开启es安全校验

e224210a · chenzhao · 916edd10 · e224210a · e224210a · e224210a
Commit e224210a authored Jun 24, 2022 by chenzhao
4 changed files
--- a/amos-boot-module/amos-boot-module-biz/amos-boot-module-knowledgebase-biz/src/main/java/com/yeejoin/amos/knowledgebase/config/ElasticSearchClientConfig.java
+++ b/amos-boot-module/amos-boot-module-biz/amos-boot-module-knowledgebase-biz/src/main/java/com/yeejoin/amos/knowledgebase/config/ElasticSearchClientConfig.java
@@ -2,7 +2,12 @@ package com.yeejoin.amos.knowledgebase.config;

 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpHost;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.CredentialsProvider;
 import org.apache.http.client.config.RequestConfig;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.nio.client.HttpAsyncClientBuilder;
 import org.elasticsearch.client.RestClient;
 import org.elasticsearch.client.RestClientBuilder;
 import org.elasticsearch.client.RestHighLevelClient;
@@ -16,17 +21,31 @@ public class ElasticSearchClientConfig {
 
 	@Value("${spring.elasticsearch.rest.uris}")
    private String uris;
+	@Value("${elasticsearch.username}")
+	private String username;
+
+	@Value("${elasticsearch.password}")
+	private String password;
 	 
 	@Bean
 	@Qualifier("highLevelClient")
 	public RestHighLevelClient restHighLevelClient() {
- 
+		final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
+		credentialsProvider.setCredentials(AuthScope.ANY,
+				new UsernamePasswordCredentials(username, password));
 		
        try {
        	String url = uris.replace("http://", "");
        	final String[] parts = StringUtils.split(url, ":");
        	HttpHost httpHost = new HttpHost(parts[0], Integer.parseInt(parts[1]), "http");
        	RestClientBuilder builder = RestClient.builder(httpHost);
+			builder.setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
+				@Override
+				public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) {
+					httpClientBuilder.disableAuthCaching();
+					return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
+				}
+			});
        	builder.setRequestConfigCallback(new RestClientBuilder.RequestConfigCallback() {
 				// 该方法接收一个RequestConfig.Builder对象，对该对象进行修改后然后返回。
 				@Override

--- a/amos-boot-system-knowledgebase/src/main/resources/application-dev.properties
+++ b/amos-boot-system-knowledgebase/src/main/resources/application-dev.properties
@@ -40,6 +40,8 @@ eureka.instance.metadata-map.management.api-docs=http://localhost:${server.port}
 spring.data.elasticsearch.cluster-name=elasticsearch
 spring.data.elasticsearch.cluster-nodes=172.16.10.66:9300
 spring.elasticsearch.rest.uris=http://172.16.10.66:9200
+elasticsearch.username= elastic
+elasticsearch.password= 123456

 #emqx v4.0
 emqx.clean-session=true

--- a/amos-boot-utils/amos-boot-utils-video/src/main/java/com/yeejoin/amos/video/config/ElasticSearchClientConfig.java
+++ b/amos-boot-utils/amos-boot-utils-video/src/main/java/com/yeejoin/amos/video/config/ElasticSearchClientConfig.java
@@ -24,6 +24,11 @@ public class ElasticSearchClientConfig {
 
 	@Value("${spring.elasticsearch.rest.uris}")
    private String uris;
+	@Value("${elasticsearch.username}")
+	private String username;
+
+	@Value("${elasticsearch.password}")
+	private String password;
 	 
 	@Bean
 	@Qualifier("highLevelClient")
@@ -36,7 +41,8 @@ public class ElasticSearchClientConfig {
        	RestClientBuilder builder = RestClient.builder(httpHost);
        	//增加安全配置，使用kibana,勿删
 			final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        	credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic","es123456"));
+			credentialsProvider.setCredentials(AuthScope.ANY,
+					new UsernamePasswordCredentials(username, password));
        	builder.setRequestConfigCallback(new RestClientBuilder.RequestConfigCallback() {
 				// 该方法接收一个RequestConfig.Builder对象，对该对象进行修改后然后返回。
 				@Override
@@ -47,13 +53,13 @@ public class ElasticSearchClientConfig {
 				}
 			});// 调整最大重试超时时间（默认为30秒）.setMaxRetryTimeoutMillis(60000);
        	//增加安全配置，使用kibana,勿删
-//        	builder.setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
-//                @Override
-//                public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) {
-//                    httpClientBuilder.disableAuthCaching();
-//                    return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
-//                }
-//            });
+			builder.setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
+				@Override
+				public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) {
+					httpClientBuilder.disableAuthCaching();
+					return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
+				}
+			});
        	return new RestHighLevelClient(builder);
        } catch (Exception e) {
        	throw new IllegalStateException("Invalid ES nodes " + "property '" + uris + "'", e);

--- a/amos-boot-utils/amos-boot-utils-video/src/main/resources/application-dev.properties
+++ b/amos-boot-utils/amos-boot-utils-video/src/main/resources/application-dev.properties
@@ -16,6 +16,8 @@ biz.elasticsearch.address=172.16.10.66
 spring.data.elasticsearch.cluster-name=elasticsearch
 spring.data.elasticsearch.cluster-nodes=${biz.elasticsearch.address}:9300
 spring.elasticsearch.rest.uris=http://${biz.elasticsearch.address}:9200
+elasticsearch.username= elastic
+elasticsearch.password= 123456

 ##biz custem properties
 biz.hk.video.url=http://11.11.16.12:9017/artemis-web/debug