Search in sources :

Example 1 with GridSslBasicContextFactory

use of org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory in project ignite by apache.

the class GridClientConfiguration method load.

/**
 * Load client configuration from the properties map.
 *
 * @param prefix Prefix for the client properties.
 * @param in Properties map to load configuration from.
 * @throws GridClientException If parsing configuration failed.
 */
public void load(String prefix, Properties in) throws GridClientException {
    while (prefix.endsWith(".")) prefix = prefix.substring(0, prefix.length() - 1);
    if (!prefix.isEmpty())
        prefix += ".";
    String balancer = in.getProperty(prefix + "balancer");
    String connectTimeout = in.getProperty(prefix + "connectTimeout");
    String cred = in.getProperty(prefix + "credentials");
    String autoFetchMetrics = in.getProperty(prefix + "autoFetchMetrics");
    String autoFetchAttrs = in.getProperty(prefix + "autoFetchAttributes");
    String maxConnIdleTime = in.getProperty(prefix + "idleTimeout");
    String proto = in.getProperty(prefix + "protocol");
    String srvrs = in.getProperty(prefix + "servers");
    String tcpNoDelay = in.getProperty(prefix + "tcp.noDelay");
    String topRefreshFreq = in.getProperty(prefix + "topology.refresh");
    String sslEnabled = in.getProperty(prefix + "ssl.enabled");
    String sslProto = in.getProperty(prefix + "ssl.protocol");
    String sslKeyAlg = in.getProperty(prefix + "ssl.key.algorithm");
    String keyStorePath = in.getProperty(prefix + "ssl.keystore.location");
    String keyStorePwd = in.getProperty(prefix + "ssl.keystore.password");
    String keyStoreType = in.getProperty(prefix + "ssl.keystore.type");
    String trustStorePath = in.getProperty(prefix + "ssl.truststore.location");
    String trustStorePwd = in.getProperty(prefix + "ssl.truststore.password");
    String trustStoreType = in.getProperty(prefix + "ssl.truststore.type");
    String dataCfgs = in.getProperty(prefix + "data.configurations");
    setBalancer(resolveBalancer(balancer));
    if (!F.isEmpty(connectTimeout))
        setConnectTimeout(Integer.parseInt(connectTimeout));
    if (!F.isEmpty(cred)) {
        int idx = cred.indexOf(':');
        if (idx >= 0 && idx < cred.length() - 1) {
            setSecurityCredentialsProvider(new SecurityCredentialsBasicProvider(new SecurityCredentials(cred.substring(0, idx), cred.substring(idx + 1))));
        } else {
            setSecurityCredentialsProvider(new SecurityCredentialsBasicProvider(new SecurityCredentials(null, null, cred)));
        }
    }
    if (!F.isEmpty(autoFetchMetrics))
        setAutoFetchMetrics(Boolean.parseBoolean(autoFetchMetrics));
    if (!F.isEmpty(autoFetchAttrs))
        setAutoFetchAttributes(Boolean.parseBoolean(autoFetchAttrs));
    if (!F.isEmpty(maxConnIdleTime))
        setMaxConnectionIdleTime(Integer.parseInt(maxConnIdleTime));
    if (!F.isEmpty(proto))
        setProtocol(GridClientProtocol.valueOf(proto));
    if (!F.isEmpty(srvrs))
        setServers(Arrays.asList(srvrs.replaceAll("\\s+", "").split(",")));
    if (!F.isEmpty(tcpNoDelay))
        setTcpNoDelay(Boolean.parseBoolean(tcpNoDelay));
    if (!F.isEmpty(topRefreshFreq))
        setTopologyRefreshFrequency(Long.parseLong(topRefreshFreq));
    if (!F.isEmpty(sslEnabled) && Boolean.parseBoolean(sslEnabled)) {
        GridSslBasicContextFactory factory = new GridSslBasicContextFactory();
        factory.setProtocol(F.isEmpty(sslProto) ? DFLT_SSL_PROTOCOL : sslProto);
        factory.setKeyAlgorithm(F.isEmpty(sslKeyAlg) ? DFLT_KEY_ALGORITHM : sslKeyAlg);
        if (F.isEmpty(keyStorePath))
            throw new IllegalArgumentException("SSL key store location is not specified.");
        factory.setKeyStoreFilePath(keyStorePath);
        if (keyStorePwd != null)
            factory.setKeyStorePassword(keyStorePwd.toCharArray());
        factory.setKeyStoreType(F.isEmpty(keyStoreType) ? DFLT_STORE_TYPE : keyStoreType);
        if (F.isEmpty(trustStorePath))
            factory.setTrustManagers(GridSslBasicContextFactory.getDisabledTrustManager());
        else {
            factory.setTrustStoreFilePath(trustStorePath);
            if (trustStorePwd != null)
                factory.setTrustStorePassword(trustStorePwd.toCharArray());
            factory.setTrustStoreType(F.isEmpty(trustStoreType) ? DFLT_STORE_TYPE : trustStoreType);
        }
        setSslContextFactory(factory);
    }
    if (!F.isEmpty(dataCfgs)) {
        String[] names = dataCfgs.replaceAll("\\s+", "").split(",");
        Collection<GridClientDataConfiguration> list = new ArrayList<>();
        for (String cfgName : names) {
            if (F.isEmpty(cfgName))
                continue;
            String name = in.getProperty(prefix + "data." + cfgName + ".name");
            String bal = in.getProperty(prefix + "data." + cfgName + ".balancer");
            String aff = in.getProperty(prefix + "data." + cfgName + ".affinity");
            GridClientDataConfiguration dataCfg = new GridClientDataConfiguration();
            dataCfg.setName(F.isEmpty(name) ? null : name);
            dataCfg.setBalancer(resolveBalancer(bal));
            dataCfg.setAffinity(resolveAffinity(aff));
            list.add(dataCfg);
        }
        setDataConfigurations(list);
    }
}
Also used : SecurityCredentials(org.apache.ignite.plugin.security.SecurityCredentials) GridSslBasicContextFactory(org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory) ArrayList(java.util.ArrayList) SecurityCredentialsBasicProvider(org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider)

