This is an automated email from the ASF dual-hosted git repository. zregvart pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/camel.git
commit 259b38a2c9caaf725ec0329808f16e12e9668297 Author: Zoran Regvart <[email protected]> AuthorDate: Wed Aug 22 12:52:42 2018 +0200 CAMEL-12748: add support for SSLContextParamete... ...rs in Netty4 and Restlet components This adds support for setting `SSLContextParameters` directly on `camel-netty4` (and by extension `camel-netty4-http`) and `camel-restlet` components. --- .../src/main/docs/netty4-http-component.adoc | 11 ++++++----- components/camel-netty4/src/main/docs/netty4-component.adoc | 3 ++- .../org/apache/camel/component/netty4/NettyComponent.java | 10 ++++++++++ .../camel-restlet/src/main/docs/restlet-component.adoc | 7 ++++--- .../apache/camel/component/restlet/RestletComponent.java | 13 ++++++++++++- .../http/springboot/NettyHttpComponentConfiguration.java | 13 +++++++++++++ .../netty4/springboot/NettyComponentConfiguration.java | 13 +++++++++++++ .../restlet/springboot/RestletComponentConfiguration.java | 13 +++++++++++++ 8 files changed, 73 insertions(+), 10 deletions(-) diff --git a/components/camel-netty4-http/src/main/docs/netty4-http-component.adoc b/components/camel-netty4-http/src/main/docs/netty4-http-component.adoc index c4455d7..551c438 100644 --- a/components/camel-netty4-http/src/main/docs/netty4-http-component.adoc +++ b/components/camel-netty4-http/src/main/docs/netty4-http-component.adoc @@ -76,7 +76,7 @@ related to UDP transport. // component options: START -The Netty4 HTTP component supports 8 options, which are listed below. +The Netty4 HTTP component supports 9 options, which are listed below. @@ -90,6 +90,7 @@ The Netty4 HTTP component supports 8 options, which are listed below. | *useGlobalSslContext Parameters* (security) | Enable usage of global SSL context parameters. | false | boolean | *maximumPoolSize* (advanced) | The thread pool size for the EventExecutorGroup if its in use. The default value is 16. | 16 | int | *executorService* (advanced) | To use the given EventExecutorGroup. | | EventExecutorGroup +| *sslContextParameters* (security) | To configure security using SSLContextParameters | | SSLContextParameters | *resolveProperty Placeholders* (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean |=== // component options: END @@ -135,7 +136,7 @@ with the following path and query parameters: | *disconnect* (common) | Whether or not to disconnect(close) from Netty Channel right after use. Can be used for both consumer and producer. | false | boolean | *keepAlive* (common) | Setting to ensure socket is not closed due to inactivity | true | boolean | *reuseAddress* (common) | Setting to facilitate socket multiplexing | true | boolean -| *reuseChannel* (common) | This option allows producers and consumers (in client mode) to reuse the same Netty Channel for the lifecycle of processing the Exchange. This is useful if you need to call a server multiple times in a Camel route and want to use the same network connection. When using this, the channel is not returned to the connection pool until the Exchange is done; or disconnected if the disconnect option is set to true. The reused Channel is stored on the Exchange as an e [...] +| *reuseChannel* (common) | This option allows producers and consumers (in client mode) to reuse the same Netty Channel for the lifecycle of processing the Exchange. This is useful if you need to call a server multiple times in a Camel route and want to use the same network connection. When using this, the channel is not returned to the connection pool until the Exchange is done; or disconnected if the disconnect option is set to true. The reused Channel is stored on the Exchange as an e [...] | *sync* (common) | Setting to set endpoint as one-way or request-response | true | boolean | *tcpNoDelay* (common) | Setting to improve TCP protocol performance | true | boolean | *bridgeErrorHandler* (consumer) | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | boolean @@ -178,7 +179,7 @@ with the following path and query parameters: | *bootstrapConfiguration* (advanced) | To use a custom configured NettyServerBootstrapConfiguration for configuring this endpoint. | | NettyServerBootstrap Configuration | *channelGroup* (advanced) | To use a explicit ChannelGroup. | | ChannelGroup | *configuration* (advanced) | To use a custom configured NettyHttpConfiguration for configuring this endpoint. | | NettyHttpConfiguration -| *disableStreamCache* (advanced) | Determines whether or not