com.datastax.driver.core.SSLOptions Java Examples
The following examples show how to use
com.datastax.driver.core.SSLOptions.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CassandraClient.java From debezium-incubator with Apache License 2.0 | 6 votes |
|
@VisibleForTesting
CassandraClient(CassandraConnectorConfig config, LoadBalancingPolicy lbPolicy) throws GeneralSecurityException, IOException {
Cluster.Builder builder = Cluster.builder()
.addContactPoints(config.cassandraHosts())
.withPort(config.cassandraPort())
.withProtocolVersion(ProtocolVersion.V4)
.withLoadBalancingPolicy(lbPolicy)
// See https://docs.datastax.com/en/developer/java-driver/3.5/manual/metrics/#metrics-4-compatibility.
.withoutJMXReporting();
if (config.cassandraUsername() != null && config.cassandraPassword() != null) {
builder.withCredentials(config.cassandraUsername(), config.cassandraPassword());
}
if (config.cassandraSslEnabled()) {
SslContext sslContext = createSslContext(config.cassandraSslConfigPath());
SSLOptions sslOptions = new RemoteEndpointAwareNettySSLOptions(sslContext);
builder.withSSL(sslOptions);
}
cluster = builder.build();
session = cluster.connect();
registerClusterMetrics(cluster.getClusterName());
}
Example #2
| Source File: CqlCount.java From cassandra-count with Apache License 2.0 | 6 votes |
|
private SSLOptions createSSLOptions()
throws KeyStoreException, FileNotFoundException, IOException, NoSuchAlgorithmException,
KeyManagementException, CertificateException, UnrecoverableKeyException {
TrustManagerFactory tmf = null;
KeyStore tks = KeyStore.getInstance("JKS");
tks.load((InputStream) new FileInputStream(new File(truststorePath)),
truststorePwd.toCharArray());
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(tks);
KeyManagerFactory kmf = null;
if (null != keystorePath) {
KeyStore kks = KeyStore.getInstance("JKS");
kks.load((InputStream) new FileInputStream(new File(keystorePath)),
keystorePwd.toCharArray());
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(kks, keystorePwd.toCharArray());
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf != null? kmf.getKeyManagers() : null,
tmf != null ? tmf.getTrustManagers() : null,
new SecureRandom());
return JdkSSLOptions.builder().withSSLContext(sslContext).build(); //SSLOptions.DEFAULT_SSL_CIPHER_SUITES);
}
Example #3
| Source File: NamespaceOverrideMapper.java From hawkular-metrics with Apache License 2.0 | 6 votes |
|
private Session createSession() {
Cluster.Builder clusterBuilder = new Cluster.Builder();
String nodes = System.getProperty("hawkular.metrics.cassandra.nodes", "hawkular-cassandra");
Arrays.stream(nodes.split(",")).forEach(clusterBuilder::addContactPoint);
if (System.getProperty("hawkular.metrics.cassandra.use-ssl") != null && !System.getProperty("hawkular.metrics.cassandra.use-ssl").equals("false")) {
SSLOptions sslOptions = null;
try {
String[] defaultCipherSuites = {"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"};
sslOptions = JdkSSLOptions.builder().withSSLContext(SSLContext.getDefault())
.withCipherSuites(defaultCipherSuites).build();
clusterBuilder.withSSL(sslOptions);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("SSL support is required but is not available in the JVM.", e);
}
}
Cluster cluster = clusterBuilder.build();
cluster.init();
Session session = cluster.connect();
return session;
}
Example #4
| Source File: CQLService.java From Doradus with Apache License 2.0 | 6 votes |
|
private SSLOptions getSSLOptions() {
SSLContext sslContext = null;
try {
sslContext = getSSLContext(getParamString("truststore"),
getParamString("truststorepassword"),
getParamString("keystore"),
getParamString("keystorepassword"));
} catch (Exception e) {
throw new RuntimeException("Unable to build SSLContext", e);
}
