You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by el...@apache.org on 2015/06/06 07:27:01 UTC
[2/3] accumulo git commit: ACCUMULO-3893 Make sure ReadWriteIT can fetch data over HTTPS from monitor

ACCUMULO-3893 Make sure ReadWriteIT can fetch data over HTTPS from monitor


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/f629d324
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/f629d324
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/f629d324

Branch: refs/heads/master
Commit: f629d324af0cd9b911e844011f275af260eb600f
Parents: b3760d6
Author: Josh Elser <el...@apache.org>
Authored: Sat Jun 6 00:29:28 2015 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Sat Jun 6 00:29:28 2015 -0400

----------------------------------------------------------------------
 .../accumulo/test/functional/ReadWriteIT.java   | 58 +++++++++++++++++++-
 1 file changed, 57 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/f629d324/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java b/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
index 5c3694a..65ef479 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/ReadWriteIT.java
@@ -22,9 +22,13 @@ import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 import java.io.IOException;
 import java.io.PrintStream;
 import java.net.URL;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -40,6 +44,14 @@ import java.util.concurrent.Future;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
 
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
 import org.apache.accumulo.cluster.ClusterControl;
 import org.apache.accumulo.cluster.standalone.StandaloneAccumuloCluster;
 import org.apache.accumulo.core.Constants;
@@ -57,6 +69,7 @@ import org.apache.accumulo.core.client.admin.TableOperations;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
 import org.apache.accumulo.core.client.security.tokens.KerberosToken;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
+import org.apache.accumulo.core.conf.Property;
 import org.apache.accumulo.core.data.Key;
 import org.apache.accumulo.core.data.Mutation;
 import org.apache.accumulo.core.data.Range;
@@ -75,6 +88,7 @@ import org.apache.accumulo.minicluster.ServerType;
 import org.apache.accumulo.test.TestIngest;
 import org.apache.accumulo.test.TestMultiTableIngest;
 import org.apache.accumulo.test.VerifyIngest;
+import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.io.Text;
 import org.junit.Test;
@@ -120,7 +134,29 @@ public class ReadWriteIT extends AccumuloClusterIT {
         Thread.sleep(2000);
       }
     }
-    URL url = new URL("http://" + monitorLocation);
+    String scheme = "http://";
+    if (getCluster() instanceof StandaloneAccumuloCluster) {
+      StandaloneAccumuloCluster standaloneCluster = (StandaloneAccumuloCluster) getCluster();
+      File accumuloSite = new File(standaloneCluster.getServerAccumuloConfDir(), "accumulo-site.xml");
+      if (accumuloSite.isFile()) {
+        Configuration conf = new Configuration(false);
+        conf.addResource(new Path(accumuloSite.toURI()));
+        String monitorSslKeystore = conf.get(Property.MONITOR_SSL_KEYSTORE.getKey());
+        if (null != monitorSslKeystore) {
+          log.info("Setting scheme to HTTPS since monitor ssl keystore configuration was observed in {}", accumuloSite);
+          scheme = "https://";
+          SSLContext ctx = SSLContext.getInstance("SSL");
+          TrustManager[] tm = new TrustManager[] {new TestTrustManager()};
+          ctx.init(new KeyManager[0], tm, new SecureRandom());
+          SSLContext.setDefault(ctx);
+          HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
+          HttpsURLConnection.setDefaultHostnameVerifier(new TestHostnameVerifier());
+        }
+      } else {
+        log.info("{} is not a normal file, not checking for monitor running with SSL", accumuloSite);
+      }
+    }
+    URL url = new URL(scheme + monitorLocation);
     log.debug("Fetching web page " + url);
     String result = FunctionalTestUtils.readAll(url.openStream());
     assertTrue(result.length() > 100);
@@ -445,4 +481,24 @@ public class ReadWriteIT extends AccumuloClusterIT {
     return groups;
   }
 
+  private static class TestTrustManager implements X509TrustManager {
+    @Override
+    public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
+
+    @Override
+    public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
+
+    @Override
+    public X509Certificate[] getAcceptedIssuers() {
+      return null;
+    }
+  }
+
+  private static class TestHostnameVerifier implements HostnameVerifier {
+    @Override
+    public boolean verify(String hostname, SSLSession session) {
+      return true;
+    }
+  }
+
 }