You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2011/02/17 09:02:25 UTC
svn commit: r1071535 - in /incubator/lcf/trunk: ./
connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/
Author: kwright
Date: Thu Feb 17 08:02:25 2011
New Revision: 1071535
URL: http://svn.apache.org/viewvc?rev=1071535&view=rev
Log:
Fix for CONNECTORS-160. Add working https support to Solr connector.
Modified:
incubator/lcf/trunk/ (props changed)
incubator/lcf/trunk/CHANGES.txt
incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConfig.java
incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConnector.java
Propchange: incubator/lcf/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Feb 17 08:02:25 2011
@@ -1 +1,2 @@
/incubator/lcf/branches/CONNECTORS-151-branch:1063444-1071206
+/incubator/lcf/branches/CONNECTORS-160-branch:1071241-1071534
Modified: incubator/lcf/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/CHANGES.txt?rev=1071535&r1=1071534&r2=1071535&view=diff
==============================================================================
--- incubator/lcf/trunk/CHANGES.txt (original)
+++ incubator/lcf/trunk/CHANGES.txt Thu Feb 17 08:02:25 2011
@@ -3,7 +3,11 @@ $Id$
================== 0.2-dev ==================
-CONNECTORS-151; Add folder support to FileNet connector.
+CONNECTORS-160: Add local trust store and working https support
+for Solr connector.
+(Carina Lannig, Karl Wright)
+
+CONNECTORS-151: Add folder support to FileNet connector.
(Oleg Tikhonov, Karl Wright)
CONNECTORS-157: Web crawler url resolution was broken for relative
Modified: incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java?rev=1071535&r1=1071534&r2=1071535&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java (original)
+++ incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java Thu Feb 17 08:02:25 2011
@@ -57,6 +57,7 @@ public class HttpPoster
private String protocol;
private String host;
+ private javax.net.ssl.SSLSocketFactory socketFactory;
private int port;
private String encodedCredentials;
private String realm;
@@ -104,12 +105,12 @@ public class HttpPoster
/** This is the secure socket factory we will use. I'm presuming it's thread-safe, but
* if not, synchronization blocks are in order when it's used. */
- protected static javax.net.ssl.SSLSocketFactory secureSocketFactory = null;
+ protected static javax.net.ssl.SSLSocketFactory openSecureSocketFactory = null;
static
{
try
{
- secureSocketFactory = getSecureSocketFactory();
+ openSecureSocketFactory = getOpenSecureSocketFactory();
}
catch (ManifoldCFException e)
{
@@ -127,7 +128,8 @@ public class HttpPoster
public HttpPoster(String protocol, String server, int port, String webappName,
String updatePath, String removePath, String statusPath,
String realm, String userID, String password,
- String allowAttributeName, String denyAttributeName, String idAttributeName)
+ String allowAttributeName, String denyAttributeName, String idAttributeName,
+ IKeystoreManager keystoreManager)
throws ManifoldCFException
{
this.allowAttributeName = allowAttributeName;
@@ -137,6 +139,11 @@ public class HttpPoster
this.host = server;
this.port = port;
this.protocol = protocol;
+ if (keystoreManager != null)
+ this.socketFactory = keystoreManager.getSecureSocketFactory();
+ else
+ // Use the "trust everything" one.
+ this.socketFactory = openSecureSocketFactory;
if (userID != null && userID.length() > 0 && password != null)
{
@@ -685,7 +692,7 @@ public class HttpPoster
/** Build a secure socket factory based on no keystore and a lax trust manager.
