You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by ni...@apache.org on 2019/04/25 06:12:28 UTC
[atlas] branch branch-0.8 updated: ATLAS-3129 Fix SSL Truststore
reloader leak from AtlasBaseClient
This is an automated email from the ASF dual-hosted git repository.
nixon pushed a commit to branch branch-0.8
in repository https://gitbox.apache.org/repos/asf/atlas.git
The following commit(s) were added to refs/heads/branch-0.8 by this push:
new 4d92690 ATLAS-3129 Fix SSL Truststore reloader leak from AtlasBaseClient
4d92690 is described below
commit 4d926905ab8ed9eea3a2dedd7b5b57f92c57ebaf
Author: nixonrodrigues <ni...@apache.org>
AuthorDate: Mon Apr 22 19:21:01 2019 +0530
ATLAS-3129 Fix SSL Truststore reloader leak from AtlasBaseClient
Change-Id: I5af8c26a41a7010de645ddaa6869c3ce15723f43
---
.../org/apache/atlas/hbase/bridge/HBaseBridge.java | 6 +++-
.../atlas/hive/bridge/HiveMetaStoreBridge.java | 6 +++-
.../java/org/apache/atlas/AtlasBaseClient.java | 13 +++++--
.../apache/atlas/security/SecureClientUtils.java | 32 ++++++++++++-----
.../java/org/apache/atlas/examples/QuickStart.java | 36 ++++++++++++-------
.../org/apache/atlas/examples/QuickStartV2.java | 40 ++++++++++++++--------
6 files changed, 94 insertions(+), 39 deletions(-)
diff --git a/addons/hbase-bridge/src/main/java/org/apache/atlas/hbase/bridge/HBaseBridge.java b/addons/hbase-bridge/src/main/java/org/apache/atlas/hbase/bridge/HBaseBridge.java
index 6e1a365..8803755 100644
--- a/addons/hbase-bridge/src/main/java/org/apache/atlas/hbase/bridge/HBaseBridge.java
+++ b/addons/hbase-bridge/src/main/java/org/apache/atlas/hbase/bridge/HBaseBridge.java
@@ -113,6 +113,7 @@ public class HBaseBridge {
public static void main(String[] args) {
int exitCode = EXIT_CODE_FAILED;
+ AtlasClientV2 atlasClientV2 =null;
try {
Options options = new Options();
@@ -132,7 +133,6 @@ public class HBaseBridge {
urls = new String[] { DEFAULT_ATLAS_URL };
}
- final AtlasClientV2 atlasClientV2;
if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
String[] basicAuthUsernamePassword = AuthenticationUtil.getBasicAuthenticationInput();
@@ -185,6 +185,10 @@ public class HBaseBridge {
System.out.println("ImportHBaseEntities failed. Please check the log file for the detailed error message");
LOG.error("ImportHBaseEntities failed", e);
+ }finally {
+ if(atlasClientV2!=null) {
+ atlasClientV2.close();
+ }
}
System.exit(exitCode);
diff --git a/addons/hive-bridge/src/main/java/org/apache/atlas/hive/bridge/HiveMetaStoreBridge.java b/addons/hive-bridge/src/main/java/org/apache/atlas/hive/bridge/HiveMetaStoreBridge.java
index 2f6d1fa..f18d01b 100755
--- a/addons/hive-bridge/src/main/java/org/apache/atlas/hive/bridge/HiveMetaStoreBridge.java
+++ b/addons/hive-bridge/src/main/java/org/apache/atlas/hive/bridge/HiveMetaStoreBridge.java
@@ -102,6 +102,7 @@ public class HiveMetaStoreBridge {
public static void main(String[] args) {
int exitCode = EXIT_CODE_FAILED;
+ AtlasClientV2 atlasClientV2 = null;
try {
Options options = new Options();
@@ -122,7 +123,6 @@ public class HiveMetaStoreBridge {
atlasEndpoint = new String[] { DEFAULT_ATLAS_URL };
}
- final AtlasClientV2 atlasClientV2;
if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
String[] basicAuthUsernamePassword = AuthenticationUtil.getBasicAuthenticationInput();
@@ -173,6 +173,10 @@ public class HiveMetaStoreBridge {
printUsage();
} catch(Exception e) {
LOG.error("Import failed", e);
+ } finally {
+ if( atlasClientV2 !=null) {
+ atlasClientV2.close();
+ }
}
System.exit(exitCode);
diff --git a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
index ad92191..60276ca 100644
--- a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
+++ b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
@@ -111,6 +111,8 @@ public abstract class AtlasBaseClient {
private boolean retryEnabled = false;
private Cookie cookie = null;
+ private SecureClientUtils clientUtils;
+
protected AtlasBaseClient() {
}
@@ -279,14 +281,15 @@ public abstract class AtlasBaseClient {
