You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@beam.apache.org by "Hemant Y Bhoyar (Jira)" <ji...@apache.org> on 2019/09/07 09:56:00 UTC
[jira] [Created] (BEAM-8175) Setting java keystore overrides basic
auth in ElasticsearchIO connection configuration
Hemant Y Bhoyar created BEAM-8175:
-------------------------------------
Summary: Setting java keystore overrides basic auth in ElasticsearchIO connection configuration
Key: BEAM-8175
URL: https://issues.apache.org/jira/browse/BEAM-8175
Project: Beam
Issue Type: Bug
Components: io-java-elasticsearch
Affects Versions: 2.15.0
Reporter: Hemant Y Bhoyar
While creating the rest client in ElasticsearchIO, the httpClientConfigCallback is overridden by the step to set the key store.
Making it not possible to use a custom key store with basic auth.
{code:java}
if (getUsername() != null) {
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(
AuthScope.ANY, new UsernamePasswordCredentials(getUsername(), getPassword()));
restClientBuilder.setHttpClientConfigCallback(
httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
if (getKeystorePath() != null && !getKeystorePath().isEmpty()) {
try {
KeyStore keyStore = KeyStore.getInstance("jks");
try (InputStream is = new FileInputStream(new File(getKeystorePath()))) {
String keystorePassword = getKeystorePassword();
keyStore.load(is, (keystorePassword == null) ? null : keystorePassword.toCharArray());
}
final SSLContext sslContext =
SSLContexts.custom()
.loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
.build();
final SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext);
restClientBuilder.setHttpClientConfigCallback(
httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy));
} catch (Exception e) {
throw new IOException("Can't load the client certificate from the keystore", e);
}
}
{code}
--
This message was sent by Atlassian Jira
(v8.3.2#803003)