List of usage examples for org.apache.hadoop.security.ssl SSLFactory SSLFactory
public SSLFactory(Mode mode, Configuration conf)
From source file:org.apache.atlas.security.SecureClientUtils.java
License:Apache License
private static ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf) throws IOException, GeneralSecurityException { final SSLFactory factory; final SSLSocketFactory sf; final HostnameVerifier hv; factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); factory.init();/* www .j ava 2 s. c o m*/ sf = factory.createSSLSocketFactory(); hv = factory.getHostnameVerifier(); return new ConnectionConfigurator() { @Override public HttpURLConnection configure(HttpURLConnection conn) throws IOException { if (conn instanceof HttpsURLConnection) { HttpsURLConnection c = (HttpsURLConnection) conn; c.setSSLSocketFactory(sf); c.setHostnameVerifier(hv); } setTimeouts(conn, timeout); return conn; } }; }
From source file:org.apache.slider.core.registry.retrieve.AMWebClient.java
License:Apache License
private static URLConnectionClientHandler getUrlConnectionClientHandler() { return new URLConnectionClientHandler(new HttpURLConnectionFactory() { @Override/* www. ja v a 2s . co m*/ public HttpURLConnection getHttpURLConnection(URL url) throws IOException { HttpURLConnection connection = (HttpURLConnection) url.openConnection(); if (connection.getResponseCode() == HttpURLConnection.HTTP_MOVED_TEMP) { // is a redirect - are we changing schemes? String redirectLocation = connection.getHeaderField(HttpHeaders.LOCATION); String originalScheme = url.getProtocol(); String redirectScheme = URI.create(redirectLocation).getScheme(); if (!originalScheme.equals(redirectScheme)) { // need to fake it out by doing redirect ourselves log.info("Protocol change during redirect. Redirecting {} to URL {}", url, redirectLocation); URL redirectURL = new URL(redirectLocation); connection = (HttpURLConnection) redirectURL.openConnection(); } } if (connection instanceof HttpsURLConnection) { log.debug("Attempting to configure HTTPS connection using client " + "configuration"); final SSLFactory factory; final SSLSocketFactory sf; final HostnameVerifier hv; try { HttpsURLConnection c = (HttpsURLConnection) connection; factory = new SSLFactory(SSLFactory.Mode.CLIENT, new Configuration()); factory.init(); sf = factory.createSSLSocketFactory(); hv = factory.getHostnameVerifier(); c.setSSLSocketFactory(sf); c.setHostnameVerifier(hv); } catch (Exception e) { log.info("Unable to configure HTTPS connection from " + "configuration. Using JDK properties."); } } return connection; } }); }
From source file:org.apache.slider.core.registry.retrieve.RegistryRetriever.java
License:Apache License
private static URLConnectionClientHandler getUrlConnectionClientHandler() { return new URLConnectionClientHandler(new HttpURLConnectionFactory() { @Override//from w w w .j a v a 2s. c om public HttpURLConnection getHttpURLConnection(URL url) throws IOException { HttpURLConnection connection = (HttpURLConnection) url.openConnection(); if (connection.getResponseCode() == HttpURLConnection.HTTP_MOVED_TEMP) { // is a redirect - are we changing schemes? String redirectLocation = connection.getHeaderField(HttpHeaders.LOCATION); String originalScheme = url.getProtocol(); String redirectScheme = URI.create(redirectLocation).getScheme(); if (!originalScheme.equals(redirectScheme)) { // need to fake it out by doing redirect ourselves log.info("Protocol change during redirect. Redirecting {} to URL {}", url, redirectLocation); URL redirectURL = new URL(redirectLocation); connection = (HttpURLConnection) redirectURL.openConnection(); } } if (connection instanceof HttpsURLConnection) { log.debug("Attempting to configure HTTPS connection using client " + "configuration"); final SSLFactory factory; final SSLSocketFactory sf; final HostnameVerifier hv; try { HttpsURLConnection c = (HttpsURLConnection) connection; factory = new SSLFactory(SSLFactory.Mode.CLIENT, new Configuration()); factory.init(); sf = factory.createSSLSocketFactory(); hv = factory.getHostnameVerifier(); c.setSSLSocketFactory(sf); c.setHostnameVerifier(hv); } catch (Exception e) { log.info("Unable to configure HTTPS connection from " + "configuration. Leveraging JDK properties."); } } return connection; } }); }
From source file:org.apache.slider.core.restclient.SliderURLConnectionFactory.java
License:Apache License
/** * Create a new ConnectionConfigurator for SSL connections *//* w ww .j a v a2 s .co m*/ private static ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf) throws IOException, GeneralSecurityException { final SSLFactory factory; final SSLSocketFactory sf; final HostnameVerifier hv; factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); factory.init(); sf = factory.createSSLSocketFactory(); hv = factory.getHostnameVerifier(); return new ConnectionConfigurator() { @Override public HttpURLConnection configure(HttpURLConnection conn) throws IOException { if (conn instanceof HttpsURLConnection) { HttpsURLConnection c = (HttpsURLConnection) conn; c.setSSLSocketFactory(sf); c.setHostnameVerifier(hv); } SliderURLConnectionFactory.setupConnection(conn, timeout); return conn; } }; }
From source file:org.apache.tez.dag.api.client.TimelineReaderFactory.java
License:Apache License