}
final URLConnectionClientHandler handler;
+ clientUtils = new SecureClientUtils();
boolean isKerberosEnabled = AuthenticationUtil.isKerberosAuthenticationEnabled(ugi);
if (isKerberosEnabled) {
- handler = SecureClientUtils.getClientConnectionHandler(config, configuration, doAsUser, ugi);
+ handler = clientUtils.getClientConnectionHandler(config, configuration, doAsUser, ugi);
} else {
if (configuration.getBoolean(TLS_ENABLED, false)) {
- handler = SecureClientUtils.getUrlConnectionClientHandler();
+ handler = clientUtils.getUrlConnectionClientHandler();
} else {
handler = new URLConnectionClientHandler();
}
@@ -297,6 +300,12 @@ public abstract class AtlasBaseClient {
return client;
}
+ public void close() {
+ if (clientUtils != null) {
+ clientUtils.destroyFactory();
+ }
+ }
+
@VisibleForTesting
protected String determineActiveServiceURL(String[] baseUrls, Client client) {
if (baseUrls.length == 0) {
diff --git a/client/common/src/main/java/org/apache/atlas/security/SecureClientUtils.java b/client/common/src/main/java/org/apache/atlas/security/SecureClientUtils.java
index aeae300..f9463ed 100644
--- a/client/common/src/main/java/org/apache/atlas/security/SecureClientUtils.java
+++ b/client/common/src/main/java/org/apache/atlas/security/SecureClientUtils.java
@@ -57,9 +57,10 @@ public class SecureClientUtils {
public final static int DEFAULT_SOCKET_TIMEOUT_IN_MSECS = 1 * 60 * 1000; // 1 minute
private static final Logger LOG = LoggerFactory.getLogger(SecureClientUtils.class);
+ private SSLFactory factory = null;
- public static URLConnectionClientHandler getClientConnectionHandler(DefaultClientConfig config,
+ public URLConnectionClientHandler getClientConnectionHandler(DefaultClientConfig config,
org.apache.commons.configuration.Configuration clientConfig, String doAsUser,
final UserGroupInformation ugi) {
config.getProperties().put(URLConnectionClientHandler.PROPERTY_HTTP_URL_CONNECTION_SET_METHOD_WORKAROUND, true);
@@ -125,7 +126,7 @@ public class SecureClientUtils {
}
};
- private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
+ private ConnectionConfigurator newConnConfigurator(Configuration conf) {
try {
return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT_IN_MSECS, conf);
} catch (Exception e) {
@@ -134,14 +135,12 @@ public class SecureClientUtils {
}
}
- private static ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf)
+ private ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf)
throws IOException, GeneralSecurityException {
- final SSLFactory factory;
final SSLSocketFactory sf;
final HostnameVerifier hv;
- factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
- factory.init();
+ factory = getSSLFactory(conf);
sf = factory.createSSLSocketFactory();
hv = factory.getHostnameVerifier();
@@ -159,6 +158,22 @@ public class SecureClientUtils {
};
}
+ public SSLFactory getSSLFactory(Configuration conf) throws IOException, GeneralSecurityException {
+ if (factory == null) {
+ factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
+ factory.init();
+ }
+ return factory;
+ }
+
+ public void destroyFactory() {
+ if (factory != null) {
+ factory.destroy();
+ factory = null;
+ }
+ }
+
+
private static void setTimeouts(URLConnection connection, int socketTimeout) {
connection.setConnectTimeout(socketTimeout);
connection.setReadTimeout(socketTimeout);
@@ -210,7 +225,7 @@ public class SecureClientUtils {
}
}
- public static URLConnectionClientHandler getUrlConnectionClientHandler() {
+ public URLConnectionClientHandler getUrlConnectionClientHandler() {
return new URLConnectionClientHandler(new HttpURLConnectionFactory() {
@Override
public HttpURLConnection getHttpURLConnection(URL url)
@@ -230,8 +245,7 @@ public class SecureClientUtils {
UserGroupInformation.setConfiguration(conf);
HttpsURLConnection c = (HttpsURLConnection) connection;
- factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
- factory.init();
+ factory = getSSLFactory(conf);
sf = factory.createSSLSocketFactory();