Example 2 with GridSslBasicContextFactory

use of org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory in project ignite by apache.

the class ClientSslParametersTest method createOldSslFactory.

/**
 * @return SSL Factory.
 */
@NotNull
private GridSslBasicContextFactory createOldSslFactory() {
    GridSslBasicContextFactory factory = (GridSslBasicContextFactory) GridTestUtils.sslContextFactory();
    factory.setCipherSuites(cipherSuites);
    factory.setProtocols(protocols);
    return factory;
}
Also used : GridSslBasicContextFactory(org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory) NotNull(org.jetbrains.annotations.NotNull)

Example 3 with GridSslBasicContextFactory

use of org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory in project ignite by apache.

the class GridTestUtils method sslContextFactory.

/**
 * Creates test-purposed SSL context factory from test key store with disabled trust manager.
 *
 * @return SSL context factory used in test.
 */
public static GridSslContextFactory sslContextFactory() {
    GridSslBasicContextFactory factory = new GridSslBasicContextFactory();
    factory.setKeyStoreFilePath(U.resolveIgnitePath(GridTestProperties.getProperty("ssl.keystore.path")).getAbsolutePath());
    factory.setKeyStorePassword(keyStorePassword().toCharArray());
    factory.setTrustManagers(GridSslBasicContextFactory.getDisabledTrustManager());
    return factory;
}
Also used : GridSslBasicContextFactory(org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory)

Example 4 with GridSslBasicContextFactory

use of org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory in project ignite by apache.

the class ClientTcpSslAuthenticationSelfTest method createClient.

/**
 * Creates client that will try to connect to only first node in grid.
 *
 * @return Client.
 * @throws Exception If failed to create client.
 */
private GridClientImpl createClient() throws Exception {
    GridClientConfiguration cfg = new GridClientConfiguration();
    cfg.setServers(Arrays.asList(U.getLocalHost().getHostAddress() + ":" + REST_TCP_PORT));
    cfg.setBalancer(new GridClientRoundRobinBalancer());
    GridSslBasicContextFactory factory = (GridSslBasicContextFactory) GridTestUtils.sslContextFactory();
    factory.setTrustManagers(clientTrustMgr);
    cfg.setSslContextFactory(factory);
    return (GridClientImpl) GridClientFactory.start(cfg);
}
Also used : GridClientImpl(org.apache.ignite.internal.client.impl.GridClientImpl) GridClientRoundRobinBalancer(org.apache.ignite.internal.client.balancer.GridClientRoundRobinBalancer) GridSslBasicContextFactory(org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory)

Example 5 with GridSslBasicContextFactory

use of org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory in project ignite by apache.

the class ClientTcpSslAuthenticationSelfTest method getConfiguration.

/**
 * {@inheritDoc}
 */
@Override
protected IgniteConfiguration getConfiguration(String igniteInstanceName) throws Exception {
    IgniteConfiguration c = super.getConfiguration(igniteInstanceName);
    c.setLocalHost(getTestResources().getLocalHost());
    assert c.getConnectorConfiguration() == null;
    ConnectorConfiguration clientCfg = new ConnectorConfiguration();
    clientCfg.setPort(REST_TCP_PORT);
    clientCfg.setSslEnabled(true);
    clientCfg.setSslClientAuth(checkClient);
    clientCfg.setSslClientAuth(checkClient);
    GridSslBasicContextFactory factory = (GridSslBasicContextFactory) GridTestUtils.sslContextFactory();
    factory.setTrustManagers(srvTrustMgr);
    clientCfg.setSslContextFactory(factory);
    c.setConnectorConfiguration(clientCfg);
    return c;
}
Also used : GridSslBasicContextFactory(org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory) IgniteConfiguration(org.apache.ignite.configuration.IgniteConfiguration) ConnectorConfiguration(org.apache.ignite.configuration.ConnectorConfiguration)

Aggregations

GridSslBasicContextFactory (org.apache.ignite.internal.client.ssl.GridSslBasicContextFactory)6 NotNull (org.jetbrains.annotations.NotNull)2 ArrayList (java.util.ArrayList)1 ConnectorConfiguration (org.apache.ignite.configuration.ConnectorConfiguration)1 IgniteConfiguration (org.apache.ignite.configuration.IgniteConfiguration)1 GridClientRoundRobinBalancer (org.apache.ignite.internal.client.balancer.GridClientRoundRobinBalancer)1 GridClientImpl (org.apache.ignite.internal.client.impl.GridClientImpl)1 SecurityCredentials (org.apache.ignite.plugin.security.SecurityCredentials)1 SecurityCredentialsBasicProvider (org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider)1