use of org.apache.geode.GemFireConfigException in project geode by apache.
the class GemFireCacheImpl method requestSharedConfiguration.
/**
* Request the shared configuration from the locator(s) which have the Cluster config service
* running
*/
private ConfigurationResponse requestSharedConfiguration() {
final DistributionConfig config = this.system.getConfig();
if (!(this.dm instanceof DistributionManager)) {
return null;
}
// do nothing if this vm is/has locator or this is a client
if (this.dm.getDMType() == DistributionManager.LOCATOR_DM_TYPE || this.isClient || Locator.getLocator() != null) {
return null;
}
// can't simply return null if server is not using shared configuration, since we need to find
// out
// if the locator is running in secure mode or not, if yes, then we need to throw an exception
// if server is not using cluster config
Map<InternalDistributedMember, Collection<String>> scl = getDistributionManager().getAllHostedLocatorsWithSharedConfiguration();
// then do not make requests to the locators
if (scl.isEmpty()) {
logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_NO_LOCATORS_FOUND_WITH_SHARED_CONFIGURATION));
return null;
}
List<String> locatorConnectionStrings = getSharedConfigLocatorConnectionStringList();
try {
ConfigurationResponse response = ClusterConfigurationLoader.requestConfigurationFromLocators(this.system.getConfig(), locatorConnectionStrings);
// log the configuration received from the locator
logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_RECEIVED_SHARED_CONFIGURATION_FROM_LOCATORS));
logger.info(response.describeConfig());
Configuration clusterConfig = response.getRequestedConfiguration().get(ClusterConfigurationService.CLUSTER_CONFIG);
Properties clusterSecProperties = clusterConfig == null ? new Properties() : clusterConfig.getGemfireProperties();
// If not using shared configuration, return null or throw an exception is locator is secured
if (!config.getUseSharedConfiguration()) {
if (clusterSecProperties.containsKey(ConfigurationProperties.SECURITY_MANAGER)) {
throw new GemFireConfigException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
} else {
logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_NOT_USING_SHARED_CONFIGURATION));
return null;
}
}
Properties serverSecProperties = config.getSecurityProps();
// check for possible mis-configuration
if (isMisConfigured(clusterSecProperties, serverSecProperties, ConfigurationProperties.SECURITY_MANAGER) || isMisConfigured(clusterSecProperties, serverSecProperties, ConfigurationProperties.SECURITY_POST_PROCESSOR)) {
throw new GemFireConfigException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
}
return response;
} catch (ClusterConfigurationNotAvailableException e) {
throw new GemFireConfigException(LocalizedStrings.GemFireCache_SHARED_CONFIGURATION_NOT_AVAILABLE.toLocalizedString(), e);
} catch (UnknownHostException e) {
throw new GemFireConfigException(e.getLocalizedMessage(), e);
}
}
use of org.apache.geode.GemFireConfigException in project geode by apache.
the class GMSMemberFactory method newMembershipManager.
public MembershipManager newMembershipManager(DistributedMembershipListener listener, DistributionConfig config, RemoteTransportConfig transport, DMStats stats) throws DistributionException {
Services services = new Services(listener, config, transport, stats);
try {
services.init();
services.start();
} catch (ConnectionException e) {
throw new DistributionException(LocalizedStrings.MemberFactory_UNABLE_TO_CREATE_MEMBERSHIP_MANAGER.toLocalizedString(), e);
} catch (GemFireConfigException | SystemConnectException | GemFireSecurityException e) {
throw e;
} catch (RuntimeException e) {
Services.getLogger().error("Unexpected problem starting up membership services", e);
throw new SystemConnectException("Problem starting up membership services", e);
}
return (MembershipManager) services.getManager();
}
use of org.apache.geode.GemFireConfigException in project geode by apache.
the class GMSUtil method parseLocators.
