You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by el...@apache.org on 2015/06/06 07:27:01 UTC
[2/3] accumulo git commit: ACCUMULO-3893 Make sure ReadWriteIT can
fetch data over HTTPS from monitor
ACCUMULO-3893 Make sure ReadWriteIT can fetch data over HTTPS from monitor
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/f629d324
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/f629d324
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/f629d324
Branch: refs/heads/master
Commit: f629d324af0cd9b911e844011f275af260eb600f
Parents: b3760d6
Author: Josh Elser <el...@apache.org>
Authored: Sat Jun 6 00:29:28 2015 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Sat Jun 6 00:29:28 2015 -0400
----------------------------------------------------------------------
.../accumulo/test/functional/ReadWriteIT.java | 58 +++++++++++++++++++-
1 file changed, 57 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/f629d324/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java b/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
index 5c3694a..65ef479 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
@@ -22,9 +22,13 @@ import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.io.ByteArrayOutputStream;
+import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URL;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
@@ -40,6 +44,14 @@ import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
import org.apache.accumulo.cluster.ClusterControl;
import org.apache.accumulo.cluster.standalone.StandaloneAccumuloCluster;
import org.apache.accumulo.core.Constants;
@@ -57,6 +69,7 @@ import org.apache.accumulo.core.client.admin.TableOperations;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.client.security.tokens.KerberosToken;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
+import org.apache.accumulo.core.conf.Property;
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Mutation;
import org.apache.accumulo.core.data.Range;
@@ -75,6 +88,7 @@ import org.apache.accumulo.minicluster.ServerType;
import org.apache.accumulo.test.TestIngest;
import org.apache.accumulo.test.TestMultiTableIngest;
import org.apache.accumulo.test.VerifyIngest;
+import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.io.Text;
import org.junit.Test;
@@ -120,7 +134,29 @@ public class ReadWriteIT extends AccumuloClusterIT {
Thread.sleep(2000);
}
}
- URL url = new URL("http://" + monitorLocation);
+ String scheme = "http://";
+ if (getCluster() instanceof StandaloneAccumuloCluster) {
+ StandaloneAccumuloCluster standaloneCluster = (StandaloneAccumuloCluster) getCluster();
+ File accumuloSite = new File(standaloneCluster.getServerAccumuloConfDir(), "accumulo-site.xml");
+ if (accumuloSite.isFile()) {
+ Configuration conf = new Configuration(false);
+ conf.addResource(new Path(accumuloSite.toURI()));
+ String monitorSslKeystore = conf.get(Property.MONITOR_SSL_KEYSTORE.getKey());
+ if (null != monitorSslKeystore) {
+ log.info("Setting scheme to HTTPS since monitor ssl keystore configuration was observed in {}", accumuloSite);
+ scheme = "https://";
+ SSLContext ctx = SSLContext.getInstance("SSL");
+ TrustManager[] tm = new TrustManager[] {new TestTrustManager()};
+ ctx.init(new KeyManager[0], tm, new SecureRandom());
+ SSLContext.setDefault(ctx);
+ HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
+ HttpsURLConnection.setDefaultHostnameVerifier(new TestHostnameVerifier());
+ }
+ } else {
+ log.info("{} is not a normal file, not checking for monitor running with SSL", accumuloSite);
+ }
+ }
+ URL url = new URL(scheme + monitorLocation);
log.debug("Fetching web page " + url);
String result = FunctionalTestUtils.readAll(url.openStream());
assertTrue(result.length() > 100);
@@ -445,4 +481,24 @@ public class ReadWriteIT extends AccumuloClusterIT {
return groups;
}
+ private static class TestTrustManager implements X509TrustManager {
+ @Override
+ public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
+
+ @Override
+ public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
+
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+ }
+
+ private static class TestHostnameVerifier implements HostnameVerifier {
+ @Override
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }
+ }
+
}