[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection

Mon, 11 Mar 2019 20:59:54 -0700 


    [ 
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16790197#comment-16790197
 ] 

Zhong Yanghong commented on KYLIN-3867:
---------------------------------------

With this patch, users can leverage key store & trust store by either system 
properties or jdbc specified properties.
* by system properties 
{code}
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.keyStore", "/path/to/mystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
 
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStore", "/path/to/truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
 
String user = "XXX";
String password = "###";
String ssl = "true";
String url = "UUUUUUUUU";
String projectName = "PPPPPPP";
String sql = "XXXX";
 
Driver driver = (Driver) 
Class.forName("org.apache.kylin.jdbc.Driver").newInstance();
Properties info = new Properties();
info.put("user", user);
info.put("password", password);
info.put("ssl", ssl);
Connection conn = driver.connect("jdbc:kylin://" + url + "/" + projectName, 
info);
Statement state = conn.createStatement();
ResultSet resultSet = state.executeQuery(sql);
 
while (resultSet.next()) {
    int nCols = resultSet.getMetaData().getColumnCount();
    for (int i = 1; i <= nCols; i++) {
        System.out.print(resultSet.getString(i) + ",");
    }
    System.out.println();
}
{code}
* by jdbc specified properties
{code}
String user = "XXX";
String password = "###";
String ssl = "true";
String url = "UUUUUUUUU";
String projectName = "PPPPPPP";
String sql = "XXXX";
 
Driver driver = (Driver) 
Class.forName("org.apache.kylin.jdbc.Driver").newInstance();
Properties info = new Properties();
info.put("user", user);
info.put("password", password);
info.put("ssl", ssl);
info.put("javax.net.ssl.keyStoreType", "jks");
info.put("javax.net.ssl.keyStore", "/path/to/mystore.jks");
info.put("javax.net.ssl.keyStorePassword", "changeit");
info.put("javax.net.ssl.trustStoreType", "jks");
info.put("javax.net.ssl.trustStore", "/path/to/truststore.jks");
info.put("javax.net.ssl.trustStorePassword", "changeit");
Connection conn = driver.connect("jdbc:kylin://" + url + "/" + projectName, 
info);
Statement state = conn.createStatement();
ResultSet resultSet = state.executeQuery(sql);
 
while (resultSet.next()) {
    int nCols = resultSet.getMetaData().getColumnCount();
    for (int i = 1; i <= nCols; i++) {
        System.out.print(resultSet.getString(i) + ",");
    }
    System.out.println();
}
{code}

> Enable JDBC to use key store & trust store for https connection
> ---------------------------------------------------------------
>
>                 Key: KYLIN-3867
>                 URL: https://issues.apache.org/jira/browse/KYLIN-3867
>             Project: Kylin
>          Issue Type: Improvement
>            Reporter: Zhong Yanghong
>            Assignee: Zhong Yanghong
>            Priority: Major
>
> In some cases, JDBC clients need to pass its client cert & key to the 
> downstream for authentication. Then the JDBC needs to create a connection 
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>  
> public class SSLContextTest5 {
>  
>   public static void main( String[] args )
>       throws Exception
>   {
>     System.setProperty("javax.net.ssl.keyStoreType", "jks");
>     System.setProperty("javax.net.ssl.trustStoreType", "jks");
>     System.setProperty("javax.net.ssl.keyStore", 
> "/export/home/miweng/test2/mystore.jks");
>     System.setProperty("javax.net.ssl.trustStore", 
> "/export/home/miweng/test2/truststore.jks");
>     System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
>     System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>  
>     //System.setProperty("https.protocols", "TLSv1.2");
>  
>     try {
>       URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf";);
>       HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>  
>       SSLSocketFactory sslsocketfactory = (SSLSocketFactory) 
> SSLSocketFactory.getDefault();
>       con.setSSLSocketFactory(sslsocketfactory);
>       InputStream inputstream = con.getInputStream();
>       InputStreamReader inputstreamreader = new 
> InputStreamReader(inputstream);
>       BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>  
>       String string = null;
>       while ((string = bufferedreader.readLine()) != null) {
>           System.out.println("Received " + string);
>       }
>     } catch (Exception e) { e.printStackTrace(); }
>   }
> }
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to