Fix loading of secured transports

Load transports in plugin. No need to specify any transport modules anymore. Removed the transport modules. Original commit: elastic/x-pack-elasticsearch@45f3245361
2014-08-20 15:47:38 +02:00 · 2014-08-20 15:47:38 +02:00 · 22862cd416
parent 1728c2a381
commit 22862cd416
7 changed files with 43 additions and 31 deletions
--- a/src/main/java/org/elasticsearch/shield/SecurityModule.java
+++ b/src/main/java/org/elasticsearch/shield/SecurityModule.java
@ -17,6 +17,8 @@ import org.elasticsearch.shield.authc.AuthenticationModule;
 import org.elasticsearch.shield.authz.AuthorizationModule;
 import org.elasticsearch.shield.n2n.N2NModule;
 import org.elasticsearch.shield.transport.SecuredTransportModule;
 import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
 import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
 /**
 *
@ -54,6 +56,8 @@ public class SecurityModule extends AbstractModule implements SpawnModules, PreP
                new AuthorizationModule(),
                new AuditTrailModule(settings),
                new N2NModule(),
                new NettySecuredHttpServerTransportModule(),
                new NettySecuredTransportModule(),
                new SecuredTransportModule(settings));
    }
--- a/src/main/java/org/elasticsearch/shield/plugin/SecurityPlugin.java
+++ b/src/main/java/org/elasticsearch/shield/plugin/SecurityPlugin.java
@ -7,8 +7,12 @@ package org.elasticsearch.shield.plugin;
 import org.elasticsearch.common.collect.ImmutableList;
 import org.elasticsearch.common.inject.Module;
 import org.elasticsearch.http.HttpServerModule;
 import org.elasticsearch.plugins.AbstractPlugin;
 import org.elasticsearch.shield.SecurityModule;
 import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransport;
 import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
 import org.elasticsearch.transport.TransportModule;
 import java.util.Collection;
--- a/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransportModule.java
+++ b/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransportModule.java
@ -6,16 +6,23 @@
 package org.elasticsearch.shield.transport.netty;
 import org.elasticsearch.common.inject.AbstractModule;
-import org.elasticsearch.http.HttpServerTransport;
+import org.elasticsearch.common.inject.Module;
 import org.elasticsearch.common.inject.PreProcessModule;
 import org.elasticsearch.http.HttpServerModule;
 import org.elasticsearch.shield.plugin.SecurityPlugin;
 /**
 *
 */
-public class NettySecuredHttpServerTransportModule extends AbstractModule {
+public class NettySecuredHttpServerTransportModule extends AbstractModule implements PreProcessModule {
    @Override
-    protected void configure() {
+    public void processModule(Module module) {
-        bind(HttpServerTransport.class).to(NettySecuredHttpServerTransport.class).asEagerSingleton();
+        if (module instanceof HttpServerModule) {
            ((HttpServerModule)module).setHttpServerTransport(NettySecuredHttpServerTransport.class, SecurityPlugin.NAME);
        }
    }
-}
+    @Override
    protected void configure() {}
 }
--- a/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransportModule.java
+++ b/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransportModule.java
@ -6,15 +6,24 @@
 package org.elasticsearch.shield.transport.netty;
 import org.elasticsearch.common.inject.AbstractModule;
-import org.elasticsearch.transport.Transport;
+import org.elasticsearch.common.inject.Module;
 import org.elasticsearch.common.inject.PreProcessModule;
 import org.elasticsearch.shield.plugin.SecurityPlugin;
 import org.elasticsearch.transport.TransportModule;
 /**
 *
 */
-public class NettySecuredTransportModule extends AbstractModule {
+public class NettySecuredTransportModule extends AbstractModule implements PreProcessModule {
    @Override
-    protected void configure() {
+    public void processModule(Module module) {
-        bind(Transport.class).to(NettySecuredTransport.class).asEagerSingleton();
+        if (module instanceof TransportModule) {
            ((TransportModule)module).setTransport(NettySecuredTransport.class, SecurityPlugin.NAME);
        }
    }
-}
+
    @Override
    protected void configure() {}
 }
--- a/src/test/java/org/elasticsearch/shield/n2n/IpFilteringIntegrationTests.java
+++ b/src/test/java/org/elasticsearch/shield/n2n/IpFilteringIntegrationTests.java
@ -14,11 +14,8 @@ import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.shield.plugin.SecurityPlugin;
 import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
 import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
 import org.elasticsearch.test.ElasticsearchIntegrationTest;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.transport.TransportModule;
 import org.junit.Ignore;
 import org.junit.Test;
@ -46,9 +43,7 @@ public class IpFilteringIntegrationTests extends ElasticsearchIntegrationTest {
                .put("node.mode", "network")
