org.apache.hadoop.security.ssl.SSLFactory#init

Source File: ShuffleHandler.java From hadoop with Apache License 2.0

5 votes

public HttpPipelineFactory(Configuration conf) throws Exception {
  SHUFFLE = getShuffle(conf);
  if (conf.getBoolean(MRConfig.SHUFFLE_SSL_ENABLED_KEY,
                      MRConfig.SHUFFLE_SSL_ENABLED_DEFAULT)) {
    LOG.info("Encrypted shuffle is enabled.");
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: TestSSLHttpServer.java From hadoop with Apache License 2.0

5 votes

@BeforeClass
public static void setup() throws Exception {
  conf = new Configuration();
  conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10);

  File base = new File(BASEDIR);
  FileUtil.fullyDelete(base);
  base.mkdirs();
  keystoresDir = new File(BASEDIR).getAbsolutePath();
  sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);

  KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
  Configuration sslConf = new Configuration(false);
  sslConf.addResource("ssl-server.xml");
  sslConf.addResource("ssl-client.xml");

  clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
  clientSslFactory.init();

  server = new HttpServer2.Builder()
      .setName("test")
      .addEndpoint(new URI("https://localhost"))
      .setConf(conf)
      .keyPassword(sslConf.get("ssl.server.keystore.keypassword"))
      .keyStore(sslConf.get("ssl.server.keystore.location"),
          sslConf.get("ssl.server.keystore.password"),
          sslConf.get("ssl.server.keystore.type", "jks"))
      .trustStore(sslConf.get("ssl.server.truststore.location"),
          sslConf.get("ssl.server.truststore.password"),
          sslConf.get("ssl.server.truststore.type", "jks")).build();
  server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
  server.addServlet("longheader", "/longheader", LongHeaderServlet.class);
  server.start();
  baseUrl = new URL("https://"
      + NetUtils.getHostPortString(server.getConnectorAddress(0)));
  LOG.info("HTTP server started: " + baseUrl);
}

Source File: TestHttpCookieFlag.java From hadoop with Apache License 2.0

5 votes

@BeforeClass
public static void setUp() throws Exception {
  Configuration conf = new Configuration();
  conf.set(HttpServer2.FILTER_INITIALIZER_PROPERTY,
          DummyFilterInitializer.class.getName());

  File base = new File(BASEDIR);
  FileUtil.fullyDelete(base);
  base.mkdirs();
  keystoresDir = new File(BASEDIR).getAbsolutePath();
  sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);

  KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
  Configuration sslConf = new Configuration(false);
  sslConf.addResource("ssl-server.xml");
  sslConf.addResource("ssl-client.xml");

  clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
  clientSslFactory.init();

  server = new HttpServer2.Builder()
          .setName("test")
          .addEndpoint(new URI("http://localhost"))
          .addEndpoint(new URI("https://localhost"))
          .setConf(conf)
          .keyPassword(sslConf.get("ssl.server.keystore.keypassword"))
          .keyStore(sslConf.get("ssl.server.keystore.location"),
                  sslConf.get("ssl.server.keystore.password"),
                  sslConf.get("ssl.server.keystore.type", "jks"))
          .trustStore(sslConf.get("ssl.server.truststore.location"),
                  sslConf.get("ssl.server.truststore.password"),
                  sslConf.get("ssl.server.truststore.type", "jks")).build();
  server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
  server.start();
}

Source File: ShuffleHandler.java From big-c with Apache License 2.0

5 votes

public HttpPipelineFactory(Configuration conf) throws Exception {
  SHUFFLE = getShuffle(conf);
  if (conf.getBoolean(MRConfig.SHUFFLE_SSL_ENABLED_KEY,
                      MRConfig.SHUFFLE_SSL_ENABLED_DEFAULT)) {
    LOG.info("Encrypted shuffle is enabled.");
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: TestSSLHttpServer.java From big-c with Apache License 2.0

5 votes

@BeforeClass
public static void setup() throws Exception {
  conf = new Configuration();
  conf.setInt(HttpServer2.HTTP_MAX_THREADS, 10);

  File base = new File(BASEDIR);
  FileUtil.fullyDelete(base);
  base.mkdirs();
  keystoresDir = new File(BASEDIR).getAbsolutePath();
  sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);

  KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
  Configuration sslConf = new Configuration(false);
  sslConf.addResource("ssl-server.xml");
  sslConf.addResource("ssl-client.xml");

  clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
  clientSslFactory.init();

  server = new HttpServer2.Builder()
      .setName("test")
      .addEndpoint(new URI("https://localhost"))
      .setConf(conf)
      .keyPassword(sslConf.get("ssl.server.keystore.keypassword"))
      .keyStore(sslConf.get("ssl.server.keystore.location"),
          sslConf.get("ssl.server.keystore.password"),
          sslConf.get("ssl.server.keystore.type", "jks"))
      .trustStore(sslConf.get("ssl.server.truststore.location"),
          sslConf.get("ssl.server.truststore.password"),
          sslConf.get("ssl.server.truststore.type", "jks")).build();
  server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
  server.addServlet("longheader", "/longheader", LongHeaderServlet.class);
  server.start();
  baseUrl = new URL("https://"
      + NetUtils.getHostPortString(server.getConnectorAddress(0)));
  LOG.info("HTTP server started: " + baseUrl);
}

