Used static imports as per PR comment

src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java

@@ -77,13 +77,15 @@
 import org.opensearch.common.Strings;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.security.auth.AuthorizationBackend;
-import org.opensearch.security.ssl.SecureSSLSettings;
 import org.opensearch.security.ssl.util.SSLConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 import org.opensearch.security.support.WildcardMatcher;
 import org.opensearch.security.user.AuthCredentials;
 import org.opensearch.security.user.User;
 
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
 public class LDAPAuthorizationBackend implements AuthorizationBackend {
 
     private static final AtomicInteger CONNECTION_COUNTER = new AtomicInteger();
@@ -567,7 +569,7 @@ private static void configureSSL(final ConnectionConfig config, final Settings s
                 final KeyStore trustStore = PemKeyReader.loadKeyStore(
                         PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, settings,
                                 configPath, !trustAll),
-                        SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
+                        SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
                         settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_TYPE));
 
                 final List<String> trustStoreAliases = settings.getAsList(ConfigConstants.LDAPS_JKS_TRUST_ALIAS, null);
@@ -576,10 +578,10 @@ private static void configureSSL(final ConnectionConfig config, final Settings s
                 final KeyStore keyStore = PemKeyReader.loadKeyStore(
                         PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH, settings,
                                 configPath, enableClientAuth),
-                        SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
+                        SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
                                 SSLConfigConstants.DEFAULT_STORE_PASSWORD),
                         settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_TYPE));
-                final String keyStorePassword = SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD
+                final String keyStorePassword = SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD
                         .getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD);
 
                 final String keyStoreAlias = settings.get(ConfigConstants.LDAPS_JKS_CERT_ALIAS, null);

src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java

@@ -45,10 +45,12 @@
 import org.apache.logging.log4j.Logger;
 
 import org.opensearch.common.settings.Settings;
-import org.opensearch.security.ssl.SecureSSLSettings;
 import org.opensearch.security.ssl.util.SSLConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
 public class SettingsBasedSSLConfigurator {
     private static final Logger log = LogManager.getLogger(SettingsBasedSSLConfigurator.class);
 
@@ -306,7 +308,7 @@ private void initFromKeyStore() throws SSLConfigException {
             trustStore = PemKeyReader.loadKeyStore(
                     PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, settings,
                             configPath, !isTrustAllEnabled()),
-                    SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
+                    SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
                     settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_TYPE));
         } catch (Exception e) {
             throw new SSLConfigException("Error loading trust store from "
@@ -321,15 +323,15 @@ private void initFromKeyStore() throws SSLConfigException {
             keyStore = PemKeyReader.loadKeyStore(
                     PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH, settings,
                             configPath, enableSslClientAuth),
-                    SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
+                    SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
                             SSLConfigConstants.DEFAULT_STORE_PASSWORD),
                     settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_TYPE));
         } catch (Exception e) {
             throw new SSLConfigException("Error loading key store from "
                     + settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH), e);
         }
 
-        String keyStorePassword = SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
+        String keyStorePassword = SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
                 SSLConfigConstants.DEFAULT_STORE_PASSWORD);
         effectiveKeyPassword = keyStorePassword == null || keyStorePassword.isEmpty() ? null
                 : keyStorePassword.toCharArray();

src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java

@@ -46,10 +46,12 @@
 import org.apache.logging.log4j.Logger;
 
 import org.opensearch.common.settings.Settings;
-import org.opensearch.security.ssl.SecureSSLSettings;
 import org.opensearch.security.ssl.util.SSLConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
 public class SettingsBasedSSLConfiguratorV4 {
     private static final Logger log = LogManager.getLogger(SettingsBasedSSLConfigurator.class);
 
@@ -307,7 +309,7 @@ private void initFromKeyStore() throws SSLConfigException {
             trustStore = PemKeyReader.loadKeyStore(
                     PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, settings,
                             configPath, !isTrustAllEnabled()),
-                    SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
+                    SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings),
                     settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_TYPE));
         } catch (Exception e) {
             throw new SSLConfigException("Error loading trust store from "
@@ -322,15 +324,15 @@ private void initFromKeyStore() throws SSLConfigException {
             keyStore = PemKeyReader.loadKeyStore(
                     PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH, settings,
                             configPath, enableSslClientAuth),
-                    SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
+                    SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings,
                             SSLConfigConstants.DEFAULT_STORE_PASSWORD),
                     settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_TYPE));
         } catch (Exception e) {
             throw new SSLConfigException("Error loading key store from "
                     + settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH), e);
         }
 
-        String keyStorePassword = SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD
+        String keyStorePassword = SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD
                 .getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD);
         effectiveKeyPassword = keyStorePassword == null || keyStorePassword.isEmpty() ? null
                 : keyStorePassword.toCharArray();

src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java

@@ -27,11 +27,13 @@
 import org.opensearch.security.auditlog.impl.AuditMessage;
 import org.opensearch.security.httpclient.HttpClient;
 import org.opensearch.security.httpclient.HttpClient.HttpClientBuilder;
-import org.opensearch.security.ssl.SecureSSLSettings;
 import org.opensearch.security.ssl.util.SSLConfigConstants;
 import org.opensearch.security.support.ConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD;
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
 public final class ExternalOpenSearchSink extends AuditLogSink {
 
     private static final List<String> DEFAULT_TLS_PROTOCOLS = Arrays.asList(new String[] { "TLSv1.2", "TLSv1.1"});
@@ -118,14 +120,14 @@ public ExternalOpenSearchSink(final String name, final Settings settings, final
 
             } else {
                 final KeyStore trustStore = PemKeyReader.loadKeyStore(PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, settings, configPath, true)
-                        , SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings)
+                        , SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings)
                         , settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_TYPE));
 
                 //for client authentication
                 final KeyStore keyStore = PemKeyReader.loadKeyStore(PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_FILEPATH, settings, configPath, enableSslClientAuth)
-                        , SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD)
+                        , SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD)
                         , settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_KEYSTORE_TYPE));
-                final String keyStorePassword = SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD);
+                final String keyStorePassword = SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD.getSetting(settings, SSLConfigConstants.DEFAULT_STORE_PASSWORD);
                 effectiveKeyPassword = keyStorePassword==null||keyStorePassword.isEmpty()?null:keyStorePassword.toCharArray();
                 effectiveKeyAlias = sinkSettings.get(ConfigConstants.SECURITY_AUDIT_EXTERNAL_OPENSEARCH_JKS_CERT_ALIAS, null);
 

src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java

@@ -46,11 +46,12 @@
 import org.opensearch.common.Strings;
 import org.opensearch.common.settings.Settings;
 import org.opensearch.security.auditlog.impl.AuditMessage;
-import org.opensearch.security.ssl.SecureSSLSettings;
 import org.opensearch.security.ssl.util.SSLConfigConstants;
 import org.opensearch.security.support.ConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 
+import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;
+
 public class WebhookSink extends AuditLogSink {
 
 	/* HttpClient is thread safe */
@@ -329,7 +330,7 @@ public KeyStore run() {
 
 					} else {
 					    return PemKeyReader.loadKeyStore(PemKeyReader.resolve(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, settings, configPath, false)
-			                    , SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings)
+			                    , SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD.getSetting(settings)
 			                    , settings.get(SSLConfigConstants.SECURITY_SSL_TRANSPORT_TRUSTSTORE_TYPE));
 					}
 				} catch(Exception ex) {