Details
-
Improvement
-
Resolution: Duplicate
-
Major - P3
-
None
-
3.2.2
-
None
Description
"MongoClientOptions.builder().sslEnabled(true)" modifies the SSL factory.
While this is stated in the JavaDoc comment, it's actually not the best idea.
It breaks the builder pattern since it introduces a required order of operations on the builder. Moreover, it's simply counter intuitive as "ssl=true" is a well-known flag and nobody actually expects the method "sslEnabled()" to do other things than setting this configuration value.
So, this will work:
SSLContext sslContext=SSLContext.getInstance("TLS"); |
sslContext.init(null,trustManagers,new SecureRandom()); |
|
|
MongoClientOptions options=MongoClientOptions.builder().
|
sslEnabled(true). |
sslInvalidHostNameAllowed(true). |
socketFactory(sslContext.getSocketFactory()).
|
build();
|
While this will not:
SSLContext sslContext=SSLContext.getInstance("TLS"); |
sslContext.init(null,trustManagers,new SecureRandom()); |
|
|
MongoClientOptions options=MongoClientOptions.builder().
|
socketFactory(sslContext.getSocketFactory()).
|
sslEnabled(true). |
sslInvalidHostNameAllowed(true). |
build();
|
The better solution would be to remove this hidden dependency and set the default factory in "build()" in case it's needed and not explicitly set by the developer.
Attachments
Issue Links
- duplicates
-
JAVA-2229 SocketFactory overridden if `ssl=true` is used in the URI
-
- Closed
-