Source File: TestHttpCookieFlag.java From big-c with Apache License 2.0

5 votes

@BeforeClass
public static void setUp() throws Exception {
  Configuration conf = new Configuration();
  conf.set(HttpServer2.FILTER_INITIALIZER_PROPERTY,
          DummyFilterInitializer.class.getName());

  File base = new File(BASEDIR);
  FileUtil.fullyDelete(base);
  base.mkdirs();
  keystoresDir = new File(BASEDIR).getAbsolutePath();
  sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);

  KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false);
  Configuration sslConf = new Configuration(false);
  sslConf.addResource("ssl-server.xml");
  sslConf.addResource("ssl-client.xml");

  clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, sslConf);
  clientSslFactory.init();

  server = new HttpServer2.Builder()
          .setName("test")
          .addEndpoint(new URI("http://localhost"))
          .addEndpoint(new URI("https://localhost"))
          .setConf(conf)
          .keyPassword(sslConf.get("ssl.server.keystore.keypassword"))
          .keyStore(sslConf.get("ssl.server.keystore.location"),
                  sslConf.get("ssl.server.keystore.password"),
                  sslConf.get("ssl.server.keystore.type", "jks"))
          .trustStore(sslConf.get("ssl.server.truststore.location"),
                  sslConf.get("ssl.server.truststore.password"),
                  sslConf.get("ssl.server.truststore.type", "jks")).build();
  server.addServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
  server.start();
}

Source File: TajoPullServerService.java From tajo with Apache License 2.0

5 votes

public HttpChannelInitializer(TajoConf conf) throws Exception {
  PullServer = new PullServer(conf);
  if (conf.getBoolVar(ConfVars.SHUFFLE_SSL_ENABLED_KEY)) {
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: TajoPullServerService.java From tajo with Apache License 2.0

5 votes

public HttpChannelInitializer(TajoConf conf) throws Exception {
  PullServer = new PullServer(conf);
  if (conf.getBoolVar(ConfVars.SHUFFLE_SSL_ENABLED_KEY)) {
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: TestSSLHttpServer.java From hbase with Apache License 2.0

5 votes

@BeforeClass
public static void setup() throws Exception {

  HTU = new HBaseCommonTestingUtility();
  serverConf = HTU.getConfiguration();

  serverConf.setInt(HttpServer.HTTP_MAX_THREADS, TestHttpServer.MAX_THREADS);

  keystoresDir = new File(HTU.getDataTestDir("keystore").toString());
  keystoresDir.mkdirs();

  sslConfDir = KeyStoreTestUtil.getClasspathDir(TestSSLHttpServer.class);

  KeyStoreTestUtil.setupSSLConfig(keystoresDir.getAbsolutePath(), sslConfDir, serverConf, false);
  Configuration clientConf = new Configuration(false);
  clientConf.addResource(serverConf.get(SSLFactory.SSL_CLIENT_CONF_KEY));
  serverConf.addResource(serverConf.get(SSLFactory.SSL_SERVER_CONF_KEY));
  clientConf.set(SSLFactory.SSL_CLIENT_CONF_KEY, serverConf.get(SSLFactory.SSL_CLIENT_CONF_KEY));
  
  clientSslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, clientConf);
  clientSslFactory.init();

  server = new HttpServer.Builder()
    .setName("test")
    .addEndpoint(new URI("https://localhost"))
    .setConf(serverConf)
    .keyPassword(HBaseConfiguration.getPassword(serverConf, "ssl.server.keystore.keypassword",
      null))
    .keyStore(serverConf.get("ssl.server.keystore.location"),
      HBaseConfiguration.getPassword(serverConf, "ssl.server.keystore.password", null),
      clientConf.get("ssl.server.keystore.type", "jks"))
    .trustStore(serverConf.get("ssl.server.truststore.location"),
      HBaseConfiguration.getPassword(serverConf, "ssl.server.truststore.password", null),
      serverConf.get("ssl.server.truststore.type", "jks")).build();
  server.addUnprivilegedServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
  server.start();
  baseUrl = new URL("https://"
    + NetUtils.getHostPortString(server.getConnectorAddress(0)));
  LOG.info("HTTP server started: " + baseUrl);
}

Source File: TajoPullServerService.java From incubator-tajo with Apache License 2.0

