odpi · mandy-chessell · Sep 5, 2023 · Sep 5, 2023 · Sep 5, 2023 · Sep 5, 2023
@@ -105,7 +105,7 @@ body:
           - If using containers, they will be published to quay.io & docker.io & built for arm64 + amd64 with same release versions as other artifacts
           - If using maven, versioning should follow 1.1 / 1.1-SNAPSHOT convention. For javascript etc use semver, ie 1.1.1 / 1.1.1-rc.0
           - Follows egeria branching-strategy ie branch just before release
-          - Security policy aligned with egeria - common mailing list for reporting vulnarabilities
+          - Security policy aligned with egeria - common mailing list for reporting vulnerabilities
       placeholder: |
         Yes - all true
     validations:

@@ -347,7 +347,7 @@ public static void main(String[] args)
             password = args[3];
         }
 
-        HttpHelper.noStrictSSLIfConfigured();
+        HttpHelper.noStrictSSL();
 
         System.out.println("=======================================");
         System.out.println(" Open Metadata Conformance Test Report ");

@@ -1,11 +1,19 @@
 <!-- SPDX-License-Identifier: CC-BY-4.0 -->
 <!-- Copyright Contributors to the ODPi Egeria project 2019. -->
 
-![Released](../../../../images/egeria-content-status-released.png#pagewidth)
+![Stable](../../../../images/egeria-content-status-released.png#pagewidth)
 
 # HTTP Helper
 
-A plug-in for managing Transport Level Security (TLS) in the server.
+A plug-in for managing Transport Level Security (TLS) in a client.
+
+## Client-side certificate checking
+
+Egeria is set up to validate certificates in the caller to a REST API.
+The certificate received from the server is typically validated against
+the certificates in the client's trust store.
+
+The HTTP helpers make it possible to turn off this certificate checking.
 
 ----
 Return to [authentication-plugins](..) module.

@@ -12,55 +12,63 @@
 import java.security.GeneralSecurityException;
 import java.security.cert.X509Certificate;
 
-public class HttpHelper {
+/**
+ * Turn off client-side checking of certificates.  There are two options, one to turn it off all the time and the other is
+ * controlled through the -Dstrict.ssl=false property.
+ */
+public class HttpHelper
+{
 
     private static final Logger LOGGER = LoggerFactory.getLogger(HttpHelper.class);
 
     /**
-     * Allows using self signed certificates https connections
-     * makes all the clients and servers trusted no matter the certificate
+     * Allows the use of self-signed certificates on https connections.
+     * The client will trust the server no matter which certificate is sent.
      */
     public static void noStrictSSL(){
 
         LOGGER.warn("Strict SSL is set to false! Invalid certificates will be accepted for connection!");
 
         // Create a trust manager that does not validate certificate chains
         TrustManager[] trustAllCerts = new TrustManager[] {
-                new X509TrustManager() {
+                new X509TrustManager()
+                {
                     public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                         return new X509Certificate[0];
                     }
-                    public void checkClientTrusted(
-                            java.security.cert.X509Certificate[] certs, String authType) {
+                    public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
+                    {
                     }
-                    public void checkServerTrusted(
-                            java.security.cert.X509Certificate[] certs, String authType) {
+                    public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
+                    {
                     }
                 }
         };
 
         // Install the all-trusting trust manager
-        try {
+        try
+        {
             SSLContext sc = SSLContext.getInstance("SSL");
             sc.init(null, trustAllCerts, new java.security.SecureRandom());
             HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
             HttpsURLConnection.setDefaultHostnameVerifier ((hostname, session) -> true);
-        } catch (GeneralSecurityException e) {
+        }
+        catch (GeneralSecurityException e)
+        {
             LOGGER.error("The configuration for no strict SSL went wrong");
         }
     }
 
