You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by javamonkey79 <ja...@gmail.com> on 2013/06/19 18:55:39 UTC
camel sftp privateKeyFile - load from classpath
Is there any way to load the privateKeyFile for sftp endpoints from the
classpath? It looks to me like JSCH is accepting a String param and then
converting that to a file, which probably won't work for classpath files.
Maybe this is an improvement in the SFTP component?
--
View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: camel sftp privateKeyFile - load from classpath
Posted by "Siano, Stephan" <st...@sap.com>.
Hi,
I have attached a patch for the camel-ftp component to https://issues.apache.org/jira/browse/CAMEL-6477 that has the following functionality:
1. add a test for the existing (file based) client key authentication
2. add new configuration parameters knownHostsUri and privateKeyUri that allow to give URIs as parameters (including classpath URIs which is the default) plus implementation and test
3. add new configuration parameters knownHosts and privateKey that allow to pass references to byte[] (in the OpenSSH format as the files) containing the private key and known hosts material
4. add a new configuration parameter privateKeyPassphrase, which does the same as the existing privateKeyFilePassphrase (which we should probably deprecate, because it does not only apply to files but to the other privateKey entities, too).
I added new parameters because I wanted to avoid breaking existing scenarios. What do you think about the parameter names.
Best regards
Stephan
Re: camel sftp privateKeyFile - load from classpath
Posted by Claus Ibsen <cl...@gmail.com>.
Sounds good. There is a JIRA ticket registered here
https://issues.apache.org/jira/browse/CAMEL-6477
On Sat, Jun 22, 2013 at 5:41 AM, Siano, Stephan <st...@sap.com> wrote:
> Hi,
>
> This ResourceHelper looks interesting. I will look into this and attach a patch to the JIra task next week.
>
> Best regards
> Stephan
>
--
Claus Ibsen
-----------------
www.camelone.org: The open source integration conference.
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen
RE: camel sftp privateKeyFile - load from classpath
Posted by "Siano, Stephan" <st...@sap.com>.
Hi,
This ResourceHelper looks interesting. I will look into this and attach a patch to the JIra task next week.
Best regards
Stephan
Re: camel sftp privateKeyFile - load from classpath
Posted by javamonkey79 <ja...@gmail.com>.
I've created the issue here:
https://issues.apache.org/jira/browse/CAMEL-6477
Stephan, I'd be happy to submit a patch unless you or someone else should
work on it... can you point me to where camel actually calls jsch wrt the
keyfile logic?
--
View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394p5734544.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: camel sftp privateKeyFile - load from classpath
Posted by "Siano, Stephan" <st...@sap.com>.
Hi,
I have created another issue that contains an extension (including patch) which makes it possible to use a Java KeyPair instead of an OpenSSH private key file:
https://issues.apache.org/jira/browse/CAMEL-6502
I have also looked into the jsch HostKeyRepository thing, but that interface is a bit nasty and I have no good idea how to map this into anything else than a known_hosts file, so I have left this out for now.
Best regards
Stephan
-----Original Message-----
From: Claus Ibsen [mailto:claus.ibsen@gmail.com]
Sent: Freitag, 21. Juni 2013 13:36
To: users@camel.apache.org
Subject: Re: camel sftp privateKeyFile - load from classpath
Hi
Yeah if sftp accepts an InputStream for the private key file, then we
can use the resource loader abstraction to load it from classpath and
file systems.
See: org.apache.camel.util.ResourceHelper#resolveMandatoryResourceAsInputStream
This is what we do in other components.
This will help with this use-case.
If there is a demand for implementing custom jsch interfaces, then we
can take a look at that also. But I think being able to load the key
files from classpath is a good idea to get sorted first.
Re: camel sftp privateKeyFile - load from classpath
Posted by Claus Ibsen <cl...@gmail.com>.
Hi
Yeah if sftp accepts an InputStream for the private key file, then we
can use the resource loader abstraction to load it from classpath and
file systems.
See: org.apache.camel.util.ResourceHelper#resolveMandatoryResourceAsInputStream
This is what we do in other components.
This will help with this use-case.
If there is a demand for implementing custom jsch interfaces, then we
can take a look at that also. But I think being able to load the key
files from classpath is a good idea to get sorted first.
On Fri, Jun 21, 2013 at 6:50 AM, Siano, Stephan <st...@sap.com> wrote:
> Hi,
>
> You are right, the current implementation doesn't work with identity and known hosts files from anywhere but the file system. JSch has actually three ways of setting these entities, one with a filename (which camel uses now), one with an InputStream and one with implementations of the Identity and KnownHostsRepository interfaces. Behind the scenes JSch is using the default implementation of these interfaces that are capable of parsing files in the OpenSSH format. My idea was to extend camel in a way that it's also possible to pass objects implementing these interfaces to the endpoint, so you could get your key material from wherever you want (e.g. a database or a file in a different format), however on a second thought this has two disadvantages.
> 1. The camel component would expose interfaces from the underlying JSch implementation.
> 2. The default implementation from JSch have private constructors, so we should at least also offer an InputStream interface as we most likely do not want to parse these files ourselves...
>
> Claus: what do you think would be best?
>
> Best regards
> Stephan
>
> -----Original Message-----
> From: javamonkey79 [mailto:javamonkey79@gmail.com]
> Sent: Donnerstag, 20. Juni 2013 22:11
> To: users@camel.apache.org
> Subject: RE: camel sftp privateKeyFile - load from classpath
>
> @Stephan - that is a bit over my head, perhaps I don't understand the sftp
> component and jsch well enough yet. What I do know is that jsch is taking
> the String param passed in via Camel (the fileName param) and turning that
> in to a File, which I don't think will work with classpath resources? There
> is a another method in the jsch Util class that loads in by bytes instead -
> or perhaps camel is not calling the Util class at all, I'm not sure.
