java连接要searchguard认证的es

elasticsearch版本6.5.4

  • pom.xml文件加入依赖
        
        
            org.springframework.data
            spring-data-elasticsearch
            3.0.4.RELEASE
        
        
            org.elasticsearch
            elasticsearch
            5.6.14
        
        
        
            com.floragunn
            search-guard-ssl
            5.6.14-23
        
  • 复制根节点证书(root-ca.pem)、客户端证书(spock.key,spock.pem)到项目resource/ssl目录下

  • 配置类ElasticConfig.java

@Configuration
@EnableElasticsearchRepositories(basePackages = "com.xxx.xxx.service.elasticsearch.service")
public class ElasticConfig {

    /**
     * 注入的ElasticSearch实例
     */
    @Bean(name = "esClient")
    public TransportClient getclient()throws Exception {

        Settings settings = Settings.builder()
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMKEY_FILEPATH, ResourceUtils.getFile("classpath:ssl/spock.key"))
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMCERT_FILEPATH, ResourceUtils.getFile("classpath:ssl/spock.pem"))
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMTRUSTEDCAS_FILEPATH, ResourceUtils.getFile("classpath:ssl/root-ca.pem"))
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMKEY_PASSWORD, "<密码>")
                .put("cluster.name", "ebuy-cloud-cluster")
                .build();

        TransportClient client = new PreBuiltTransportClient(settings, SearchGuardSSLPlugin.class)
                .addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName("xxx.xxx.xxx.xxx"), 9300));

        client.admin().cluster().nodesInfo(new NodesInfoRequest()).actionGet();

        return client;
    }
}

  • 测试类SearchGuardSSLTest.java
    public static void main(String[] args) throws UnknownHostException {

        Settings settings = Settings.builder()
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMKEY_FILEPATH, "classpath:sslspock.key")
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMCERT_FILEPATH, "classpath:sslspock.pem")
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMTRUSTEDCAS_FILEPATH, "classpath:sslroot-ca.pem")
                .put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_PEMKEY_PASSWORD, "<密码>")
                .put("cluster.name", "")
                .build();

        TransportClient client = new PreBuiltTransportClient(settings, SearchGuardSSLPlugin.class)
//                .addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName("xxx.xxx.xxx.xxx"), 9300))
                .addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName("xxx.xxx.xxx.xxx"), 9300));

        client.admin().cluster().nodesInfo(new NodesInfoRequest()).actionGet();//搜索数据

        GetResponse response = client.prepareGet("agin", "log_bet_rcd_agin_live", "171212226218993").execute().actionGet();//输出结果   
        System.out.println(response.getSourceAsString());
        //关闭
        client.close();
    }
}

你可能感兴趣的:(java连接要searchguard认证的es)