You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@inlong.apache.org by he...@apache.org on 2022/06/10 14:23:11 UTC
[incubator-inlong] 01/04: [INLONG-4594][Audit] Make Elasticsearch authentication configurable (#4595)
This is an automated email from the ASF dual-hosted git repository.
healchow pushed a commit to branch release-1.2.0
in repository https://gitbox.apache.org/repos/asf/incubator-inlong.git
commit 1d70ad5a70e54fdcfa39123f5a38e1087e687a31
Author: xueyingzhang <86...@users.noreply.github.com>
AuthorDate: Fri Jun 10 19:59:05 2022 +0800
[INLONG-4594][Audit] Make Elasticsearch authentication configurable (#4595)
---
.../inlong/audit/config/ElasticsearchConfig.java | 28 +++++++++++++++++-----
inlong-audit/conf/application.properties | 1 +
2 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/inlong-audit/audit-store/src/main/java/org/apache/inlong/audit/config/ElasticsearchConfig.java b/inlong-audit/audit-store/src/main/java/org/apache/inlong/audit/config/ElasticsearchConfig.java
index 77e3a53a5..4c72c68cc 100644
--- a/inlong-audit/audit-store/src/main/java/org/apache/inlong/audit/config/ElasticsearchConfig.java
+++ b/inlong-audit/audit-store/src/main/java/org/apache/inlong/audit/config/ElasticsearchConfig.java
@@ -56,6 +56,9 @@ public class ElasticsearchConfig {
@Value("${elasticsearch.connectionRequestTimeout:500}")
private int connectionRequestTimeout;
+ @Value("${elasticsearch.authEnable:false}")
+ private boolean authEnable;
+
@Value("${elasticsearch.username}")
private String username;
@@ -83,14 +86,27 @@ public class ElasticsearchConfig {
@Value("${elasticsearch.auditIdSet}")
private String auditIdSet;
- @Bean(destroyMethod = "close",name = "restClient")
+ @Bean(destroyMethod = "close", name = "restClient")
public RestHighLevelClient initRestClient() {
- final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
- credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
- RestClientBuilder restClientBuilder = RestClient.builder(new HttpHost(host, port, "http"))
- .setHttpClientConfigCallback(httpAsyncClientBuilder ->
- httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
+ // support es cluster with multi hosts
+ List<HttpHost> hosts = new ArrayList<>();
+ String[] hostArrays = host.split(",");
+ for (String host : hostArrays) {
+ if (StringUtils.isNotEmpty(host)) {
+ hosts.add(new HttpHost(host.trim(), port, "http"));
+ }
+ }
+
+ RestClientBuilder restClientBuilder = RestClient.builder(hosts.toArray(new HttpHost[0]));
+
+ // configurable auth
+ if (authEnable) {
+ final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
+ credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
+ restClientBuilder.setHttpClientConfigCallback(httpAsyncClientBuilder ->
+ httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
+ }
restClientBuilder.setRequestConfigCallback(requestConfigBuilder -> requestConfigBuilder
.setConnectTimeout(connTimeout).setSocketTimeout(socketTimeout)
diff --git a/inlong-audit/conf/application.properties b/inlong-audit/conf/application.properties
index 03162bc81..c0b0374b1 100644
--- a/inlong-audit/conf/application.properties
+++ b/inlong-audit/conf/application.properties
@@ -66,6 +66,7 @@ audit.tube.consumer.group.name=inlong-audit-consumer
# es config
elasticsearch.host=127.0.0.1
elasticsearch.port=9200
+elasticsearch.authEnable=false
elasticsearch.username=elastic
elasticsearch.password=inlong
elasticsearch.shardsNum=5