commit a7cf4a1f650a7af43b10d135a28a0843e50fa9e6
author Dmitry Lychagin <dmitry.lychagin@couchbase.com> Wed Oct 13 11:48:01 2021 -0700
committer Dmitry Lychagin <dmitry.lychagin@couchbase.com> Wed Oct 13 21:55:20 2021 +0000
tree 5be4c17415b50e16b6ca35a9996c4d0d22d60aa4
parent dd8616e3302fc7a6e6f9fb21f6235438380398a2

[NO ISSUE][JDBC] Preliminary support for SSL connections

- user model changes: no
- storage format changes: no
- interface changes: no

Details:
- Add 'ssl' driver property
- Add 'Require SSL' option to connect dialog

Change-Id: Ibd70661ed2a2a275e4a9096316fd981a5d297c40
Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb-clients/+/13686
Tested-by: Jenkins <jenkins@fulliautomatix.ics.uci.edu>
Reviewed-by: Ian Maxon <imaxon@uci.edu>

asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java

diff --git a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
index 7312861..4d454e6 100644
--- a/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
+++ b/asterixdb-jdbc/asterix-jdbc-core/src/main/java/org/apache/asterix/jdbc/core/ADBDriverProperty.java
@@ -43,7 +43,8 @@
         CATALOG_DATAVERSE_MODE("catalogDataverseMode", Integer::parseInt, 1, false), // 1 -> CATALOG, 2 -> CATALOG_SCHEMA
         CATALOG_INCLUDES_SCHEMALESS("catalogIncludesSchemaless", Boolean::parseBoolean, false, false),
         SQL_COMPAT_MODE("sqlCompatMode", Boolean::parseBoolean, true, false), // Whether user statements are executed in 'SQL-compat' mode
-        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, true);
+        ACTIVE_REQUESTS_PATH("activeRequestsPath", Function.identity(), null, true),
+        SSL("ssl", Boolean::parseBoolean, false, false);
 
         private final String propertyName;
 

asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java

diff --git a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
index 5bc0d9e..2f95b57 100644
--- a/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
+++ b/asterixdb-jdbc/asterix-jdbc-driver/src/main/java/org/apache/asterix/jdbc/ADBProtocol.java
@@ -103,12 +103,13 @@
     public ADBProtocol(String host, int port, Map<ADBDriverProperty, Object> params, ADBDriverContext driverContext)
             throws SQLException {
         super(driverContext, params);
-        URI queryEndpoint =
-                createEndpointUri(host, port, QUERY_SERVICE_ENDPOINT_PATH, driverContext.getErrorReporter());
+        boolean sslEnabled = (Boolean) ADBDriverProperty.Common.SSL.fetchPropertyValue(params);
+        URI queryEndpoint = createEndpointUri(sslEnabled, host, port, QUERY_SERVICE_ENDPOINT_PATH,
+                driverContext.getErrorReporter());
         URI queryResultEndpoint =
-                createEndpointUri(host, port, QUERY_RESULT_ENDPOINT_PATH, driverContext.getErrorReporter());
-        URI activeRequestsEndpoint =
-                createEndpointUri(host, port, getActiveRequestsEndpointPath(params), driverContext.getErrorReporter());
+                createEndpointUri(sslEnabled, host, port, QUERY_RESULT_ENDPOINT_PATH, driverContext.getErrorReporter());
+        URI activeRequestsEndpoint = createEndpointUri(sslEnabled, host, port, getActiveRequestsEndpointPath(params),
+                driverContext.getErrorReporter());
 
         PoolingHttpClientConnectionManager httpConnectionManager = new PoolingHttpClientConnectionManager();
         int maxConnections = Math.max(16, Runtime.getRuntime().availableProcessors());
@@ -437,10 +438,10 @@
         }
     }
 
-    private static URI createEndpointUri(String host, int port, String path, ADBErrorReporter errorReporter)
-            throws SQLException {
+    private static URI createEndpointUri(boolean sslEnabled, String host, int port, String path,
+            ADBErrorReporter errorReporter) throws SQLException {
         try {
-            return new URI("http", null, host, port, path, null, null);
+            return new URI(sslEnabled ? "https" : "http", null, host, port, path, null, null);
         } catch (URISyntaxException e) {
             throw errorReporter.errorParameterValueNotSupported("endpoint " + host + ":" + port);
         }

asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml

diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
index 8242f66..e200852 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connection-fields.xml
@@ -43,4 +43,11 @@
     </conditions>
   </field>
 
+  <field name="sslmode" label="Require SSL" value-type="boolean" category="general" default-value="" >
+    <boolean-options>
+      <false-value value="" />
+      <true-value value="require" />
+    </boolean-options>
+  </field>
+
 </connection-fields>
\ No newline at end of file

asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js

diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
index 42265f7..77b0d35 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionProperties.js
@@ -20,6 +20,9 @@
     var props = {};
     props["user"] = attr[connectionHelper.attributeUsername];
     props["password"] = attr[connectionHelper.attributePassword];
+    if (attr[connectionHelper.attributeSSLMode] == "require") {
+        props["ssl"] = "true";
+    }
     ${taco.plugin.jdbc.properties.aux}
     return props;
 })

asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr

diff --git a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
index 95d4fc2..48543c0 100644
--- a/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
+++ b/asterixdb-jdbc/asterix-jdbc-taco/src/main/taco/plugins/asterixdb_jdbc/connectionResolver.tdr
@@ -30,6 +30,7 @@
           <attr>authentication</attr>
           <attr>username</attr>
           <attr>password</attr>
+          <attr>sslmode</attr>
         </attribute-list>
       </required-attributes>
     </connection-normalizer>