>
> If someone could point me at the spot where camel hooks the keyfile in to
> jsch I'd be happy to take a shot at improving it if possible.
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394p5734460.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
--
Claus Ibsen
-----------------
www.camelone.org: The open source integration conference.
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen
RE: camel sftp privateKeyFile - load from classpath
Posted by "Siano, Stephan" <st...@sap.com>.
Hi,
You are right, the current implementation doesn't work with identity and known hosts files from anywhere but the file system. JSch has actually three ways of setting these entities, one with a filename (which camel uses now), one with an InputStream and one with implementations of the Identity and KnownHostsRepository interfaces. Behind the scenes JSch is using the default implementation of these interfaces that are capable of parsing files in the OpenSSH format. My idea was to extend camel in a way that it's also possible to pass objects implementing these interfaces to the endpoint, so you could get your key material from wherever you want (e.g. a database or a file in a different format), however on a second thought this has two disadvantages.
1. The camel component would expose interfaces from the underlying JSch implementation.
2. The default implementation from JSch have private constructors, so we should at least also offer an InputStream interface as we most likely do not want to parse these files ourselves...
Claus: what do you think would be best?
Best regards
Stephan
-----Original Message-----
From: javamonkey79 [mailto:javamonkey79@gmail.com]
Sent: Donnerstag, 20. Juni 2013 22:11
To: users@camel.apache.org
Subject: RE: camel sftp privateKeyFile - load from classpath
@Stephan - that is a bit over my head, perhaps I don't understand the sftp
component and jsch well enough yet. What I do know is that jsch is taking
the String param passed in via Camel (the fileName param) and turning that
in to a File, which I don't think will work with classpath resources? There
is a another method in the jsch Util class that loads in by bytes instead -
or perhaps camel is not calling the Util class at all, I'm not sure.
If someone could point me at the spot where camel hooks the keyfile in to
jsch I'd be happy to take a shot at improving it if possible.
--
View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394p5734460.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: camel sftp privateKeyFile - load from classpath
Posted by javamonkey79 <ja...@gmail.com>.
@Stephan - that is a bit over my head, perhaps I don't understand the sftp
component and jsch well enough yet. What I do know is that jsch is taking
the String param passed in via Camel (the fileName param) and turning that
in to a File, which I don't think will work with classpath resources? There
is a another method in the jsch Util class that loads in by bytes instead -
or perhaps camel is not calling the Util class at all, I'm not sure.
If someone could point me at the spot where camel hooks the keyfile in to
jsch I'd be happy to take a shot at improving it if possible.
--
View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394p5734460.html
Sent from the Camel - Users mailing list archive at Nabble.com.
RE: camel sftp privateKeyFile - load from classpath
Posted by "Siano, Stephan" <st...@sap.com>.
Hi,
Maybe it would be more flexible to optionally inject Identiy and KnownHostsRepository instances in the jsch.addIdentity() and jsch.setHostKeyRepository(). The implementation of these interfaces could get the actual key material from arbitrary formats and sources (so you are not required to stick to the OpenSSL file format).
An extension in this direction would require a few lines in SftpOperations.java, SftpConfiguration.java (which is just a container that holds these entities) and the options parsing code. The coding in jsch is already there and the glue code implementing the interfaces would have to be provided by the user.
What do you think about this?
Best regards
Stephan
-----Original Message-----
From: Claus Ibsen [mailto:claus.ibsen@gmail.com]
Sent: Donnerstag, 20. Juni 2013 12:54
To: users@camel.apache.org
Subject: Re: camel sftp privateKeyFile - load from classpath
Hi
Yeah fell free to look into this. Maybe we can load the key file using
an InputStream etc.
You can use the ClassResolver API from CamelContext to load resources
and classes from classpath.
That should work for both OSGi and non OSGi runtimes.
On Wed, Jun 19, 2013 at 6:55 PM, javamonkey79 <ja...@gmail.com> wrote:
> Is there any way to load the privateKeyFile for sftp endpoints from the
> classpath? It looks to me like JSCH is accepting a String param and then
> converting that to a file, which probably won't work for classpath files.
> Maybe this is an improvement in the SFTP component?
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
--
Claus Ibsen
-----------------
www.camelone.org: The open source integration conference.
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen
Re: camel sftp privateKeyFile - load from classpath
Posted by Claus Ibsen <cl...@gmail.com>.
Hi
Yeah fell free to look into this. Maybe we can load the key file using
an InputStream etc.
You can use the ClassResolver API from CamelContext to load resources
and classes from classpath.
That should work for both OSGi and non OSGi runtimes.
On Wed, Jun 19, 2013 at 6:55 PM, javamonkey79 <ja...@gmail.com> wrote:
> Is there any way to load the privateKeyFile for sftp endpoints from the
> classpath? It looks to me like JSCH is accepting a String param and then
> converting that to a file, which probably won't work for classpath files.
> Maybe this is an improvement in the SFTP component?
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/camel-sftp-privateKeyFile-load-from-classpath-tp5734394.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
--
Claus Ibsen
-----------------
www.camelone.org: The open source integration conference.
Red Hat, Inc.
FuseSource is now part of Red Hat
Email: cibsen@redhat.com
Web: http://fusesource.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen