diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-11-14 17:34:14 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-11-14 17:34:14 +0100 |
commit | eed46ca2384f088132d776fd88520ddf1a0b194f (patch) | |
tree | 23f44af7c72f6f3b0df7e22a27b5962f6e072dea /config-model | |
parent | 59f7db352ea4ef2dd6a96fe986a18b61f28211f7 (diff) |
Support custom SslKeyStoreConfigurator implementation in services.xml
Diffstat (limited to 'config-model')
7 files changed, 56 insertions, 4 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/Container.java b/config-model/src/main/java/com/yahoo/vespa/model/container/Container.java index 5915f0cea0b..8991bfa6215 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/Container.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/Container.java @@ -201,7 +201,7 @@ public class Container extends AbstractService implements } private void initDefaultJettyConnector() { - defaultHttpServer.addConnector(new ConnectorFactory("SearchServer", getSearchPort(), null)); + defaultHttpServer.addConnector(new ConnectorFactory("SearchServer", getSearchPort())); } private boolean hasDocproc() { diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java b/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java index 91d5b7fe267..274fb290f03 100755 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/ContainerCluster.java @@ -27,6 +27,7 @@ import com.yahoo.container.handler.ThreadPoolProvider; import com.yahoo.container.handler.ThreadpoolConfig; import com.yahoo.container.jdisc.ContainerMbusConfig; import com.yahoo.container.jdisc.JdiscBindingsConfig; +import com.yahoo.container.jdisc.SslKeyStoreConfiguratorProvider; import com.yahoo.container.jdisc.config.HealthMonitorConfig; import com.yahoo.container.jdisc.config.MetricDefaultsConfig; import com.yahoo.container.jdisc.messagebus.MbusServerProvider; @@ -221,6 +222,7 @@ public final class ContainerCluster addSimpleComponent(SIMPLE_LINGUISTICS_PROVIDER); addSimpleComponent("com.yahoo.container.jdisc.SecretStoreProvider"); addSimpleComponent("com.yahoo.container.jdisc.CertificateStoreProvider"); + addSimpleComponent(SslKeyStoreConfiguratorProvider.class.getName()); addSimpleComponent("com.yahoo.container.jdisc.metric.MetricConsumerProviderProvider"); addSimpleComponent("com.yahoo.container.jdisc.metric.MetricProvider"); addSimpleComponent("com.yahoo.container.jdisc.metric.MetricUpdater"); diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ConnectorFactory.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ConnectorFactory.java index 9d3d8b32ddb..abc2575bee5 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/ConnectorFactory.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/ConnectorFactory.java @@ -22,7 +22,14 @@ public class ConnectorFactory extends SimpleComponent implements ConnectorConfig private volatile int listenPort; private final Element legacyConfig; - public ConnectorFactory(final String name, final int listenPort, final Element legacyConfig) { + public ConnectorFactory(String name, int listenPort) { + this(name, listenPort, null, null); + } + + public ConnectorFactory(final String name, + final int listenPort, + final Element legacyConfig, + Element sslKeystoreConfigurator) { super(new ComponentModel( new BundleInstantiationSpecification(new ComponentId(name), fromString("com.yahoo.jdisc.http.server.jetty.ConnectorFactory"), @@ -34,6 +41,13 @@ public class ConnectorFactory extends SimpleComponent implements ConnectorConfig this.name = name; this.listenPort = listenPort; this.legacyConfig = legacyConfig; + if (sslKeystoreConfigurator != null) { + String className = sslKeystoreConfigurator.getAttribute("class"); + String bundleName = sslKeystoreConfigurator.getAttribute("bundle"); + SimpleComponent sslKeyStoreConfiguratorComponent = + new SimpleComponent(new ComponentModel(name, className, bundleName)); + addChild(sslKeyStoreConfiguratorComponent); + } } @Override diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/xml/JettyConnectorBuilder.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/xml/JettyConnectorBuilder.java index 6271ff817bb..f2012a609a7 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/xml/JettyConnectorBuilder.