public static List<InetSocketAddress> parseLocators(String locatorsString, InetAddress bindAddress) {
List<InetSocketAddress> result = new ArrayList<>(2);
String host;
int port;
boolean checkLoopback = (bindAddress != null);
boolean isLoopback = (checkLoopback && bindAddress.isLoopbackAddress());
StringTokenizer parts = new StringTokenizer(locatorsString, ",");
while (parts.hasMoreTokens()) {
try {
String str = parts.nextToken();
host = str.substring(0, str.indexOf('['));
int idx = host.lastIndexOf('@');
if (idx < 0) {
idx = host.lastIndexOf(':');
}
String start = host.substring(0, idx > -1 ? idx : host.length());
if (start.indexOf(':') >= 0) {
// a single numeric ipv6 address
idx = host.lastIndexOf('@');
}
if (idx >= 0) {
host = host.substring(idx + 1, host.length());
}
int startIdx = str.indexOf('[') + 1;
int endIdx = str.indexOf(']');
port = Integer.parseInt(str.substring(startIdx, endIdx));
InetSocketAddress isa = new InetSocketAddress(host, port);
if (checkLoopback) {
if (isLoopback && !isa.getAddress().isLoopbackAddress()) {
throw new GemFireConfigException("This process is attempting to join with a loopback address (" + bindAddress + ") using a locator that does not have a local address (" + isa + "). On Unix this usually means that /etc/hosts is misconfigured.");
}
}
result.add(isa);
} catch (NumberFormatException e) {
// this shouldn't happen because the config has already been parsed and
// validated
}
}
return result;
}
use of org.apache.geode.GemFireConfigException in project geode by apache.
the class GMSHealthMonitor method createServerSocket.
ServerSocket createServerSocket(InetAddress socketAddress, int[] portRange) {
ServerSocket serverSocket;
try {
serverSocket = SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).createServerSocketUsingPortRange(socketAddress, 50, /* backlog */
true, /* isBindAddress */
false, /* useNIO */
65536, /* tcpBufferSize */
portRange, false);
socketPort = serverSocket.getLocalPort();
} catch (IOException | SystemConnectException e) {
throw new GemFireConfigException("Unable to allocate a failure detection port in the membership-port range", e);
}
return serverSocket;
}
use of org.apache.geode.GemFireConfigException in project geode by apache.
the class JettyHelper method initJetty.
public static Server initJetty(final String bindAddress, final int port, SSLConfig sslConfig) {
final Server jettyServer = new Server();
// Add a handler collection here, so that each new context adds itself
// to this collection.
jettyServer.setHandler(new HandlerCollection());
ServerConnector connector = null;
HttpConfiguration httpConfig = new HttpConfiguration();
httpConfig.setSecureScheme(HTTPS);
httpConfig.setSecurePort(port);
if (sslConfig.isEnabled()) {
SslContextFactory sslContextFactory = new SslContextFactory();
if (StringUtils.isNotBlank(sslConfig.getAlias())) {
sslContextFactory.setCertAlias(sslConfig.getAlias());
}
sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth());
if (StringUtils.isNotBlank(sslConfig.getCiphers()) && !"any".equalsIgnoreCase(sslConfig.getCiphers())) {
// If use has mentioned "any" let the SSL layer decide on the ciphers
sslContextFactory.setIncludeCipherSuites(SSLUtil.readArray(sslConfig.getCiphers()));
}
String protocol = SSLUtil.getSSLAlgo(SSLUtil.readArray(sslConfig.getProtocols()));
if (protocol != null) {
sslContextFactory.setProtocol(protocol);
} else {
logger.warn(ManagementStrings.SSL_PROTOCOAL_COULD_NOT_BE_DETERMINED);
}
if (StringUtils.isBlank(sslConfig.getKeystore())) {
throw new GemFireConfigException("Key store can't be empty if SSL is enabled for HttpService");
}
sslContextFactory.setKeyStorePath(sslConfig.getKeystore());
if (StringUtils.isNotBlank(sslConfig.getKeystoreType())) {
sslContextFactory.setKeyStoreType(sslConfig.getKeystoreType());
}
if (StringUtils.isNotBlank(sslConfig.getKeystorePassword())) {
sslContextFactory.setKeyStorePassword(sslConfig.getKeystorePassword());
}
if (StringUtils.isNotBlank(sslConfig.getTruststore())) {
sslContextFactory.setTrustStorePath(sslConfig.getTruststore());
}
if (StringUtils.isNotBlank(sslConfig.getTruststorePassword())) {
sslContextFactory.setTrustStorePassword(sslConfig.getTruststorePassword());
}
httpConfig.addCustomizer(new SecureRequestCustomizer());
// Somehow With HTTP_2.0 Jetty throwing NPE. Need to investigate further whether all GemFire
// web application(Pulse, REST) can do with HTTP_1.1
connector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfig));
connector.setPort(port);
} else {
connector = new ServerConnector(jettyServer, new HttpConnectionFactory(httpConfig));
connector.setPort(port);
}
jettyServer.setConnectors(new Connector[] { connector });
if (StringUtils.isNotBlank(bindAddress)) {
connector.setHost(bindAddress);
}
if (bindAddress != null && !bindAddress.isEmpty()) {
JettyHelper.bindAddress = bindAddress;
}
JettyHelper.port = port;
return jettyServer;
}
Aggregations