You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@beam.apache.org by "Hemant Y Bhoyar (Jira)" <ji...@apache.org> on 2019/09/07 11:00:03 UTC

[jira] [Updated] (BEAM-8175) Setting java keystore overrides basic auth in ElasticsearchIO connection configuration

     [ https://issues.apache.org/jira/browse/BEAM-8175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hemant Y Bhoyar updated BEAM-8175:
----------------------------------
    Status: Open  (was: Triage Needed)

> Setting java keystore overrides basic auth in ElasticsearchIO connection configuration
> --------------------------------------------------------------------------------------
>
>                 Key: BEAM-8175
>                 URL: https://issues.apache.org/jira/browse/BEAM-8175
>             Project: Beam
>          Issue Type: Bug
>          Components: io-java-elasticsearch
>    Affects Versions: 2.15.0
>            Reporter: Hemant Y Bhoyar
>            Priority: Major
>
> While creating the rest client in ElasticsearchIO, the httpClientConfigCallback is overridden by the step to set the key store.
> Making it not possible to use a custom key store with basic auth.
> {code:java}
> if (getUsername() != null) {
>   final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
>   credentialsProvider.setCredentials(
>       AuthScope.ANY, new UsernamePasswordCredentials(getUsername(), getPassword()));
>   restClientBuilder.setHttpClientConfigCallback(
>       httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
> }
> if (getKeystorePath() != null && !getKeystorePath().isEmpty()) {
>   try {
>     KeyStore keyStore = KeyStore.getInstance("jks");
>     try (InputStream is = new FileInputStream(new File(getKeystorePath()))) {
>       String keystorePassword = getKeystorePassword();
>       keyStore.load(is, (keystorePassword == null) ? null : keystorePassword.toCharArray());
>     }
>     final SSLContext sslContext =
>         SSLContexts.custom()
>             .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
>             .build();
>     final SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext);
>     restClientBuilder.setHttpClientConfigCallback(
>         httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy));
>   } catch (Exception e) {
>     throw new IOException("Can't load the client certificate from the keystore", e);
>   }
> }
> {code}



--
This message was sent by Atlassian Jira
(v8.3.2#803003)