You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@asterixdb.apache.org by dl...@apache.org on 2021/10/13 21:55:54 UTC

[asterixdb-clients] branch master updated: [NO ISSUE][JDBC] Preliminary support for SSL connections

This is an automated email from the ASF dual-hosted git repository.

dlych pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/asterixdb-clients.git


The following commit(s) were added to refs/heads/master by this push:
     new a7cf4a1  [NO ISSUE][JDBC] Preliminary support for SSL connections
a7cf4a1 is described below

commit a7cf4a1f650a7af43b10d135a28a0843e50fa9e6
Author: Dmitry Lychagin <dm...@couchbase.com>
AuthorDate: Wed Oct 13 11:48:01 2021 -0700

    [NO ISSUE][JDBC] Preliminary support for SSL connections
    
    - user model changes: no
    - storage format changes: no
    - interface changes: no
    
    Details:
    - Add 'ssl' driver property
    - Add 'Require SSL' option to connect dialog
    
    Change-Id: Ibd70661ed2a2a275e4a9096316fd981a5d297c40
    Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb-clients/+/13686
    Tested-by: Jenkins <je...@fulliautomatix.ics.uci.edu>
    Reviewed-by: Ian Maxon <im...@uci.edu>
---
 .../org/apache/asterix/jdbc/core/ADBDriverProperty.java |  3 ++-
 .../main/java/org/apache/asterix/jdbc/ADBProtocol.java  | 17 +++++++++--------
 .../taco/plugins/asterixdb_jdbc/connection-fields.xml   |  7 +++++++
 .../taco/plugins/asterixdb_jdbc/connectionProperties.js |  3 +++
 .../taco/plugins/asterixdb_jdbc/connectionResolver.tdr  |  1 +
 5 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
index 7312861..4d454e6 100644
--- a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
+++ b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
@@ -43,7 +43,8 @@ public interface ADBDriverProperty {
         CATALOG_DATAVERSE_MODE("catalogDataverseMode", Integer::parseInt, 1, false), // 1 -> CATALOG, 2 -> CATALOG_SCHEMA
         CATALOG_INCLUDES_SCHEMALESS("catalogIncludesSchemaless", Boolean::parseBoolean, false, false),
         SQL_COMPAT_MODE("sqlCompatMode", Boolean::parseBoolean, true, false), // Whether user statements are executed in 'SQL-compat' mode
-        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, true);
+        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, true),
+        SSL("ssl", Boolean::parseBoolean, false, false);
 
         private final String propertyName;
 
diff --git a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
index 5bc0d9e..2f95b57 100644
--- a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
+++ b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
@@ -103,12 +103,13 @@ final class ADBProtocol extends ADBProtocolBase {
     public ADBProtocol(String host, int port, Map<ADBDriverProperty, Object> params, ADBDriverContext driverContext)
             throws SQLException {
         super(driverContext, params);
-        URI queryEndpoint =
-                createEndpointUri(host, port, QUERY_SERVICE_ENDPOINT_PATH, driverContext.getErrorReporter());
+        boolean sslEnabled = (Boolean) ADBDriverProperty.Common.SSL.fetchPropertyValue(params);
+        URI queryEndpoint = createEndpointUri(sslEnabled, host, port, QUERY_SERVICE_ENDPOINT_PATH,
+                driverContext.getErrorReporter());
         URI queryResultEndpoint =
-                createEndpointUri(host, port, QUERY_RESULT_ENDPOINT_PATH, driverContext.getErrorReporter());
-        URI activeRequestsEndpoint =
-                createEndpointUri(host, port, getActiveRequestsEndpointPath(params), driverContext.getErrorReporter());
+                createEndpointUri(sslEnabled, host, port, QUERY_RESULT_ENDPOINT_PATH, driverContext.getErrorReporter());
+        URI activeRequestsEndpoint = createEndpointUri(sslEnabled, host, port, getActiveRequestsEndpointPath(params),
+                driverContext.getErrorReporter());
 
         PoolingHttpClientConnectionManager httpConnectionManager = new PoolingHttpClientConnectionManager();
         int maxConnections = Math.max(16, Runtime.getRuntime().availableProcessors());
@@ -437,10 +438,10 @@ final class ADBProtocol extends ADBProtocolBase {
         }
     }
 
-    private static URI createEndpointUri(String host, int port, String path, ADBErrorReporter errorReporter)
-            throws SQLException {
+    private static URI createEndpointUri(boolean sslEnabled, String host, int port, String path,
+            ADBErrorReporter errorReporter) throws SQLException {
         try {
-            return new URI("http", null, host, port, path, null, null);
+            return new URI(sslEnabled ? "https" : "http", null, host, port, path, null, null);
         } catch (URISyntaxException e) {
             throw errorReporter.errorParameterValueNotSupported("endpoint " + host + ":" + port);
         }
diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
index 8242f66..e200852 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
@@ -43,4 +43,11 @@
     </conditions>
   </field>
 
+  <field name="sslmode" label="Require SSL" value-type="boolean" category="general" default-value="" >
+    <boolean-options>
+      <false-value value="" />
+      <true-value value="require" />
+    </boolean-options>
+  </field>
+
 </connection-fields>
\ No newline at end of file
diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
index 42265f7..77b0d35 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
@@ -20,6 +20,9 @@
     var props = {};
     props["user"] = attr[connectionHelper.attributeUsername];
     props["password"] = attr[connectionHelper.attributePassword];
+    if (attr[connectionHelper.attributeSSLMode] == "require") {
+        props["ssl"] = "true";
+    }
     ${taco.plugin.jdbc.properties.aux}
     return props;
 })
diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
index 95d4fc2..48543c0 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
@@ -30,6 +30,7 @@
           <attr>authentication</attr>
           <attr>username</attr>
           <attr>password</attr>
+          <attr>sslmode</attr>
         </attribute-list>
       </required-attributes>
     </connection-normalizer>