+
     /**
-     * Allows using self signed certificates https connections
-     * makes all the clients and servers trusted no matter the certificate
-     * Only if the override property strict.ssl is set
+     * Allows using self-signed certificates https connections.
+     * If -Dstrict.ssl=false is set, the client will trust the server no matter the certificate passed.
      */
-    public static void noStrictSSLIfConfigured() {
+    public static void noStrictSSLIfConfigured()
+    {
         if ("false".equalsIgnoreCase(System.getProperty("strict.ssl")))
         {
             noStrictSSL();
         }
-
     }
-
 }
@@ -247,8 +247,12 @@ public void removeServerConfig() {
         }
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
-    public Set<OMAGServerConfig> retrieveAllServerConfigs() {
+    public Set<OMAGServerConfig> retrieveAllServerConfigs()
+    {
         final String methodName = "retrieveAllServerConfigs";
         Set<OMAGServerConfig> omagServerConfigSet = new HashSet<>();
         String templateString = getStoreTemplateName();

@@ -58,7 +58,7 @@ public class JDBCResourceConnectorProvider extends ConnectorProviderBase
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = JDBCResourceConnector.class;
+    private static final String connectorClassName = "org.odpi.openmetadata.adapters.connectors.resource.jdbc.JDBCResourceConnector";
 
     /**
      * Constructor used to initialize the ConnectorProviderBase with the Java class name of the specific connector implementation.
@@ -71,7 +71,7 @@ public JDBCResourceConnectorProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -8,8 +8,6 @@
 import org.odpi.openmetadata.frameworks.connectors.properties.beans.ConnectorType;
 import org.odpi.openmetadata.repositoryservices.connectors.openmetadatatopic.OpenMetadataTopicProvider;
 
-import java.util.ArrayList;
-import java.util.List;
 
 /**
  * InMemoryOpenMetadataTopicProvider provides implementation of the connector provider for the InMemoryOpenMetadataTopicConnector.
@@ -38,7 +36,7 @@ public class InMemoryOpenMetadataTopicProvider extends OpenMetadataTopicProvider
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = InMemoryOpenMetadataTopicConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.eventbus.topic.inmemory.InMemoryOpenMetadataTopicConnector";
 
 
     /**
@@ -52,7 +50,7 @@ public InMemoryOpenMetadataTopicProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -39,7 +39,7 @@ public class KafkaOpenMetadataTopicProvider extends OpenMetadataTopicProvider
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = KafkaOpenMetadataTopicConnector.class;
+    private static final String connectorClassName       = "org.odpi.openmetadata.adapters.eventbus.topic.kafka.KafkaOpenMetadataTopicConnector";
 
     private static final String expectedDataFormat     = "PLAINTEXT";
     private static final String supportedAssetTypeName = "KafkaTopic";
@@ -61,7 +61,7 @@ public KafkaOpenMetadataTopicProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -38,7 +38,7 @@ public class ApacheAtlasIntegrationProvider extends IntegrationConnectorProvider
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = ApacheAtlasIntegrationConnector.class;
+    private static final String connectorClassName       = "org.odpi.openmetadata.adapters.connectors.integration.apacheatlas.ApacheAtlasIntegrationConnector";
 
 
     /**
@@ -64,7 +64,7 @@ public ApacheAtlasIntegrationProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -36,7 +36,7 @@ public class EgeriaCataloguerIntegrationProvider extends IntegrationConnectorPro
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = EgeriaCataloguerIntegrationConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.egeria.EgeriaCataloguerIntegrationConnector";
 
 
     /**
@@ -49,7 +49,7 @@ public EgeriaCataloguerIntegrationProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -30,22 +30,22 @@ class BasicFilesMonitorIntegrationProviderBase extends IntegrationConnectorProvi
      * @param connectorDisplayName the printable name for this connector
      * @param connectorDescription the description of this connector
      * @param connectorWikiPage the URL of the connector page in the connector catalog
-     * @param connectorClass the name of the connector class that the connector provider creates
+     * @param connectorClassName the name of the connector class that the connector provider creates
      */
     BasicFilesMonitorIntegrationProviderBase(String   connectorTypeGUID,
                                              int      connectorComponentId,
                                              String   connectorQualifiedName,
                                              String   connectorDisplayName,
                                              String   connectorDescription,
                                              String   connectorWikiPage,
-                                             Class<?> connectorClass)
+                                             String   connectorClassName)
     {
         super();
 
