Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[incubator-kie-issues-994] kafka auth feature with message header records #3037

Merged
merged 4 commits into from
Mar 18, 2024
Merged

[incubator-kie-issues-994] kafka auth feature with message header records #3037

merged 4 commits into from
Mar 18, 2024

Conversation

elguardian
Copy link
Member

@elguardian elguardian commented Mar 6, 2024
edited
Loading

@elguardian elguardian mentioned this pull request Mar 13, 2024
Closed
martinweiler
martinweiler reviewed Mar 14, 2024
View reviewed changes
...ver-parent/kie-server-common/src/test/java/org/kie/server/common/KeyStoreHelperUtilTest.java
"-keyalg", "RSA",
"-alias", KEYSTORE_ALIAS,
"-keystore", KEYSTORE_PATH,
"-storepass", KEYSTORE_PWD,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I needed to add

                "-keypass", KEYSTORE_PWD,

otherwise the test was hanging for me infinitely.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah after java 8 the keypass is mandatory. my bad for testing only in java 8

martinweiler
martinweiler reviewed Mar 14, 2024
View reviewed changes
...ver-parent/kie-server-common/src/test/java/org/kie/server/common/KeyStoreHelperUtilTest.java Outdated
ProcessBuilder builder = new ProcessBuilder();
builder.command(cmd);
Process p = builder.start();
p.waitFor();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps better to add a timeout:

p.waitFor(10L,  TimeUnit.SECONDS);

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Mar 15, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot
56.3% Coverage on New Code (required ≥ 80%)
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

martinweiler
martinweiler approved these changes Mar 15, 2024
View reviewed changes
Copy link
Contributor

@martinweiler martinweiler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work @elguardian
I successfully tested the following scenarios:

  1. Message with kie_user, kie_password headers - works with default security configuration
  2. Message with kie_token header

The tricky part is to create a working JWT token, perhaps we could help by providing a helper class to create it using a defined keystore, wdyt?

@elguardian
Copy link
Member Author

Where do you propose to use do that ¿? I don't know what they are using in the kafka producer or how do they plan to do it ?

https://github.com/kiegroup/droolsjbpm-integration/pull/3037/files#diff-a43d46e5145133fde41ec289b63b90a9fd37d34714ddbf74e783daeeda287f3cR79

here you have how to do it. (empty token) but not sure what else we can do honestly.

@elguardian elguardian merged commit 16a50c2 into kiegroup:main Mar 18, 2024
1 of 4 checks passed
@elguardian elguardian deleted the incubator-kie-issues-994 branch March 18, 2024 07:59
elguardian added a commit to elguardian/droolsjbpm-integration that referenced this pull request Mar 21, 2024
@elguardian
[incubator-kie-issues-994] kafka auth feature with message header rec…
29f72bf 
…ords (kiegroup#3037)

* integration java-jwt for kafka and inmemory thing

* add security and integration check with RSA

* keystore helpers
@elguardian elguardian mentioned this pull request Mar 21, 2024
Merged
elguardian added a commit that referenced this pull request Mar 21, 2024
@elguardian
[incubator-kie-issues-994] kafka auth feature with message header rec…
893da23 
…ords (#3037) (#3043)

* integration java-jwt for kafka and inmemory thing

* add security and integration check with RSA

* keystore helpers
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinweiler martinweiler martinweiler approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elguardian @martinweiler