SSLTransportNetty4.java example

Explorer

elasticsearch-readonlyrest-plugin-master
- src
  - main
    - java
      - org
        elasticsearch
        plugin
        readonlyrest
        Constants.java
        ESContext.java
        SecurityPermissionException.java
        acl
        ACL.java
        BlockHistory.java
        BlockPolicy.java
        blocks
        Block.java
        BlockExitResult.java
        rules
        AsyncAuthentication.java
        AsyncAuthorization.java
        AsyncRule.java
        AsyncRuleAdapter.java
        BasicAuthentication.java
        CachedAsyncAuthenticationDecorator.java
        CachedAsyncAuthorizationDecorator.java
        Rule.java
        RuleExitResult.java
        RulesFactory.java
        RulesOrdering.java
        SyncRule.java
        UserRule.java
        UserRuleFactory.java
        impl
        ActionsSyncRule.java
        ApiKeysSyncRule.java
        AuthKeyHashingRule.java
        AuthKeySha1SyncRule.java
        AuthKeySha256SyncRule.java
        AuthKeySyncRule.java
        ExternalAuthenticationAsyncRule.java
        GroupsProviderAuthorizationAsyncRule.java
        GroupsSyncRule.java
        HostsSyncRule.java
        IndexLevelSecuritySyncRule.java
        IndicesRewriteSyncRule.java
        IndicesSyncRule.java
        KibanaAccessSyncRule.java
        KibanaHideAppsSyncRule.java
        LdapAuthAsyncRule.java
        LdapAuthenticationAsyncRule.java
        LdapAuthorizationAsyncRule.java
        MaxBodyLengthSyncRule.java
        MethodsSyncRule.java
        ProxyAuthSyncRule.java
        SearchlogSyncRule.java
        SessionCookie.java
        SessionMaxIdleSyncRule.java
        UriReSyncRule.java
        XForwardedForSyncRule.java
        phantomtypes
        Authentication.java
        Authorization.java
        definitions
        DefinitionsFactory.java
        externalauthenticationservices
        CachedExternalAuthenticationServiceClient.java
        ExternalAuthenticationServiceClient.java
        ExternalAuthenticationServiceClientFactory.java
        ExternalAuthenticationServiceHttpClient.java
        groupsproviders
        CachedGroupsProviderServiceClient.java
        GroupsProviderServiceClient.java
        GroupsProviderServiceClientFactory.java
        GroupsProviderServiceHttpClient.java
        ldaps
        AuthenticationLdapClient.java
        BaseLdapClient.java
        GroupsProviderLdapClient.java
        LdapClientException.java
        LdapClientFactory.java
        LdapCredentials.java
        LdapGroup.java
        LdapUser.java
        caching
        AuthenticationLdapClientCacheDecorator.java
        GroupsProviderLdapClientCacheDecorator.java
        logging
        AuthenticationLdapClientLoggingDecorator.java
        GroupsProviderLdapClientLoggingDecorator.java
        unboundid
        ConnectionConfig.java
        LdapSearchError.java
        SearchingUserConfig.java
        UnboundidAuthenticationLdapClient.java
        UnboundidBaseLdapClient.java
        UnboundidConnection.java
        UnboundidGroupsProviderLdapClient.java
        UnboundidSearchResultListener.java
        UserGroupsSearchFilterConfig.java
        UserSearchFilterConfig.java
        users
        User.java
        UserFactory.java
        domain
        Const.java
        HttpMethod.java
        IPMask.java
        KibanaAccess.java
        LoggedUser.java
        MatcherWithWildcards.java
        Value.java
        Variable.java
        Verbosity.java
        configuration
        ReloadableSettings.java
        SettingsContentProvider.java
        es
        AllowedSettings.java
        ESClientSettingsContentProvider.java
        ESContextImpl.java
        ESHttpClientFactory.java
        IndexLevelActionFilter.java
        ReadonlyRestPlugin.java
        ReloadableSettingsImpl.java
        SSLTransportNetty4.java
        ThreadRepo.java
        actionlisteners
        ACLActionListener.java
        IndexLevelSecuritySyncRuleActionListener.java
        IndicesRewriteSyncRuleActionListener.java
        RuleActionListener.java
        RuleActionListenersProvider.java
        SearchlogSyncRuleActionListener.java
        requestcontext
        RCTransactionalIndices.java
        RequestContextImpl.java
        SubRCTransactionalIndices.java
        SubRequestContext.java
        rradmin
        RRAdminAction.java
        RRAdminRequest.java
        RRAdminRequestBuilder.java
        RRAdminResponse.java
        TransportRRAdminAction.java
        rest
        RestRRAdminAction.java
        settings
        ssl
        ESDisabledSslSettings.java
        ESEnabledSslSettings.java
        ESSslSettings.java
        httpclient
        HttpClient.java
        HttpClientConfig.java
        HttpClientFactory.java
        HttpRequest.java
        HttpResponse.java
        requestcontext
