SpringBoot集成Elasticsearch,SSL证书认证
1.Pom文件配置<properties><elasticsearch.version>6.3.1</elasticsearch.version></properties><!--ES--><dependency><groupId>org.springframework.boot</groupId>&l
·
1.Pom文件配置
<properties>
<elasticsearch.version>6.3.1</elasticsearch.version>
</properties>
<!--ES-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-elasticsearch</artifactId>
<version>3.1.8.RELEASE</version>
</dependency>
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>${elasticsearch.version}</version>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>transport</artifactId>
<version>${elasticsearch.version}</version>
</dependency>
<dependency>
<groupId>com.floragunn</groupId>
<artifactId>search-guard-ssl</artifactId>
<version>6.3.1-25.3</version>
</dependency>
2.properties配置
#ElasticSearch
elasticsearch.cluster-name=es-dev
elasticsearch.cluster-nodes=ip1:port1,ip2:port1,ip3:port1
elasticsearch.key-store=classpath:certs-di/sgadmin-keystore.jks
elasticsearch.trust-store=classpath:certs-di/truststore.jks
elasticsearch.key-store-password=
elasticsearch.trust-store-password=
spring.elasticsearch.rest.uris=http://ip1:port,http://ip2:port,http://ip3:port
spring.elasticsearch.rest.username=
spring.elasticsearch.rest.password=
3.config配置
读取properties文件,加载到ElasticsearchTemplate
import com.floragunn.searchguard.ssl.SearchGuardSSLPlugin;
import com.floragunn.searchguard.ssl.util.SSLConfigConstants;
import lombok.extern.slf4j.Slf4j;
import lombok.val;
import org.apache.commons.io.IOUtils;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.transport.client.PreBuiltTransportClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.Resource;
import org.springframework.data.elasticsearch.core.ElasticsearchTemplate;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
/**
* @program: app
* @description:
* @author: xiaol001
* @create: 2021-02-05 15:58
**/
@Slf4j
@Configuration
@EnableConfigurationProperties(ElasticsearchProperties.class)
public class ElasticSearchConfiguration {
@Autowired
ElasticsearchProperties properties;
@Bean
public ElasticsearchTemplate elasticsearchTemplate() throws IOException {
return new ElasticsearchTemplate(initTranSportClient());
}
@Bean
public TransportClient initTranSportClient() throws IOException {
val settings = settings();
log.info("准备初始化elasticsearch客户端, 配置:{}", settings);
val client = new PreBuiltTransportClient(settings, SearchGuardSSLPlugin.class);
for (String node : properties.getClusterNodes()) {
String[] splits = node.split(":");
val ip = InetAddress.getByName(splits[0]);
val port = Integer.parseInt(splits[1]);
client.addTransportAddress(new TransportAddress(ip, port));
log.info("添加elasticsearch客户端节点:"+node);
}
log.info("elasticsearch客户端初始化成功");
return client;
}
private Settings settings() throws IOException {
String keystore,truststore;
if (isInsideJar(properties.getKeyStore())) {
keystore = createTempFile("keystore.jks", properties.getKeyStore().getInputStream());
} else {
keystore = properties.getKeyStore().getFile().getPath();
}
if (isInsideJar(properties.getTrustStore())) {
truststore = createTempFile("truststore.jks", properties.getTrustStore().getInputStream());
} else {
truststore = properties.getTrustStore().getFile().getPath();
}
return Settings.builder()
.put("path.home", ".")
.put("cluster.name", properties.getClusterName())
.put(SSLConfigConstants.SEARCHGUARD_SSL_HTTP_ENABLED, false)
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_FILEPATH, keystore)
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, truststore)
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_PASSWORD, properties.getKeyStorePassword())
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_TRUSTSTORE_PASSWORD, properties.getTrustStorePassword())
.put("searchguard.ssl.transport.enforce_hostname_verification", false)
.build();
}
private static boolean isInsideJar(Resource resource) throws IOException {
return resource.getURL().getPath().contains("jar!");
}
private static String createTempFile(String fileName, InputStream is) {
String tmpDir = System.getProperty("java.io.tmpdir");
String tempFilePath = tmpDir + File.separator + fileName;
try (val os = new FileOutputStream(tempFilePath)) {
IOUtils.copy(is, os);
} catch (IOException e) {
log.error("拷贝jks证书文件到临时目录({})异常:{}", tmpDir, e.getMessage());
return null;
}
return tempFilePath;
}
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.core.io.Resource;
import java.util.List;
/**
* @program: app
* @description:
* @author: xiaol001
* @create: 2021-02-05 16:24
**/
@Data
@ConfigurationProperties(prefix = "elasticsearch")
public class ElasticsearchProperties {
private List<String> clusterNodes;
private String clusterName;
private Resource keyStore;
private Resource trustStore;
private String keyStorePassword;
private String trustStorePassword;
}
4.配置SpringData ES
import com.cmft.firmheadline.entity.ArticleEsEntity;
import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
public interface ChArticleESRepository extends ElasticsearchRepository<ArticleEsEntity, String> {
}
5.配置SpringData Entity
import com.fasterxml.jackson.annotation.JsonFormat;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import lombok.experimental.Accessors;
import org.springframework.data.annotation.Id;
import org.springframework.data.elasticsearch.annotations.DateFormat;
import org.springframework.data.elasticsearch.annotations.Document;
import org.springframework.data.elasticsearch.annotations.Field;
import org.springframework.data.elasticsearch.annotations.FieldType;
import java.util.Date;
/**
* @program: slas-ch-app
* @description:
* @author: ex-xiaol001
* @create: 2021-02-07 11:45
**/
@Data
@Accessors(chain = true)
@Document(indexName = "slas_ch_article",type = "slas_cmuop_article",createIndex = false)
public class ArticleEsEntity {
@Id
private String id;
/**
* 标题
*/
@JsonProperty("title")
private String title;
/**
* 正文
*/
@JsonProperty("context")
private String content;
/**
* html正文
*/
@JsonProperty("context_html")
private String contentHtml;
/**
* 发布时间
*/
@Field(type = FieldType.Date,format = DateFormat.date_optional_time)
@JsonFormat(shape = JsonFormat.Shape.STRING,pattern = "yyyy-MM-dd'T'HH:mm:ss.SSSZ",timezone = "GMT-8")
private Date pubTime;
}
更多推荐
已为社区贡献1条内容
所有评论(0)