How is HttpClient used in the extensions commons library?
This document explains the httpClient used by the extensions commons library, part of the Java SDK for AppDynamics Extensions.
Table of Contents
Goal
Most of the extensions collect metrics from an HTTP(s) endpoint. Instead of creating an httpClient in every extension, we have created an httpClient for the commons library that can be used in all the extensions.
Usage
CloseableHttpClient httpClient = configuration.getContext().getHttpClient(), where configuration is an object of the MonitorContextConfiguration class.
Configuration
To use httpClient in any extension, provide the following configuration in the config.yml file:
Server Configuration
The two servers configured below are valid. Config1 is preferred over Config2.
Config1
servers:
- uri: ""
username: ""
password: ""
encryptedPassword: ""
Config2
servers:
- host: "" # Avoid this, use uri instead
port: "" # Avoid this, use uri instead
useSsl: false # Avoid this, use uri instead.
username: ""
password: ""
encryptedPassword: ""
Configuring multiple servers
Configuring multiple servers in a single config.yml is also supported.
servers:
- uri: ""
username: ""
password: ""
encryptedPassword: ""
# Uri is preferred instead of host-port-useSsl combo.
- host: "" # Avoid this, use uri instead
port: "" # Avoid this, use uri instead
useSsl: false # Avoid this, use uri instead.
username: ""
password: ""
encryptedPassword: ""
A username and password can also be provided or you can provide the encrypted password and leave the password field empty.
NOTE: You can add an encrypted password for each server, but the encryptionKey will be the same for all the servers as defined in the config.yml file.
If you provide values for both the password and encryptedPassword, the extension will give precedence to the value provided in the password field and the encryptedPassword will be disregarded.
If you would like to use HTTPS, specify protocol as https in Config1 or change the value of useSsl to true in Config2.
Connection Configuration
Connection configuration is optional, but enables you to have more choices when trying to establish a new connection with a server. Like the encryptionKey, this section is universal for all the servers listed in the config.yml file.
connection:
socketTimeout: 3000
connectTimeout: 1000
sslProtocols: ["TLSV1.2"]
sslCertCheckEnabled: true
sslVerifyHostname: true
sslCipherSuites: []
sslTrustStorePath: ""
sslTrustStorePassword: ""
sslTrustStoreEncryptedPassword: ""
sslKeyStorePath: ""
sslKeyStorePassword: ""
sslKeyStoreEncryptedPassword: ""
|
Flag
|
Description
|
Remarks
|
| socketTimeout |
Time limit in milliseconds for a socket to time out after establishing a connection |
|
| connectTimeout |
The connection will timeout after this number of milliseconds |
|
| sslProtocols |
Array of strings of all the protocols to be followed |
Defaults to "default" |
sslCertCheckEnabled
|
Set this to true to enable Certificate checks |
Ideally, it is suggested that both sslCertCheckEnabled and sslVerifyHostname listed about should be true for security reasons. |
sslVerifyHostname
|
Set this to true to enable host name verification |
|
sslTrustStorePath
|
Path to the SSL TrustStore
|
Defaults to machine-agent/conf/extensions-cacerts.jks |
sslTrustStorePassword
|
Truststore password in cleartext
|
The keystore needs to have either sslTrustStorePassword or sslTrustStoreEncryptedPassword |
sslTrustStoreEncryptedPassword
|
Encrypted TrustStore password
|
|
sslKeyStorePath
|
Path to the SSL KeyStore
|
Defaults to
machine-agent/conf/extensions-clientcerts.jks
|
sslKeyStorePassword
|
SSL Keystore password in cleartext
|
|
sslKeyStoreEncryptedPassword
|
Encrypted SSL Keystore password
|
|
