You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by ni...@apache.org on 2020/10/15 14:12:22 UTC

[atlas] 02/02: ATLAS-3995 : Atlas should support additional keystore/truststores types besides JKS.

This is an automated email from the ASF dual-hosted git repository.

nixon pushed a commit to branch branch-2.0
in repository https://gitbox.apache.org/repos/asf/atlas.git

commit f829adbbb0b7c4cbbfa0a35581b5829384bda56c
Author: nixonrodrigues <ni...@apache.org>
AuthorDate: Wed Oct 14 18:46:53 2020 +0530

    ATLAS-3995 : Atlas should support additional keystore/truststores types besides JKS.
    
    (cherry picked from commit fd24e652b5e2f607cad0d665c88d770479832263)
---
 .../main/java/org/apache/atlas/security/SecurityProperties.java   | 2 ++
 .../java/org/apache/atlas/web/service/SecureEmbeddedServer.java   | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
index 2e953eb..2147cd1 100644
--- a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
+++ b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
@@ -32,9 +32,11 @@ public final class SecurityProperties {
     public static final String KEYSTORE_FILE_KEY = "keystore.file";
     public static final String DEFAULT_KEYSTORE_FILE_LOCATION = "target/atlas.keystore";
     public static final String KEYSTORE_PASSWORD_KEY = "keystore.password";
+    public static final String KEYSTORE_TYPE = "keystore.type";
     public static final String TRUSTSTORE_FILE_KEY = "truststore.file";
     public static final String DEFATULT_TRUSTORE_FILE_LOCATION = "target/atlas.keystore";
     public static final String TRUSTSTORE_PASSWORD_KEY = "truststore.password";
+    public static final String TRUSTSTORE_TYPE = "truststore.type";
     public static final String SERVER_CERT_PASSWORD_KEY = "password";
     public static final String CLIENT_AUTH_KEY = "client.auth.enabled";
     public static final String CERT_STORES_CREDENTIAL_PROVIDER_PATH = "cert.stores.credential.provider.path";
diff --git a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
index 34086ae..b10e594 100755
--- a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
+++ b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
@@ -69,6 +69,8 @@ import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_FILE_KEY;
 import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_PASSWORD_KEY;
 import static org.apache.atlas.security.SecurityProperties.ATLAS_SSL_EXCLUDE_PROTOCOLS;
 import static org.apache.atlas.security.SecurityProperties.DEFAULT_EXCLUDE_PROTOCOLS;
+import static org.apache.atlas.security.SecurityProperties.KEYSTORE_TYPE;
+import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_TYPE;
 import static org.apache.atlas.security.SecurityUtil.getPassword;
 
 
@@ -101,10 +103,12 @@ public class SecureEmbeddedServer extends EmbeddedServer {
         }
 
         SslContextFactory sslContextFactory = new SslContextFactory();
+        sslContextFactory.setKeyStoreType(config.getString(KEYSTORE_TYPE , ATLAS_KEYSTORE_FILE_TYPE_DEFAULT));
         sslContextFactory.setKeyStorePath(config.getString(KEYSTORE_FILE_KEY,
                 System.getProperty(KEYSTORE_FILE_KEY, DEFAULT_KEYSTORE_FILE_LOCATION)));
         sslContextFactory.setKeyStorePassword(getPassword(config, KEYSTORE_PASSWORD_KEY));
         sslContextFactory.setKeyManagerPassword(getPassword(config, SERVER_CERT_PASSWORD_KEY));
+        sslContextFactory.setTrustStoreType(config.getString(TRUSTSTORE_TYPE , ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT));
         sslContextFactory.setTrustStorePath(config.getString(TRUSTSTORE_FILE_KEY,
                 System.getProperty(TRUSTSTORE_FILE_KEY, DEFATULT_TRUSTORE_FILE_LOCATION)));
         sslContextFactory.setTrustStorePassword(getPassword(config, TRUSTSTORE_PASSWORD_KEY));
@@ -198,7 +202,7 @@ public class SecureEmbeddedServer extends EmbeddedServer {
                     in = getFileInputStream(keyStoreFile);
 
                     if (in != null) {
-                        KeyStore keyStore = KeyStore.getInstance(ATLAS_KEYSTORE_FILE_TYPE_DEFAULT);
+                        KeyStore keyStore = KeyStore.getInstance(getConfiguration().getString(KEYSTORE_TYPE , ATLAS_KEYSTORE_FILE_TYPE_DEFAULT));
 
                         keyStore.load(in, keyStoreFilepwd.toCharArray());
 
@@ -251,7 +255,7 @@ public class SecureEmbeddedServer extends EmbeddedServer {
                     in = getFileInputStream(truststoreFile);
 
                     if (in != null) {
-                        KeyStore trustStore = KeyStore.getInstance(ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT);
+                        KeyStore trustStore = KeyStore.getInstance(getConfiguration().getString(TRUSTSTORE_TYPE , ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT));
 
                         trustStore.load(in, trustStoreFilepwd.toCharArray());