You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@beam.apache.org by "Hemant Y Bhoyar (Jira)" <ji...@apache.org> on 2019/09/07 09:56:00 UTC

[jira] [Created] (BEAM-8175) Setting java keystore overrides basic auth in ElasticsearchIO connection configuration

Hemant Y Bhoyar created BEAM-8175:
-------------------------------------

             Summary: Setting java keystore overrides basic auth in ElasticsearchIO connection configuration
                 Key: BEAM-8175
                 URL: https://issues.apache.org/jira/browse/BEAM-8175
             Project: Beam
          Issue Type: Bug
          Components: io-java-elasticsearch
    Affects Versions: 2.15.0
            Reporter: Hemant Y Bhoyar


While creating the rest client in ElasticsearchIO, the httpClientConfigCallback is overridden by the step to set the key store.

Making it not possible to use a custom key store with basic auth.
{code:java}
if (getUsername() != null) {
  final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
  credentialsProvider.setCredentials(
      AuthScope.ANY, new UsernamePasswordCredentials(getUsername(), getPassword()));
  restClientBuilder.setHttpClientConfigCallback(
      httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
if (getKeystorePath() != null && !getKeystorePath().isEmpty()) {
  try {
    KeyStore keyStore = KeyStore.getInstance("jks");
    try (InputStream is = new FileInputStream(new File(getKeystorePath()))) {
      String keystorePassword = getKeystorePassword();
      keyStore.load(is, (keystorePassword == null) ? null : keystorePassword.toCharArray());
    }
    final SSLContext sslContext =
        SSLContexts.custom()
            .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
            .build();
    final SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext);
    restClientBuilder.setHttpClientConfigCallback(
        httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy));
  } catch (Exception e) {
    throw new IOException("Can't load the client certificate from the keystore", e);
  }
}
{code}



--
This message was sent by Atlassian Jira
(v8.3.2#803003)