[
https://issues.apache.org/jira/browse/GEODE-4291?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16324767#comment-16324767
]
ASF GitHub Bot commented on GEODE-4291:
---------------------------------------
sboorlagadda opened a new pull request #1283: GEODE-4291: Avoid asking user
input in SocketCreator
URL: https://github.com/apache/geode/pull/1283
Avoid seeking user inputs on missing SSL parameters in SocketCreator
instead
use default values so that client does not have to include SpringShell
dependency
in the class path.
For Gfsh, ConnectCommand checks for missing parameters and prompts user
inputs.
For other clients, consider possible default values.
Thank you for submitting a contribution to Apache Geode.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [ ] Is there a JIRA ticket associated with this PR? Is it referenced in
the commit message?
- [ ] Has your PR been rebased against the latest commit within the target
branch (typically `develop`)?
- [ ] Is your initial contribution a single, squashed commit?
- [ ] Does `gradlew build` run cleanly?
- [ ] Have you written or updated unit tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build
issues and
submit an update to your PR as soon as possible. If you need help, please
send an
email to [email protected].
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Avoid asking user input in SocketCreator
> ----------------------------------------
>
> Key: GEODE-4291
> URL: https://issues.apache.org/jira/browse/GEODE-4291
> Project: Geode
> Issue Type: Improvement
> Components: gfsh, security
> Reporter: Sai Boorlagadda
> Assignee: Sai Boorlagadda
> Labels: pull-request-available
>
> When using *SSL*, clients have to include
> *org.springframework.shell:spring-shell* dependency as geode expects the
> class on the class path and fails with below exception:
> {noformat}
> [error 2018/01/12 09:56:57.829 PST <main> tid=0x1]
> java.lang.NoClassDefFoundError: org/springframework/shell/core/JLineShell
> Exception in thread "main" java.lang.NoClassDefFoundError:
> org/springframework/shell/core/JLineShell
> at java.lang.ClassLoader.defineClass1(Native Method)
> at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
> at
> java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
> at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
> at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
> at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
> at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
> at java.security.AccessController.doPrivileged(Native Method)
> at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:335)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
> at
> org.apache.geode.internal.GfeConsoleReaderFactory.createConsoleReader(GfeConsoleReaderFactory.java:42)
> at
> org.apache.geode.internal.GfeConsoleReaderFactory.<clinit>(GfeConsoleReaderFactory.java:33)
> at
> org.apache.geode.internal.net.SocketCreator.getKeyManagers(SocketCreator.java:537)
> at
> org.apache.geode.internal.net.SocketCreator.createAndConfigureSSLContext(SocketCreator.java:395)
> at
> org.apache.geode.internal.net.SocketCreator.initialize(SocketCreator.java:352)
> at
> org.apache.geode.internal.net.SocketCreator.<init>(SocketCreator.java:269)
> at
> org.apache.geode.internal.net.SocketCreatorFactory.createSSLSocketCreator(SocketCreatorFactory.java:105)
> at
> org.apache.geode.internal.net.SocketCreatorFactory.getSSLSocketCreator(SocketCreatorFactory.java:79)
> at
> org.apache.geode.internal.net.SocketCreatorFactory.getOrCreateSocketCreatorForSSLEnabledComponent(SocketCreatorFactory.java:95)
> at
> org.apache.geode.internal.net.SocketCreatorFactory.getSocketCreatorForComponent(SocketCreatorFactory.java:70)
> at
> org.apache.geode.distributed.internal.tcpserver.TcpClient.<init>(TcpClient.java:74)
> at
> org.apache.geode.cache.client.internal.AutoConnectionSourceImpl.<init>(AutoConnectionSourceImpl.java:118)
> at
> org.apache.geode.cache.client.internal.PoolImpl.getSourceImpl(PoolImpl.java:651)
> at
> org.apache.geode.cache.client.internal.PoolImpl.<init>(PoolImpl.java:248)
> at
> org.apache.geode.cache.client.internal.PoolImpl.create(PoolImpl.java:157)
> at
> org.apache.geode.internal.cache.PoolFactoryImpl.create(PoolFactoryImpl.java:338)
> at
> org.apache.geode.internal.cache.GemFireCacheImpl.determineDefaultPool(GemFireCacheImpl.java:2919)
> at
> org.apache.geode.internal.cache.GemFireCacheImpl.initializeDeclarativeCache(GemFireCacheImpl.java:1394)
> at
> org.apache.geode.internal.cache.GemFireCacheImpl.initialize(GemFireCacheImpl.java:1219)
> at
> org.apache.geode.internal.cache.GemFireCacheImpl.basicCreate(GemFireCacheImpl.java:768)
> at
> org.apache.geode.internal.cache.GemFireCacheImpl.createClient(GemFireCacheImpl.java:740)
> at
> org.apache.geode.cache.client.ClientCacheFactory.basicCreate(ClientCacheFactory.java:264)
> at
> org.apache.geode.cache.client.ClientCacheFactory.create(ClientCacheFactory.java:213)
> at
> org.apache.geode.examples.clientSecurity.Example.<init>(Example.java:70)
> at
> org.apache.geode.examples.clientSecurity.Example.adminUserCanPutAndGetEverywhere(Example.java:86)
> at
> org.apache.geode.examples.clientSecurity.Example.main(Example.java:78)
> Caused by: java.lang.ClassNotFoundException:
> org.springframework.shell.core.JLineShell
> at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
> at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:335)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
> ... 38 more
> {noformat}
> As you can see in below code *GfeConsoleReader* is initialized and is at the
> beginning of the function which causes the above exception. While this should
> be a dependency only for gfsh (to read inputs from the interactive shell) and
> not for non-interactive clients (consider a default).
> {code}
> private KeyManager[] getKeyManagers() throws KeyStoreException, IOException,
> NoSuchAlgorithmException, CertificateException,
> UnrecoverableKeyException {
> GfeConsoleReader consoleReader =
> GfeConsoleReaderFactory.getDefaultConsoleReader();
> if (sslConfig.getKeystore() == null) {
> return null;
> }
> KeyManager[] keyManagers = null;
> String keyStoreType = sslConfig.getKeystoreType();
> if (StringUtils.isEmpty(keyStoreType)) {
> // read from console, default on empty
> if (consoleReader.isSupported()) {
> keyStoreType =
> consoleReader.readLine("Please enter the keyStoreType
> (javax.net.ssl.keyStoreType) : ");
> } else {
> keyStoreType = KeyStore.getDefaultType();
> }
> }
> {code}
> A proposed fix is to avoid asking user input at this level and use default
> values (this is only for optional parameters and validation of mandatory
> parameters happens much earlier and covers the case of missing ones).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
