You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@unomi.apache.org by dg...@apache.org on 2022/07/29 15:04:27 UTC
[unomi] 01/01: UNOMI-583 : add credential support to ES migration data
This is an automated email from the ASF dual-hosted git repository.
dgriffon pushed a commit to branch set-es-password-in-migration
in repository https://gitbox.apache.org/repos/asf/unomi.git
commit 1a0556cacff1c5b54641eead86c935b77767d4e1
Author: David Griffon <dg...@jahia.com>
AuthorDate: Fri Jul 29 17:03:29 2022 +0200
UNOMI-583 : add credential support to ES migration data
---
.../unomi/itests/migration/Migrate16xTo200IT.java | 2 +-
.../unomi/shell/migration/MigrationConfig.java | 4 ++++
.../unomi/shell/migration/actions/Migrate.java | 21 ++++++++++++++++++---
.../unomi/shell/migration/utils/HttpUtils.java | 7 +++++--
.../main/resources/org.apache.unomi.migration.cfg | 2 ++
5 files changed, 30 insertions(+), 6 deletions(-)
diff --git a/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java b/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java
index 1372ba2d7..faf6a87e5 100644
--- a/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java
+++ b/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java
@@ -39,7 +39,7 @@ public class Migrate16xTo200IT extends BaseIT {
public void waitForStartup() throws InterruptedException {
// Restore snapshot from 1.6.x
- try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(true)) {
+ try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(true, null)) {
// Create snapshot repo
HttpUtils.executePutRequest(httpClient, "http://localhost:9400/_snapshot/snapshots_repository/", resourceAsString("migration/create_snapshots_repository.json"), null);
// Get snapshot, insure it exists
diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java
index 2e6b99587..da32faba2 100644
--- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java
+++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java
@@ -38,6 +38,8 @@ import java.util.Map;
public class MigrationConfig {
public static final String CONFIG_ES_ADDRESS = "esAddress";
+ public static final String CONFIG_ES_LOGIN = "esLogin";
+ public static final String CONFIG_ES_PASSWORD = "esPassword";
public static final String CONFIG_TRUST_ALL_CERTIFICATES = "httpClient.trustAllCertificates";
public static final String INDEX_PREFIX = "indexPrefix";
public static final String NUMBER_OF_SHARDS = "number_of_shards";
@@ -49,6 +51,8 @@ public class MigrationConfig {
static {
Map<String, MigrationConfigProperty> m = new HashMap<>();
m.put(CONFIG_ES_ADDRESS, new MigrationConfigProperty("Enter ElasticSearch TARGET address (default: http://localhost:9200): ", "http://localhost:9200"));
+ m.put(CONFIG_ES_LOGIN, new MigrationConfigProperty("Enter ElasticSearch TARGET login (default: none): ", ""));
+ m.put(CONFIG_ES_PASSWORD, new MigrationConfigProperty("Enter ElasticSearch TARGET password (default: none): ", ""));
m.put(CONFIG_TRUST_ALL_CERTIFICATES, new MigrationConfigProperty("We need to initialize a HttpClient, do we need to trust all certificates ?", null));
m.put(INDEX_PREFIX, new MigrationConfigProperty("Enter ElasticSearch Unomi indices prefix (default: context): ", "context"));
m.put(NUMBER_OF_SHARDS, new MigrationConfigProperty("Enter ElasticSearch index mapping configuration: number_of_shards (default: 3): ", "3"));
diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java
index dd4946d5c..585bd20c6 100644
--- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java
+++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java
@@ -19,6 +19,11 @@ package org.apache.unomi.shell.migration.actions;
import groovy.lang.GroovyClassLoader;
import groovy.lang.GroovyShell;
import groovy.util.GroovyScriptEngine;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.karaf.shell.api.action.Action;
import org.apache.karaf.shell.api.action.Argument;
@@ -42,7 +47,7 @@ import java.util.*;
import java.util.stream.Collectors;
import java.util.stream.Stream;
-import static org.apache.unomi.shell.migration.MigrationConfig.CONFIG_TRUST_ALL_CERTIFICATES;
+import static org.apache.unomi.shell.migration.MigrationConfig.*;
@Command(scope = "unomi", name = "migrate", description = "This will Migrate your data in ES to be compliant with current version. " +
"It's possible to configure the migration using OSGI configuration file: org.apache.unomi.migration.cfg, if no configuration is provided then questions will be prompted during the migration process.")
@@ -97,8 +102,18 @@ public class Migrate implements Action {
// reset migration config from previous stored users choices.
migrationConfig.reset();
-
- try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(migrationConfig.getBoolean(CONFIG_TRUST_ALL_CERTIFICATES, session))) {
+
+ // Handle credentials
+ CredentialsProvider credentialsProvider = null;
+ String login = migrationConfig.getString(CONFIG_ES_LOGIN, session);
+ if (StringUtils.isNotEmpty(login)) {
+ credentialsProvider = new BasicCredentialsProvider();
+ UsernamePasswordCredentials credentials
+ = new UsernamePasswordCredentials(login, migrationConfig.getString(CONFIG_ES_PASSWORD, session));
+ credentialsProvider.setCredentials(AuthScope.ANY, credentials);
+ }
+
+ try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(migrationConfig.getBoolean(CONFIG_TRUST_ALL_CERTIFICATES, session), credentialsProvider)) {
// Compile scripts
scripts = parseScripts(scripts, session, httpClient, migrationConfig);
diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java
index b5fa7b93d..ec7a8a6dc 100644
--- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java
+++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java
@@ -17,6 +17,7 @@
package org.apache.unomi.shell.migration.utils;
import org.apache.http.HttpEntity;
+import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.*;
import org.apache.http.config.Registry;
@@ -52,11 +53,13 @@ import java.util.Map;
public class HttpUtils {
private static final Logger logger = LoggerFactory.getLogger(HttpUtils.class);
- public static CloseableHttpClient initHttpClient(boolean trustAllCertificates) throws IOException {
+ public static CloseableHttpClient initHttpClient(boolean trustAllCertificates, CredentialsProvider credentialsProvider) throws IOException {
long requestStartTime = System.currentTimeMillis();
HttpClientBuilder httpClientBuilder = HttpClients.custom().useSystemProperties();
-
+ if (credentialsProvider != null) {
+ httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
+ }
if (trustAllCertificates) {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
diff --git a/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg b/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg
index 960020cee..1921ba5cf 100644
--- a/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg
+++ b/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg
@@ -18,5 +18,7 @@
# Migration config used for silent migration
# esAddress = http://localhost:9200
+# esLogin = elastic
+# esPassword = password
# httpClient.trustAllCertificates = true
# indexPrefix = context
\ No newline at end of file