From dev-return-33985-apmail-nutch-dev-archive=nutch.apache.org@nutch.apache.org  Mon Jun 27 18:31:14 2016
Return-Path: <dev-return-33985-apmail-nutch-dev-archive=nutch.apache.org@nutch.apache.org>
X-Original-To: apmail-nutch-dev-archive@www.apache.org
Delivered-To: apmail-nutch-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id A78F7195B2
	for <apmail-nutch-dev-archive@www.apache.org>; Mon, 27 Jun 2016 18:31:14 +0000 (UTC)
Received: (qmail 95701 invoked by uid 500); 27 Jun 2016 18:31:14 -0000
Delivered-To: apmail-nutch-dev-archive@nutch.apache.org
Received: (qmail 95661 invoked by uid 500); 27 Jun 2016 18:31:14 -0000
Mailing-List: contact dev-help@nutch.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@nutch.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@nutch.apache.org>
List-Post: <mailto:dev@nutch.apache.org>
List-Id: <dev.nutch.apache.org>
Reply-To: dev@nutch.apache.org
Delivered-To: mailing list dev@nutch.apache.org
Received: (qmail 95650 invoked by uid 99); 27 Jun 2016 18:31:14 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Jun 2016 18:31:14 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id F1D78DFDC3; Mon, 27 Jun 2016 18:31:13 +0000 (UTC)
From: lewismc <git@git.apache.org>
To: dev@nutch.apache.org
Reply-To: dev@nutch.apache.org
References: <git-pr-128-nutch@git.apache.org>
In-Reply-To: <git-pr-128-nutch@git.apache.org>
Subject: [GitHub] nutch pull request #128: NUTCH-2289 SSL support for Nutch 2.X REST API.
Content-Type: text/plain
Message-Id: <20160627183113.F1D78DFDC3@git1-us-west.apache.org>
Date: Mon, 27 Jun 2016 18:31:13 +0000 (UTC)

Github user lewismc commented on a diff in the pull request:

    https://github.com/apache/nutch/pull/128#discussion_r68630587
  
    --- Diff: src/java/org/apache/nutch/api/NutchServer.java ---
    @@ -99,17 +114,70 @@ public NutchServer() {
         component = new Component();
         component.getLogger().setLevel(Level.parse(logLevel));
     
    -    // Add a new HTTP server listening on defined port.
    -    component.getServers().add(Protocol.HTTP, port);
    +    AuthenticationTypeEnum authenticationType = configManager.get(ConfigResource.DEFAULT)
    +            .getEnum("restapi.auth", AuthenticationTypeEnum.NONE);
    +
    +    if (authenticationType == AuthenticationTypeEnum.SSL) {
    +      // Add a new HTTPS server listening on defined port.
    +      Server server = component.getServers().add(Protocol.HTTPS, port);
    +
    +      Series parameters = server.getContext().getParameters();
    +      parameters.add("sslContextFactory", "org.restlet.engine.ssl.DefaultSslContextFactory");
    +
    +      String keyStorePath = configManager.get(ConfigResource.DEFAULT)
    +              .get("restapi.auth.ssl.storepath", "etc/nutch-ssl.keystore.jks");
    +      parameters.add("keyStorePath", keyStorePath);
    +
    +      String keyStorePassword = configManager.get(ConfigResource.DEFAULT)
    +              .get("restapi.auth.ssl.storepass", "password");
    +      parameters.add("keyStorePassword", keyStorePassword);
    +
    +      String keyPassword = configManager.get(ConfigResource.DEFAULT)
    +              .get("restapi.auth.ssl.keypass", "password");
    +      parameters.add("keyPassword", keyPassword);
    +
    +      parameters.add("keyStoreType", "JKS");
    +      LOG.info("SSL Authentication is set for NutchServer");
    +    } else {
    +      // Add a new HTTP server listening on defined port.
    +      component.getServers().add(Protocol.HTTP, port);
    +    }
     
         Context childContext = component.getContext().createChildContext();
         JaxRsApplication application = new JaxRsApplication(childContext);
         application.add(this);
         application.setStatusService(new ErrorStatusService());
         childContext.getAttributes().put(NUTCH_SERVER, this);
     
    -    // Attach the application.
    -    component.getDefaultHost().attach(application);
    +    if (authenticationType == AuthenticationTypeEnum.NONE || authenticationType == AuthenticationTypeEnum.SSL ) {
    +      component.getDefaultHost().attach(application);
    +      return;
    +    }
    +
    +    String username = configManager.get(ConfigResource.DEFAULT).get("restapi.auth.username", "admin");
    +    String password = configManager.get(ConfigResource.DEFAULT).get("restapi.auth.password", "nutch");
    +
    +    MapVerifier mapVerifier = new MapVerifier();
    +    mapVerifier.getLocalSecrets().put(username, password.toCharArray());
    +
    +    if (authenticationType == AuthenticationTypeEnum.BASIC) {
    --- End diff --
    
    Please see comment on other issue for use of switch block.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---