org.apache.ignite.internal.processors.security

Interface GridSecurityProcessor

All Superinterfaces:

GridComponent, GridProcessor

All Known Implementing Classes:

GridOsSecurityProcessor

public interface GridSecurityProcessor
extends GridProcessor

This interface defines a grid authentication processor.

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.ignite.internal.GridComponent

GridComponent.DiscoveryDataExchangeType

Method Summary

Methods

Modifier and Type	Method and Description
SecurityContext	authenticate(AuthenticationContext ctx) Authenticates subject via underlying Authenticator.
SecuritySubject	authenticatedSubject(UUID subjId) Gets authenticated node subject.
Collection<SecuritySubject>	authenticatedSubjects() Gets collection of authenticated nodes.
SecurityContext	authenticateNode(ClusterNode node, SecurityCredentials cred) Authenticates grid node with it's attributes via underlying Authenticator.
void	authorize(String name, SecurityPermission perm, SecurityContext securityCtx) Authorizes grid operation.
boolean	enabled()
boolean	isGlobalNodeAuthentication() Gets flag indicating whether all nodes or coordinator only should run the authentication for joining node.
void	onSessionExpired(UUID subjId) Callback invoked when subject session got expired.

Methods inherited from interface org.apache.ignite.internal.GridComponent

collectGridNodeData, collectJoiningNodeData, discoveryDataType, onDisconnected, onGridDataReceived, onJoiningNodeDataReceived, onKernalStart, onKernalStop, onReconnected, printMemoryStats, start, stop, validateNode

Method Detail

authenticateNode

SecurityContext authenticateNode(ClusterNode node,
                               SecurityCredentials cred)
                                 throws IgniteCheckedException

Authenticates grid node with it's attributes via underlying Authenticator.

Parameters:

node - Node id to authenticate.

cred - Security credentials.

Returns:

True if succeeded, false otherwise.

Throws:

IgniteCheckedException - If error occurred.

isGlobalNodeAuthentication

boolean isGlobalNodeAuthentication()

Gets flag indicating whether all nodes or coordinator only should run the authentication for joining node.

Returns:

True if all nodes should run authentication process, false otherwise.

authenticate

SecurityContext authenticate(AuthenticationContext ctx)
                             throws IgniteCheckedException

Authenticates subject via underlying Authenticator.

Parameters:

ctx - Authentication context.

Returns:

True if succeeded, false otherwise.

Throws:

IgniteCheckedException - If error occurred.

authenticatedSubjects

Collection<SecuritySubject> authenticatedSubjects()
                                                  throws IgniteCheckedException

Gets collection of authenticated nodes.

Returns:

Collection of authenticated nodes.

Throws:

IgniteCheckedException - If error occurred.

authenticatedSubject

SecuritySubject authenticatedSubject(UUID subjId)
                                     throws IgniteCheckedException

Gets authenticated node subject.

Parameters:

subjId - Subject ID.

Returns:

Security subject.

Throws:

IgniteCheckedException - If error occurred.

authorize

void authorize(String name,
             SecurityPermission perm,
             @Nullable
             SecurityContext securityCtx)
               throws SecurityException

Authorizes grid operation.

Parameters:

name - Cache name or task class name.

perm - Permission to authorize.

securityCtx - Optional security context.

Throws:

SecurityException - If security check failed.

onSessionExpired

void onSessionExpired(UUID subjId)

Callback invoked when subject session got expired.

Parameters:

subjId - Subject ID.

enabled

boolean enabled()

Returns:

GridSecurityProcessor is enable.