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/xml/JettyConnectorBuilder.java @@ -33,6 +33,8 @@ public class JettyConnectorBuilder extends VespaDomBuilder.DomConfigProducerBuil legacyServerConfig = null; } } - return new ConnectorFactory(name, port, legacyServerConfig); + Element sslKeystoreConfigurator = XML.getChild(serverSpec, "ssl-keystore-configurator"); + return new ConnectorFactory(name, port, legacyServerConfig, sslKeystoreConfigurator); } + } diff --git a/config-model/src/main/resources/schema/containercluster.rnc b/config-model/src/main/resources/schema/containercluster.rnc index af9b89b8553..d8df4e07f23 100644 --- a/config-model/src/main/resources/schema/containercluster.rnc +++ b/config-model/src/main/resources/schema/containercluster.rnc @@ -62,6 +62,7 @@ Filtering = element filtering { HttpServer = element server { attribute port { xsd:nonNegativeInteger } & ComponentId & + element ssl-keystore-configurator { BundleSpec }? & GenericConfig* } diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java index 4621b5ebe50..cc9a17c0bea 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java @@ -3,13 +3,18 @@ package com.yahoo.vespa.model.container.xml; import com.yahoo.config.model.builder.xml.test.DomBuilderTest; import com.yahoo.container.ComponentsConfig; +import com.yahoo.container.bundle.BundleInstantiationSpecification; import com.yahoo.container.jdisc.FilterBindingsProvider; import com.yahoo.jdisc.http.ConnectorConfig; import com.yahoo.vespa.model.container.ContainerCluster; +import com.yahoo.vespa.model.container.component.SimpleComponent; +import com.yahoo.vespa.model.container.http.ConnectorFactory; import com.yahoo.vespa.model.container.http.JettyHttpServer; import org.junit.Test; import org.w3c.dom.Element; +import org.xml.sax.SAXException; +import java.io.IOException; import java.util.List; import static com.yahoo.jdisc.http.ConnectorConfig.Ssl.KeyStoreType; @@ -182,6 +187,32 @@ public class JettyContainerModelBuilderTest extends ContainerModelBuilderTestBas is(not(nullValue()))); } + @Test + public void ssl_keystore_configurator_can_be_overriden() throws IOException, SAXException { + Element clusterElem = DomBuilderTest.parse( + "<jdisc id='default' version='1.0' jetty='true'>", + " <http>", + " <server port='9000' id='foo'>", + " <ssl-keystore-configurator class='com.yahoo.MySslKeyStoreConfigurator' bundle='mybundle'/>", + " </server>", + " <server port='9001' id='bar'/>", + " </http>", + nodesXml, + "</jdisc>"); + createModel(root, clusterElem); + ContainerCluster cluster = (ContainerCluster) root.getChildren().get("default"); + List<ConnectorFactory> connectorFactories = cluster.getChildrenByTypeRecursive(ConnectorFactory.class); + + ConnectorFactory firstConnector = connectorFactories.get(0); + SimpleComponent sslKeystoreConfigurator = firstConnector.getChildrenByTypeRecursive(SimpleComponent.class).get(0); + BundleInstantiationSpecification spec = sslKeystoreConfigurator.model.bundleInstantiationSpec; + assertThat(spec.classId.toString(), is("com.yahoo.MySslKeyStoreConfigurator")); + assertThat(spec.bundle.toString(), is("mybundle")); + + ConnectorFactory secondFactory = connectorFactories.get(1); + assertThat(secondFactory.getChildrenByTypeRecursive(SimpleComponent.class).size(), is(0)); + } + private void assertJettyServerInConfig() { ContainerCluster cluster = (ContainerCluster) root.getChildren().get("default"); List<JettyHttpServer> jettyServers = cluster.getChildrenByTypeRecursive(JettyHttpServer.class); diff --git a/config-model/src/test/schema-test-files/services.xml b/config-model/src/test/schema-test-files/services.xml index 380ce7f5a3d..88983103616 100644 --- a/config-model/src/test/schema-test-files/services.xml +++ b/config-model/src/test/schema-test-files/services.xml @@ -111,7 +111,9 @@ </request-chain> </filtering> - <server port="4080" id="myServer" /> + <server port="4080" id="myServer"> + <ssl-keystore-configurator class="com.yahoo.MySslKeyStoreConfigurator" bundle="mybundle" /> + </server> <server port="4081" id="anotherServer"> <config name="container.jdisc.config.http-server"> <maxChunkSize>9999</maxChunkSize> |