* This allows use of SSL for privacy but not identification. */
- protected static javax.net.ssl.SSLSocketFactory getSecureSocketFactory()
+ protected static javax.net.ssl.SSLSocketFactory getOpenSecureSocketFactory()
throws ManifoldCFException
{
try
@@ -713,12 +720,12 @@ public class HttpPoster
throws IOException, ManifoldCFException
{
Socket socket;
- if (protocol.equals("https"))
+ if (protocol.equals("https") && socketFactory != null)
{
try
{
- SocketFactory factory = SSLSocketFactory.getDefault();
- socket = factory.createSocket(host,port);
+ //SocketFactory factory = SSLSocketFactory.getDefault();
+ socket = socketFactory.createSocket(host,port);
}
catch (InterruptedIOException e)
{
Modified: incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConfig.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConfig.java?rev=1071535&r1=1071534&r2=1071535&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConfig.java (original)
+++ incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConfig.java Thu Feb 17 08:02:25 2011
@@ -53,6 +53,8 @@ public class SolrConfig
public static final String PARAM_PASSWORD = "Password";
/** Enable commits */
public static final String PARAM_COMMITS = "Commits";
+ /** Keystore */
+ public static final String PARAM_KEYSTORE = "Keystore";
/** Node describing an argument */
public static final String NODE_ARGUMENT = "argument";
/** Attribute with the argument name */
Modified: incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConnector.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConnector.java?rev=1071535&r1=1071534&r2=1071535&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConnector.java (original)
+++ incubator/lcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/SolrConnector.java Thu Feb 17 08:02:25 2011
@@ -141,6 +141,12 @@ public class SolrConnector extends org.a
String userID = params.getParameter(SolrConfig.PARAM_USERID);
String password = params.getObfuscatedParameter(SolrConfig.PARAM_PASSWORD);
String realm = params.getParameter(SolrConfig.PARAM_REALM);
+ String keystoreData = params.getParameter(SolrConfig.PARAM_KEYSTORE);
+ IKeystoreManager keystoreManager;
+ if (keystoreData != null)
+ keystoreManager = KeystoreManagerFactory.make("",keystoreData);
+ else
+ keystoreManager = null;
if (core != null)
{
@@ -152,7 +158,7 @@ public class SolrConnector extends org.a
try
{
poster = new HttpPoster(protocol,server,Integer.parseInt(port),webapp,updatePath,removePath,statusPath,realm,userID,password,
- allowAttributeName,denyAttributeName,idAttributeName);
+ allowAttributeName,denyAttributeName,idAttributeName,keystoreManager);
}
catch (NumberFormatException e)
{
@@ -410,6 +416,27 @@ public class SolrConnector extends org.a
out.print(
"<script type=\"text/javascript\">\n"+
"<!--\n"+
+"function SolrDeleteCertificate(aliasName)\n"+
+"{\n"+
+" editconnection.solrkeystorealias.value = aliasName;\n"+
+" editconnection.configop.value = \"Delete\";\n"+
+" postForm();\n"+
+"}\n"+
+"\n"+
+"function SolrAddCertificate()\n"+
+"{\n"+
+" if (editconnection.solrcertificate.value == \"\")\n"+
+" {\n"+
+" alert(\"Choose a certificate file\");\n"+
+" editconnection.solrcertificate.focus();\n"+
+" }\n"+
+" else\n"+
+" {\n"+
+" editconnection.configop.value = \"Add\";\n"+
+" postForm();\n"+
+" }\n"+
+"}\n"+
+"\n"+
"function checkConfig()\n"+
"{\n"+
" if (editconnection.servername.value == \"\")\n"+
@@ -619,7 +646,25 @@ public class SolrConnector extends org.a
if (commits == null)
commits = "true";
+ String solrKeystore = parameters.getParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE);
+ IKeystoreManager localKeystore;
+ if (solrKeystore == null)
+ localKeystore = KeystoreManagerFactory.make("");
+ else
+ localKeystore = KeystoreManagerFactory.make("",solrKeystore);
+
// "Server" tab
+ // Always pass the whole keystore as a hidden.
