Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature][Zeta] Support enable https protocol for rest-api v2 #8583

Open
2 of 3 tasks
hailin0 opened this issue Jan 23, 2025 · 3 comments
Open
2 of 3 tasks

[Feature][Zeta] Support enable https protocol for rest-api v2 #8583

hailin0 opened this issue Jan 23, 2025 · 3 comments
Labels
help wanted Zeta Rest API

Comments

@hailin0
Copy link
Member

hailin0 commented Jan 23, 2025
edited
Loading

Search before asking

  • I had searched in the feature and found no similar feature requirement.

Description

Currently we support using jetty to provide http api services, but not yet support https protocol, so we can add support for https to enhance security.

Updates


seatunnel:
  engine:
    http:
       ......
      enable-https: true
      https-port: 8443
      keystore: /path/to/file.keystore
      keystore-password: keystore_password
      key-password: key_password

      // optional:Two-way authentication
      truststore: /path/to/file.truststore
      truststore-password: truststore_password
      ......

reference
https://jetty.org/docs/jetty/10/programming-guide/server/http.html#connector-protocol-http11-tls
https://jetty.org/docs/jetty/10/operations-guide/keystore/index.html#client-authn

Usage Scenario

No response

Related issues

No response

Are you willing to submit a PR?

  • Yes I am willing to submit a PR!

Code of Conduct
@liugddx
Copy link
Member

liugddx commented Jan 24, 2025

This is a demo

import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;

import java.io.File;

public class JettyServer {
    public static void main(String[] args) throws Exception {
        Server server = new Server();

        ServerConnector httpConnector = new ServerConnector(server);
        httpConnector.setPort(8080);
        server.addConnector(httpConnector);

        String keystorePath = "/path/to/keystore.jks";
        String keystorePassword = "your_keystore_password";
        String keyManagerPassword = "your_key_password";

        File keystoreFile = new File(keystorePath);
        if (keystoreFile.exists() && keystoreFile.isFile()) {

            SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
            sslContextFactory.setKeyStorePath(keystorePath);
            sslContextFactory.setKeyStorePassword(keystorePassword);
            sslContextFactory.setKeyManagerPassword(keyManagerPassword);

            ServerConnector httpsConnector = new ServerConnector(server, sslContextFactory);
            httpsConnector.setPort(8443);
            server.addConnector(httpsConnector);
        } else {
            System.out.println("No HTTPS configuration detected, falling back to HTTP...");
        }

        server.setHandler(...);

        server.start();
        server.join();
    }
}

@hailin0
Copy link
Member Author

hailin0 commented Jan 24, 2025
edited
Loading

This is a demo

import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;

import java.io.File;

public class JettyServer {
    public static void main(String[] args) throws Exception {
        Server server = new Server();

        ServerConnector httpConnector = new ServerConnector(server);
        httpConnector.setPort(8080);
        server.addConnector(httpConnector);

        String keystorePath = "/path/to/keystore.jks";
        String keystorePassword = "your_keystore_password";
        String keyManagerPassword = "your_key_password";

        File keystoreFile = new File(keystorePath);
        if (keystoreFile.exists() && keystoreFile.isFile()) {

            SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
            sslContextFactory.setKeyStorePath(keystorePath);
            sslContextFactory.setKeyStorePassword(keystorePassword);
            sslContextFactory.setKeyManagerPassword(keyManagerPassword);

            ServerConnector httpsConnector = new ServerConnector(server, sslContextFactory);
            httpsConnector.setPort(8443);
            server.addConnector(httpsConnector);
        } else {
            System.out.println("No HTTPS configuration detected, falling back to HTTP...");
        }

        server.setHandler(...);

        server.start();
        server.join();
    }
}

Add

        // optional:Two-way authentication
        if (trustStorePath != null && truststorePassword != null) {
            sslContextFactory.setNeedClientAuth(true);
            sslContextFactory.setTrustStorePath(trustStorePath);
            sslContextFactory.setTrustStorePassword(truststorePassword);
        }

@hailin0 hailin0 changed the title [Feature][Zeta] Support enable https protocol [Feature][Zeta] Support enable https protocol for rest-api v2 Jan 24, 2025
@akulabs8
Copy link

Hey I am new to this repo but would like to contribute, so shall I help?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Zeta Rest API
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hailin0 @liugddx @akulabs8