You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tika.apache.org by ta...@apache.org on 2022/04/20 21:08:47 UTC
[tika] branch TIKA-3719 updated: TIKA-3719 -- try to add trust store
This is an automated email from the ASF dual-hosted git repository.
tallison pushed a commit to branch TIKA-3719
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/TIKA-3719 by this push:
new 85046e3f3 TIKA-3719 -- try to add trust store
85046e3f3 is described below
commit 85046e3f30f7e24900bec45d18d487ba57107098
Author: tallison <ta...@apache.org>
AuthorDate: Wed Apr 20 17:08:33 2022 -0400
TIKA-3719 -- try to add trust store
---
.../apache/tika/server/core/TikaServerProcess.java | 12 +++++++++++
.../org/apache/tika/server/core/TlsConfig.java | 24 ++++++++++++++++------
2 files changed, 30 insertions(+), 6 deletions(-)
diff --git a/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerProcess.java b/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerProcess.java
index 0d3761991..1b34916c7 100644
--- a/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerProcess.java
+++ b/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TikaServerProcess.java
@@ -40,6 +40,7 @@ import org.apache.cxf.configuration.jsse.TLSParameterJaxBUtils;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
import org.apache.cxf.configuration.security.KeyManagersType;
import org.apache.cxf.configuration.security.KeyStoreType;
+import org.apache.cxf.configuration.security.TrustManagersType;
import org.apache.cxf.endpoint.Server;
import org.apache.cxf.jaxrs.JAXRSBindingFactory;
import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
@@ -291,6 +292,17 @@ public class TikaServerProcess {
kmt.setKeyPassword(tlsConfig.getKeyStorePassword());
TLSServerParameters parameters = new TLSServerParameters();
parameters.setKeyManagers(TLSParameterJaxBUtils.getKeyManagers(kmt));
+
+ if (tlsConfig.hasTrustStore()) {
+ KeyStoreType trustKeyStore = new KeyStoreType();
+ trustKeyStore.setType(tlsConfig.getTrustStoreType());
+ trustKeyStore.setPassword(tlsConfig.getTrustStorePassword());
+ trustKeyStore.setResource(tlsConfig.getTrustStoreFile());
+
+ TrustManagersType tmt = new TrustManagersType();
+ tmt.setKeyStore(trustKeyStore);
+ parameters.setTrustManagers(TLSParameterJaxBUtils.getTrustManagers(tmt, true));
+ }
return parameters;
}
diff --git a/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TlsConfig.java b/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TlsConfig.java
index 8a85679e0..20ad36bc0 100644
--- a/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TlsConfig.java
+++ b/tika-server/tika-server-core/src/main/java/org/apache/tika/server/core/TlsConfig.java
@@ -111,12 +111,18 @@ public class TlsConfig implements Initializable {
throw new TikaConfigException("must initialize keyStoreFile");
} else if (StringUtils.isBlank(keyStorePassword)) {
throw new TikaConfigException("must initialize keyStorePassword");
- } else if (StringUtils.isBlank(trustStoreType)) {
- throw new TikaConfigException("must initialize trustStoreType");
- } else if (StringUtils.isBlank(trustStoreFile)) {
- throw new TikaConfigException("must initialize trustStoreFile");
- } else if (StringUtils.isBlank(trustStorePassword)) {
- throw new TikaConfigException("must initialize trustStorePassword");
+ }
+ if (hasTrustStore()) {
+ if (StringUtils.isBlank(trustStoreType)) {
+ throw new TikaConfigException("must initialize trustStoreType " +
+ "if there's any trustStore info");
+ } else if (StringUtils.isBlank(trustStoreFile)) {
+ throw new TikaConfigException("must initialize trustStoreFile " +
+ "if there's any trustStore info");
+ } else if (StringUtils.isBlank(trustStorePassword)) {
+ throw new TikaConfigException("must initialize trustStorePassword " +
+ "if there's any trustStore info");
+ }
}
}
}
@@ -130,4 +136,10 @@ public class TlsConfig implements Initializable {
", trustStorePassword='" + trustStorePassword + '\'' + ", trustStoreFile='" +
trustStoreFile + '\'' + '}';
}
+
+ public boolean hasTrustStore() {
+ return ! StringUtils.isBlank(trustStoreType) &&
+ ! StringUtils.isBlank(trustStorePassword) &&
+ ! StringUtils.isBlank(trustStoreFile);
+ }
}