the raw input stream from Netty HttpRequest#getContent() or HttpResponset#getContent() is cached or not (Camel will read the stream into a in light-weight memory based Stream caching) cache. By default Camel will cache the Netty input stream to support reading it multiple times to ensure it Camel can retrieve all data from the stream. However you can set this option to true when you for example need to access the raw stream, s [...] +| *disableStreamCache* (advanced) | Determines whether or not the raw input stream from Netty HttpRequestgetContent() or HttpResponsetgetContent() is cached or not (Camel will read the stream into a in light-weight memory based Stream caching) cache. By default Camel will cache the Netty input stream to support reading it multiple times to ensure it Camel can retrieve all data from the stream. However you can set this option to true when you for example need to access the raw stream, suc [...] | *headerFilterStrategy* (advanced) | To use a custom org.apache.camel.spi.HeaderFilterStrategy to filter headers. | | HeaderFilterStrategy | *nativeTransport* (advanced) | Whether to use native transport instead of NIO. Native transport takes advantage of the host operating system and is only supported on some platforms. You need to add the netty JAR for the host operating system you are using. See more details at: http://netty.io/wiki/native-transports.html | false | boolean | *nettyHttpBinding* (advanced) | To use a custom org.apache.camel.component.netty4.http.NettyHttpBinding for binding to/from Netty and Camel Message API. | | NettyHttpBinding @@ -192,9 +193,9 @@ with the following path and query parameters: | *workerCount* (advanced) | When netty works on nio mode, it uses default workerCount parameter from Netty, which is cpu_core_threads x 2. User can use this operation to override the default workerCount from Netty. | | int | *workerGroup* (advanced) | To use a explicit EventLoopGroup as the boss thread pool. For example to share a thread pool with multiple consumers or producers. By default each consumer or producer has their own worker pool with 2 x cpu count core threads. | | EventLoopGroup | *decoder* (codec) | *Deprecated* To use a single decoder. This options is deprecated use encoders instead. | | ChannelHandler -| *decoders* (codec) | A list of decoders to be used. You can use a String which have values separated by comma, and have the values be looked up in the Registry. Just remember to prefix the value with # so Camel knows it should lookup. | | String +| *decoders* (codec) | A list of decoders to be used. You can use a String which have values separated by comma, and have the values be looked up in the Registry. Just remember to prefix the value with so Camel knows it should lookup. | | String | *encoder* (codec) | *Deprecated* To use a single encoder. This options is deprecated use encoders instead. | | ChannelHandler -| *encoders* (codec) | A list of encoders to be used. You can use a String which have values separated by comma, and have the values be looked up in the Registry. Just remember to prefix the value with # so Camel knows it should lookup. | | String +| *encoders* (codec) | A list of encoders to be used. You can use a String which have values separated by comma, and have the values be looked up in the Registry. Just remember to prefix the value with so Camel knows it should lookup. | | String | *enabledProtocols* (security) | Which protocols to enable when using SSL | TLSv1,TLSv1.1,TLSv1.2 | String | *keyStoreFile* (security) | Client side certificate keystore to be used for encryption | | File | *keyStoreFormat* (security) | Keystore format to be used for payload encryption. Defaults to JKS if not set | | String diff --git a/components/camel-netty4/src/main/docs/netty4-component.adoc b/components/camel-netty4/src/main/docs/netty4-component.adoc index a6755f1..ec349df 100644 --- a/components/camel-netty4/src/main/docs/netty4-component.adoc +++ b/components/camel-netty4/src/main/docs/netty4-component.adoc @@ -50,7 +50,7 @@ You can append query options to the URI in the following format, === Options // component options: START -The Netty4 component supports 5 options, which are listed below. +The Netty4 component supports 6 options, which are listed below. @@ -61,6 +61,7 @@ The Netty4 component supports 5 options, which are listed below. | *configuration* (advanced) | To use the NettyConfiguration as configuration when creating endpoints. | | NettyConfiguration | *executorService* (advanced) | To use the given