Hemant Y Bhoyar created BEAM-8175:
-------------------------------------
Summary: Setting java keystore overrides basic auth in
ElasticsearchIO connection configuration
Key: BEAM-8175
URL: https://issues.apache.org/jira/browse/BEAM-8175
Project: Beam
Issue Type: Bug
Components: io-java-elasticsearch
Affects Versions: 2.15.0
Reporter: Hemant Y Bhoyar
While creating the rest client in ElasticsearchIO, the httpClientConfigCallback
is overridden by the step to set the key store.
Making it not possible to use a custom key store with basic auth.
{code:java}
if (getUsername() != null) {
final CredentialsProvider credentialsProvider = new
BasicCredentialsProvider();
credentialsProvider.setCredentials(
AuthScope.ANY, new UsernamePasswordCredentials(getUsername(),
getPassword()));
restClientBuilder.setHttpClientConfigCallback(
httpAsyncClientBuilder ->
httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider));
}
if (getKeystorePath() != null && !getKeystorePath().isEmpty()) {
try {
KeyStore keyStore = KeyStore.getInstance("jks");
try (InputStream is = new FileInputStream(new File(getKeystorePath()))) {
String keystorePassword = getKeystorePassword();
keyStore.load(is, (keystorePassword == null) ? null :
keystorePassword.toCharArray());
}
final SSLContext sslContext =
SSLContexts.custom()
.loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
.build();
final SSLIOSessionStrategy sessionStrategy = new
SSLIOSessionStrategy(sslContext);
restClientBuilder.setHttpClientConfigCallback(
httpClientBuilder ->
httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy));
} catch (Exception e) {
throw new IOException("Can't load the client certificate from the
keystore", e);
}
}
{code}
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