List<String> cipherSuites = getParamList("dbtls_cipher_suites");
if (cipherSuites == null) {
cipherSuites = new ArrayList<>();
}
return new SSLOptions(sslContext, cipherSuites.toArray(new String[]{}));
}
Example #5
| Source File: DataSource.java From ignite with Apache License 2.0 | 5 votes |
|
/** {@inheritDoc} */
@SuppressWarnings("unchecked")
@Override public void readExternal(ObjectInput in) throws IOException, ClassNotFoundException {
fetchSize = (Integer)in.readObject();
readConsistency = (ConsistencyLevel)in.readObject();
writeConsistency = (ConsistencyLevel)in.readObject();
user = U.readString(in);
pwd = U.readString(in);
port = (Integer)in.readObject();
contactPoints = (List<InetAddress>)in.readObject();
contactPointsWithPorts = (List<InetSocketAddress>)in.readObject();
maxSchemaAgreementWaitSeconds = (Integer)in.readObject();
protoVer = (Integer)in.readObject();
compression = U.readString(in);
useSSL = (Boolean)in.readObject();
collectMetrix = (Boolean)in.readObject();
jmxReporting = (Boolean)in.readObject();
creds = (Credentials)in.readObject();
loadBalancingPlc = (LoadBalancingPolicy)readObject(in);
reconnectionPlc = (ReconnectionPolicy)readObject(in);
addrTranslator = (AddressTranslator)readObject(in);
speculativeExecutionPlc = (SpeculativeExecutionPolicy)readObject(in);
authProvider = (AuthProvider)readObject(in);
sslOptions = (SSLOptions)readObject(in);
poolingOptions = (PoolingOptions)readObject(in);
sockOptions = (SocketOptions)readObject(in);
nettyOptions = (NettyOptions)readObject(in);
}
Example #6
| Source File: JDKSSLOptionsFactoryTest.java From dropwizard-cassandra with Apache License 2.0 | 5 votes |
|
@Test
public void returnsInstanceOfJdkSSLOptions() throws Exception {
final JDKSSLOptionsFactory factory = new JDKSSLOptionsFactory();
final SSLOptions options = factory.build();
assertThat(options).isInstanceOf(JdkSSLOptions.class);
}
Example #7
| Source File: NettySSLOptionsFactoryTest.java From dropwizard-cassandra with Apache License 2.0 | 5 votes |
|
@Test
public void returnsInstanceOfNettySSLOptions() throws Exception {
final NettySSLOptionsFactory factory = new NettySSLOptionsFactory();
final SSLOptions options = factory.build();
assertThat(options).isInstanceOf(NettySSLOptions.class);
}
Example #8
| Source File: Installer.java From hawkular-metrics with Apache License 2.0 | 5 votes |
|
private Session createSession() {
Cluster.Builder clusterBuilder = new Cluster.Builder();
clusterBuilder.addContactPoints(cassandraNodes.toArray(new String[] {}));
if (useSSL) {
SSLOptions sslOptions = null;
try {
String[] defaultCipherSuites = {"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"};
sslOptions = JdkSSLOptions.builder().withSSLContext(SSLContext.getDefault())
.withCipherSuites(defaultCipherSuites).build();
clusterBuilder.withSSL(sslOptions);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("SSL support is required but is not available in the JVM.", e);
}
}
clusterBuilder.withoutJMXReporting();
Cluster cluster = clusterBuilder.build();
cluster.init();
Session createdSession = null;
try {
createdSession = cluster.connect("system");
return createdSession;
} finally {
if (createdSession == null) {
cluster.close();
}
}
}
Example #9
| Source File: CqlConfigHelper.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
public static Cluster getInputCluster(String[] hosts, Configuration conf)
{
int port = getInputNativePort(conf);
Optional<AuthProvider> authProvider = getAuthProvider(conf);
Optional<SSLOptions> sslOptions = getSSLOptions(conf);
Optional<Integer> protocolVersion = getProtocolVersion(conf);
LoadBalancingPolicy loadBalancingPolicy = getReadLoadBalancingPolicy(conf, hosts);
SocketOptions socketOptions = getReadSocketOptions(conf);
QueryOptions queryOptions = getReadQueryOptions(conf);
