Example 1 with SSLFactory
use of org.apache.hadoop.security.ssl.SSLFactory in project hadoop by apache.
the class TestSSLHttpServer method setup.
@BeforeClass
public static void setup() throws Exception {
conf = new Configuration();
conf.setInt(HttpServer2.HTTP_MAX_THREADS_KEY, 10);
File base = new File(BASEDIR);
FileUtil.fullyDelete(base);
base.mkdirs();
keystoresDir = new File(BASEDIR).getAbsolutePath();
sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);
KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false, true, excludeCiphers);
Configuration sslConf = KeyStoreTestUtil.getSslConfig();
clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
clientSslFactory.init();
server = new HttpServer2.Builder().setName("test").addEndpoint(new URI("https://localhost")).setConf(conf).keyPassword(sslConf.get("ssl.server.keystore.keypassword")).keyStore(sslConf.get("ssl.server.keystore.location"), sslConf.get("ssl.server.keystore.password"), sslConf.get("ssl.server.keystore.type", "jks")).trustStore(sslConf.get("ssl.server.truststore.location"), sslConf.get("ssl.server.truststore.password"), sslConf.get("ssl.server.truststore.type", "jks")).excludeCiphers(sslConf.get("ssl.server.exclude.cipher.list")).build();
server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
server.addServlet("longheader", "/longheader", LongHeaderServlet.class);
server.start();
baseUrl = new URL("https://" + NetUtils.getHostPortString(server.getConnectorAddress(0)));
LOG.info("HTTP server started: " + baseUrl);
}
Also used :
SSLFactory(org.apache.hadoop.security.ssl.SSLFactory)
Configuration(org.apache.hadoop.conf.Configuration)
File(java.io.File)
URI(java.net.URI)
URL(java.net.URL)
BeforeClass(org.junit.BeforeClass)
Example 2 with SSLFactory
use of org.apache.hadoop.security.ssl.SSLFactory in project hbase by apache.
the class TestSSLHttpServer method setup.
@BeforeClass
public static void setup() throws Exception {
conf = new Configuration();
conf.setInt(HttpServer.HTTP_MAX_THREADS, 10);
File base = new File(BASEDIR);
FileUtil.fullyDelete(base);
base.mkdirs();
keystoresDir = new File(BASEDIR).getAbsolutePath();
sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);
KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
Configuration sslConf = new Configuration(false);
sslConf.addResource("ssl-server.xml");
sslConf.addResource("ssl-client.xml");
clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
clientSslFactory.init();
server = new HttpServer.Builder().setName("test").addEndpoint(new URI("https://localhost")).setConf(conf).keyPassword(HBaseConfiguration.getPassword(sslConf, "ssl.server.keystore.keypassword", null)).keyStore(sslConf.get("ssl.server.keystore.location"), HBaseConfiguration.getPassword(sslConf, "ssl.server.keystore.password", null), sslConf.get("ssl.server.keystore.type", "jks")).trustStore(sslConf.get("ssl.server.truststore.location"), HBaseConfiguration.getPassword(sslConf, "ssl.server.truststore.password", null), sslConf.get("ssl.server.truststore.type", "jks")).build();
server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
server.start();
baseUrl = new URL("https://" + NetUtils.getHostPortString(server.getConnectorAddress(0)));
LOG.info("HTTP server started: " + baseUrl);
}
Also used :
SSLFactory(org.apache.hadoop.security.ssl.SSLFactory)
HBaseConfiguration(org.apache.hadoop.hbase.HBaseConfiguration)
Configuration(org.apache.hadoop.conf.Configuration)
File(java.io.File)
URI(java.net.URI)
URL(java.net.URL)
BeforeClass(org.junit.BeforeClass)
Example 3 with SSLFactory
use of org.apache.hadoop.security.ssl.SSLFactory in project hadoop by apache.
the class TestHttpCookieFlag method setUp.
@BeforeClass
public static void setUp() throws Exception {
Configuration conf = new Configuration();
conf.set(HttpServer2.FILTER_INITIALIZER_PROPERTY, DummyFilterInitializer.class.getName());
File base = new File(BASEDIR);
FileUtil.fullyDelete(base);
base.mkdirs();
keystoresDir = new File(BASEDIR).getAbsolutePath();
sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);
KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
Configuration sslConf = KeyStoreTestUtil.getSslConfig();
clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
clientSslFactory.init();
server = new HttpServer2.Builder().setName("test").addEndpoint(new URI("http://localhost")).addEndpoint(new URI("https://localhost")).setConf(conf).keyPassword(sslConf.get("ssl.server.keystore.keypassword")).keyStore(sslConf.get("ssl.server.keystore.location"), sslConf.get("ssl.server.keystore.password"), sslConf.get("ssl.server.keystore.type", "jks")).trustStore(sslConf.get("ssl.server.truststore.location"), sslConf.get("ssl.server.truststore.password"), sslConf.get("ssl.server.truststore.type", "jks")).excludeCiphers(sslConf.get("ssl.server.exclude.cipher.list")).build();
server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
server.start();
}
Also used :
SSLFactory(org.apache.hadoop.security.ssl.SSLFactory)
Configuration(org.apache.hadoop.conf.Configuration)
File(java.io.File)
URI(java.net.URI)
BeforeClass(org.junit.BeforeClass)
Example 4 with SSLFactory
use of org.apache.hadoop.security.ssl.SSLFactory in project hadoop by apache.
