HsftpFileSystem.java
上传用户:quxuerui
上传日期:2018-01-08
资源大小:41811k
文件大小:4k
- /**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package org.apache.hadoop.hdfs;
- import java.io.IOException;
- import java.net.HttpURLConnection;
- import java.net.URI;
- import java.net.URISyntaxException;
- import java.net.URL;
- import java.net.UnknownHostException;
- import javax.net.ssl.HostnameVerifier;
- import javax.net.ssl.HttpsURLConnection;
- import javax.net.ssl.SSLSession;
- import org.apache.hadoop.conf.Configuration;
- /** An implementation of a protocol for accessing filesystems over HTTPS.
- * The following implementation provides a limited, read-only interface
- * to a filesystem over HTTPS.
- * @see org.apache.hadoop.hdfs.server.namenode.ListPathsServlet
- * @see org.apache.hadoop.hdfs.server.namenode.FileDataServlet
- */
- public class HsftpFileSystem extends HftpFileSystem {
- @Override
- public void initialize(URI name, Configuration conf) throws IOException {
- super.initialize(name, conf);
- setupSsl(conf);
- }
- /** Set up SSL resources */
- private static void setupSsl(Configuration conf) {
- Configuration sslConf = new Configuration(false);
- sslConf.addResource(conf.get("dfs.https.client.keystore.resource",
- "ssl-client.xml"));
- System.setProperty("javax.net.ssl.trustStore", sslConf.get(
- "ssl.client.truststore.location", ""));
- System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
- "ssl.client.truststore.password", ""));
- System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
- "ssl.client.truststore.type", "jks"));
- System.setProperty("javax.net.ssl.keyStore", sslConf.get(
- "ssl.client.keystore.location", ""));
- System.setProperty("javax.net.ssl.keyStorePassword", sslConf.get(
- "ssl.client.keystore.password", ""));
- System.setProperty("javax.net.ssl.keyPassword", sslConf.get(
- "ssl.client.keystore.keypassword", ""));
- System.setProperty("javax.net.ssl.keyStoreType", sslConf.get(
- "ssl.client.keystore.type", "jks"));
- }
- @Override
- protected HttpURLConnection openConnection(String path, String query)
- throws IOException {
- try {
- final URL url = new URI("https", null, pickOneAddress(nnAddr.getHostName()),
- nnAddr.getPort(), path, query, null).toURL();
- HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
- // bypass hostname verification
- conn.setHostnameVerifier(new DummyHostnameVerifier());
- return (HttpURLConnection)conn;
- } catch (URISyntaxException e) {
- throw (IOException)new IOException().initCause(e);
- }
- }
- @Override
- public URI getUri() {
- try {
- return new URI("hsftp", null, pickOneAddress(nnAddr.getHostName()), nnAddr.getPort(),
- null, null, null);
- } catch (URISyntaxException e) {
- return null;
- } catch (UnknownHostException e) {
- return null;
- }
- }
- /**
- * Dummy hostname verifier that is used to bypass hostname checking
- */
- protected static class DummyHostnameVerifier implements HostnameVerifier {
- public boolean verify(String hostname, SSLSession session) {
- return true;
- }
- }
- }