Search in sources :

Example 1 with VaultSecureStoreConfig

use of com.hazelcast.config.VaultSecureStoreConfig in project hazelcast by hazelcast.

the class MemberDomConfigProcessor method handleVault.

private SecureStoreConfig handleVault(Node vaultRoot) {
    String address = null;
    String secretPath = null;
    String token = null;
    SSLConfig sslConfig = null;
    int pollingInterval = VaultSecureStoreConfig.DEFAULT_POLLING_INTERVAL;
    for (Node n : childElements(vaultRoot)) {
        String name = cleanNodeName(n);
        if (matches("address", name)) {
            address = getTextContent(n);
        } else if (matches("secret-path", name)) {
            secretPath = getTextContent(n);
        } else if (matches("token", name)) {
            token = getTextContent(n);
        } else if (matches("ssl", name)) {
            sslConfig = parseSslConfig(n);
        } else if (matches("polling-interval", name)) {
            pollingInterval = parseInt(getTextContent(n));
        }
    }
    return new VaultSecureStoreConfig(address, secretPath, token).setSSLConfig(sslConfig).setPollingInterval(pollingInterval);
}
Also used : SSLConfig(com.hazelcast.config.SSLConfig) Node(org.w3c.dom.Node) VaultSecureStoreConfig(com.hazelcast.config.VaultSecureStoreConfig)

Example 2 with VaultSecureStoreConfig

use of com.hazelcast.config.VaultSecureStoreConfig in project hazelcast by hazelcast.

the class TestFullApplicationContext method testPersistence.

@Test
public void testPersistence() {
    File dir = new File("/mnt/persistence/");
    File backupDir = new File("/mnt/persistence-backup/");
    PersistenceConfig persistenceConfig = config.getPersistenceConfig();
    assertFalse(persistenceConfig.isEnabled());
    assertEquals(dir.getAbsolutePath(), persistenceConfig.getBaseDir().getAbsolutePath());
    assertEquals(backupDir.getAbsolutePath(), persistenceConfig.getBackupDir().getAbsolutePath());
    assertEquals(1111, persistenceConfig.getValidationTimeoutSeconds());
    assertEquals(2222, persistenceConfig.getDataLoadTimeoutSeconds());
    assertEquals(PARTIAL_RECOVERY_MOST_COMPLETE, persistenceConfig.getClusterDataRecoveryPolicy());
    assertFalse(persistenceConfig.isAutoRemoveStaleData());
    EncryptionAtRestConfig encryptionAtRestConfig = persistenceConfig.getEncryptionAtRestConfig();
    assertNotNull(encryptionAtRestConfig);
    assertTrue(encryptionAtRestConfig.isEnabled());
    assertEquals("AES/CBC/PKCS5Padding", encryptionAtRestConfig.getAlgorithm());
    assertEquals("sugar", encryptionAtRestConfig.getSalt());
    assertEquals(16, encryptionAtRestConfig.getKeySize());
    assertTrue(encryptionAtRestConfig.getSecureStoreConfig() instanceof VaultSecureStoreConfig);
    VaultSecureStoreConfig vaultConfig = (VaultSecureStoreConfig) encryptionAtRestConfig.getSecureStoreConfig();
    assertEquals("http://localhost:1234", vaultConfig.getAddress());
    assertEquals("secret/path", vaultConfig.getSecretPath());
    assertEquals("token", vaultConfig.getToken());
    SSLConfig sslConfig = vaultConfig.getSSLConfig();
    assertNotNull(sslConfig);
    assertTrue(sslConfig.isEnabled());
    assertEquals(sslContextFactory, sslConfig.getFactoryImplementation());
    assertEquals(60, vaultConfig.getPollingInterval());
    assertEquals(240, persistenceConfig.getRebalanceDelaySeconds());
}
Also used : SSLConfig(com.hazelcast.config.SSLConfig) EncryptionAtRestConfig(com.hazelcast.config.EncryptionAtRestConfig) PersistenceConfig(com.hazelcast.config.PersistenceConfig) VaultSecureStoreConfig(com.hazelcast.config.VaultSecureStoreConfig) File(java.io.File) Test(org.junit.Test) QuickTest(com.hazelcast.test.annotation.QuickTest)

Example 3 with VaultSecureStoreConfig

use of com.hazelcast.config.VaultSecureStoreConfig in project hazelcast by hazelcast.

the class TestPersistenceEncryptionVaultApplicationContext method testPersistence.

@Test
public void testPersistence() {
    File dir = new File("/mnt/persistence/");
    File hotBackupDir = new File("/mnt/persistence-backup/");
    PersistenceConfig persistenceConfig = config.getPersistenceConfig();
    assertFalse(persistenceConfig.isEnabled());
    assertEquals(dir.getAbsolutePath(), persistenceConfig.getBaseDir().getAbsolutePath());
    assertEquals(hotBackupDir.getAbsolutePath(), persistenceConfig.getBackupDir().getAbsolutePath());
    assertEquals(1111, persistenceConfig.getValidationTimeoutSeconds());
    assertEquals(2222, persistenceConfig.getDataLoadTimeoutSeconds());
    assertEquals(PARTIAL_RECOVERY_MOST_COMPLETE, persistenceConfig.getClusterDataRecoveryPolicy());
    assertFalse(persistenceConfig.isAutoRemoveStaleData());
    EncryptionAtRestConfig encryptionAtRestConfig = persistenceConfig.getEncryptionAtRestConfig();
    assertNotNull(encryptionAtRestConfig);
    assertTrue(encryptionAtRestConfig.isEnabled());
    assertEquals("AES/CBC/PKCS5Padding", encryptionAtRestConfig.getAlgorithm());
    assertEquals("sugar", encryptionAtRestConfig.getSalt());
    assertEquals(16, encryptionAtRestConfig.getKeySize());
    assertTrue(encryptionAtRestConfig.getSecureStoreConfig() instanceof VaultSecureStoreConfig);
    VaultSecureStoreConfig vaultConfig = (VaultSecureStoreConfig) encryptionAtRestConfig.getSecureStoreConfig();
    assertEquals("http://localhost:1234", vaultConfig.getAddress());
    assertEquals("secret/path", vaultConfig.getSecretPath());
    assertEquals("token", vaultConfig.getToken());
    SSLConfig sslConfig = vaultConfig.getSSLConfig();
    assertNotNull(sslConfig);
    assertTrue(sslConfig.isEnabled());
    assertEquals(sslContextFactory, sslConfig.getFactoryImplementation());
    assertEquals(60, vaultConfig.getPollingInterval());
}
Also used : SSLConfig(com.hazelcast.config.SSLConfig) EncryptionAtRestConfig(com.hazelcast.config.EncryptionAtRestConfig) PersistenceConfig(com.hazelcast.config.PersistenceConfig) VaultSecureStoreConfig(com.hazelcast.config.VaultSecureStoreConfig) File(java.io.File) QuickTest(com.hazelcast.test.annotation.QuickTest) Test(org.junit.Test)

Aggregations

SSLConfig (com.hazelcast.config.SSLConfig)3 VaultSecureStoreConfig (com.hazelcast.config.VaultSecureStoreConfig)3 EncryptionAtRestConfig (com.hazelcast.config.EncryptionAtRestConfig)2 PersistenceConfig (com.hazelcast.config.PersistenceConfig)2 QuickTest (com.hazelcast.test.annotation.QuickTest)2 File (java.io.File)2 Test (org.junit.Test)2 Node (org.w3c.dom.Node)1