You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by sm...@apache.org on 2022/12/06 09:24:02 UTC
[knox] branch master updated: KNOX-2851 - Username and password properties can be set as aliases even when clients use JDBC URL. (#699)
This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 618e7e10d KNOX-2851 - Username and password properties can be set as aliases even when clients use JDBC URL. (#699)
618e7e10d is described below
commit 618e7e10db2076c4de4aca19112c2f6deb8bfc09
Author: Sandor Molnar <sm...@apache.org>
AuthorDate: Tue Dec 6 10:23:56 2022 +0100
KNOX-2851 - Username and password properties can be set as aliases even when clients use JDBC URL. (#699)
SSL configuration happens for both connection types (JDBC URL or separate property declaration).
---
.../org/apache/knox/gateway/util/JDBCUtils.java | 42 +++++++++++++++-------
.../apache/knox/gateway/util/JDBCUtilsTest.java | 7 ++--
2 files changed, 34 insertions(+), 15 deletions(-)
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/util/JDBCUtils.java b/gateway-server/src/main/java/org/apache/knox/gateway/util/JDBCUtils.java
index 7933a6740..10115692f 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/util/JDBCUtils.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/util/JDBCUtils.java
@@ -19,9 +19,18 @@ package org.apache.knox.gateway.util;
import static java.nio.charset.StandardCharsets.UTF_8;
-import com.mysql.cj.conf.PropertyDefinitions;
-import com.mysql.cj.jdbc.MysqlDataSource;
+import java.io.InputStream;
+import java.sql.Connection;
+import java.sql.DatabaseMetaData;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.Locale;
+
+import javax.sql.DataSource;
+
import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.StringUtils;
import org.apache.derby.jdbc.ClientDataSource;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.services.security.AliasService;
@@ -31,14 +40,8 @@ import org.postgresql.ds.PGSimpleDataSource;
import org.postgresql.jdbc.SslMode;
import org.postgresql.ssl.NonValidatingFactory;
-import javax.sql.DataSource;
-import java.io.InputStream;
-import java.sql.Connection;
-import java.sql.DatabaseMetaData;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Statement;
-import java.util.Locale;
+import com.mysql.cj.conf.PropertyDefinitions;
+import com.mysql.cj.jdbc.MysqlDataSource;
public class JDBCUtils {
public static final String POSTGRESQL_DB_TYPE = "postgresql";
@@ -64,16 +67,29 @@ public class JDBCUtils {
private static DataSource createPostgresDataSource(GatewayConfig gatewayConfig, AliasService aliasService) throws AliasServiceException {
final PGSimpleDataSource postgresDataSource = new PGSimpleDataSource();
+ final String dbUser = getDatabaseUser(aliasService);
+ final String dbPassword = getDatabasePassword(aliasService);
if (gatewayConfig.getDatabaseConnectionUrl() != null) {
postgresDataSource.setUrl(gatewayConfig.getDatabaseConnectionUrl());
+
+ // avoid nullifying already configured user/password properties in case they
+ // were already set in the given JDBC URL but not saved as aliases
+ if (StringUtils.isNotBlank(dbUser)) {
+ postgresDataSource.setUser(dbUser);
+ }
+ if (StringUtils.isNotBlank(dbPassword)) {
+ postgresDataSource.setPassword(dbPassword);
+ }
} else {
postgresDataSource.setDatabaseName(gatewayConfig.getDatabaseName());
postgresDataSource.setServerNames(new String[] { gatewayConfig.getDatabaseHost() });
postgresDataSource.setPortNumbers(new int[] { gatewayConfig.getDatabasePort() });
- postgresDataSource.setUser(getDatabaseUser(aliasService));
- postgresDataSource.setPassword(getDatabasePassword(aliasService));
- configurePostgreSQLSsl(gatewayConfig, aliasService, postgresDataSource);
+ postgresDataSource.setUser(dbUser);
+ postgresDataSource.setPassword(dbPassword);
}
+
+ configurePostgreSQLSsl(gatewayConfig, aliasService, postgresDataSource);
+
return postgresDataSource;
}
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/util/JDBCUtilsTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/util/JDBCUtilsTest.java
index 4dbc10902..799ae77fe 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/util/JDBCUtilsTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/util/JDBCUtilsTest.java
@@ -110,10 +110,13 @@ public class JDBCUtilsTest {
public void testGetPostgreSqlDatasourceFromJdbcConnectionUrl() throws Exception {
final String connectionUrl = "jdbc:postgresql://postgresql_host:1234/testDb?user=smolnar&password=secret&ssl=true&sslmode=verify-ca&sslrootcert=/var/lib/knox/gateway/conf/postgresql/root.crt";
final GatewayConfig gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
+ final AliasService aliasService = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(aliasService.getPasswordFromAliasForGateway(JDBCUtils.DATABASE_USER_ALIAS_NAME)).andReturn(null).anyTimes();
+ EasyMock.expect(aliasService.getPasswordFromAliasForGateway(JDBCUtils.DATABASE_PASSWORD_ALIAS_NAME)).andReturn(null).anyTimes();
EasyMock.expect(gatewayConfig.getDatabaseType()).andReturn(JDBCUtils.POSTGRESQL_DB_TYPE).anyTimes();
EasyMock.expect(gatewayConfig.getDatabaseConnectionUrl()).andReturn(connectionUrl).anyTimes();
- EasyMock.replay(gatewayConfig);
- final PGSimpleDataSource dataSource = (PGSimpleDataSource) JDBCUtils.getDataSource(gatewayConfig, null);
+ EasyMock.replay(gatewayConfig, aliasService);
+ final PGSimpleDataSource dataSource = (PGSimpleDataSource) JDBCUtils.getDataSource(gatewayConfig, aliasService);
assertEquals("postgresql_host", dataSource.getServerNames()[0]);
assertEquals(1234, dataSource.getPortNumbers()[0]);
assertEquals("testDb", dataSource.getDatabaseName());