[26/29] tinkerpop git commit: Support SSL client auth

Fri, 27 Jan 2017 13:30:09 -0800 

Support SSL client auth


Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/c62480bb
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/c62480bb
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/c62480bb

Branch: refs/heads/TINKERPOP-1602
Commit: c62480bbd563b9904654c23abdc66c4b4828b64e
Parents: c2a42e2
Author: Robert Dale <robd...@gmail.com>
Authored: Tue Jan 17 14:24:00 2017 -0500
Committer: Robert Dale <robd...@gmail.com>
Committed: Fri Jan 27 16:26:32 2017 -0500

----------------------------------------------------------------------
 .../apache/tinkerpop/gremlin/server/AbstractChannelizer.java   | 4 +++-
 .../java/org/apache/tinkerpop/gremlin/server/Settings.java     | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/c62480bb/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
----------------------------------------------------------------------
diff --git 
a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
 
b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
index 57c6994..d28fd4f 100644
--- 
a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
+++ 
b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/AbstractChannelizer.java
@@ -242,8 +242,10 @@ public abstract class AbstractChannelizer extends 
ChannelInitializer<SocketChann
             builder = SslContextBuilder.forServer(keyCertChainFile, keyFile, 
sslSettings.keyPassword)
                     .trustManager(trustCertChainFile);
         }
+        
+        
 
-        builder.sslProvider(provider);
+        builder.clientAuth(sslSettings.needClientAuth).sslProvider(provider);
 
         try {
             return builder.build();

http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/c62480bb/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
----------------------------------------------------------------------
diff --git 
a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
 
b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
index 97e2875..a3b9545 100644
--- 
a/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
+++ 
b/gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/Settings.java
@@ -18,6 +18,7 @@
  */
 package org.apache.tinkerpop.gremlin.server;
 
+import io.netty.handler.ssl.ClientAuth;
 import io.netty.handler.ssl.SslContext;
 import org.apache.tinkerpop.gremlin.driver.MessageSerializer;
 import org.apache.tinkerpop.gremlin.jsr223.GremlinPlugin;
@@ -420,6 +421,11 @@ public class Settings {
          * contain an X.509 certificate chain in PEM format. {@code null} uses 
the system default.
          */
         public String trustCertChainFile = null;
+        
+        /**
+         * Require client certificate authentication
+         */
+        public ClientAuth needClientAuth = ClientAuth.NONE;
 
         private SslContext sslContext;

Reply via email to