Repository: incubator-brooklyn Updated Branches: refs/heads/master 85d1b58a6 -> 8489436ae
support URL for the keystore supplied to brooklyn web server (since we do call it keystore url!) Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/96426621 Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/96426621 Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/96426621 Branch: refs/heads/master Commit: 96426621ac363090a8297b19209dca368bb64223 Parents: 3cb52e5 Author: Alex Heneveld <[email protected]> Authored: Wed Dec 17 15:24:17 2014 +0000 Committer: Alex Heneveld <[email protected]> Committed: Wed Dec 17 15:24:17 2014 +0000 ---------------------------------------------------------------------- .../main/java/brooklyn/util/ResourceUtils.java | 8 ++++++-- .../brooklyn/launcher/BrooklynWebServer.java | 20 ++++++++++++++++---- .../launcher/BrooklynWebServerTest.java | 2 +- 3 files changed, 23 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/96426621/core/src/main/java/brooklyn/util/ResourceUtils.java ---------------------------------------------------------------------- diff --git a/core/src/main/java/brooklyn/util/ResourceUtils.java b/core/src/main/java/brooklyn/util/ResourceUtils.java index 1112401..ccfa2dc 100644 --- a/core/src/main/java/brooklyn/util/ResourceUtils.java +++ b/core/src/main/java/brooklyn/util/ResourceUtils.java @@ -474,13 +474,17 @@ public class ResourceUtils { /** allows failing-fast if URL cannot be read */ public String checkUrlExists(String url) { - if (url==null) throw new NullPointerException("URL must not be null"); + return checkUrlExists(url, null); + } + + public String checkUrlExists(String url, String message) { + if (url==null) throw new NullPointerException("URL "+(message!=null ? message+" " : "")+"must not be null"); InputStream s; try { s = getResourceFromUrl(url); } catch (Exception e) { Exceptions.propagateIfFatal(e); - throw new IllegalArgumentException("Unable to access URL "+url, e); + throw new IllegalArgumentException("Unable to access URL "+(message!=null ? message : "")+": "+url, e); } Streams.closeQuietly(s); return url; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/96426621/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java b/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java index 30a4c63..63129d3 100644 --- a/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java +++ b/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java @@ -157,6 +157,9 @@ public class BrooklynWebServer { private String sslCertificate; @SetFromFlag + private String keystoreUrl; + + @SetFromFlag @Deprecated /** @deprecated use keystoreUrl */ private String keystorePath; @SetFromFlag @@ -364,19 +367,28 @@ public class BrooklynWebServer { SslContextFactory sslContextFactory = new SslContextFactory(); - if (keystorePath==null) keystorePath = managementContext.getConfig().getConfig(BrooklynWebConfig.KEYSTORE_URL); + // allow webconsole keystore & related properties to be set in brooklyn.properties + if (Strings.isNonBlank(keystorePath)) { + if (keystoreUrl==null) { + log.warn("Deprecated 'keystorePath' used; callers should use 'keystoreUrl'"); + keystoreUrl = keystorePath; + } else if (!keystoreUrl.equals(keystorePath)) { + log.warn("Deprecated 'keystorePath' supplied with different value than 'keystoreUrl', preferring the latter: "+ + keystorePath+" / "+keystoreUrl); + } + } + if (keystoreUrl==null) keystoreUrl = managementContext.getConfig().getConfig(BrooklynWebConfig.KEYSTORE_URL); if (keystorePassword==null) keystorePassword = managementContext.getConfig().getConfig(BrooklynWebConfig.KEYSTORE_PASSWORD); if (keystoreCertAlias==null) keystoreCertAlias = managementContext.getConfig().getConfig(BrooklynWebConfig.KEYSTORE_CERTIFICATE_ALIAS); - if (keystorePath!=null) { - sslContextFactory.setKeyStorePath(checkFileExists(keystorePath, "keystore")); + if (keystoreUrl!=null) { + sslContextFactory.setKeyStorePath(ResourceUtils.create(this).checkUrlExists(keystoreUrl, BrooklynWebConfig.KEYSTORE_URL.getName())); if (Strings.isEmpty(keystorePassword)) throw new IllegalArgumentException("Keystore password is required and non-empty if keystore is specified."); sslContextFactory.setKeyStorePassword(keystorePassword); if (Strings.isNonEmpty(keystoreCertAlias)) sslContextFactory.setCertAlias(keystoreCertAlias); } else { - // TODO allow webconsole keystore & related properties to be set in brooklyn.properties log.info("No keystore specified but https enabled; creating a default keystore"); if (Strings.isEmpty(keystoreCertAlias)) http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/96426621/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java b/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java index ac37889..b069676 100644 --- a/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java +++ b/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java @@ -93,7 +93,7 @@ public class BrooklynWebServerTest { public void verifyHttps() throws Exception { Map<String,?> flags = ImmutableMap.<String,Object>builder() .put("httpsEnabled", true) - .put("keystorePath", getFile("server.ks")) + .put("keystoreUrl", getFile("server.ks")) .put("keystorePassword", "password") .build(); webServer = new BrooklynWebServer(flags, newManagementContext(brooklynProperties));
