You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@beam.apache.org by "Hemant Y Bhoyar (Jira)" <ji...@apache.org> on 2019/09/07 11:00:03 UTC
[jira] [Updated] (BEAM-8175) Setting java keystore overrides basic
auth in ElasticsearchIO connection configuration
[ https://issues.apache.org/jira/browse/BEAM-8175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hemant Y Bhoyar updated BEAM-8175:
----------------------------------
Status: Open (was: Triage Needed)
> Setting java keystore overrides basic auth in ElasticsearchIO connection configuration
> --------------------------------------------------------------------------------------
>
> Key: BEAM-8175
> URL: https://issues.apache.org/jira/browse/BEAM-8175
> Project: Beam
> Issue Type: Bug
> Components: io-java-elasticsearch
> Affects Versions: 2.15.0
> Reporter: Hemant Y Bhoyar
> Priority: Major
>
> While creating the rest client in ElasticsearchIO, the httpClientConfigCallback is overridden by the step to set the key store.
> Making it not possible to use a custom key store with basic auth.
> {code:java}
> if (getUsername() != null) {
> final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
> credentialsProvider.setCredentials(
> AuthScope.ANY, new UsernamePasswordCredentials(getUsername(), getPassword()));
> restClientBuilder.setHttpClientConfigCallback(
> httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
> }
> if (getKeystorePath() != null && !getKeystorePath().isEmpty()) {
> try {
> KeyStore keyStore = KeyStore.getInstance("jks");
> try (InputStream is = new FileInputStream(new File(getKeystorePath()))) {
> String keystorePassword = getKeystorePassword();
> keyStore.load(is, (keystorePassword == null) ? null : keystorePassword.toCharArray());
> }
> final SSLContext sslContext =
> SSLContexts.custom()
> .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
> .build();
> final SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext);
> restClientBuilder.setHttpClientConfigCallback(
> httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy));
> } catch (Exception e) {
> throw new IOException("Can't load the client certificate from the keystore", e);
> }
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.3.2#803003)