Thursday, 25 January 2018

Cassandra java driver With SSL

I want to present you an java code for cassandra client with SSL and Cluster. I am not sharing keystores but i pressume you can get that info from google. I also want to provide you and reference sites i have gone through:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
import java.io.File;
import java.io.InputStream;
import java.security.KeyStore;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

import org.apache.commons.io.FileUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.datastax.driver.core.Cluster;
import com.datastax.driver.core.Cluster.Builder;
import com.datastax.driver.core.Host;
import com.datastax.driver.core.JdkSSLOptions;
import com.datastax.driver.core.Metadata;
import com.datastax.driver.core.Session;

/**
 *  "dbinfo": {
      "port": 9042,
      "truststorepath":"/path/to/truststore.jks",
      "truststoresecret":"password of truststore",
      "nodes": [
         "127.0.0.2",
         "127.0.0.1"
      ],
      "ssl": false
   },
 * 
 * 
 * 
 * This is an implementation of a simple Java Cassandra client.
 *
 */
public class CassandraClient {
 private static final Logger logme = LoggerFactory.getLogger(CassandraClient.class);

 private Cluster cluster;

 private Session session;

 /**
  * For single node instance setup
  * 
  * @param node
  * @param port
  */
 public void connectToServer(final String node, final Integer port) {

  Builder b = Cluster.builder().addContactPoint(node);

  if (port != null) {
   b.withPort(port);
  }
  cluster = b.build();

  Metadata metadata = cluster.getMetadata();
  logme.info("Cassandra: Cluster name: " + metadata.getClusterName());

  for (Host host : metadata.getAllHosts()) {
   logme.info("Cassandra:Datacenter: " + host.getDatacenter() + " Host: " + host.getAddress() + " Rack: "
     + host.getRack());
  }

  session = cluster.connect();
 }

 /**
  * 
  * For multi node instance setup
  * 
  * @param cfg
  */
 public void connectToServer(JSONObject cfg) {

  Builder b = Cluster.builder();

  JSONObject cassandra = cfg.getJSONObject("dbinfo");
  JSONArray nodes = cassandra.getJSONArray("nodes");

  for (Object node : nodes) {
   b.addContactPoint(node.toString());

  }
  boolean ssl = cassandra.optBoolean("ssl", false);
  int port = cassandra.optInt("port", 9042);
  b.withPort(port);

  if (ssl) {

   String trustPath = cassandra.getString("truststorepath");
   String trustSecret = cassandra.getString("truststoresecret");
   if (trustPath == null || trustSecret == null) {
    logme.error(" *********   Please provide truststore details for cassandra ****************");
   }
   JdkSSLOptions sslOptions = getSSLOptionsFromTrustStore(trustPath, trustSecret);
   b.withSSL(sslOptions);
  }

  cluster = b.build();

  Metadata metadata = cluster.getMetadata();
  logme.info("Cassandra: Cluster name: " + metadata.getClusterName());

  for (Host host : metadata.getAllHosts()) {
   logme.info("Cassandra:Datacenter: " + host.getDatacenter() + " Host: " + host.getAddress() + " Rack: "
     + host.getRack());
  }

  session = cluster.connect();
 }

 public Session getSession() {
  return this.session;
 }

 public void close() {
  session.close();
  cluster.close();
 }

 private JdkSSLOptions getSSLOptionsFromTrustStore(String trustStoreLocation, String trustStorePassword) {
  Cluster cluster;
  SSLContext sslcontext = null;

  try {

   InputStream is = FileUtils.openInputStream(new File(trustStoreLocation));
   KeyStore keystore = KeyStore.getInstance("jks");
   char[] pwd = trustStorePassword.toCharArray();
   keystore.load(is, pwd);
   TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
   tmf.init(keystore);
   TrustManager[] tm = tmf.getTrustManagers();

   sslcontext = SSLContext.getInstance("TLSv1");
   sslcontext.init(null, tm, null);

  } catch (Exception e) {
   logme.error(e.getMessage(), e);
  }

  JdkSSLOptions sslOptions = JdkSSLOptions.builder().withSSLContext(sslcontext).build();

  return sslOptions;
 }

}

No comments:

Post a Comment

Please comment here