+ if (solrKeystore != null)
+ {
+ out.print(
+"<input type=\"hidden\" name=\"keystoredata\" value=\""+org.apache.manifoldcf.ui.util.Encoder.attributeEscape(solrKeystore)+"\"/>\n"
+ );
+ }
+ out.print(
+"<input name=\"configop\" type=\"hidden\" value=\"Continue\"/>\n"
+ );
+
if (tabName.equals("Server"))
{
out.print(
@@ -695,6 +740,45 @@ public class SolrConnector extends org.a
" <input type=\"password\" size=\"32\" name=\"password\" value=\""+org.apache.manifoldcf.ui.util.Encoder.attributeEscape(password)+"\"/>\n"+
" </td>\n"+
" </tr>\n"+
+" <tr><td class=\"separator\" colspan=\"2\"><hr/></td></tr>\n"+
+" <tr>\n"+
+" <td class=\"description\"><nobr>SSL trust certificate list:</nobr></td>\n"+
+" <td class=\"value\">\n"+
+" <input type=\"hidden\" name=\"solrkeystorealias\" value=\"\"/>\n"+
+" <table class=\"displaytable\">\n"
+ );
+ // List the individual certificates in the store, with a delete button for each
+ String[] contents = localKeystore.getContents();
+ if (contents.length == 0)
+ {
+ out.print(
+" <tr><td class=\"message\" colspan=\"2\"><nobr>No certificates present</nobr></td></tr>\n"
+ );
+ }
+ else
+ {
+ int i = 0;
+ while (i < contents.length)
+ {
+ String alias = contents[i];
+ String description = localKeystore.getDescription(alias);
+ if (description.length() > 128)
+ description = description.substring(0,125) + "...";
+ out.print(
+" <tr>\n"+
+" <td class=\"value\"><input type=\"button\" onclick='Javascript:SolrDeleteCertificate(\""+org.apache.manifoldcf.ui.util.Encoder.attributeJavascriptEscape(alias)+"\")' alt=\""+"Delete cert "+org.apache.manifoldcf.ui.util.Encoder.attributeEscape(alias)+"\" value=\"Delete\"/></td>\n"+
+" <td>"+org.apache.manifoldcf.ui.util.Encoder.bodyEscape(description)+"</td>\n"+
+" </tr>\n"
+ );
+ i++;
+ }
+ }
+ out.print(
+" </table>\n"+
+" <input type=\"button\" onclick='Javascript:SolrAddCertificate()' alt=\"Add cert\" value=\"Add\"/> \n"+
+" Certificate: <input name=\"solrcertificate\" size=\"50\" type=\"file\"/>\n"+
+" </td>\n"+
+" </tr>\n"+
"</table>\n"
);
}
@@ -960,6 +1044,14 @@ public class SolrConnector extends org.a
parameters.setParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_COMMITS,commits);
}
+ String keystoreValue = variableContext.getParameter("keystoredata");
+ IKeystoreManager mgr;
+ if (keystoreValue != null)
+ mgr = KeystoreManagerFactory.make("",keystoreValue);
+ else
+ mgr = KeystoreManagerFactory.make("");
+ parameters.setParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE,mgr.getString());
+
String x = variableContext.getParameter("argument_count");
if (x != null && x.length() > 0)
{
@@ -1002,6 +1094,60 @@ public class SolrConnector extends org.a
parameters.addChild(parameters.getChildCount(),node);
}
}
+
+ String configOp = variableContext.getParameter("configop");
+ if (configOp != null)
+ {
+ if (configOp.equals("Delete"))
+ {
+ String alias = variableContext.getParameter("solrkeystorealias");
+ keystoreValue = parameters.getParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE);
+ if (keystoreValue != null)
+ mgr = KeystoreManagerFactory.make("",keystoreValue);
+ else
+ mgr = KeystoreManagerFactory.make("");
+ mgr.remove(alias);
+ parameters.setParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE,mgr.getString());
+ }
+ else if (configOp.equals("Add"))
+ {
+ String alias = IDFactory.make(threadContext);
+ byte[] certificateValue = variableContext.getBinaryBytes("solrcertificate");
+ keystoreValue = parameters.getParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE);
+ if (keystoreValue != null)
+ mgr = KeystoreManagerFactory.make("",keystoreValue);
+ else
+ mgr = KeystoreManagerFactory.make("");
+ java.io.InputStream is = new java.io.ByteArrayInputStream(certificateValue);
+ String certError = null;
+ try
+ {
+ mgr.importCertificate(alias,is);
+ }
+ catch (Throwable e)
+ {
+ certError = e.getMessage();
+ }
+ finally
+ {
+ try
+ {
+ is.close();
+ }
+ catch (IOException e)
+ {
+ // Eat this exception
+ }
+ }
+
+ if (certError != null)
+ {
+ return "Illegal certificate: "+certError;
+ }
+ parameters.setParameter(org.apache.manifoldcf.agents.output.solr.SolrConfig.PARAM_KEYSTORE,mgr.getString());
+ }
+ }
+
return null;
}
@@ -1111,7 +1257,6 @@ public class SolrConnector extends org.a
out.print(
"<script type=\"text/javascript\">\n"+
"<!--\n"+
-"\n"+
"function checkOutputSpecification()\n"+
"{\n"+
" return true;\n"+