Uploaded image for project: 'Spring Data GemFire'
  1. Spring Data GemFire
  2. SGF-414

Resolve incompatibility between the DistributedSystem created by the PoolFactoryBean and the DistributedSystem resolved by the ClientCacheFactoryBean when SSL is configured.

    XMLWordPrintable

    Details

      Description

      When a GemFire Server has been configured with SSL using the new cluster-ssl-* based GemFire System properties in 8.0, a Spring-based GemFire Cache client configured with SSL is unable to connect to the server due to incompatible (invalid) DistributedSystem properties and results in the following IllegalStateException...

      Caused by: java.lang.IllegalStateException: A connection to a distributed system already exists in this VM.
      It has the following configuration:
        ack-severe-alert-threshold="0"
        ack-wait-threshold="15"
        ...
        ..
        .
      

      The main, underlying problem is caused when GemFire does not copy forward the SSL, cluster-ssl-* based System properties to the other SSL configuration settings, namely for server, jmx-manager, http-service and gateway.

      When a GemFire Cache client is setup in Spring using Spring Data GemFire's (SDG) XML config, the PoolFactoryBean eagerly needs to create a DistributedSystem in order to create the GemFire Pool.

      The SDG PoolFactoryBean makes a best attempt to use the same GemFire System properties that the SDG ClientCacheFactoryBean uses when creating the GemFire ClientCache instance.

      Unfortunately, the "GemFire System properties" will not be identical, even though from the perspective of Spring they have not changed, because once the DistributedSystem is deemed "connected", the copy forward on the SSL configuration settings does not happen.

        Attachments

        1. ClientCacheSecurityTest.java
          2 kB
        2. ClientCacheSecurityTest.java
          4 kB
        3. ClientCacheSecurityTest-context.xml
          6 kB
        4. cluster-ssl-gemfire.properties
          0.6 kB
        5. keytool.sh
          0.2 kB
        6. server-ssl-gemfire.properties
          0.5 kB
        7. setup.gfsh
          0.8 kB
        8. shutdown.gfsh
          0.1 kB

          Activity

            People

            Assignee:
            jblum John Blum
            Reporter:
            jblum John Blum
            Last updater:
            Trevor Marshall Trevor Marshall
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1d
                1d
                Remaining:
                Remaining Estimate - 1d
                1d
                Logged:
                Time Spent - Not Specified
                Not Specified