How to use bolt protocol in java to directly execute cypher query in AWS Neptune Service

0

I am following the following article to query cypher query on the Neptune instance:- Cypher Using Bolt

I want to execute the cypher query directly on the AWS Neptune Instance without translating it to the gremlin.

Following is the error I am getting, despite following the code as shown in the documentation.

""" Exception in thread "main" org.neo4j.driver.exceptions.ServiceUnavailableException: Failed to establish connection with the server at org.neo4j.driver.internal.util.Futures.blockingGet(Futures.java:143)

Caused by: org.neo4j.driver.internal.shaded.io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 485454502f312e31203430302042616420526571756573740d0a5365727665723a20617773656c622f322e30 (trimmed) """

I am also putting the sample java code for your reference:-

public class TestImpl {

    private static final String ACCESS_KEY = "XYZ";

    private static final String SECRET_KEY = "ABC";

    private static final String SERVICE_REGION = "AAAA";

    private static final Gson GSON = new Gson();

    public static void main(String[] args) {

        String URL = "bolt://URL:PORT";
        final Driver driver =
            GraphDatabase.driver(URL, AuthTokens.basic("username", getSignedHeader()), getDefaultConfig());

        String query = "MATCH (ruleSet:RULE_SET) " +

            "WHERE ruleSet.refId = \"aws-iam-best-practices\" " +

            "RETURN ruleSet.refId as refId, ruleSet.name as name, collect(ruleSet.ruleIds) as ruleIds";

        System.out.println(query);

        final Record rec = driver.session().run(query).list().get(0);

        System.out.println(rec.get("refId").asNode().toString());

    }

    private static Config getDefaultConfig() {
        return Config.builder()
            .withConnectionTimeout(30, TimeUnit.SECONDS)
            .withMaxConnectionPoolSize(1000)
            .withDriverMetrics()
            .withLeakedSessionsLogging()
            .withEncryption()
            .withTrustStrategy(Config.TrustStrategy.trustSystemCertificates())
            .build();
    }

    private static String getSignedHeader() {
        // If you are using permanent credentials, use the BasicAWSCredentials access key and secret key
        final BasicAWSCredentials permanentCreds = new BasicAWSCredentials(ACCESS_KEY, SECRET_KEY);
        final AWSCredentialsProvider creds = new AWSStaticCredentialsProvider(permanentCreds);

        // Or, if you are using temporary credentials, use the BasicSessionCredentials to
        // pass the access key, secret key, and session token, like this:
        //   final BasicSessionCredentials temporaryCredentials = new BasicSessionCredentials(ACCESS_KEY, SECRET_KEY, AWS_SESSION_TOKEN);
        //   final AWSCredentialsProvider tempCreds = new AWSStaticCredentialsProvider(temporaryCredentials);

        String signedHeader = "";

        final Request<Void> request = new DefaultRequest<Void>("neptune-db"); // Request to neptune
        request.setHttpMethod(HttpMethodName.GET);
        request.setEndpoint(URI.create("https://NeptuneServiceURL"));

        // Comment out the following line if you're using an engine version older than 1.2.0.0
        request.setResourcePath("/openCypher");

        final AWS4Signer signer = new AWS4Signer();
        signer.setRegionName(SERVICE_REGION);
        signer.setServiceName(request.getServiceName());
        signer.sign(request, creds.getCredentials());
        signedHeader = getAuthInfoJson(request);

        return signedHeader;
    }

    private static String getAuthInfoJson(final Request<Void> request) {
        final Map<String, Object> obj = new HashMap<>();
        obj.put("Authorization", request.getHeaders().get("Authorization"));
        obj.put("HttpMethod", request.getHttpMethod());
        obj.put("X-Amz-Date", request.getHeaders().get("X-Amz-Date"));
        obj.put("Host", request.getEndpoint().getHost());

        // If temporary credentials are used, include the security token in
        // the request, like this:
        //   obj.put("X-Amz-Security-Token", request.getHeaders().get("X-Amz-Security-Token"));

        final String json = GSON.toJson(obj);
        return json;
    }
}

Please guide me on what is my mistake in this process. Thanking you in advance for it :).

asked 2 years ago281 views
1 Answer
0

Hi! It looks like you are trying to use IAM authentication but not following the correct steps for that. BOLT is complaining because the connect is requiring TLS but you aren't hitting a TLS endpoint. Try looking at the example for connecting with IAM here (https://docs.aws.amazon.com/neptune/latest/userguide/access-graph-opencypher-bolt.html#access-graph-opencypher-bolt-java-iam-auth) and see if that helps.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions