util.Map) Context(com.couchbase.client.core.cnc.Context) AbstractContext(com.couchbase.client.core.cnc.AbstractContext) SecurityConfig(com.couchbase.client.core.env.SecurityConfig) EndpointConnectedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectedEvent) UnexpectedEndpointDisconnectedEvent(com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointDisconnectedEvent) EpollChannelOption(com.couchbase.client.core.deps.io.netty.channel.epoll.EpollChannelOption) Channel(com.couchbase.client.core.deps.io.netty.channel.Channel) BucketNotFoundException(com.couchbase.client.core.error.BucketNotFoundException) ChannelPipeline(com.couchbase.client.core.deps.io.netty.channel.ChannelPipeline) EpollSocketChannel(com.couchbase.client.core.deps.io.netty.channel.epoll.EpollSocketChannel) RetryOrchestrator(com.couchbase.client.core.retry.RetryOrchestrator) SslHandlerFactory(com.couchbase.client.core.io.netty.SslHandlerFactory) CoreEnvironment(com.couchbase.client.core.env.CoreEnvironment) InvalidArgumentException(com.couchbase.client.core.error.InvalidArgumentException) SignalType(reactor.core.publisher.SignalType) InetSocketAddress(java.net.InetSocketAddress) RetryReason(com.couchbase.client.core.retry.RetryReason) DefaultEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.DefaultEventLoopGroup) KQueueSocketChannel(com.couchbase.client.core.deps.io.netty.channel.kqueue.KQueueSocketChannel) ChannelAttributes(com.couchbase.client.core.io.netty.kv.ChannelAttributes) List(java.util.List) RedactableArgument.redactMeta(com.couchbase.client.core.logging.RedactableArgument.redactMeta) NioSocketChannel(com.couchbase.client.core.deps.io.netty.channel.socket.nio.NioSocketChannel) ChannelFuture(com.couchbase.client.core.deps.io.netty.channel.ChannelFuture) SecurityException(com.couchbase.client.core.error.SecurityException) Optional(java.util.Optional) EpollEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.epoll.EpollEventLoopGroup) EndpointWriteFailedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointWriteFailedEvent) Response(com.couchbase.client.core.msg.Response) HostAndPort(com.couchbase.client.core.util.HostAndPort) Retry(com.couchbase.client.core.retry.reactor.Retry) TrafficCaptureHandler(com.couchbase.client.core.io.netty.TrafficCaptureHandler) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) CompletableFuture(java.util.concurrent.CompletableFuture) EndpointConnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionFailedEvent) AtomicReference(java.util.concurrent.atomic.AtomicReference) Supplier(java.util.function.Supplier) KQueueEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.kqueue.KQueueEventLoopGroup) PipelineErrorHandler(com.couchbase.client.core.io.netty.PipelineErrorHandler) SingleStateful(com.couchbase.client.core.util.SingleStateful) ConnectTimings(com.couchbase.client.core.io.netty.kv.ConnectTimings) LocalChannel(com.couchbase.client.core.deps.io.netty.channel.local.LocalChannel) Stability(com.couchbase.client.core.annotation.Stability) EndpointDiagnostics(com.couchbase.client.core.diagnostics.EndpointDiagnostics) ConnectException(java.net.ConnectException) UnexpectedEndpointConnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointConnectionFailedEvent) NioEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.nio.NioEventLoopGroup) CancellationReason(com.couchbase.client.core.msg.CancellationReason) LinkedList(java.util.LinkedList) ServiceContext(com.couchbase.client.core.service.ServiceContext) ChannelInitializer(com.couchbase.client.core.deps.io.netty.channel.ChannelInitializer) ChannelOption(com.couchbase.client.core.deps.io.netty.channel.ChannelOption) EndpointConnectionIgnoredEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionIgnoredEvent) Mono(reactor.core.publisher.Mono) Event(com.couchbase.client.core.cnc.Event) EndpointStateChangedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointStateChangedEvent) EventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.EventLoopGroup) TimeUnit(java.util.concurrent.TimeUnit) Flux(reactor.core.publisher.Flux) AtomicLong(java.util.concurrent.atomic.AtomicLong) EndpointDisconnectedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointDisconnectedEvent) Bootstrap(com