org.apache.thrift.transport.TSSLTransportFactory Java Exaples

Source File: TCPThriftAuthenticationService.java From carbon-identity with Apache License 2.0

6 votes

public void start() throws TTransportException, UnknownHostException {
    InetAddress inetAddress = InetAddress.getByName(hostName);

    TSSLTransportFactory.TSSLTransportParameters params =
            new TSSLTransportFactory.TSSLTransportParameters();
    params.setKeyStore(keyStore, keyStorePassword);

    TServerSocket serverTransport;

    serverTransport = TSSLTransportFactory.getServerSocket(port, clientTimeout, inetAddress, params);


    AuthenticatorService.Processor<AuthenticatorServiceImpl> processor =
            new AuthenticatorService.Processor<AuthenticatorServiceImpl>(
                    new AuthenticatorServiceImpl(thriftAuthenticatorService));
    authenticationServer = new TThreadPoolServer(
            new TThreadPoolServer.Args(serverTransport).processor(processor));
    Thread thread = new Thread(new ServerRunnable(authenticationServer));
    if (log.isDebugEnabled()) {
        log.debug("Thrift Authentication Service started at ssl://" + hostName + ":" + port);
    }
    thread.start();
}

Source File: ThriftEntitlementServiceClient.java From micro-integrator with Apache License 2.0

5 votes

private EntitlementThriftClient.Client getThriftClient() throws Exception {

        TSSLTransportFactory.TSSLTransportParameters param = new TSSLTransportFactory.TSSLTransportParameters();
        param.setTrustStore(trustStore, trustStorePass);
        TTransport transport;
        transport = TSSLTransportFactory.getClientSocket(thriftHost, thriftPort, ProxyConstants.THRIFT_TIME_OUT, param);
        TProtocol protocol = new TBinaryProtocol(transport);
        return new EntitlementThriftClient.Client(protocol);
    }

Source File: ClientSocketPoolParameters.java From ikasoa with MIT License

5 votes

public ThriftSocket buildClientThriftSocket() throws IkasoaException {
	if (!ServerUtil.checkHostAndPort(host, port))
		throw new IllegalArgumentException("Server host or port is null !");
	try {
		return ObjectUtil.isNull(sslTransportParameters) ? new ThriftSocket(host, port, timeout)
				: new ThriftSocket(TSSLTransportFactory.getClientSocket(host, port, timeout, sslTransportParameters)
						.getSocket());
	} catch (TTransportException e) {
		throw new IkasoaException(e);
	}
}

Source File: AbstractThriftServerImpl.java From ikasoa with MIT License

5 votes

/**
 * 获取一个服务传输类型
 * <p>
 * 如果使用非Socket传输类型,需要重写此方法.
 * 
 * @return TServerTransport 服务传输类型
 */
@Override
public TServerTransport getTransport() throws TTransportException {
	if (ObjectUtil.isNull(serverSocket)) {
		TSSLTransportParameters params = getServerConfiguration().getSslTransportParameters();
		serverSocket = ObjectUtil.isNull(params) ? new TServerSocket(getServerPort())
				: TSSLTransportFactory.getServerSocket(getServerPort(), 0, null, params);
	}
	return serverSocket;
}

Source File: ThriftEntitlementServiceClient.java From carbon-identity with Apache License 2.0

5 votes

private EntitlementThriftClient.Client getThriftClient() throws Exception {

        TSSLTransportFactory.TSSLTransportParameters param = new TSSLTransportFactory.TSSLTransportParameters();
        param.setTrustStore(trustStore, trustStorePass);
        TTransport transport;
        transport = TSSLTransportFactory.getClientSocket(thriftHost, thriftPort, ProxyConstants.THRIFT_TIME_OUT, param);
        TProtocol protocol = new TBinaryProtocol(transport);
        return new EntitlementThriftClient.Client(protocol);
    }

Source File: SSLTransportFactory.java From stratio-cassandra with Apache License 2.0

5 votes

@Override
public TTransport openTransport(String host, int port) throws Exception
{
    TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters(protocol, cipherSuites);
    params.setTrustStore(truststore, truststorePassword);
    if (null != keystore)
        params.setKeyStore(keystore, keystorePassword);
    TTransport trans = TSSLTransportFactory.getClientSocket(host, port, SOCKET_TIMEOUT, params);
    int frameSize = 15 * 1024 * 1024; // 15 MiB
    return new TFramedTransport(trans, frameSize);
}

Source File: DBConn.java From Doradus with Apache License 2.0

5 votes

private TSocket createTLSSocket(String host) throws TTransportException {
    TSSLTransportParameters sslParams = new TSSLTransportParameters("SSL", m_dbtls_cipher_suites);
    if (!Utils.isEmpty(m_keystore)) {
        sslParams.setKeyStore(m_keystore, m_keystorepassword);
    }
    if (!Utils.isEmpty(m_truststore)) {
        sslParams.setTrustStore(m_truststore, m_truststorepassword);
    }
    return TSSLTransportFactory.getClientSocket(host, m_dbport, m_db_timeout_millis, sslParams);
}

