You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by el...@apache.org on 2014/09/16 03:03:47 UTC
[2/3] git commit: ACCUMULO-3129 Pass credential provider into client
configuration and set non-empty truststore password.
ACCUMULO-3129 Pass credential provider into client configuration and set non-empty truststore password.
Making a non-empty password for the truststore makes things a bit
more reliable to actually work (I think empty passwords are disallowed
by the CredentialProvider impls). If the client is also using a
CredentialProvider, the ClientConfiguration also needs this property.
Adding the extra value to the enum passes it from accumulo-site.xml
into the generate client.conf by AbstractMacIT.
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/7f62ec1b
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/7f62ec1b
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/7f62ec1b
Branch: refs/heads/master
Commit: 7f62ec1b37dc1e8fe7512358360dcb591b0ba224
Parents: e455005
Author: Josh Elser <el...@apache.org>
Authored: Mon Sep 15 20:26:02 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Sep 15 20:26:02 2014 -0400
----------------------------------------------------------------------
.../core/client/ClientConfiguration.java | 33 ++++++++++----------
.../accumulo/test/functional/AbstractMacIT.java | 5 ++-
.../test/functional/SslWithClientAuthIT.java | 2 +-
3 files changed, 22 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/7f62ec1b/core/src/main/java/org/apache/accumulo/core/client/ClientConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/ClientConfiguration.java b/core/src/main/java/org/apache/accumulo/core/client/ClientConfiguration.java
index b0ae537..b64fab4 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/ClientConfiguration.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/ClientConfiguration.java
@@ -34,7 +34,7 @@ import org.apache.commons.configuration.PropertiesConfiguration;
/**
* Contains a list of property keys recognized by the Accumulo client and convenience methods for setting them.
- *
+ *
* @since 1.6.0
*/
public class ClientConfiguration extends CompositeConfiguration {
@@ -50,6 +50,7 @@ public class ClientConfiguration extends CompositeConfiguration {
RPC_SSL_KEYSTORE_PASSWORD(Property.RPC_SSL_KEYSTORE_PASSWORD),
RPC_SSL_KEYSTORE_TYPE(Property.RPC_SSL_KEYSTORE_TYPE),
RPC_USE_JSSE(Property.RPC_USE_JSSE),
+ GENERAL_SECURITY_CREDENTIAL_PROVIDER_PATHS(Property.GENERAL_SECURITY_CREDENTIAL_PROVIDER_PATHS),
INSTANCE_RPC_SSL_CLIENT_AUTH(Property.INSTANCE_RPC_SSL_CLIENT_AUTH),
INSTANCE_RPC_SSL_ENABLED(Property.INSTANCE_RPC_SSL_ENABLED),
INSTANCE_ZK_HOST(Property.INSTANCE_ZK_HOST),
@@ -110,7 +111,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Iterates through the Configuration objects, populating this object.
- *
+ *
* @see PropertiesConfiguration
* @see #loadDefault()
*/
@@ -123,10 +124,10 @@ public class ClientConfiguration extends CompositeConfiguration {
* Attempts to load a configuration file from the system. Uses the "ACCUMULO_CLIENT_CONF_PATH" environment variable, split on File.pathSeparator, for a list
* of target files. If not set, uses the following in this order- ~/.accumulo/config $ACCUMULO_CONF_DIR/client.conf -OR- $ACCUMULO_HOME/conf/client.conf
* (depending on whether $ACCUMULO_CONF_DIR is set) /etc/accumulo/client.conf
- *
+ *
* A client configuration will then be read from each location using PropertiesConfiguration to construct a configuration. That means the latest item will be
* the one in the configuration.
- *
+ *
* @see PropertiesConfiguration
* @see File#pathSeparator
*/
@@ -196,7 +197,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Returns the value for prop, the default value if not present.
- *
+ *
*/
public String get(ClientProperty prop) {
if (this.containsKey(prop.getKey()))
@@ -207,7 +208,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Sets the value of property to value
- *
+ *
*/
public void setProperty(ClientProperty prop, String value) {
this.setProperty(prop.getKey(), value);
@@ -223,7 +224,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_NAME
- *
+ *
*/
public ClientConfiguration withInstance(String instanceName) {
ArgumentChecker.notNull(instanceName);
@@ -232,7 +233,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_ID
- *
+ *
*/
public ClientConfiguration withInstance(UUID instanceId) {
ArgumentChecker.notNull(instanceId);
@@ -241,7 +242,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_ZK_HOST
- *
+ *
*/
public ClientConfiguration withZkHosts(String zooKeepers) {
ArgumentChecker.notNull(zooKeepers);
@@ -250,7 +251,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_ZK_TIMEOUT
- *
+ *
*/
public ClientConfiguration withZkTimeout(int timeout) {
return with(ClientProperty.INSTANCE_ZK_TIMEOUT, String.valueOf(timeout));
@@ -258,7 +259,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #withSsl(boolean, boolean)} with useJsseConfig set to false
- *
+ *
*/
public ClientConfiguration withSsl(boolean sslEnabled) {
return withSsl(sslEnabled, false);
@@ -266,7 +267,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_RPC_SSL_ENABLED and ClientProperty.RPC_USE_JSSE
- *
+ *
*/
public ClientConfiguration withSsl(boolean sslEnabled, boolean useJsseConfig) {
return with(ClientProperty.INSTANCE_RPC_SSL_ENABLED, String.valueOf(sslEnabled)).with(ClientProperty.RPC_USE_JSSE, String.valueOf(useJsseConfig));
@@ -274,7 +275,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #withTruststore(String)} with password null and type null
- *
+ *
*/
public ClientConfiguration withTruststore(String path) {
return withTruststore(path, null, null);
@@ -283,7 +284,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.RPC_SSL_TRUSTORE_PATH, ClientProperty.RPC_SSL_TRUSTORE_PASSWORD, and
* ClientProperty.RPC_SSL_TRUSTORE_TYPE
- *
+ *
*/
public ClientConfiguration withTruststore(String path, String password, String type) {
ArgumentChecker.notNull(path);
@@ -297,7 +298,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #withKeystore(String, String, String)} with password null and type null
- *
+ *
*/
public ClientConfiguration withKeystore(String path) {
return withKeystore(path, null, null);
@@ -306,7 +307,7 @@ public class ClientConfiguration extends CompositeConfiguration {
/**
* Same as {@link #with(ClientProperty, String)} for ClientProperty.INSTANCE_RPC_SSL_CLIENT_AUTH, ClientProperty.RPC_SSL_KEYSTORE_PATH,
* ClientProperty.RPC_SSL_KEYSTORE_PASSWORD, and ClientProperty.RPC_SSL_KEYSTORE_TYPE
- *
+ *
*/
public ClientConfiguration withKeystore(String path, String password, String type) {
ArgumentChecker.notNull(path);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/7f62ec1b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
index 415682b..22e46ff 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
@@ -102,9 +102,11 @@ public abstract class AbstractMacIT {
File rootKeystoreFile = new File(sslDir, "root-" + cfg.getInstanceName() + ".jks");
File localKeystoreFile = new File(sslDir, "local-" + cfg.getInstanceName() + ".jks");
File publicTruststoreFile = new File(sslDir, "public-" + cfg.getInstanceName() + ".jks");
+ final String rootKeystorePassword = "root_keystore_password", truststorePassword = "truststore_password";
try {
new CertUtils(Property.RPC_SSL_KEYSTORE_TYPE.getDefaultValue(), "o=Apache Accumulo,cn=MiniAccumuloCluster", "RSA", 2048, "sha1WithRSAEncryption")
- .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), "root_keystore_password", cfg.getRootPassword(), "");
+ .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), rootKeystorePassword, cfg.getRootPassword(),
+ truststorePassword);
} catch (Exception e) {
throw new RuntimeException("error creating MAC keystore", e);
}
@@ -113,6 +115,7 @@ public abstract class AbstractMacIT {
siteConfig.put(Property.RPC_SSL_KEYSTORE_PATH.getKey(), localKeystoreFile.getAbsolutePath());
siteConfig.put(Property.RPC_SSL_KEYSTORE_PASSWORD.getKey(), cfg.getRootPassword());
siteConfig.put(Property.RPC_SSL_TRUSTSTORE_PATH.getKey(), publicTruststoreFile.getAbsolutePath());
+ siteConfig.put(Property.RPC_SSL_TRUSTSTORE_PASSWORD.getKey(), truststorePassword);
cfg.setSiteConfig(siteConfig);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/7f62ec1b/test/src/test/java/org/apache/accumulo/test/functional/SslWithClientAuthIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/SslWithClientAuthIT.java b/test/src/test/java/org/apache/accumulo/test/functional/SslWithClientAuthIT.java
index 4c49b1b..8745707 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/SslWithClientAuthIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/SslWithClientAuthIT.java
@@ -42,7 +42,7 @@ public class SslWithClientAuthIT extends SslIT {
@Override
protected int defaultTimeoutSeconds() {
- return 6 * 60;
+ return 8 * 60;
}
@Override