PoolingOptions poolingOptions = getReadPoolingOptions(conf);
Cluster.Builder builder = Cluster.builder()
.addContactPoints(hosts)
.withPort(port)
.withCompression(ProtocolOptions.Compression.NONE);
if (authProvider.isPresent())
builder.withAuthProvider(authProvider.get());
if (sslOptions.isPresent())
builder.withSSL(sslOptions.get());
if (protocolVersion.isPresent()) {
builder.withProtocolVersion(protocolVersion.get());
}
builder.withLoadBalancingPolicy(loadBalancingPolicy)
.withSocketOptions(socketOptions)
.withQueryOptions(queryOptions)
.withPoolingOptions(poolingOptions);
return builder.build();
}
Example #10
| Source File: CqlConfigHelper.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
private static Optional<SSLOptions> getSSLOptions(Configuration conf)
{
Optional<String> truststorePath = getInputNativeSSLTruststorePath(conf);
Optional<String> keystorePath = getInputNativeSSLKeystorePath(conf);
Optional<String> truststorePassword = getInputNativeSSLTruststorePassword(conf);
Optional<String> keystorePassword = getInputNativeSSLKeystorePassword(conf);
Optional<String> cipherSuites = getInputNativeSSLCipherSuites(conf);
if (truststorePath.isPresent() && keystorePath.isPresent() && truststorePassword.isPresent() && keystorePassword.isPresent())
{
SSLContext context;
try
{
context = getSSLContext(truststorePath.get(), truststorePassword.get(), keystorePath.get(), keystorePassword.get());
}
catch (UnrecoverableKeyException | KeyManagementException |
NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException e)
{
throw new RuntimeException(e);
}
String[] css = SSLOptions.DEFAULT_SSL_CIPHER_SUITES;
if (cipherSuites.isPresent())
css = cipherSuites.get().split(",");
return Optional.of(new SSLOptions(context,css));
}
return Optional.absent();
}
Example #11
| Source File: DataSource.java From ignite with Apache License 2.0 | 4 votes |
|
/**
* Sets SSL options.
*
* @param options SSL options.
*/
public void setSslOptions(SSLOptions options) {
sslOptions = options;
invalidate();
}
Example #12
| Source File: CassandraConfig.java From realtime-analytics with GNU General Public License v2.0 | 4 votes |
|
public SSLOptions getSslOptions() {
return sslOptions;
}
Example #13
| Source File: CassandraConfig.java From realtime-analytics with GNU General Public License v2.0 | 4 votes |
|
public void setSslOptions(SSLOptions sslOptions) {
this.sslOptions = sslOptions;
}
Example #14
| Source File: NettySSLOptionsFactory.java From dropwizard-cassandra with Apache License 2.0 | 4 votes |
|
@Override
public SSLOptions build() {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
if (provider != null) {
sslContextBuilder.sslProvider(provider);
}
if (ciphers != null) {
sslContextBuilder.ciphers(ciphers);
}
if (clientAuth != null) {
sslContextBuilder.clientAuth(clientAuth);
}
if (sessionCacheSize != null) {
sslContextBuilder.sessionCacheSize(sessionCacheSize);
}
if (sessionTimeout != null) {
sslContextBuilder.sessionTimeout(sessionTimeout.toSeconds());
}
if (trustCertChainFile != null) {
sslContextBuilder.trustManager(trustCertChainFile);
}
if (keyManager != null) {
sslContextBuilder.keyManager(
keyManager.getKeyCertChainFile(),
keyManager.getKeyFile(),
keyManager.getKeyPassword());
}
SslContext sslContext;
try {
sslContext = sslContextBuilder.build();
} catch (SSLException e) {
throw new RuntimeException("Unable to build Netty SslContext", e);
}
return new NettySSLOptions(sslContext);
}
Example #15
| Source File: JDKSSLOptionsFactory.java From dropwizard-cassandra with Apache License 2.0 | 4 votes |
|
@Override
public SSLOptions build() {
return JdkSSLOptions.builder().build();
}
Example #16
| Source File: SSLOptionsFactory.java From dropwizard-cassandra with Apache License 2.0 | votes |
|
SSLOptions build();