the class URLConnectionFactory method newSslConnConfigurator.
/**
* Create a new ConnectionConfigurator for SSL connections
*/
private static ConnectionConfigurator newSslConnConfigurator(final int defaultTimeout, Configuration conf) throws IOException, GeneralSecurityException {
final SSLFactory factory;
final SSLSocketFactory sf;
final HostnameVerifier hv;
final int connectTimeout;
final int readTimeout;
factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
factory.init();
sf = factory.createSSLSocketFactory();
hv = factory.getHostnameVerifier();
connectTimeout = (int) conf.getTimeDuration(HdfsClientConfigKeys.DFS_WEBHDFS_SOCKET_CONNECT_TIMEOUT_KEY, defaultTimeout, TimeUnit.MILLISECONDS);
readTimeout = (int) conf.getTimeDuration(HdfsClientConfigKeys.DFS_WEBHDFS_SOCKET_READ_TIMEOUT_KEY, defaultTimeout, TimeUnit.MILLISECONDS);
return new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
if (conn instanceof HttpsURLConnection) {
HttpsURLConnection c = (HttpsURLConnection) conn;
c.setSSLSocketFactory(sf);
c.setHostnameVerifier(hv);
}
URLConnectionFactory.setTimeouts(conn, connectTimeout, readTimeout);
return conn;
}
};
}
Also used :
ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator)
OAuth2ConnectionConfigurator(org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator)
SSLFactory(org.apache.hadoop.security.ssl.SSLFactory)
HttpURLConnection(java.net.HttpURLConnection)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
Example 5 with SSLFactory
use of org.apache.hadoop.security.ssl.SSLFactory in project hadoop by apache.
the class TopCLI method connect.
private URLConnection connect(URL url) throws Exception {
AuthenticatedURL.Token token = new AuthenticatedURL.Token();
AuthenticatedURL authUrl;
SSLFactory clientSslFactory;
URLConnection connection;
// If https is chosen, configures SSL client.
if (YarnConfiguration.useHttps(getConf())) {
clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, getConf());
clientSslFactory.init();
SSLSocketFactory sslSocktFact = clientSslFactory.createSSLSocketFactory();
authUrl = new AuthenticatedURL(new KerberosAuthenticator(), clientSslFactory);
connection = authUrl.openConnection(url, token);
HttpsURLConnection httpsConn = (HttpsURLConnection) connection;
httpsConn.setSSLSocketFactory(sslSocktFact);
} else {
authUrl = new AuthenticatedURL(new KerberosAuthenticator());
connection = authUrl.openConnection(url, token);
}
connection.connect();
return connection;
}
Also used :
SSLFactory(org.apache.hadoop.security.ssl.SSLFactory)
KerberosAuthenticator(org.apache.hadoop.security.authentication.client.KerberosAuthenticator)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
URLConnection(java.net.URLConnection)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
AuthenticatedURL(org.apache.hadoop.security.authentication.client.AuthenticatedURL)
Aggregations
SSLFactory (org.apache.hadoop.security.ssl.SSLFactory)7
File (java.io.File)3
URI (java.net.URI)3
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)3
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)3
Configuration (org.apache.hadoop.conf.Configuration)3
BeforeClass (org.junit.BeforeClass)3
HttpURLConnection (java.net.HttpURLConnection)2
URL (java.net.URL)2
HostnameVerifier (javax.net.ssl.HostnameVerifier)2
ConnectionConfigurator (org.apache.hadoop.security.authentication.client.ConnectionConfigurator)2
URLConnection (java.net.URLConnection)1
HBaseConfiguration (org.apache.hadoop.hbase.HBaseConfiguration)1
OAuth2ConnectionConfigurator (org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator)1
AuthenticatedURL (org.apache.hadoop.security.authentication.client.AuthenticatedURL)1
KerberosAuthenticator (org.apache.hadoop.security.authentication.client.KerberosAuthenticator)1