EventExecutorGroup. | | EventExecutorGroup | *useGlobalSslContext Parameters* (security) | Enable usage of global SSL context parameters. | false | boolean +| *sslContextParameters* (security) | To configure security using SSLContextParameters | | SSLContextParameters | *resolveProperty Placeholders* (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean |=== // component options: END diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java index 676bfd2..a4a3169 100644 --- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java +++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java @@ -31,6 +31,7 @@ import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; import org.apache.camel.util.IntrospectionSupport; import org.apache.camel.util.concurrent.CamelThreadFactory; +import org.apache.camel.util.jsse.SSLContextParameters; public class NettyComponent extends UriEndpointComponent implements SSLContextParametersAware { @@ -140,6 +141,15 @@ public class NettyComponent extends UriEndpointComponent implements SSLContextPa this.useGlobalSslContextParameters = useGlobalSslContextParameters; } + @Metadata(description = "To configure security using SSLContextParameters", label = "security") + public void setSslContextParameters(final SSLContextParameters sslContextParameters) { + if (configuration == null) { + configuration = new NettyConfiguration(); + } + + configuration.setSslContextParameters(sslContextParameters); + } + public EventExecutorGroup getExecutorService() { return executorService; } diff --git a/components/camel-restlet/src/main/docs/restlet-component.adoc b/components/camel-restlet/src/main/docs/restlet-component.adoc index dd3b9cc..6e77886 100644 --- a/components/camel-restlet/src/main/docs/restlet-component.adoc +++ b/components/camel-restlet/src/main/docs/restlet-component.adoc @@ -63,7 +63,7 @@ option. // component options: START -The Restlet component supports 22 options, which are listed below. +The Restlet component supports 23 options, which are listed below. @@ -84,13 +84,14 @@ The Restlet component supports 22 options, which are listed below. | *pipeliningConnections* (consumer) | Indicates if pipelining connections are supported. | | Boolean | *threadMaxIdleTimeMs* (consumer) | Time for an idle thread to wait for an operation before being collected. | | Integer | *useForwardedForHeader* (consumer) | Lookup the X-Forwarded-For header supported by popular proxies and caches and uses it to populate the Request.getClientAddresses() method result. This information is only safe for intermediary components within your local network. Other addresses could easily be changed by setting a fake header and should not be trusted for serious security checks. | | Boolean -| *reuseAddress* (consumer) | Enable/disable the SO_REUSEADDR socket option. See java.io.ServerSocket#reuseAddress property for additional details. | | Boolean +| *reuseAddress* (consumer) | Enable/disable the SO_REUSEADDR socket option. See java.io.ServerSocketreuseAddress property for additional details. | | Boolean | *maxQueued* (consumer) | Maximum number of calls that can be queued if there aren't any worker thread available to service them. If the value is '0', then no queue is used and calls are rejected if no worker thread is immediately available. If the value is '-1', then an unbounded queue is used and calls are never rejected. | | Integer | *disableStreamCache* (consumer) | Determines whether or not the raw input stream from Restlet is cached or not (Camel will read the stream into a in memory/overflow to file, Stream caching) cache. By default Camel will cache the Restlet input stream to support reading it multiple times to ensure Camel can retrieve all data from the stream. However you can set this option to true when you for example need to access the raw stream, such as streaming it directly to a file or other persist [...] | *port* (consumer) | To configure the port number for the restlet consumer routes. This allows to configure this once to reuse the same port for these consumers. | | int | *synchronous* (producer) | Whether to use synchronous Restlet Client for the producer. Setting this option to true can yield faster performance as it seems the Restlet synchronous Client works better. | | Boolean | *enabledConverters* (advanced) | A list of converters to enable as full class name or simple class name. All the converters automatically registered are enabled if empty or null | | List | *useGlobalSslContext Parameters* (security) | Enable usage of global SSL context parameters. | false | boolean +| *sslContextParameters* (security) | To configure security using SSLContextParameters | | SSLContextParameters | *resolveProperty Placeholders* (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean |=== // component options: END @@ -132,7 +133,7 @@ with the following path and query parameters: | *disableStreamCache* (consumer) | Determines whether or not the raw input stream from Restlet is cached or not (Camel will read the stream into a in memory/overflow to file, Stream caching) cache. By default Camel will cache the Restlet input stream to support reading it multiple times to ensure Camel can retrieve all data from the stream. However you can set this option to true when you for example need to access the raw stream, such as streaming it directly to a file or other persist [...] | *exceptionHandler* (consumer) | To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this options is not in use. By default the consumer will deal with exceptions, that will be logged at WARN or ERROR level and ignored. | | ExceptionHandler | *exchangePattern* (consumer) | Sets the exchange pattern when the consumer creates an exchange. | | ExchangePattern -| *restletUriPatterns* (consumer) | *Deprecated* Specify one ore more URI templates to be serviced by a restlet consumer endpoint, using the # notation to reference a List in the Camel Registry. If a URI pattern has been defined in the endpoint URI, both the URI pattern defined in the endpoint and the restletUriPatterns option will be honored. | | List +| *restletUriPatterns* (consumer) | *Deprecated* Specify one ore more URI templates to be serviced by a restlet consumer endpoint, using the notation to reference a List in the Camel Registry. If a URI pattern has been defined in the endpoint URI, both the URI pattern defined in the endpoint and the restletUriPatterns option will be honored. | | List | *connectTimeout* (producer) | The Client will give up connection if the connection is timeout, 0 for unlimited wait. | 30000 | int | *cookieHandler* (producer) | Configure a cookie handler to maintain a HTTP session | | CookieHandler | *socketTimeout* (producer) | The Client socket receive timeout, 0 for unlimited wait. | 30000 | int diff --git a/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java b/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java index 68585e7..15752f9 100644 --- a/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java +++ b/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java @@ -45,6 +45,7 @@ import org.apache.camel.util.HostUtils; import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.URISupport; +import org.apache.camel.util.jsse.SSLContextParameters; import org.restlet.Component; import org.restlet.Restlet; import org.restlet.data.ChallengeScheme; @@ -111,6 +112,7 @@ public class RestletComponent extends DefaultComponent implements RestConsumerFa private boolean useGlobalSslContextParameters; @Metadata(label = "filter", description = "To use a custom org.apache.camel.spi.HeaderFilterStrategy to filter header to and from Camel message.") private HeaderFilterStrategy headerFilterStrategy; + private SSLContextParameters sslContextParameters; public RestletComponent() { this(new Component()); @@ -190,7 +192,11 @@ public class RestletComponent extends DefaultComponent implements RestConsumerFa } if (result.getSslContextParameters() == null) { - result.setSslContextParameters(retrieveGlobalSslContextParameters()); + if (sslContextParameters == null) { + result.setSslContextParameters(retrieveGlobalSslContextParameters()); + } else { + result.setSslContextParameters(sslContextParameters); + } } // any additional query parameters from parameters then we need to include them as well @@ -697,6 +703,11 @@ public class RestletComponent extends DefaultComponent implements RestConsumerFa this.useGlobalSslContextParameters = useGlobalSslContextParameters; } + @Metadata(description = "To configure security using SSLContextParameters", label = "security") + public void setSslContextParameters(final SSLContextParameters sslContextParameters) { + this.sslContextParameters = sslContextParameters; + } + @Override public Consumer createConsumer(CamelContext camelContext, Processor processor, String verb, String basePath, String uriTemplate, String consumes, String produces, RestConfiguration configuration, Map<String, Object> parameters) throws Exception { diff --git a/platforms/spring-boot/components-starter/camel-netty4-http-starter/src/main/java/org/apache/camel/component/netty4/http/springboot/NettyHttpComponentConfiguration.java