This is an automated email from the ASF dual-hosted git repository. nixon pushed a commit to branch branch-2.0 in repository https://gitbox.apache.org/repos/asf/atlas.git
commit f829adbbb0b7c4cbbfa0a35581b5829384bda56c Author: nixonrodrigues <[email protected]> AuthorDate: Wed Oct 14 18:46:53 2020 +0530 ATLAS-3995 : Atlas should support additional keystore/truststores types besides JKS. (cherry picked from commit fd24e652b5e2f607cad0d665c88d770479832263) --- .../main/java/org/apache/atlas/security/SecurityProperties.java | 2 ++ .../java/org/apache/atlas/web/service/SecureEmbeddedServer.java | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java index 2e953eb..2147cd1 100644 --- a/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java +++ b/intg/src/main/java/org/apache/atlas/security/SecurityProperties.java @@ -32,9 +32,11 @@ public final class SecurityProperties { public static final String KEYSTORE_FILE_KEY = "keystore.file"; public static final String DEFAULT_KEYSTORE_FILE_LOCATION = "target/atlas.keystore"; public static final String KEYSTORE_PASSWORD_KEY = "keystore.password"; + public static final String KEYSTORE_TYPE = "keystore.type"; public static final String TRUSTSTORE_FILE_KEY = "truststore.file"; public static final String DEFATULT_TRUSTORE_FILE_LOCATION = "target/atlas.keystore"; public static final String TRUSTSTORE_PASSWORD_KEY = "truststore.password"; + public static final String TRUSTSTORE_TYPE = "truststore.type"; public static final String SERVER_CERT_PASSWORD_KEY = "password"; public static final String CLIENT_AUTH_KEY = "client.auth.enabled"; public static final String CERT_STORES_CREDENTIAL_PROVIDER_PATH = "cert.stores.credential.provider.path"; diff --git a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java index 34086ae..b10e594 100755 --- a/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java +++ b/webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java @@ -69,6 +69,8 @@ import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_FILE_KEY; import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_PASSWORD_KEY; import static org.apache.atlas.security.SecurityProperties.ATLAS_SSL_EXCLUDE_PROTOCOLS; import static org.apache.atlas.security.SecurityProperties.DEFAULT_EXCLUDE_PROTOCOLS; +import static org.apache.atlas.security.SecurityProperties.KEYSTORE_TYPE; +import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_TYPE; import static org.apache.atlas.security.SecurityUtil.getPassword; @@ -101,10 +103,12 @@ public class SecureEmbeddedServer extends EmbeddedServer { } SslContextFactory sslContextFactory = new SslContextFactory(); + sslContextFactory.setKeyStoreType(config.getString(KEYSTORE_TYPE , ATLAS_KEYSTORE_FILE_TYPE_DEFAULT)); sslContextFactory.setKeyStorePath(config.getString(KEYSTORE_FILE_KEY, System.getProperty(KEYSTORE_FILE_KEY, DEFAULT_KEYSTORE_FILE_LOCATION))); sslContextFactory.setKeyStorePassword(getPassword(config, KEYSTORE_PASSWORD_KEY)); sslContextFactory.setKeyManagerPassword(getPassword(config, SERVER_CERT_PASSWORD_KEY)); + sslContextFactory.setTrustStoreType(config.getString(TRUSTSTORE_TYPE , ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT)); sslContextFactory.setTrustStorePath(config.getString(TRUSTSTORE_FILE_KEY, System.getProperty(TRUSTSTORE_FILE_KEY, DEFATULT_TRUSTORE_FILE_LOCATION))); sslContextFactory.setTrustStorePassword(getPassword(config, TRUSTSTORE_PASSWORD_KEY)); @@ -198,7 +202,7 @@ public class SecureEmbeddedServer extends EmbeddedServer { in = getFileInputStream(keyStoreFile); if (in != null) { - KeyStore keyStore = KeyStore.getInstance(ATLAS_KEYSTORE_FILE_TYPE_DEFAULT); + KeyStore keyStore = KeyStore.getInstance(getConfiguration().getString(KEYSTORE_TYPE , ATLAS_KEYSTORE_FILE_TYPE_DEFAULT)); keyStore.load(in, keyStoreFilepwd.toCharArray()); @@ -251,7 +255,7 @@ public class SecureEmbeddedServer extends EmbeddedServer { in = getFileInputStream(truststoreFile); if (in != null) { - KeyStore trustStore = KeyStore.getInstance(ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT); + KeyStore trustStore = KeyStore.getInstance(getConfiguration().getString(TRUSTSTORE_TYPE , ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT)); trustStore.load(in, trustStoreFilepwd.toCharArray());