.couchbase.client.core.deps.io.netty.bootstrap.Bootstrap) CoreEnvironment(com.couchbase.client.core.env.CoreEnvironment) InetSocketAddress(java.net.InetSocketAddress) DefaultEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.DefaultEventLoopGroup) EndpointConnectionIgnoredEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionIgnoredEvent) HostAndPort(com.couchbase.client.core.util.HostAndPort) EndpointConnectionAbortedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionAbortedEvent) SecurityConfig(com.couchbase.client.core.env.SecurityConfig) Bootstrap(com.couchbase.client.core.deps.io.netty.bootstrap.Bootstrap) ChannelInitializer(com.couchbase.client.core.deps.io.netty.channel.ChannelInitializer) TrafficCaptureHandler(com.couchbase.client.core.io.netty.TrafficCaptureHandler) TimeoutException(java.util.concurrent.TimeoutException) EndpointConnectedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectedEvent) Mono(reactor.core.publisher.Mono) Channel(com.couchbase.client.core.deps.io.netty.channel.Channel) EpollSocketChannel(com.couchbase.client.core.deps.io.netty.channel.epoll.EpollSocketChannel) KQueueSocketChannel(com.couchbase.client.core.deps.io.netty.channel.kqueue.KQueueSocketChannel) NioSocketChannel(com.couchbase.client.core.deps.io.netty.channel.socket.nio.NioSocketChannel) LocalChannel(com.couchbase.client.core.deps.io.netty.channel.local.LocalChannel) SecurityException(com.couchbase.client.core.error.SecurityException) Duration(java.time.Duration) ChannelPipeline(com.couchbase.client.core.deps.io.netty.channel.ChannelPipeline) TimeoutException(java.util.concurrent.TimeoutException) BucketNotFoundException(com.couchbase.client.core.error.BucketNotFoundException) InvalidArgumentException(com.couchbase.client.core.error.InvalidArgumentException) SecurityException(com.couchbase.client.core.error.SecurityException) ConnectException(java.net.ConnectException) AtomicLong(java.util.concurrent.atomic.AtomicLong) PipelineErrorHandler(com.couchbase.client.core.io.netty.PipelineErrorHandler) UnexpectedEndpointConnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointConnectionFailedEvent) EpollEventLoopGroup(com.couchbase.client.core.deps.io.netty.channel.epoll.EpollEventLoopGroup) BucketNotFoundException(com.couchbase.client.core.error.BucketNotFoundException) EndpointConnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionFailedEvent) UnexpectedEndpointConnectionFailedEvent(com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointConnectionFailedEvent)

Aggregations

SecurityConfig (com.couchbase.client.core.env.SecurityConfig)4 CoreEnvironment (com.couchbase.client.core.env.CoreEnvironment)2 Test (org.junit.jupiter.api.Test)2 Stability (com.couchbase.client.core.annotation.Stability)1 AbstractContext (com.couchbase.client.core.cnc.AbstractContext)1 Context (com.couchbase.client.core.cnc.Context)1 Event (com.couchbase.client.core.cnc.Event)1 EndpointConnectedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointConnectedEvent)1 EndpointConnectionAbortedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionAbortedEvent)1 EndpointConnectionFailedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionFailedEvent)1 EndpointConnectionIgnoredEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointConnectionIgnoredEvent)1 EndpointDisconnectedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointDisconnectedEvent)1 EndpointDisconnectionFailedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointDisconnectionFailedEvent)1 EndpointStateChangedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointStateChangedEvent)1 EndpointWriteFailedEvent (com.couchbase.client.core.cnc.events.endpoint.EndpointWriteFailedEvent)1 UnexpectedEndpointConnectionFailedEvent (com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointConnectionFailedEvent)1 UnexpectedEndpointDisconnectedEvent (com.couchbase.client.core.cnc.events.endpoint.UnexpectedEndpointDisconnectedEvent)1 Bootstrap (com.couchbase.client.core.deps.io.netty.bootstrap.Bootstrap)1 Channel (com.couchbase.client.core.deps.io.netty.channel.Channel)1 ChannelFuture (com.couchbase.client.core.deps.io.netty.channel.ChannelFuture)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial