DATAREDIS-1060 - Polishing.

Remove data node password reuse for sentinel as we favor explicit configuration over implicit.
Use RedisURI builder and not sentinel URI builder to configure the SentinelURI correctly.
Associate masterId with outermost RedisURI.

Original pull request: #495.
This commit is contained in:
Mark Paluch
2019-11-12 15:21:24 +01:00
parent 1955074eb7
commit c6802ba247
5 changed files with 21 additions and 129 deletions

View File

@@ -339,20 +339,20 @@ public interface RedisConfiguration {
Set<RedisNode> getSentinels();
/**
* Get the {@link RedisPassword} used when authenticating with a Redis Server.
*
* Get the {@link RedisPassword} used when authenticating with a Redis Server..
*
* @return never {@literal null}.
* @since 2.2.2
*/
default RedisPassword getDataNodePassword() {
return getPassword();
}
/**
* Create and set a {@link RedisPassword} to be used when authenticating with Sentinel from the given {@link String}
* Create and set a {@link RedisPassword} to be used when authenticating with Redis Sentinel from the given
* {@link String}.
*
* @param password can be {@literal null}.
* @throws IllegalStateException if the {@link #useDataNodeAuthenticationForSentinel(boolean) Data Node Password}
* should be used for authenticating with Redis Sentinel.
* @since 2.2.2
*/
default void setSentinelPassword(@Nullable String password) {
@@ -360,12 +360,10 @@ public interface RedisConfiguration {
}
/**
* Create and set a {@link RedisPassword} to be used when authenticating with Sentinel from the given
* Create and set a {@link RedisPassword} to be used when authenticating with Redis Sentinel from the given
* {@link Character} sequence.
*
* @param password can be {@literal null}.
* @throws IllegalStateException if the {@link #useDataNodeAuthenticationForSentinel(boolean) Data Node Password}
* should be used for authenticating with Redis Sentinel.
* @since 2.2.2
*/
default void setSentinelPassword(@Nullable char[] password) {
@@ -373,43 +371,22 @@ public interface RedisConfiguration {
}
/**
* Set a {@link RedisPassword} to be used when authenticating with Sentinel.
* Set a {@link RedisPassword} to be used when authenticating with Redis Sentinel.
*
* @param password must not be {@literal null} use {@link RedisPassword#none()} instead.
* @throws IllegalStateException if the {@link #useDataNodeAuthenticationForSentinel(boolean) Data Node Password}
* should be used for authenticating with Redis Sentinel.
* @since 2.2.2
*/
void setSentinelPassword(RedisPassword password);
/**
* Get the {@link RedisPassword} to use when connecting to a Redis Sentinel. <br />
* This can be the password explicitly set via {@link #setSentinelPassword(RedisPassword)}, or the
* {@link #getDataNodePassword() Data Node password} if it should be also used for
* {@link #getUseDataNodeAuthenticationForSentinel() sentinel}, or {@link RedisPassword#none()} if no password has
* Returns the {@link RedisPassword} to use when connecting to a Redis Sentinel. <br />
* Can be set via {@link #setSentinelPassword(RedisPassword)} or {@link RedisPassword#none()} if no password has
* been set.
*
* @return the {@link RedisPassword} for authenticating with Sentinel.
* @return the {@link RedisPassword} for authenticating with Redis Sentinel.
* @since 2.2.2
*/
RedisPassword getSentinelPassword();
/**
* Use the {@link #getDataNodePassword() RedisPassword} also for authentication with Redis Sentinel.
*
* @param useDataNodeAuthenticationForSentinel
* @throws IllegalStateException if a {@link #getSentinelPassword() Sentinel Password} is already set.
* @since 2.2.2
*/
void useDataNodeAuthenticationForSentinel(boolean useDataNodeAuthenticationForSentinel);
/**
* Use the {@link #getDataNodePassword() RedisPassword} also for authentication with Redis Sentinel.
*
* @return
* @since 2.2.2
*/
boolean getUseDataNodeAuthenticationForSentinel();
}
/**

View File

@@ -52,7 +52,6 @@ public class RedisSentinelConfiguration implements RedisConfiguration, SentinelC
private RedisPassword dataNodePassword = RedisPassword.none();
private RedisPassword sentinelPassword = RedisPassword.none();
private boolean useDataNodePasswordForSentinel = false;
/**
* Creates new {@link RedisSentinelConfiguration}.
@@ -253,47 +252,21 @@ public class RedisSentinelConfiguration implements RedisConfiguration, SentinelC
/*
* (non-Javadoc)
* @see org.springframework.data.redis.connection.RedisConfiguration.WithPassword#setSentinelPassword(org.springframework.data.redis.connection.RedisPassword)
* @see org.springframework.data.redis.connection.RedisConfiguration.SentinelConfiguration#setSentinelPassword(org.springframework.data.redis.connection.RedisPassword)
*/
public void setSentinelPassword(RedisPassword sentinelPassword) {
Assert.state(!useDataNodePasswordForSentinel,
"Configuration uses Redis Data Node password for authenticating with Sentinel. Please set 'RedisSentinelConfiguration.useDataNodeAuthenticationForSentinel(false)' before using this option.");
Assert.notNull(sentinelPassword, "SentinelPassword must not be null!");
this.sentinelPassword = sentinelPassword;
}
/*
* (non-Javadoc)
* @see org.springframework.data.redis.connection.RedisConfiguration.WithPassword#setSentinelPassword()
* @see org.springframework.data.redis.connection.RedisConfiguration.SentinelConfiguration#setSentinelPassword()
*/
@Override
public RedisPassword getSentinelPassword() {
return getUseDataNodeAuthenticationForSentinel() ? this.dataNodePassword : sentinelPassword;
}
/*
* (non-Javadoc)
* @see org.springframework.data.redis.connection.RedisConfiguration.WithPassword#useDataNodeAuthenticationForSentinel(boolean)
*/
@Override
public void useDataNodeAuthenticationForSentinel(boolean useDataNodeAuthenticationForSentinel) {
if (useDataNodeAuthenticationForSentinel) {
Assert.state(!this.sentinelPassword.isPresent(),
"Configuration already defines a password for authenticating with Sentinel. Please use 'RedisSentinelConfiguration.setSentinelPassword(RedisPassword.none())' remove the password.");
}
this.useDataNodePasswordForSentinel = useDataNodeAuthenticationForSentinel;
}
/*
* (non-Javadoc)
* @see org.springframework.data.redis.connection.RedisConfiguration.WithPassword#getUseDataNodeAuthenticationForSentinel()
*/
@Override
public boolean getUseDataNodeAuthenticationForSentinel() {
return this.useDataNodePasswordForSentinel;
return sentinelPassword;
}
private RedisNode readHostAndPortFromString(String hostAndPort) {

View File

@@ -640,16 +640,16 @@ abstract public class LettuceConverters extends Converters {
Assert.notNull(sentinelConfiguration, "RedisSentinelConfiguration is required");
Set<RedisNode> sentinels = sentinelConfiguration.getSentinels();
RedisPassword sentinelPassword = sentinelConfiguration.getSentinelPassword();
RedisURI.Builder builder = RedisURI.builder();
for (RedisNode sentinel : sentinels) {
RedisURI.Builder uri = RedisURI.Builder.sentinel(sentinel.getHost(), sentinel.getPort(),
sentinelConfiguration.getMaster().getName());
RedisURI.Builder sentinelBuilder = RedisURI.Builder.redis(sentinel.getHost(), sentinel.getPort());
if (sentinelConfiguration.getSentinelPassword().isPresent()) {
uri.withPassword(sentinelConfiguration.getSentinelPassword().get());
if (sentinelPassword.isPresent()) {
sentinelBuilder.withPassword(sentinelPassword.get());
}
builder.withSentinel(uri.build());
builder.withSentinel(sentinelBuilder.build());
}
RedisPassword password = sentinelConfiguration.getPassword();
@@ -657,6 +657,8 @@ abstract public class LettuceConverters extends Converters {
builder.withPassword(password.get());
}
builder.withSentinelMasterId(sentinelConfiguration.getMaster().getName());
return builder.build();
}