b/platforms/spring-boot/components-starter/camel-netty4-http-starter/src/main/java/org/apache/camel/component/netty4/http/springboot/NettyHttpComponentConfiguration.java index 37d83b1..beb8a87 100644 --- a/platforms/spring-boot/components-starter/camel-netty4-http-starter/src/main/java/org/apache/camel/component/netty4/http/springboot/NettyHttpComponentConfiguration.java +++ b/platforms/spring-boot/components-starter/camel-netty4-http-starter/src/main/java/org/apache/camel/component/netty4/http/springboot/NettyHttpComponentConfiguration.java @@ -75,6 +75,11 @@ public class NettyHttpComponentConfiguration */ private String executorService; /** + * To configure security using SSLContextParameters. The option is a + * org.apache.camel.util.jsse.SSLContextParameters type. + */ + private String sslContextParameters; + /** * Whether the component should resolve property placeholders on itself when * starting. Only properties which are of String type can use property * placeholders. @@ -140,6 +145,14 @@ public class NettyHttpComponentConfiguration this.executorService = executorService; } + public String getSslContextParameters() { + return sslContextParameters; + } + + public void setSslContextParameters(String sslContextParameters) { + this.sslContextParameters = sslContextParameters; + } + public Boolean getResolvePropertyPlaceholders() { return resolvePropertyPlaceholders; } diff --git a/platforms/spring-boot/components-starter/camel-netty4-starter/src/main/java/org/apache/camel/component/netty4/springboot/NettyComponentConfiguration.java b/platforms/spring-boot/components-starter/camel-netty4-starter/src/main/java/org/apache/camel/component/netty4/springboot/NettyComponentConfiguration.java index baf14e5..d629448 100644 --- a/platforms/spring-boot/components-starter/camel-netty4-starter/src/main/java/org/apache/camel/component/netty4/springboot/NettyComponentConfiguration.java +++ b/platforms/spring-boot/components-starter/camel-netty4-starter/src/main/java/org/apache/camel/component/netty4/springboot/NettyComponentConfiguration.java @@ -71,6 +71,11 @@ public class NettyComponentConfiguration */ private Boolean useGlobalSslContextParameters = false; /** + * To configure security using SSLContextParameters. The option is a + * org.apache.camel.util.jsse.SSLContextParameters type. + */ + private String sslContextParameters; + /** * Whether the component should resolve property placeholders on itself when * starting. Only properties which are of String type can use property * placeholders. @@ -111,6 +116,14 @@ public class NettyComponentConfiguration this.useGlobalSslContextParameters = useGlobalSslContextParameters; } + public String getSslContextParameters() { + return sslContextParameters; + } + + public void setSslContextParameters(String sslContextParameters) { + this.sslContextParameters = sslContextParameters; + } + public Boolean getResolvePropertyPlaceholders() { return resolvePropertyPlaceholders; } diff --git a/platforms/spring-boot/components-starter/camel-restlet-starter/src/main/java/org/apache/camel/component/restlet/springboot/RestletComponentConfiguration.java b/platforms/spring-boot/components-starter/camel-restlet-starter/src/main/java/org/apache/camel/component/restlet/springboot/RestletComponentConfiguration.java index 97424e1..7a2a759 100644 --- a/platforms/spring-boot/components-starter/camel-restlet-starter/src/main/java/org/apache/camel/component/restlet/springboot/RestletComponentConfiguration.java +++ b/platforms/spring-boot/components-starter/camel-restlet-starter/src/main/java/org/apache/camel/component/restlet/springboot/RestletComponentConfiguration.java @@ -147,6 +147,11 @@ public class RestletComponentConfiguration */ private Boolean useGlobalSslContextParameters = false; /** + * To configure security using SSLContextParameters. The option is a + * org.apache.camel.util.jsse.SSLContextParameters type. + */ + private String sslContextParameters; + /** * Whether the component should resolve property placeholders on itself when * starting. Only properties which are of String type can use property * placeholders. @@ -322,6 +327,14 @@ public class RestletComponentConfiguration this.useGlobalSslContextParameters = useGlobalSslContextParameters; } + public String getSslContextParameters() { + return sslContextParameters; + } + + public void setSslContextParameters(String sslContextParameters) { + this.sslContextParameters = sslContextParameters; + } + public Boolean getResolvePropertyPlaceholders() { return resolvePropertyPlaceholders; }
