Change in asterixdb-clients[master]: [NO ISSUE][JDBC] Preliminary support for SSL connections

Wed, 13 Oct 2021 11:49:17 -0700 

>From Dmitry Lychagin <[email protected]>:

Dmitry Lychagin has uploaded this change for review. ( 
https://asterix-gerrit.ics.uci.edu/c/asterixdb-clients/+/13686 )


Change subject: [NO ISSUE][JDBC] Preliminary support for SSL connections
......................................................................

[NO ISSUE][JDBC] Preliminary support for SSL connections

- user model changes: no
- storage format changes: no
- interface changes: no

Details:
- Add 'ssl' driver property
- Add 'Require SSL' option to connect dialog

Change-Id: Ibd70661ed2a2a275e4a9096316fd981a5d297c40
---
M 
asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
M 
asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
M 
asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
M 
asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
M 
asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
5 files changed, 22 insertions(+), 9 deletions(-)



  git pull ssh://asterix-gerrit.ics.uci.edu:29418/asterixdb-clients 
refs/changes/86/13686/1

diff --git 
a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
 
b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
index 7312861..4d454e6 100644
--- 
a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
+++ 
b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
@@ -43,7 +43,8 @@
         CATALOG_DATAVERSE_MODE("catalogDataverseMode", Integer::parseInt, 1, 
false), // 1 -> CATALOG, 2 -> CATALOG_SCHEMA
         CATALOG_INCLUDES_SCHEMALESS("catalogIncludesSchemaless", 
Boolean::parseBoolean, false, false),
         SQL_COMPAT_MODE("sqlCompatMode", Boolean::parseBoolean, true, false), 
// Whether user statements are executed in 'SQL-compat' mode
-        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, 
true);
+        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, 
true),
+        SSL("ssl", Boolean::parseBoolean, false, false);

         private final String propertyName;

diff --git 
a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
 
b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
index 5bc0d9e..2f95b57 100644
--- 
a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
+++ 
b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
@@ -103,12 +103,13 @@
     public ADBProtocol(String host, int port, Map<ADBDriverProperty, Object> 
params, ADBDriverContext driverContext)
             throws SQLException {
         super(driverContext, params);
-        URI queryEndpoint =
-                createEndpointUri(host, port, QUERY_SERVICE_ENDPOINT_PATH, 
driverContext.getErrorReporter());
+        boolean sslEnabled = (Boolean) 
ADBDriverProperty.Common.SSL.fetchPropertyValue(params);
+        URI queryEndpoint = createEndpointUri(sslEnabled, host, port, 
QUERY_SERVICE_ENDPOINT_PATH,
+                driverContext.getErrorReporter());
         URI queryResultEndpoint =
-                createEndpointUri(host, port, QUERY_RESULT_ENDPOINT_PATH, 
driverContext.getErrorReporter());
-        URI activeRequestsEndpoint =
-                createEndpointUri(host, port, 
getActiveRequestsEndpointPath(params), driverContext.getErrorReporter());
+                createEndpointUri(sslEnabled, host, port, 
QUERY_RESULT_ENDPOINT_PATH, driverContext.getErrorReporter());
+        URI activeRequestsEndpoint = createEndpointUri(sslEnabled, host, port, 
getActiveRequestsEndpointPath(params),
+                driverContext.getErrorReporter());

         PoolingHttpClientConnectionManager httpConnectionManager = new 
PoolingHttpClientConnectionManager();
         int maxConnections = Math.max(16, 
Runtime.getRuntime().availableProcessors());
@@ -437,10 +438,10 @@
         }
     }

-    private static URI createEndpointUri(String host, int port, String path, 
ADBErrorReporter errorReporter)
-            throws SQLException {
+    private static URI createEndpointUri(boolean sslEnabled, String host, int 
port, String path,
+            ADBErrorReporter errorReporter) throws SQLException {
         try {
-            return new URI("http", null, host, port, path, null, null);
+            return new URI(sslEnabled ? "https" : "http", null, host, port, 
path, null, null);
         } catch (URISyntaxException e) {
             throw errorReporter.errorParameterValueNotSupported("endpoint " + 
host + ":" + port);
         }
diff --git 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
index 8242f66..e200852 100644
--- 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
+++ 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
@@ -43,4 +43,11 @@
     </conditions>
   </field>

+  <field name="sslmode" label="Require SSL" value-type="boolean" 
category="general" default-value="" >
+    <boolean-options>
+      <false-value value="" />
+      <true-value value="require" />
+    </boolean-options>
+  </field>
+
 </connection-fields>
\ No newline at end of file
diff --git 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
index 42265f7..77b0d35 100644
--- 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
+++ 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
@@ -20,6 +20,9 @@
     var props = {};
     props["user"] = attr[connectionHelper.attributeUsername];
     props["password"] = attr[connectionHelper.attributePassword];
+    if (attr[connectionHelper.attributeSSLMode] == "require") {
+        props["ssl"] = "true";
+    }
     ${taco.plugin.jdbc.properties.aux}
     return props;
 })
diff --git 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
index 95d4fc2..48543c0 100644
--- 
a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
+++ 
b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
@@ -30,6 +30,7 @@
           <attr>authentication</attr>
           <attr>username</attr>
           <attr>password</attr>
+          <attr>sslmode</attr>
         </attribute-list>
       </required-attributes>
     </connection-normalizer>

--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb-clients/+/13686
To unsubscribe, or for help writing mail filters, visit 
https://asterix-gerrit.ics.uci.edu/settings

Gerrit-Project: asterixdb-clients
Gerrit-Branch: master
Gerrit-Change-Id: Ibd70661ed2a2a275e4a9096316fd981a5d297c40
Gerrit-Change-Number: 13686
Gerrit-PatchSet: 1
Gerrit-Owner: Dmitry Lychagin <[email protected]>
Gerrit-MessageType: newchange

Reply via email to