hv = factory.getHostnameVerifier();
c.setSSLSocketFactory(sf);
diff --git a/webapp/src/main/java/org/apache/atlas/examples/QuickStart.java b/webapp/src/main/java/org/apache/atlas/examples/QuickStart.java
index 91ba111..496e5e1 100755
--- a/webapp/src/main/java/org/apache/atlas/examples/QuickStart.java
+++ b/webapp/src/main/java/org/apache/atlas/examples/QuickStart.java
@@ -84,22 +84,28 @@ public class QuickStart {
@VisibleForTesting
static void runQuickstart(String[] args, String[] basicAuthUsernamePassword) throws Exception {
String[] urls = getServerUrl(args);
- QuickStart quickStart;
+ QuickStart quickStart = null;
- if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
- quickStart = new QuickStart(urls, basicAuthUsernamePassword);
- } else {
- quickStart = new QuickStart(urls);
- }
+ try {
+ if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
+ quickStart = new QuickStart(urls, basicAuthUsernamePassword);
+ } else {
+ quickStart = new QuickStart(urls);
+ }
- // Shows how to create types in Atlas for your meta model
- quickStart.createTypes();
+ // Shows how to create types in Atlas for your meta model
+ quickStart.createTypes();
- // Shows how to create entities (instances) for the added types in Atlas
- quickStart.createEntities();
+ // Shows how to create entities (instances) for the added types in Atlas
+ quickStart.createEntities();
- // Shows some search queries using DSL based on types
- quickStart.search();
+ // Shows some search queries using DSL based on types
+ quickStart.search();
+ } finally {
+ if(quickStart!=null) {
+ quickStart.closeConnection();
+ }
+ }
}
static String[] getServerUrl(String[] args) throws AtlasException {
@@ -501,4 +507,10 @@ public class QuickStart {
throw new AtlasBaseException(AtlasErrorCode.QUICK_START, e, "one or more dsl queries failed");
}
}
+
+ private void closeConnection() {
+ if (metadataServiceClient != null) {
+ metadataServiceClient.close();
+ }
+ }
}
diff --git a/webapp/src/main/java/org/apache/atlas/examples/QuickStartV2.java b/webapp/src/main/java/org/apache/atlas/examples/QuickStartV2.java
index a95fac3..0448db8 100755
--- a/webapp/src/main/java/org/apache/atlas/examples/QuickStartV2.java
+++ b/webapp/src/main/java/org/apache/atlas/examples/QuickStartV2.java
@@ -135,25 +135,31 @@ public class QuickStartV2 {
@VisibleForTesting
static void runQuickstart(String[] args, String[] basicAuthUsernamePassword) throws Exception {
String[] urls = getServerUrl(args);
- QuickStartV2 quickStartV2;
- if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
- quickStartV2 = new QuickStartV2(urls, basicAuthUsernamePassword);
- } else {
- quickStartV2 = new QuickStartV2(urls);
- }
+ QuickStartV2 quickStartV2 = null;
+ try {
+ if (!AuthenticationUtil.isKerberosAuthenticationEnabled()) {
+ quickStartV2 = new QuickStartV2(urls, basicAuthUsernamePassword);
+ } else {
+ quickStartV2 = new QuickStartV2(urls);
+ }
- // Shows how to create v2 types in Atlas for your meta model
- quickStartV2.createTypes();
+ // Shows how to create v2 types in Atlas for your meta model
+ quickStartV2.createTypes();
- // Shows how to create v2 entities (instances) for the added types in Atlas
- quickStartV2.createEntities();
+ // Shows how to create v2 entities (instances) for the added types in Atlas
+ quickStartV2.createEntities();
- // Shows some search queries using DSL based on types
- quickStartV2.search();
+ // Shows some search queries using DSL based on types
+ quickStartV2.search();
- // Shows some lineage information on entity
- quickStartV2.lineage();
+ // Shows some lineage information on entity
+ quickStartV2.lineage();
+ } finally {
+ if (quickStartV2!= null) {
+ quickStartV2.closeConnection();
+ }
+ }
}
@@ -554,4 +560,10 @@ public class QuickStartV2 {
AtlasEntity tableEntity = atlasClientV2.getEntityByAttribute(TABLE_TYPE, attributes).getEntity();
return tableEntity.getGuid();
}
+
+ private void closeConnection() {
+ if (atlasClientV2 != null) {
+ atlasClientV2.close();
+ }
+ }
}