        Delayed.java
        IndicesRequestContext.java
        RCUtils.java
        RequestContext.java
        Transactional.java
        VariablesManager.java
        settings
        AuthKeyProviderSettings.java
        AuthMethodCreatorsRegistry.java
        BlockSettings.java
        ESSettings.java
        RawSettings.java
        RorSettings.java
        RuleSettings.java
        RulesSettingsCreatorsRegistry.java
        SettingsMalformedException.java
        definitions
        AuthenticationLdapSettings.java
        ExternalAuthenticationServiceSettings.java
        ExternalAuthenticationServiceSettingsCollection.java
        GroupsProviderLdapSettings.java
        LdapSettings.java
        LdapSettingsCollection.java
        ProxyAuthDefinitionSettings.java
        ProxyAuthDefinitionSettingsCollection.java
        UserGroupsProviderSettings.java
        UserGroupsProviderSettingsCollection.java
        UserSettings.java
        UserSettingsCollection.java
        rules
        ActionsRuleSettings.java
        ApiKeysRuleSettings.java
        AuthKeyPlainTextRuleSettings.java
        AuthKeyRuleSettings.java
        AuthKeySha1RuleSettings.java
        AuthKeySha256RuleSettings.java
        CacheSettings.java
        ExternalAuthenticationRuleSettings.java
        GroupsProviderAuthorizationRuleSettings.java
        GroupsRuleSettings.java
        HostsRuleSettings.java
        IndicesRewriteRuleSettings.java
        IndicesRuleSettings.java
        KibanaAccessRuleSettings.java
        KibanaHideAppsRuleSettings.java
        LdapAuthRuleSettings.java
        LdapAuthenticationRuleSettings.java
        LdapAuthorizationRuleSettings.java
        MaxBodyLengthRuleSettings.java
        MethodsRuleSettings.java
        NamedSettings.java
        ProxyAuthRuleSettings.java
        SearchlogRuleSettings.java
        SessionMaxIdleRuleSettings.java
        UriReRuleSettings.java
        XForwardedForRuleSettings.java
        ssl
        DisabledSslSettings.java
        EnabledSslSettings.java
        SslSettings.java
        impl
        YamlDisabledSslSettings.java
        YamlEnabledSslSettings.java
        YamlSslSettings.java
        ssl
        SSLEngineProvider.java
        utils
        BasicAuthUtils.java
        FuturesSequencer.java
        ReflecUtils.java
        RulesUtils.java
  - test
    - java
      - org
        elasticsearch
        plugin
        readonlyrest
        acl
        blocks
        BlockTest.java
        rules
        CachedAsyncAuthenticationDecoratorTests.java
        CachedAsyncAuthorizationDecoratorTests.java
        impl
        ApiKeysRuleTests.java
        AuthKeyRuleTests.java
        AuthKeySha1RuleTests.java
        AuthKeySha256RuleTests.java
        GroupsProviderAuthorizationAsyncRuleTests.java
        IndicesRewriteRuleTests.java
        IndicesRuleTests.java
        KibanaAccessRuleTests.java
        LdapAuthAsyncRuleTests.java
        LdapAuthenticationAsyncRuleTests.java
        LdapAuthorizationAsyncRuleTests.java
        MatcherWithWildcardsTests.java
        MaxBodyLengthRuleTests.java
        MethodsRuleTests.java
        ProxyAuthRuleTests.java
        definitions
        ldaps
        LdapClientWithCacheDecoratorTests.java
        UnboundidAuthenticationLdapClientTests.java
        UnboundidGroupsProviderLdapClientTests.java
        es
        IndicesReverseWildcardTests.java
        IndicesRewriteTests.java
        integration
        ExternalAuthenticationTests.java
        LdapIntegrationFirstOptionTests.java
        LdapIntegrationSecondOptionTests.java
        ReverseProxyAuthenticationWithGroupsProviderAuthorizationTests.java
        requestcontext
        TransactionalTest.java
        VariablesManagerTest.java
        settings
        ExternalAuthenticationSettingsTests.java
        LdapAuthRuleSettingsTests.java
        LdapAuthenticationRuleSettingsTests.java
        LdapAuthorizationRuleSettingsTests.java
        LdapSettingsTests.java
        UserGroupsProviderSettingsTests.java
        utils
        Tuple.java
        containers
        ContainerUtils.java
        ESWithReadonlyRestContainer.java
        ESWithReadonlyRestContainerUtils.java
        LdapContainer.java
        MultiContainer.java
        MultiContainerDependent.java
        WaitWithRetriesStrategy.java
        WireMockContainer.java
        exceptions
        ContainerCreationException.java
        ContainerStartupTimeoutException.java
        esdependent
        MockedESContext.java
        gradle
        GradleProjectUtils.java
        GradleProperties.java
        httpclient
        HttpGetWithEntity.java
        RestClient.java
        integration
        ElasticsearchTweetsInitializer.java
        ReadonlyRestedESAssertions.java
        mocks
        RequestContextMock.java
        settings
        MockLdapClientHelper.java

