You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2020/11/24 14:37:05 UTC
[GitHub] [pulsar] yanshuchong opened a new issue #8684: SASL improvement:config serviceHttpUrl with ip
yanshuchong opened a new issue #8684:
URL: https://github.com/apache/pulsar/issues/8684
admin client code can init with both ip or hosts like :
PulsarAdminBuilder pulsarAdminBuilder = PulsarAdmin.builder().serviceHttpUrl("http://10.33.50.71:8080");
or
PulsarAdminBuilder pulsarAdminBuilder = PulsarAdmin.builder().serviceHttpUrl("http://host-10-33-50-71:8080");
code of PulsarSaslClient.java
String serverPrincipal = serverType.toLowerCase() + "/" + serverHostname;
change to
String serverPrincipal = serverType.toLowerCase() + "/" + getServerPrincipal(serverHostname);
Sample Code reference from ZooKeeper
private String getServerPrincipal(String ipOrHost) {
boolean isIp = IPAddress.isValid(ipOrHost);
if (!isIp) {
return ipOrHost;
}
WrapperInetSocketAddress addr = new WrapperInetSocketAddress(new InetSocketAddress(ipOrHost, DEFAULT_PORT));
String hostName = addr.getHostName();
boolean canonicalize =
Boolean.parseBoolean(System.getProperty("pulsar.sasl.client.canonicalize.hostname", "true"));
if (canonicalize) {
WrapperInetAddress ia = addr.getAddress();
if (ia == null) {
throw new IllegalArgumentException(
"Unable to canonicalize address " + addr + " because it's not resolvable");
}
String canonicalHostName = ia.getCanonicalHostName();
// avoid using literal IP address when security check fails
if (!canonicalHostName.equals(ia.getHostAddress())) {
hostName = canonicalHostName;
}
}
return hostName;
}
/**
* This is here to provide a way to unit test the core logic as the methods for
* InetSocketAddress are marked as final.
*/
static class WrapperInetSocketAddress {
private final InetSocketAddress addr;
WrapperInetSocketAddress(InetSocketAddress addr) {
this.addr = addr;
}
public String getHostName() {
return addr.getHostName();
}
public WrapperInetAddress getAddress() {
InetAddress ia = addr.getAddress();
return ia == null ? null : new WrapperInetAddress(ia);
}
@Override
public String toString() {
return addr.toString();
}
}
/**
* This is here to provide a way to unit test the core logic as the methods for
* InetAddress are marked as final.
*/
static class WrapperInetAddress {
private final InetAddress ia;
WrapperInetAddress(InetAddress ia) {
this.ia = ia;
}
public String getCanonicalHostName() {
return ia.getCanonicalHostName();
}
public String getHostAddress() {
return ia.getHostAddress();
}
@Override
public String toString() {
return ia.toString();
}
}
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org