                // todo http tests fail without an explicit IP (needs investigation)
                .put("network.host", randomBoolean() ? "127.0.0.1" : "::1")
-                .put("http.type", NettySecuredHttpServerTransportModule.class.getName())
+                .put("plugin.types", SecurityPlugin.class.getName());
                .put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransportModule.class.getName())
                .put("plugin.types", N2NPlugin.class.getName());
                //.put("shield.n2n.file", configFile.getPath())
        if (OsUtils.MAC) {
@ -67,7 +62,7 @@ public class IpFilteringIntegrationTests extends ElasticsearchIntegrationTest {
        logger.info("Opening connection to {}", url);
        HttpURLConnection connection = (HttpURLConnection) new URL(url).openConnection();
        connection.connect();
-        connection.getResponseCode();
+        logger.info("HTTP connection response code [{}]", connection.getResponseCode());
    }
    @Ignore("Need to investigate further, why this does not fail")
--- a/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java
+++ b/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java
@ -22,8 +22,8 @@ import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.node.Node;
 import org.elasticsearch.node.NodeBuilder;
 import org.elasticsearch.shield.n2n.N2NPlugin;
-import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
+import org.elasticsearch.shield.plugin.SecurityPlugin;
-import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
+import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
 import org.elasticsearch.test.ElasticsearchIntegrationTest;
 import org.elasticsearch.test.junit.annotations.TestLogging;
 import org.elasticsearch.transport.Transport;
@ -88,9 +88,7 @@ public class SslIntegrationTests extends ElasticsearchIntegrationTest {
                .put("shield.http.ssl.truststore", testnodeStore.getPath())
                .put("shield.http.ssl.truststore_password", "testnode")
                // SSL SETUP
-                .put("http.type", NettySecuredHttpServerTransportModule.class.getName())
+                .put("plugin.types", SecurityPlugin.class.getName())
                .put("plugin.types", N2NPlugin.class.getName())
                .put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransportModule.class.getName())
                .put("shield.n2n.file", ipFilterFile.getPath());
        if (OsUtils.MAC) {
@ -125,6 +123,7 @@ public class SslIntegrationTests extends ElasticsearchIntegrationTest {
    }
    @Test
    @TestLogging("_root:DEBUG")
    public void testConnectNodeWorks() throws Exception {
        try (Node node = NodeBuilder.nodeBuilder().settings(getSettings("ssl_node")).node().start()) {
            try (Client client = node.client()) {
@ -227,7 +226,7 @@ public class SslIntegrationTests extends ElasticsearchIntegrationTest {
                .put("shield.transport.ssl.truststore", testClientTrustStore .getPath())
                .put("shield.transport.ssl.truststore_password", "testclient")
                .put("discovery.zen.ping.multicast.ping.enabled", false)
-                .put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransportModule.class.getName())
+                .put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransport.class.getName())
                .put("shield.n2n.file", ipFilterFile.getPath())
                .put("cluster.name", internalCluster().getClusterName());
    }
--- a/src/test/java/org/elasticsearch/shield/transport/ssl/SslRequireAuthTests.java
+++ b/src/test/java/org/elasticsearch/shield/transport/ssl/SslRequireAuthTests.java
@ -16,11 +16,9 @@ import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.shield.n2n.N2NPlugin;
-import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
+import org.elasticsearch.shield.plugin.SecurityPlugin;
 import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
 import org.elasticsearch.test.ElasticsearchIntegrationTest;
 import org.elasticsearch.test.junit.annotations.TestLogging;
 import org.elasticsearch.transport.TransportModule;
 import org.junit.BeforeClass;
 import org.junit.ClassRule;
 import org.junit.Test;
@ -91,11 +89,7 @@ public class SslRequireAuthTests extends ElasticsearchIntegrationTest {
                .put("shield.http.ssl.keystore_password", "testnode")
                .put("shield.http.ssl.truststore", testnodeStore.getPath())
                .put("shield.http.ssl.truststore_password", "testnode")
-                // SSL SETUP
+                .put("plugin.types", SecurityPlugin.class.getName())
                .put("http.type", NettySecuredHttpServerTransportModule.class.getName())
                .put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransportModule.class.getName())
                .put("plugins.load_classpath_plugins", false)
                .put("plugin.types", N2NPlugin.class.getName())
                .put("shield.n2n.file", ipFilterFile.getPath());
        if (OsUtils.MAC) {