[atlas] branch master updated: ATLAS-3995 : Atlas should support additional keystore/truststores types besides JKS.

Wed, 14 Oct 2020 21:35:11 -0700 

This is an automated email from the ASF dual-hosted git repository.

nixon pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/atlas.git


The following commit(s) were added to refs/heads/master by this push:
     new fd24e65  ATLAS-3995 : Atlas should support additional 
keystore/truststores types besides JKS.
fd24e65 is described below

commit fd24e652b5e2f607cad0d665c88d770479832263
Author: nixonrodrigues <[email protected]>
AuthorDate: Wed Oct 14 18:46:53 2020 +0530

    ATLAS-3995 : Atlas should support additional keystore/truststores types 
besides JKS.
---
 .../main/java/org/apache/atlas/security/SecurityProperties.java   | 2 ++
 .../java/org/apache/atlas/web/service/SecureEmbeddedServer.java   | 8 ++++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git 
a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 
b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
index 2e953eb..2147cd1 100644
--- a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
+++ b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java
@@ -32,9 +32,11 @@ public final class SecurityProperties {
     public static final String KEYSTORE_FILE_KEY = "keystore.file";
     public static final String DEFAULT_KEYSTORE_FILE_LOCATION = 
"target/atlas.keystore";
     public static final String KEYSTORE_PASSWORD_KEY = "keystore.password";
+    public static final String KEYSTORE_TYPE = "keystore.type";
     public static final String TRUSTSTORE_FILE_KEY = "truststore.file";
     public static final String DEFATULT_TRUSTORE_FILE_LOCATION = 
"target/atlas.keystore";
     public static final String TRUSTSTORE_PASSWORD_KEY = "truststore.password";
+    public static final String TRUSTSTORE_TYPE = "truststore.type";
     public static final String SERVER_CERT_PASSWORD_KEY = "password";
     public static final String CLIENT_AUTH_KEY = "client.auth.enabled";
     public static final String CERT_STORES_CREDENTIAL_PROVIDER_PATH = 
"cert.stores.credential.provider.path";
diff --git 
a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 
b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
index 34086ae..b10e594 100755
--- 
a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
+++ 
b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
@@ -69,6 +69,8 @@ import static 
org.apache.atlas.security.SecurityProperties.TRUSTSTORE_FILE_KEY;
 import static 
org.apache.atlas.security.SecurityProperties.TRUSTSTORE_PASSWORD_KEY;
 import static 
org.apache.atlas.security.SecurityProperties.ATLAS_SSL_EXCLUDE_PROTOCOLS;
 import static 
org.apache.atlas.security.SecurityProperties.DEFAULT_EXCLUDE_PROTOCOLS;
+import static org.apache.atlas.security.SecurityProperties.KEYSTORE_TYPE;
+import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_TYPE;
 import static org.apache.atlas.security.SecurityUtil.getPassword;
 
 
@@ -101,10 +103,12 @@ public class SecureEmbeddedServer extends EmbeddedServer {
         }
 
         SslContextFactory sslContextFactory = new SslContextFactory();
+        sslContextFactory.setKeyStoreType(config.getString(KEYSTORE_TYPE , 
ATLAS_KEYSTORE_FILE_TYPE_DEFAULT));
         sslContextFactory.setKeyStorePath(config.getString(KEYSTORE_FILE_KEY,
                 System.getProperty(KEYSTORE_FILE_KEY, 
DEFAULT_KEYSTORE_FILE_LOCATION)));
         sslContextFactory.setKeyStorePassword(getPassword(config, 
KEYSTORE_PASSWORD_KEY));
         sslContextFactory.setKeyManagerPassword(getPassword(config, 
SERVER_CERT_PASSWORD_KEY));
+        sslContextFactory.setTrustStoreType(config.getString(TRUSTSTORE_TYPE , 
ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT));
         
sslContextFactory.setTrustStorePath(config.getString(TRUSTSTORE_FILE_KEY,
                 System.getProperty(TRUSTSTORE_FILE_KEY, 
DEFATULT_TRUSTORE_FILE_LOCATION)));
         sslContextFactory.setTrustStorePassword(getPassword(config, 
TRUSTSTORE_PASSWORD_KEY));
@@ -198,7 +202,7 @@ public class SecureEmbeddedServer extends EmbeddedServer {
                     in = getFileInputStream(keyStoreFile);
 
                     if (in != null) {
-                        KeyStore keyStore = 
KeyStore.getInstance(ATLAS_KEYSTORE_FILE_TYPE_DEFAULT);
+                        KeyStore keyStore = 
KeyStore.getInstance(getConfiguration().getString(KEYSTORE_TYPE , 
ATLAS_KEYSTORE_FILE_TYPE_DEFAULT));
 
                         keyStore.load(in, keyStoreFilepwd.toCharArray());
 
@@ -251,7 +255,7 @@ public class SecureEmbeddedServer extends EmbeddedServer {
                     in = getFileInputStream(truststoreFile);
 
                     if (in != null) {
-                        KeyStore trustStore = 
KeyStore.getInstance(ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT);
+                        KeyStore trustStore = 
KeyStore.getInstance(getConfiguration().getString(TRUSTSTORE_TYPE , 
ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT));
 
                         trustStore.load(in, trustStoreFilepwd.toCharArray());

Reply via email to