private static ConnectionConfigurator getNewSSLConnectionConf(final Configuration conf, final int connTimeout) throws IOException { final SSLFactory sslFactory; final SSLSocketFactory sslSocketFactory; final HostnameVerifier hostnameVerifier; sslFactory = new SSLFactory(CLIENT, conf); try {//from ww w . j a v a2s .co m sslFactory.init(); sslSocketFactory = sslFactory.createSSLSocketFactory(); } catch (GeneralSecurityException e) { sslFactory.destroy(); throw new IOException("Failed to initialize ssl factory"); } hostnameVerifier = sslFactory.getHostnameVerifier(); return new ConnectionConfigurator() { @Override public HttpURLConnection configure(HttpURLConnection httpURLConnection) throws IOException { if (!(httpURLConnection instanceof HttpsURLConnection)) { throw new IOException("Expected https connection"); } HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection; httpsURLConnection.setSSLSocketFactory(sslSocketFactory); httpsURLConnection.setHostnameVerifier(hostnameVerifier); setTimeouts(httpsURLConnection, connTimeout); return httpsURLConnection; } }; }
From source file:org.apache.tez.engine.common.shuffle.impl.Fetcher.java
License:Apache License
public Fetcher(Configuration job, TezTaskAttemptID reduceId, ShuffleScheduler scheduler, MergeManager merger, TezTaskReporter reporter, ShuffleClientMetrics metrics, ExceptionReporter exceptionReporter, SecretKey jobTokenSecret) { this.job = job; this.reporter = reporter; this.scheduler = scheduler; this.merger = merger; this.metrics = metrics; this.exceptionReporter = exceptionReporter; this.id = ++nextId; this.reduce = reduceId.getTaskID().getId(); this.jobTokenSecret = jobTokenSecret; ioErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.IO_ERROR.toString()); wrongLengthErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_LENGTH.toString()); badIdErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.BAD_ID.toString()); wrongMapErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_MAP.toString()); connectionErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.CONNECTION.toString()); wrongReduceErrs = reporter.getCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_REDUCE.toString()); if (ConfigUtils.isIntermediateInputCompressed(job)) { Class<? extends CompressionCodec> codecClass = ConfigUtils.getIntermediateInputCompressorClass(job, DefaultCodec.class); codec = ReflectionUtils.newInstance(codecClass, job); decompressor = CodecPool.getDecompressor(codec); } else {//from w ww . j av a 2 s . com codec = null; decompressor = null; } this.connectionTimeout = job.getInt(TezJobConfig.TEZ_ENGINE_SHUFFLE_CONNECT_TIMEOUT, TezJobConfig.DEFAULT_TEZ_ENGINE_SHUFFLE_STALLED_COPY_TIMEOUT); this.readTimeout = job.getInt(TezJobConfig.TEZ_ENGINE_SHUFFLE_READ_TIMEOUT, TezJobConfig.DEFAULT_TEZ_ENGINE_SHUFFLE_READ_TIMEOUT); setName("fetcher#" + id); setDaemon(true); synchronized (Fetcher.class) { sslShuffle = job.getBoolean(TezJobConfig.TEZ_ENGINE_SHUFFLE_ENABLE_SSL, TezJobConfig.DEFAULT_TEZ_ENGINE_SHUFFLE_ENABLE_SSL); if (sslShuffle && sslFactory == null) { sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, job); try { sslFactory.init(); } catch (Exception ex) { sslFactory.destroy(); throw new RuntimeException(ex); } } } }
From source file:org.apache.tez.runtime.library.common.shuffle.impl.Fetcher.java
License:Apache License
public Fetcher(Configuration job, ShuffleScheduler scheduler, MergeManager merger, ShuffleClientMetrics metrics, Shuffle shuffle, SecretKey jobTokenSecret, boolean ifileReadAhead, int ifileReadAheadLength, CompressionCodec codec, TezInputContext inputContext) throws IOException { this.job = job; this.scheduler = scheduler; this.merger = merger; this.metrics = metrics; this.shuffle = shuffle; this.id = ++nextId; this.jobTokenSecret = jobTokenSecret; ioErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.IO_ERROR.toString()); wrongLengthErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_LENGTH.toString()); badIdErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.BAD_ID.toString()); wrongMapErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_MAP.toString()); connectionErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.CONNECTION.toString()); wrongReduceErrs = inputContext.getCounters().findCounter(SHUFFLE_ERR_GRP_NAME, ShuffleErrors.WRONG_REDUCE.toString()); this.ifileReadAhead = ifileReadAhead; this.ifileReadAheadLength = ifileReadAheadLength; if (codec != null) { this.codec = codec; this.decompressor = CodecPool.getDecompressor(codec); } else {// w w w. j ava 2 s . co m this.codec = null; this.decompressor = null; } this.connectionTimeout = job.getInt(TezJobConfig.TEZ_RUNTIME_SHUFFLE_CONNECT_TIMEOUT, TezJobConfig.DEFAULT_TEZ_RUNTIME_SHUFFLE_STALLED_COPY_TIMEOUT); this.readTimeout = job.getInt(TezJobConfig.TEZ_RUNTIME_SHUFFLE_READ_TIMEOUT, TezJobConfig.DEFAULT_TEZ_RUNTIME_SHUFFLE_READ_TIMEOUT); setName("fetcher#" + id); setDaemon(true); synchronized (Fetcher.class) { sslShuffle = job.getBoolean(TezJobConfig.TEZ_RUNTIME_SHUFFLE_ENABLE_SSL, TezJobConfig.DEFAULT_TEZ_RUNTIME_SHUFFLE_ENABLE_SSL); if (sslShuffle && sslFactory == null) { sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, job); try { sslFactory.init(); } catch (Exception ex) { sslFactory.destroy(); throw new RuntimeException(ex); } } } }