AMBARI-12006 - Provide meaningful error message for URLStreamProvider (tbeerbower)

ambari-server/src/main/java/org/apache/ambari/server/controller/internal/URLStreamProvider.java

@@ -54,9 +54,9 @@ public class URLStreamProvider implements StreamProvider {
 
   private final int connTimeout;
   private final int readTimeout;
-  private final String path;
-  private final String password;
-  private final String type;
+  private final String trustStorePath;
+  private final String trustStorePassword;
+  private final String trustStoreType;
   private volatile SSLSocketFactory sslSocketFactory = null;
   private AppCookieManager appCookieManager = null;
 
@@ -83,19 +83,20 @@ public class URLStreamProvider implements StreamProvider {
   /**
    * Provide the connection timeout for the underlying connection.
    *
-   * @param connectionTimeout
-   *          time, in milliseconds, to attempt a connection
-   * @param readTimeout
-   *          the read timeout in milliseconds
+   * @param connectionTimeout   time, in milliseconds, to attempt a connection
+   * @param readTimeout         the read timeout in milliseconds
+   * @param trustStorePath      the path to the truststore required for secure connections
+   * @param trustStorePassword  the truststore password
+   * @param trustStoreType      the truststore type (e.g. "JKS")
    */
-  public URLStreamProvider(int connectionTimeout, int readTimeout, String path,
-                           String password, String type) {
-
-    this.connTimeout = connectionTimeout;
-    this.readTimeout = readTimeout;
-    this.path        = path;      // truststroe path
-    this.password    = password;  // truststore password
-    this.type        = type;      // truststroe type
+  public URLStreamProvider(int connectionTimeout, int readTimeout, String trustStorePath,
+                           String trustStorePassword, String trustStoreType) {
+
+    this.connTimeout        = connectionTimeout;
+    this.readTimeout        = readTimeout;
+    this.trustStorePath     = trustStorePath;
+    this.trustStorePassword = trustStorePassword;
+    this.trustStoreType     = trustStoreType;
   }
 
 
@@ -271,17 +272,26 @@ public class URLStreamProvider implements StreamProvider {
   }
 
   // Get an ssl connection
-  protected HttpsURLConnection getSSLConnection(String spec) throws IOException {
+  protected HttpsURLConnection getSSLConnection(String spec) throws IOException, IllegalStateException {
 
     if (sslSocketFactory == null) {
       synchronized (this) {
         if (sslSocketFactory == null) {
+
+          if (trustStorePath == null || trustStorePassword == null) {
+            String msg =
+                String.format("Can't get secure connection to %s.  Truststore path or password is not set.", spec);
+
+            LOG.error(msg);
+            throw new IllegalStateException(msg);
+          }
+
           try {
-            FileInputStream in = new FileInputStream(new File(path));
-            KeyStore store = KeyStore.getInstance(type == null ? KeyStore
-                .getDefaultType() : type);
+            FileInputStream in = new FileInputStream(new File(trustStorePath));
+            KeyStore store = KeyStore.getInstance(trustStoreType == null ?
+                KeyStore.getDefaultType() : trustStoreType);
 
-            store.load(in, password.toCharArray());
+            store.load(in, trustStorePassword.toCharArray());
             in.close();
 
             TrustManagerFactory tmf = TrustManagerFactory

ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerTest.java

@@ -8366,10 +8366,9 @@ public class AmbariManagementControllerTest {
     // test bad url
     try {
       controller.updateRepositories(requests);
-    } catch (Exception e) {
-      System.err.println(e.getMessage());
-      assertTrue(e.getMessage().contains(IOException.class.getName())
-        || e.getMessage().contains("Could not access base url"));
+      fail("Expected IllegalStateException");
+    } catch (IllegalStateException e) {
+      //expected
     }
 
     requests.clear();

ambari-server/src/test/java/org/apache/ambari/server/controller/internal/URLStreamProviderTest.java

@@ -21,6 +21,7 @@ package org.apache.ambari.server.controller.internal;
 import org.junit.Assert;
 import org.junit.Test;
 
+import java.io.IOException;
 import java.net.HttpURLConnection;
 import java.util.Collections;
 import java.util.HashMap;
@@ -73,6 +74,32 @@ public class URLStreamProviderTest {
     verify(urlStreamProvider, connection, appCookieManager);
   }
 
+  @Test
+  public void testProcessURL_securityNotSetup() throws Exception {
+
+    URLStreamProvider urlStreamProvider = createMockBuilder(URLStreamProvider.class).
+        withConstructor(Integer.TYPE, Integer.TYPE, String.class, String.class, String.class).
+        withArgs(1000, 1000, null, null, null).
+        addMockedMethod("getAppCookieManager").
+        addMockedMethod("getConnection", String.class).
+        createMock();
+
+    Map<String, List<String>> headerMap = new HashMap<String, List<String>>();
+    headerMap.put("Header1", Collections.singletonList("value"));
+    headerMap.put("Cookie", Collections.singletonList("FOO=bar"));
+
+    replay(urlStreamProvider);
+
+    try {
+      urlStreamProvider.processURL("https://spec", "GET", (String) null, headerMap);
+      Assert.fail("Expected IllegalStateException");
+    } catch (IllegalStateException e) {
+      // expected
+    }
+
+    verify(urlStreamProvider);
+  }
+
   @Test
   public void testAppendCookie() throws Exception {
     Assert.assertEquals("newCookie", URLStreamProvider.appendCookie(null, "newCookie"));