hailin0 commented on code in PR #8698:
URL: https://github.com/apache/seatunnel/pull/8698#discussion_r1959605661
##########
seatunnel-engine/seatunnel-engine-common/src/main/java/org/apache/seatunnel/engine/common/config/server/HttpConfig.java:
##########
@@ -35,9 +36,23 @@ public class HttpConfig implements Serializable {
private boolean enableDynamicPort =
ServerConfigOptions.ENABLE_DYNAMIC_PORT.defaultValue();
private int portRange = ServerConfigOptions.PORT_RANGE.defaultValue();
+ private boolean requireClientAuth =
ServerConfigOptions.REQUIRE_CLIENT_AUTH.defaultValue();
Review Comment:
remove ?
##########
seatunnel-engine/seatunnel-engine-common/src/main/java/org/apache/seatunnel/engine/common/config/server/ServerConfigOptions.java:
##########
@@ -300,6 +300,61 @@ public class ServerConfigOptions {
.defaultValue(100)
.withDescription(
"The port range of the http server. If
enable-dynamic-port is true, We will use the unused port in the range");
+ // New HTTPS configurations
+ public static final Option<Integer> HTTPS_PORT =
+ Options.key("https-port")
+ .intType()
+ .defaultValue(8443)
+ .withDescription("The port used for HTTPS communication.");
+
+ public static final Option<Boolean> ENABLE_HTTPS =
+ Options.key("enable-https")
+ .booleanType()
+ .defaultValue(false)
+ .withDescription("Whether to enable HTTPS.");
+
+ public static final Option<String> KEYSTORE =
+ Options.key("keystore")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The file path of the keystore for
HTTPS.");
+
+ public static final Option<String> KEYSTORE_PASSWORD =
+ Options.key("keystore-password")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The password for the keystore.");
+
+ public static final Option<String> KEY_PASSWORD =
+ Options.key("key-password")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The password for the key in the
keystore.");
+
+ public static final Option<Boolean> REQUIRE_CLIENT_AUTH =
Review Comment:
remove?
##########
seatunnel-engine/seatunnel-engine-server/src/main/java/org/apache/seatunnel/engine/server/JettyService.java:
##########
@@ -88,14 +94,63 @@ public class JettyService {
public JettyService(NodeEngineImpl nodeEngine, SeaTunnelConfig
seaTunnelConfig) {
this.nodeEngine = nodeEngine;
this.seaTunnelConfig = seaTunnelConfig;
+ this.server = new Server();
+ configureServer();
+ }
+
+ private void configureServer() {
+ if (seaTunnelConfig.getEngineConfig().getHttpConfig().isEnableHttps())
{
+ configureHttps();
+ } else {
+ configureHttp();
+ }
+ }
+
+ private void configureHttp() {
int port = seaTunnelConfig.getEngineConfig().getHttpConfig().getPort();
if
(seaTunnelConfig.getEngineConfig().getHttpConfig().isEnableDynamicPort()) {
port =
chooseAppropriatePort(
port,
seaTunnelConfig.getEngineConfig().getHttpConfig().getPortRange());
}
- log.info("SeaTunnel REST service will start on port {}", port);
- this.server = new Server(port);
+ ServerConnector httpConnector = new ServerConnector(server);
+ httpConnector.setPort(port);
+ server.addConnector(httpConnector);
+ log.info("SeaTunnel REST service will start on HTTP port {}", port);
+ }
+
+ private void configureHttps() {
+ // Create and configure the SSL context factory
+ SslContextFactory.Server sslContextFactory = new
SslContextFactory.Server();
+ sslContextFactory.setKeyStorePath(
+
seaTunnelConfig.getEngineConfig().getHttpConfig().getKeystore());
+ sslContextFactory.setKeyStorePassword(
+
seaTunnelConfig.getEngineConfig().getHttpConfig().getKeystorePassword());
+ sslContextFactory.setKeyManagerPassword(
+
seaTunnelConfig.getEngineConfig().getHttpConfig().getKeyPassword());
+
+ if
(seaTunnelConfig.getEngineConfig().getHttpConfig().isTwoWayAuthEnabled()) {
+ sslContextFactory.setTrustStorePath(
Review Comment:
```suggestion
sslContextFactory.setNeedClientAuth(true);
sslContextFactory.setTrustStorePath(
```
##########
seatunnel-engine/seatunnel-engine-common/src/main/java/org/apache/seatunnel/engine/common/config/server/ServerConfigOptions.java:
##########
@@ -300,6 +300,61 @@ public class ServerConfigOptions {
.defaultValue(100)
.withDescription(
"The port range of the http server. If
enable-dynamic-port is true, We will use the unused port in the range");
+ // New HTTPS configurations
+ public static final Option<Integer> HTTPS_PORT =
+ Options.key("https-port")
+ .intType()
+ .defaultValue(8443)
+ .withDescription("The port used for HTTPS communication.");
+
+ public static final Option<Boolean> ENABLE_HTTPS =
+ Options.key("enable-https")
+ .booleanType()
+ .defaultValue(false)
+ .withDescription("Whether to enable HTTPS.");
+
+ public static final Option<String> KEYSTORE =
+ Options.key("keystore")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The file path of the keystore for
HTTPS.");
+
+ public static final Option<String> KEYSTORE_PASSWORD =
+ Options.key("keystore-password")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The password for the keystore.");
+
+ public static final Option<String> KEY_PASSWORD =
+ Options.key("key-password")
+ .stringType()
+ .defaultValue("")
+ .withDescription("The password for the key in the
keystore.");
+
+ public static final Option<Boolean> REQUIRE_CLIENT_AUTH =
+ Options.key("require-client-auth")
+ .booleanType()
+ .defaultValue(false)
+ .withDescription(
+ "Whether to require client authentication for
HTTPS connections.");
+
+ public static final Option<String> KEY_MANAGER_PASSWORD =
Review Comment:
remove?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
