[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16791529#comment-16791529
]
ASF subversion and git services commented on KYLIN-3867:
Commit 699d650b076d6309f1087ee3c95705c253616075 in kylin's branch
refs/heads/master from kyotoYaho
[ https://gitbox.apache.org/repos/asf?p=kylin.git;h=699d650 ]
KYLIN-3867 leverage jdbc specified properties to enable JDBC to use key store &
trust store for https connection
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
> Fix For: v3.0.0
>
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16791528#comment-16791528
]
ASF subversion and git services commented on KYLIN-3867:
Commit 6a80d36ac8ae3f7caf5ce630434cefa94366f0db in kylin's branch
refs/heads/master from kyotoYaho
[ https://gitbox.apache.org/repos/asf?p=kylin.git;h=6a80d36 ]
KYLIN-3867 leverage system properties to enable JDBC to use key store & trust
store for https connection
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
> Fix For: v3.0.0
>
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16791531#comment-16791531
]
ASF GitHub Bot commented on KYLIN-3867:
---
shaofengshi commented on pull request #510: KYLIN-3867 Enable JDBC to use key
store & trust store for https connection
URL: https://github.com/apache/kylin/pull/510
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
> Fix For: v3.0.0
>
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16790213#comment-16790213
]
Zhong Yanghong commented on KYLIN-3867:
---
https://github.com/apache/kylin/pull/510
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16790212#comment-16790212
]
ASF GitHub Bot commented on KYLIN-3867:
---
kyotoYaho commented on pull request #510: KYLIN-3867 Enable JDBC to use key
store & trust store for https connection
URL: https://github.com/apache/kylin/pull/510
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (KYLIN-3867) Enable JDBC to use key store & trust store for https connection
[
https://issues.apache.org/jira/browse/KYLIN-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16790197#comment-16790197
]
Zhong Yanghong commented on KYLIN-3867:
---
With this patch, users can leverage key store & trust store by either system
properties or jdbc specified properties.
* by system properties
{code}
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.keyStore", "/path/to/mystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.trustStore", "/path/to/truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
String user = "XXX";
String password = "###";
String ssl = "true";
String url = "U";
String projectName = "PPP";
String sql = "";
Driver driver = (Driver)
Class.forName("org.apache.kylin.jdbc.Driver").newInstance();
Properties info = new Properties();
info.put("user", user);
info.put("password", password);
info.put("ssl", ssl);
Connection conn = driver.connect("jdbc:kylin://" + url + "/" + projectName,
info);
Statement state = conn.createStatement();
ResultSet resultSet = state.executeQuery(sql);
while (resultSet.next()) {
int nCols = resultSet.getMetaData().getColumnCount();
for (int i = 1; i <= nCols; i++) {
System.out.print(resultSet.getString(i) + ",");
}
System.out.println();
}
{code}
* by jdbc specified properties
{code}
String user = "XXX";
String password = "###";
String ssl = "true";
String url = "U";
String projectName = "PPP";
String sql = "";
Driver driver = (Driver)
Class.forName("org.apache.kylin.jdbc.Driver").newInstance();
Properties info = new Properties();
info.put("user", user);
info.put("password", password);
info.put("ssl", ssl);
info.put("javax.net.ssl.keyStoreType", "jks");
info.put("javax.net.ssl.keyStore", "/path/to/mystore.jks");
info.put("javax.net.ssl.keyStorePassword", "changeit");
info.put("javax.net.ssl.trustStoreType", "jks");
info.put("javax.net.ssl.trustStore", "/path/to/truststore.jks");
info.put("javax.net.ssl.trustStorePassword", "changeit");
Connection conn = driver.connect("jdbc:kylin://" + url + "/" + projectName,
info);
Statement state = conn.createStatement();
ResultSet resultSet = state.executeQuery(sql);
while (resultSet.next()) {
int nCols = resultSet.getMetaData().getColumnCount();
for (int i = 1; i <= nCols; i++) {
System.out.print(resultSet.getString(i) + ",");
}
System.out.println();
}
{code}
> Enable JDBC to use key store & trust store for https connection
> ---
>
> Key: KYLIN-3867
> URL: https://issues.apache.org/jira/browse/KYLIN-3867
> Project: Kylin
> Issue Type: Improvement
>Reporter: Zhong Yanghong
>Assignee: Zhong Yanghong
>Priority: Major
>
> In some cases, JDBC clients need to pass its client cert & key to the
> downstream for authentication. Then the JDBC needs to create a connection
> with key store & trust store.
> {code}
> import java.io.BufferedReader;
> import java.io.InputStream;
> import java.io.InputStreamReader;
> import java.net.URL;
> import javax.net.ssl.HttpsURLConnection;
> import javax.net.ssl.SSLSocketFactory;
>
> public class SSLContextTest5 {
>
> public static void main( String[] args )
> throws Exception
> {
> System.setProperty("javax.net.ssl.keyStoreType", "jks");
> System.setProperty("javax.net.ssl.trustStoreType", "jks");
> System.setProperty("javax.net.ssl.keyStore",
> "/export/home/miweng/test2/mystore.jks");
> System.setProperty("javax.net.ssl.trustStore",
> "/export/home/miweng/test2/truststore.jks");
> System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
> System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
>
> //System.setProperty("https.protocols", "TLSv1.2");
>
> try {
> URL url = new URL( "https://manage-proxy.vip.xxx.com/ws/spf;);
> HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
>
> SSLSocketFactory sslsocketfactory = (SSLSocketFactory)
> SSLSocketFactory.getDefault();
> con.setSSLSocketFactory(sslsocketfactory);
> InputStream inputstream = con.getInputStream();
> InputStreamReader inputstreamreader = new
> InputStreamReader(inputstream);
> BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
>
> String string = null;
> while ((string = bufferedreader.readLine()) != null) {
> System.out.println("Received " + string);
> }
> } catch (Exception e) { e.printStackTrace(); }
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
