You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2018/11/01 16:38:07 UTC

knox git commit: KNOX-1547 - Add Ability to set the Truststore Location and Password to KnoxShell

Repository: knox
Updated Branches:
  refs/heads/master 124b3368e -> 91d8cdcc3


KNOX-1547 - Add Ability to set the Truststore Location and Password to KnoxShell

Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/91d8cdcc
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/91d8cdcc
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/91d8cdcc

Branch: refs/heads/master
Commit: 91d8cdcc313280953448c77bbfce7c97179955c3
Parents: 124b336
Author: Larry McCay <lm...@apache.org>
Authored: Thu Nov 1 12:37:35 2018 -0400
Committer: Larry McCay <lm...@apache.org>
Committed: Thu Nov 1 12:37:59 2018 -0400

----------------------------------------------------------------------
 .../knox/gateway/shell/ClientContext.java       | 15 +++++
 .../apache/knox/gateway/shell/KnoxSession.java  | 58 ++++++++++++++------
 2 files changed, 56 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/91d8cdcc/gateway-shell/src/main/java/org/apache/knox/gateway/shell/ClientContext.java
----------------------------------------------------------------------
diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/ClientContext.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/ClientContext.java
index 30692ad..b9d52ca 100644
--- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/ClientContext.java
+++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/ClientContext.java
@@ -169,6 +169,21 @@ public class ClientContext {
       configuration.addProperty("buffer-size", size);
       return this;
     }
+
+    public ConnectionContext withTruststore(final String truststoreLocation,
+        final String truststorePass) {
+      configuration.addProperty("truststoreLocation", truststoreLocation);
+      configuration.addProperty("truststorePass", truststorePass);
+      return this;
+    }
+
+    public String truststoreLocation() {
+      return configuration.getString("truststoreLocation");
+    }
+
+    public String truststorePass() {
+      return configuration.getString("truststorePass");
+    }
   }
 
   public PoolContext pool() {

http://git-wip-us.apache.org/repos/asf/knox/blob/91d8cdcc/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java
----------------------------------------------------------------------
diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java
index ac0b753..3bf9836 100644
--- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java
+++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java
@@ -102,6 +102,13 @@ public class KnoxSession implements Closeable {
     return new KnoxSession(ClientContext.with(username, password, url));
   }
 
+  public static KnoxSession login( String url, String username, String password,
+      String truststoreLocation, String truststorePass ) throws URISyntaxException {
+
+    return new KnoxSession(ClientContext.with(username, password, url)
+            .connection().withTruststore(truststoreLocation, truststorePass).end());
+  }
+
   public static KnoxSession loginInsecure(String url, String username, String password) throws URISyntaxException {
     return new KnoxSession(ClientContext.with(username, password, url)
             .connection().secure(false).end());
@@ -139,7 +146,7 @@ public class KnoxSession implements Closeable {
               + "*******************************************");
     }
 
-    KeyStore trustStore = getTrustStore();
+    KeyStore trustStore = getTrustStore(clientContext);
     SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(trustStore, trustStrategy).build();
     Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
             .register("http", PlainConnectionSocketFactory.getSocketFactory())
@@ -188,29 +195,22 @@ public class KnoxSession implements Closeable {
 
   }
 
-  private static KeyStore getTrustStore() throws GeneralSecurityException {
+  private KeyStore getTrustStore(ClientContext clientContext) throws GeneralSecurityException {
     KeyStore ks = null;
-    String truststoreDir = System.getenv(KNOX_CLIENT_TRUSTSTORE_DIR);
-    if (truststoreDir == null) {
-      truststoreDir = System.getProperty("user.home");
-    }
-    String truststoreFileName = System.getenv(KNOX_CLIENT_TRUSTSTORE_FILENAME);
-    if (truststoreFileName == null) {
-      truststoreFileName = GATEWAY_CLIENT_TRUST;
-    }
-    String truststorePass = System.getenv(KNOX_CLIENT_TRUSTSTORE_PASS);
-    if (truststorePass == null) {
-      truststorePass = GATEWAY_CLIENT_TRUST_DEFAULT_PASS;
-    }
+    String truststorePass = null;
+
+    discoverTruststoreDetails(clientContext);
 
     InputStream is = null;
     try {
       ks = KeyStore.getInstance("JKS");
-      File file = new File(truststoreDir, truststoreFileName);
-      if (!file.exists()) {
+      File file = new File(clientContext.connection().truststoreLocation());
+      if (file.exists()) {
+        truststorePass = clientContext.connection().truststorePass();
+      } else {
         String truststore = System.getProperty("javax.net.ssl.trustStore");
         if (truststore == null) {
-          truststoreDir = System.getProperty("java.home");
+          String truststoreDir = System.getProperty("java.home");
           truststore = truststoreDir + File.separator + "lib" + File.separator
               + "security" + File.separator + "cacerts";
           truststorePass = System.getProperty("javax.net.ssl.trustStorePassword", "changeit");
@@ -251,6 +251,30 @@ public class KnoxSession implements Closeable {
     return ks;
   }
 
+  protected void discoverTruststoreDetails(ClientContext clientContext) {
+    String truststoreDir = null;
+    String truststoreFileName = null;
+    if (clientContext.connection().truststoreLocation() != null &&
+        clientContext.connection().truststorePass() != null) {
+      return;
+    } else {
+      truststoreDir = System.getenv(KNOX_CLIENT_TRUSTSTORE_DIR);
+      if (truststoreDir == null) {
+        truststoreDir = System.getProperty("user.home");
+      }
+      truststoreFileName = System.getenv(KNOX_CLIENT_TRUSTSTORE_FILENAME);
+      if (truststoreFileName == null) {
+        truststoreFileName = GATEWAY_CLIENT_TRUST;
+      }
+    }
+    String truststorePass = System.getenv(KNOX_CLIENT_TRUSTSTORE_PASS);
+    if (truststorePass == null) {
+      truststorePass = GATEWAY_CLIENT_TRUST_DEFAULT_PASS;
+    }
+    String truststoreLocation = truststoreDir + File.separator + truststoreFileName;
+    clientContext.connection().withTruststore(truststoreLocation, truststorePass);
+  }
+
   public String base() {
     return base;
   }