[
https://issues.apache.org/jira/browse/CAMEL-18926?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17684627#comment-17684627
]
Raymond commented on CAMEL-18926:
---------------------------------
The migration guide from 3.19.x to 3.20.x states that:
"The {{org.apache.camel.support.jsse.SSLContextParameters}} is now using
{{ResourceLoader}} from {{CamelContext}} to load keystore and other resources
in a standard way. Therefore, the {{SSLContextParameters}} now must have been
pre-configured with a {{CamelContext}} otherwise an exception is thrown. This
also changes the default resource type from file to classpath. If using a file
resource for a keystore and the keystore is not found, or entries/aliases
aren’t found, try explicitly specifying the file resource type, .e.g
{{{}file:myKeystore.jks{}}}."
The thing that caused the issue was that since 3.20.x the 'classpath' is the
default resource instead of a file resource.
This was possible in 3.19.x and earlier
{code:java}
KeyStoreParameters keystoreParameters = new KeyStoreParameters();
keystoreParameters.setResource("C:/path/to/keystore.jks");
keystoreParameters.setPassword(keystorePassword);
{code}
>From 3.20.x:
{code:java}
KeyStoreParameters keystoreParameters = new KeyStoreParameters();
keystoreParameters.setResource("file:C:/path/to/keystore.jks");
keystoreParameters.setPassword(keystorePassword);
{code}
After that it works.
Some remarks:
1. To be honest I overlooked it in the migration guide, because I only spotted
'camel-api'. Maybe something like camel-api (JSSE Utility) could be helpful.
2. It's also not clear what the difference for the user should be in the code
from the explanation in the migration guide. Can we still use the same code as
in 3.19? Or is something deprecated?
If the code to create SSL changed than an example in the migration guide would
be helpful
{code:java}
// This is valid old code
theOldcode
// This is valid old code
theNewcode {code}
3. Loading the SSLContextParameters
Based on the previous remark, I am uncertain if I can still load the ssl
parameters like this:
{code:java}
context.setSSLContextParameters(sslContextParameters);{code}
Or should I load the SSLContext parameters like this (as in the documentation
of the JSSE Utility):
{code:java}
SSLContext sslContext = sslContextParameters.createSSLContext(context);
SSLEngine engine = sslContext.createSSLEngine(); {code}
The difference between first and second example, is that in first it fails when
using SSL (for example by Jetty), while in the second case it immediately fails
while loading the SSLContextParameters.
4. Documentation: Classpath or file?
Currently, it's unclear from the documentation
([https://camel.apache.org/manual/camel-configuration-utilities.html]) that the
classpath is now the default. For example the documentation says:
{code:java}
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("/users/home/server/keystore.jks");
ksp.setPassword("keystorePassword");
{code}
Would be better to change the example to:
{code:java}
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("file:/users/home/server/keystore.jks");
ksp.setPassword("keystorePassword");
{code}
Or make clearer that keystore file comes from the classpath by default.
5. Classpath or file?
In my experience, it makes no sense to put the Java keystore on the classpath.
This assumes that the ones who develop and uses, is the same person and that
bringing it to prod goes fast. Mostly only the developer calls a keystore file
and then the maintainer provides this file. This file can be different for
every environment (test, prod etc) and can change (for example because the
certificate is expired). In this case the maintainer needs to be able to
replace the certificate himself (without hacking the default JDK keystore). So
probably the default way to load a keystore could be:
{code:java}
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setFile(new File(/users/home/server/keystore.jks"));
{code}
Alternative you could check if the file is on the classpath and if not, the
resourcesloader assumes that it's a file.
For me it's clear now, but maybe my remarks can be used to make it more
fool-proof and improve the documentation.