Source File: TCPThriftAuthenticationService.java From carbon-identity-framework with Apache License 2.0

4 votes

public void start() throws TTransportException, UnknownHostException {
    InetAddress inetAddress = InetAddress.getByName(hostName);

    TSSLTransportFactory.TSSLTransportParameters params =
            new TSSLTransportFactory.TSSLTransportParameters();
    params.setKeyStore(keyStore, keyStorePassword);

    TServerSocket serverTransport;

    serverTransport = TSSLTransportFactory.getServerSocket(port, clientTimeout, inetAddress, params);
    SSLServerSocket sslServerSocket = (javax.net.ssl.SSLServerSocket) serverTransport.getServerSocket();

    OMElement sslEnabledProtocolsElement = ThriftAuthenticationConfigParser.getInstance()
            .getConfigElement(ThriftAuthenticationConstants.CONFIG_SSL_ENABLED_PROTOCOLS);
    if (sslEnabledProtocolsElement != null) {
        String sslEnabledProtocols = sslEnabledProtocolsElement.getText();
        if (StringUtils.isNotBlank(sslEnabledProtocols)) {
            String[] sslProtocolsArray = sslEnabledProtocols.split(",");
            sslServerSocket.setEnabledProtocols(sslProtocolsArray);
        }
    }

    OMElement ciphersElement = ThriftAuthenticationConfigParser.getInstance()
            .getConfigElement(ThriftAuthenticationConstants.CONFIG_CIPHERS);
    if (ciphersElement != null) {
        String ciphers = ciphersElement.getText();
        if (StringUtils.isNotBlank(ciphers)) {
            String[] ciphersArray = ciphers.split(",");
            sslServerSocket.setEnabledCipherSuites(ciphersArray);
        }
    }

    AuthenticatorService.Processor<AuthenticatorServiceImpl> processor =
            new AuthenticatorService.Processor<AuthenticatorServiceImpl>(
                    new AuthenticatorServiceImpl(thriftAuthenticatorService));
    authenticationServer = new TThreadPoolServer(
            new TThreadPoolServer.Args(serverTransport).processor(processor));
    Thread thread = new Thread(new ServerRunnable(authenticationServer));
    if (log.isDebugEnabled()) {
        log.debug("Thrift Authentication Service started at ssl://" + hostName + ":" + port);
    }
    thread.start();
}

Source File: CustomTThreadPoolServer.java From stratio-cassandra with Apache License 2.0

4 votes

public TServer buildTServer(Args args)
{
    final InetSocketAddress addr = args.addr;
    TServerTransport serverTransport;
    try
    {
        final ClientEncryptionOptions clientEnc = DatabaseDescriptor.getClientEncryptionOptions();
        if (clientEnc.enabled)
        {
            logger.info("enabling encrypted thrift connections between client and server");
            TSSLTransportParameters params = new TSSLTransportParameters(clientEnc.protocol, clientEnc.cipher_suites);
            params.setKeyStore(clientEnc.keystore, clientEnc.keystore_password);
            if (clientEnc.require_client_auth)
            {
                params.setTrustStore(clientEnc.truststore, clientEnc.truststore_password);
                params.requireClientAuth(true);
            }
            TServerSocket sslServer = TSSLTransportFactory.getServerSocket(addr.getPort(), 0, addr.getAddress(), params);
            SSLServerSocket sslServerSocket = (SSLServerSocket) sslServer.getServerSocket();
            sslServerSocket.setEnabledProtocols(SSLFactory.ACCEPTED_PROTOCOLS);
            serverTransport = new TCustomServerSocket(sslServer.getServerSocket(), args.keepAlive, args.sendBufferSize, args.recvBufferSize);
        }
        else
        {
            serverTransport = new TCustomServerSocket(addr, args.keepAlive, args.sendBufferSize, args.recvBufferSize, args.listenBacklog);
        }
    }
    catch (TTransportException e)
    {
        throw new RuntimeException(String.format("Unable to create thrift socket to %s:%s", addr.getAddress(), addr.getPort()), e);
    }
    // ThreadPool Server and will be invocation per connection basis...
    TThreadPoolServer.Args serverArgs = new TThreadPoolServer.Args(serverTransport)
                                                             .minWorkerThreads(DatabaseDescriptor.getRpcMinThreads())
                                                             .maxWorkerThreads(DatabaseDescriptor.getRpcMaxThreads())
                                                             .inputTransportFactory(args.inTransportFactory)
                                                             .outputTransportFactory(args.outTransportFactory)
                                                             .inputProtocolFactory(args.tProtocolFactory)
                                                             .outputProtocolFactory(args.tProtocolFactory)
                                                             .processor(args.processor);
    ExecutorService executorService = new ThreadPoolExecutor(serverArgs.minWorkerThreads,
                                                             serverArgs.maxWorkerThreads,
                                                             60,
                                                             TimeUnit.SECONDS,
                                                             new SynchronousQueue<Runnable>(),
                                                             new NamedThreadFactory("Thrift"));
    return new CustomTThreadPoolServer(serverArgs, executorService);
}

org.apache.thrift.transport.TSSLTransportFactory Java Examples