tillrohrmann commented on a change in pull request #6727: [FLINK-10371] Allow
to enable SSL mutual authentication on REST endpoints by configuration
URL: https://github.com/apache/flink/pull/6727#discussion_r219416411
##########
File path:
flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java
##########
@@ -275,6 +340,10 @@ public static SSLContext
createRestClientSSLContext(Configuration config) throws
return null;
}
+ if (isRestSSLAuthenticationEnabled(config)) {
+ return createRestAuthenticationSSLContext(config);
+ }
+
Review comment:
The three methods `createRestClientSSLContext`, `createRestServerSSLContext`
and `createRestAuthenticationSSLContext` seem to share a lot of common code. I
would suggest to refactor them. E.g. one could have a
```
internalCreateRestSSLContext(configurationMode) {
if (configurationMode & server) {
keystore
} else {
null
}
if (configurationMode & client) {
truststore
} else {
null
}
}
```
with `ConfigurationMode = {clientSide = 1, serverSide = 2, mutual =
clientSide | serverSide}`.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