> Fails to load route: Cannot find a ResourceResolver in classpath supporting
> the scheme: C
> -----------------------------------------------------------------------------------------
>
> Key: CAMEL-18926
> URL: https://issues.apache.org/jira/browse/CAMEL-18926
> Project: Camel
> Issue Type: Bug
> Components: came-core, camel-jetty
> Affects Versions: 3.20.1
> Reporter: Raymond
> Priority: Minor
>
> I use the routeloader to load an XML route:
> {code:java}
> loader.loadRoutes(List.of(resource));{code}
> To load the following route:
> {code:java}
> <route id="ID_627a57f538c74a000e00060a-ID_1234"
> routeConfigurationId="ID_627a57f538c74a000e00060a">
> <from
> uri="jetty:https://0.0.0.0:9001/1/myurl?sslContextParameters=sslContext"/>
> <to uri="log:mylogs"/>
> </route>{code}
> In Camel 3.19.0 this is the result:
> {code:java}
> 2023-01-15 19:48:44.017 INFO 4060 --- [pool-2-thread-1]
> org.eclipse.jetty.server.Server : jetty-9.4.50.v20221201; built:
> 2022-12-01T22:07:03.915Z; git: da9a0b30691a45daf90a9f17b5defa2f1434f882; jvm
> 11.0.17+8
> 2023-01-15 19:48:44.019 INFO 4060 --- [pool-2-thread-1]
> o.e.jetty.server.handler.ContextHandler : Started
> o.e.j.s.ServletContextHandler@6ce218de{/,null,AVAILABLE}
> 2023-01-15 19:48:44.043 INFO 4060 --- [pool-2-thread-1]
> o.e.jetty.server.AbstractConnector : Started
> ServerConnector@52c18885{ssl, (ssl, http/1.1)}{0.0.0.0:9001}{code}
> In Camel 3.20.1 this is the result:
> {code:java}
> org.apache.camel.RuntimeCamelException: java.lang.IllegalArgumentException:
> Cannot find a ResourceResolver in classpath supporting the scheme: C
> at
> org.apache.camel.component.jetty.JettyHttpComponent.createConnector(JettyHttpComponent.java:606)
> at
> org.apache.camel.component.jetty.JettyHttpComponent.getSslSocketConnector(JettyHttpComponent.java:586)
> at
> org.apache.camel.component.jetty.JettyHttpComponent.getConnector(JettyHttpComponent.java:562)
> at
> org.apache.camel.component.jetty.JettyHttpComponent.connect(JettyHttpComponent.java:319)
> at
> org.apache.camel.http.common.HttpCommonEndpoint.connect(HttpCommonEndpoint.java:186)
> at
> org.apache.camel.http.common.HttpConsumer.doStart(HttpConsumer.java:58)
> at
> org.apache.camel.component.jetty.JettyHttpConsumer.doStart(JettyHttpConsumer.java:31)
> at
> org.apache.camel.support.service.BaseService.start(BaseService.java:119)
> at
> org.apache.camel.support.service.ServiceHelper.startService(ServiceHelper.java:113)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.startService(AbstractCamelContext.java:3740)
> at
> org.apache.camel.impl.engine.InternalRouteStartupManager.doStartOrResumeRouteConsumers(InternalRouteStartupManager.java:401)
> at
> org.apache.camel.impl.engine.InternalRouteStartupManager.doStartRouteConsumers(InternalRouteStartupManager.java:319)
> at
> org.apache.camel.impl.engine.InternalRouteStartupManager.safelyStartRouteServices(InternalRouteStartupManager.java:213)
> at
> org.apache.camel.impl.engine.InternalRouteStartupManager.safelyStartRouteServices(InternalRouteStartupManager.java:240)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.startRouteService(AbstractCamelContext.java:3786)
> at
> org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:941)
> at
> org.apache.camel.impl.DefaultModel.addRouteDefinitions(DefaultModel.java:249)
> at
> org.apache.camel.impl.DefaultCamelContext.addRouteDefinitions(DefaultCamelContext.java:367)
> at
> org.apache.camel.builder.RouteBuilder.populateRoutes(RouteBuilder.java:775)
> at
> org.apache.camel.builder.RouteBuilder.addRoutesToCamelContext(RouteBuilder.java:613)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.addRoutes(AbstractCamelContext.java:1201)
> at org.apache.camel.spi.RoutesLoader.loadRoutes(RoutesLoader.java:61)
> at org.assimbly.dil.loader.FlowLoader.loadStep(FlowLoader.java:219)
> {code}
> Outside the change of the Camel version, the classpath is the same. I'm not
> sure if this only related to Jetty, but with that component/route I ran into
> this issue.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