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -29,6 +29,6 @@ public DataFilesMonitorIntegrationProvider()
               connectorDisplayName,
               connectorDescription,
               connectorWikiPage,
-              DataFilesMonitorIntegrationConnector.class);
+              "org.odpi.openmetadata.adapters.connectors.integration.basicfiles.DataFilesMonitorIntegrationConnector");
     }
 }
@@ -28,6 +28,6 @@ public DataFolderMonitorIntegrationProvider()
               connectorDisplayName,
               connectorDescription,
               connectorWikiPage,
-              DataFolderMonitorIntegrationConnector.class);
+              "org.odpi.openmetadata.adapters.connectors.integration.basicfiles.DataFolderMonitorIntegrationConnector");
     }
 }
@@ -34,7 +34,7 @@ public class JDBCIntegrationConnectorProvider extends IntegrationConnectorProvid
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = JDBCIntegrationConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.jdbc.JDBCIntegrationConnector";
 
     /**
      * Constructor used to initialize the ConnectorProviderBase with the Java class name of the specific
@@ -47,7 +47,7 @@ public JDBCIntegrationConnectorProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -38,7 +38,7 @@ public class KafkaMonitorIntegrationProvider extends IntegrationConnectorProvide
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = KafkaMonitorIntegrationConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.kafka.KafkaMonitorIntegrationConnector";
 
 
     static final String TEMPLATE_QUALIFIED_NAME_CONFIGURATION_PROPERTY = "templateQualifiedName";
@@ -54,7 +54,7 @@ public KafkaMonitorIntegrationProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -38,7 +38,7 @@ public class OpenAPIMonitorIntegrationProvider extends IntegrationConnectorProvi
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = OpenAPIMonitorIntegrationConnector.class;
+    private static final String connectorClassName      = "org.odpi.openmetadata.adapters.connectors.integration.openapis.OpenAPIMonitorIntegrationConnector";
 
     static final String TEMPLATE_QUALIFIED_NAME_CONFIGURATION_PROPERTY = "templateQualifiedName";
 
@@ -54,7 +54,7 @@ public OpenAPIMonitorIntegrationProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -33,7 +33,7 @@ public class APIBasedOpenLineageLogStoreProvider extends IntegrationConnectorPro
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = APIBasedOpenLineageLogStoreConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.openlineage.APIBasedOpenLineageLogStoreConnector";
 
 
     /**
@@ -47,7 +47,7 @@ public APIBasedOpenLineageLogStoreProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -34,7 +34,7 @@ public class FileBasedOpenLineageLogStoreProvider extends IntegrationConnectorPr
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = FileBasedOpenLineageLogStoreConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.openlineage.FileBasedOpenLineageLogStoreConnector";
 
 
     /**
@@ -48,7 +48,7 @@ public FileBasedOpenLineageLogStoreProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.

@@ -36,7 +36,7 @@ public class GovernanceActionOpenLineageIntegrationProvider extends IntegrationC
     /*
      * Class of the connector.
      */
-    private static final Class<?> connectorClass       = GovernanceActionOpenLineageIntegrationConnector.class;
+    private static final String connectorClassName     = "org.odpi.openmetadata.adapters.connectors.integration.openlineage.GovernanceActionOpenLineageIntegrationConnector";
 
 
     /**
@@ -49,7 +49,7 @@ public GovernanceActionOpenLineageIntegrationProvider()
         /*
          * Set up the class name of the connector that this provider creates.
          */
-        super.setConnectorClassName(connectorClass.getName());
+        super.setConnectorClassName(connectorClassName);
 
         /*
          * Set up the connector type that should be included in a connection used to configure this connector.