You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tinkerpop.apache.org by rd...@apache.org on 2017/01/17 19:26:01 UTC
tinkerpop git commit: Support SSL client auth
Repository: tinkerpop
Updated Branches:
refs/heads/TINKERPOP-1602 [created] 7462a9f00
Support SSL client auth
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/7462a9f0
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/7462a9f0
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/7462a9f0
Branch: refs/heads/TINKERPOP-1602
Commit: 7462a9f007df86e83a9b6d49c71cb59c2bbc180d
Parents: 9d1c3e5
Author: Robert Dale <ro...@gmail.com>
Authored: Tue Jan 17 14:24:00 2017 -0500
Committer: Robert Dale <ro...@gmail.com>
Committed: Tue Jan 17 14:24:00 2017 -0500
----------------------------------------------------------------------
.../apache/tinkerpop/gremlin/server/AbstractChannelizer.java | 4 +++-
.../java/org/apache/tinkerpop/gremlin/server/Settings.java | 6 ++++++
2 files changed, 9 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7462a9f0/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
index 57c6994..d28fd4f 100644
--- a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
+++ b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
@@ -242,8 +242,10 @@ public abstract class AbstractChannelizer extends ChannelInitializer<SocketChann
builder = SslContextBuilder.forServer(keyCertChainFile, keyFile, sslSettings.keyPassword)
.trustManager(trustCertChainFile);
}
+
+
- builder.sslProvider(provider);
+ builder.clientAuth(sslSettings.needClientAuth).sslProvider(provider);
try {
return builder.build();
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7462a9f0/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
----------------------------------------------------------------------
diff --git a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
index 97e2875..a3b9545 100644
--- a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
+++ b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
@@ -18,6 +18,7 @@
*/
package org.apache.tinkerpop.gremlin.server;
+import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import org.apache.tinkerpop.gremlin.driver.MessageSerializer;
import org.apache.tinkerpop.gremlin.jsr223.GremlinPlugin;
@@ -420,6 +421,11 @@ public class Settings {
* contain an X.509 certificate chain in PEM format. {@code null} uses the system default.
*/
public String trustCertChainFile = null;
+
+ /**
+ * Require client certificate authentication
+ */
+ public ClientAuth needClientAuth = ClientAuth.NONE;
private SslContext sslContext;