5 votes

public HttpPipelineFactory(Configuration conf) throws Exception {
  PullServer = new PullServer(conf);
  if (conf.getBoolean(ConfVars.SHUFFLE_SSL_ENABLED_KEY.varname,
      ConfVars.SHUFFLE_SSL_ENABLED_KEY.defaultBoolVal)) {
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: PullServerAuxService.java From incubator-tajo with Apache License 2.0

5 votes

public HttpPipelineFactory(Configuration conf) throws Exception {
  PullServer = new PullServer(conf);
  if (conf.getBoolean(ConfVars.SHUFFLE_SSL_ENABLED_KEY.varname,
      ConfVars.SHUFFLE_SSL_ENABLED_KEY.defaultBoolVal)) {
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
}

Source File: ShuffleHandler.java From tez with Apache License 2.0

5 votes

public HttpPipelineFactory(Configuration conf, Timer timer) throws Exception {
  SHUFFLE = getShuffle(conf);
  if (conf.getBoolean(SHUFFLE_SSL_ENABLED_KEY,
                      SHUFFLE_SSL_ENABLED_DEFAULT)) {
    LOG.info("Encrypted shuffle is enabled.");
    sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf);
    sslFactory.init();
  }
  this.idleStateHandler = new IdleStateHandler(timer, 0, connectionKeepAliveTimeOut, 0);
}

Source File: KMSClientProvider.java From hadoop with Apache License 2.0

4 votes

public KMSClientProvider(URI uri, Configuration conf) throws IOException {
  super(conf);
  kmsUrl = createServiceURL(extractKMSPath(uri));
  if ("https".equalsIgnoreCase(new URL(kmsUrl).getProtocol())) {
    sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
    try {
      sslFactory.init();
    } catch (GeneralSecurityException ex) {
      throw new IOException(ex);
    }
  }
  int timeout = conf.getInt(TIMEOUT_ATTR, DEFAULT_TIMEOUT);
  authRetry = conf.getInt(AUTH_RETRY, DEFAULT_AUTH_RETRY);
  configurator = new TimeoutConnConfigurator(timeout, sslFactory);
  encKeyVersionQueue =
      new ValueQueue<KeyProviderCryptoExtension.EncryptedKeyVersion>(
          conf.getInt(
              CommonConfigurationKeysPublic.KMS_CLIENT_ENC_KEY_CACHE_SIZE,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_SIZE_DEFAULT),
          conf.getFloat(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK_DEFAULT),
          conf.getInt(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_MS,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_DEFAULT),
          conf.getInt(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS_DEFAULT),
          new EncryptedQueueRefiller());
  authToken = new DelegationTokenAuthenticatedURL.Token();
  actualUgi =
      (UserGroupInformation.getCurrentUser().getAuthenticationMethod() ==
      UserGroupInformation.AuthenticationMethod.PROXY) ? UserGroupInformation
          .getCurrentUser().getRealUser() : UserGroupInformation
          .getCurrentUser();
}

Source File: KMSClientProvider.java From big-c with Apache License 2.0

4 votes

public KMSClientProvider(URI uri, Configuration conf) throws IOException {
  super(conf);
  kmsUrl = createServiceURL(extractKMSPath(uri));
  if ("https".equalsIgnoreCase(new URL(kmsUrl).getProtocol())) {
    sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
    try {
      sslFactory.init();
    } catch (GeneralSecurityException ex) {
      throw new IOException(ex);
    }
  }
  int timeout = conf.getInt(TIMEOUT_ATTR, DEFAULT_TIMEOUT);
  authRetry = conf.getInt(AUTH_RETRY, DEFAULT_AUTH_RETRY);
  configurator = new TimeoutConnConfigurator(timeout, sslFactory);
  encKeyVersionQueue =
      new ValueQueue<KeyProviderCryptoExtension.EncryptedKeyVersion>(
          conf.getInt(
              CommonConfigurationKeysPublic.KMS_CLIENT_ENC_KEY_CACHE_SIZE,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_SIZE_DEFAULT),
          conf.getFloat(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_LOW_WATERMARK_DEFAULT),
          conf.getInt(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_MS,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_EXPIRY_DEFAULT),
          conf.getInt(
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS,
              CommonConfigurationKeysPublic.
                  KMS_CLIENT_ENC_KEY_CACHE_NUM_REFILL_THREADS_DEFAULT),
          new EncryptedQueueRefiller());
  authToken = new DelegationTokenAuthenticatedURL.Token();
  actualUgi =
      (UserGroupInformation.getCurrentUser().getAuthenticationMethod() ==
      UserGroupInformation.AuthenticationMethod.PROXY) ? UserGroupInformation
          .getCurrentUser().getRealUser() : UserGroupInformation
          .getCurrentUser();
}

Java Code Examples for org.apache.hadoop.security.ssl.SSLFactory#init()