/*
 *    This file is part of ReadonlyREST.
 *
 *    ReadonlyREST is free software: you can redistribute it and/or modify
 *    it under the terms of the GNU General Public License as published by
 *    the Free Software Foundation, either version 3 of the License, or
 *    (at your option) any later version.
 *
 *    ReadonlyREST is distributed in the hope that it will be useful,
 *    but WITHOUT ANY WARRANTY; without even the implied warranty of
 *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *    GNU General Public License for more details.
 *
 *    You should have received a copy of the GNU General Public License
 *    along with ReadonlyREST.  If not, see http://www.gnu.org/licenses/
 */

package org.elasticsearch.plugin.readonlyrest.es;

/**
 * Created by sscarduzio on 28/11/2016.
 */

import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import org.elasticsearch.common.network.NetworkService;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.BigArrays;
import org.elasticsearch.common.xcontent.NamedXContentRegistry;
import org.elasticsearch.http.netty4.Netty4HttpServerTransport;
import org.elasticsearch.plugin.readonlyrest.ESContext;
import org.elasticsearch.plugin.readonlyrest.es.settings.ssl.ESSslSettings;
import org.elasticsearch.plugin.readonlyrest.settings.ssl.SslSettings;
import org.elasticsearch.plugin.readonlyrest.ssl.SSLEngineProvider;
import org.elasticsearch.threadpool.ThreadPool;

public class SSLTransportNetty4 extends Netty4HttpServerTransport {

  private final ESContext esContext;
  private final SslSettings sslSettings;

  public SSLTransportNetty4(ESContext esContext, Settings settings, NetworkService networkService, BigArrays bigArrays,
                            ThreadPool threadPool, NamedXContentRegistry xContentRegistry, Dispatcher dispatcher) {
    super(settings, networkService, bigArrays, threadPool, xContentRegistry, dispatcher);
    this.esContext = esContext;
    this.sslSettings = ESSslSettings.from(settings);
    logger.info("creating SSL transport");
  }

  protected void exceptionCaught(final ChannelHandlerContext ctx, final Throwable cause) throws Exception {
    if (!this.lifecycle.started()) {
      return;
    }
    logger.error("exception in SSL transport: " + cause.getMessage());
    cause.printStackTrace();
  }

  public ChannelHandler configureServerChannelHandler() {
    return new SSLHandler(this);
  }

  private class SSLHandler extends Netty4HttpServerTransport.HttpChannelHandler {

    SSLHandler(final Netty4HttpServerTransport transport) {
      super(transport, SSLTransportNetty4.this.detailedErrorsEnabled, SSLTransportNetty4.this.threadPool.getThreadContext());
    }

    protected void initChannel(final Channel ch) throws Exception {
      super.initChannel(ch);
      SSLEngineProvider engineProvider = new SSLEngineProvider(sslSettings, esContext);
      engineProvider.getContext().ifPresent(sslCtx -> {
        ch.pipeline().addFirst("ssl_netty4_handler", sslCtx.newHandler(ch.alloc()));
      });
    }
  }
}