Add auto-configuration support for TLS using SSL when deploying Spring Boot ClientCache applications to PCF using PCC that requires secure Sockets.
The TLS/SSL auto-configuration enables and configures the use of the SSL default context provided by the JRE, which the ClientCache instance uses to obtain the required CERT necessary when creating SSL Sockets between the client and PCC servers. Resolves gh-61.
This commit is contained in:
@@ -76,6 +76,7 @@ public class VcapPropertySource extends PropertySource<EnumerablePropertySource<
|
||||
private static final String VCAP_SERVICES_PROPERTY = "vcap.services.";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_LOCATORS_PROPERTY = VCAP_SERVICES_PROPERTY + "%s.credentials.locators";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_NAME_PROPERTY = VCAP_SERVICES_PROPERTY + "%s.name";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_TLS_ENABLED_PROPERTY = VCAP_SERVICES_PROPERTY + "%s.credentials.tls-enabled";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_URL_GFSH_PROPERTY = VCAP_SERVICES_PROPERTY + "%s.credentials.urls.gfsh";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_USERS_PROPERTY = VCAP_SERVICES_PROPERTY + "%s.credentials.users";
|
||||
private static final String VCAP_SERVICES_SERVICE_NAME_USERS_INDEX_PROPERTY = VCAP_SERVICES_SERVICE_NAME_USERS_PROPERTY + "[%d]";
|
||||
@@ -211,6 +212,13 @@ public class VcapPropertySource extends PropertySource<EnumerablePropertySource<
|
||||
.filter(StringUtils::hasText)
|
||||
.ifPresent(service::withLocators);
|
||||
|
||||
Object tlsEnabled = getProperty(String.format(VCAP_SERVICES_SERVICE_NAME_TLS_ENABLED_PROPERTY, service));
|
||||
|
||||
Optional.ofNullable(tlsEnabled)
|
||||
.map(String::valueOf)
|
||||
.map(Boolean::parseBoolean)
|
||||
.ifPresent(service::withTls);
|
||||
|
||||
Object gfshUrl = getProperty(String.format(VCAP_SERVICES_SERVICE_NAME_URL_GFSH_PROPERTY, service));
|
||||
|
||||
Optional.ofNullable(gfshUrl)
|
||||
|
||||
@@ -52,6 +52,8 @@ public class CloudCacheService extends Service {
|
||||
return new CloudCacheService(name);
|
||||
}
|
||||
|
||||
private Boolean tlsEnabled;
|
||||
|
||||
private String locators;
|
||||
|
||||
private URL gfshUrl;
|
||||
@@ -108,6 +110,16 @@ public class CloudCacheService extends Service {
|
||||
.orElseGet(Collections::emptyList);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a {@link Boolean} determining whether TLS/SSL is enabled between the client and the Pivotal Cloud Cache
|
||||
* (PCC) service instance in Pivotal CloudFoundry (PCF).
|
||||
*
|
||||
* @return {@literal true} if TLS is enabled, {@literal false} if not.
|
||||
*/
|
||||
public boolean isTlsEnabled() {
|
||||
return Boolean.TRUE.equals(this.tlsEnabled);
|
||||
}
|
||||
|
||||
/**
|
||||
* Builder method used to configure the Gfsh {@link URL} to connect to the Pivotal GemFire
|
||||
* Management REST API (service).
|
||||
@@ -138,6 +150,21 @@ public class CloudCacheService extends Service {
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Builder method used to configure whether TLS/SSL is enabled between a client and the Pivotal Cloud Cache (PCC)
|
||||
* service instance in Pivotal CloudFoundry (PCF).
|
||||
*
|
||||
* @param enabled {@link Boolean} value indicating whether TLS/SSL is enabled.
|
||||
* @return this {@link CloudCacheService}.
|
||||
* @see #isTlsEnabled()
|
||||
*/
|
||||
public CloudCacheService withTls(Boolean enabled) {
|
||||
|
||||
this.tlsEnabled = enabled;
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
public static class Locator implements Comparable<Locator> {
|
||||
|
||||
static final int DEFAULT_LOCATOR_PORT = GemfireUtils.DEFAULT_LOCATOR_PORT;
|
||||
|
||||
Reference in New Issue
Block a user