org.apache.ignite.internal.processors.security

Class NoOpIgniteSecurityProcessor

java.lang.Object

org.apache.ignite.internal.processors.GridProcessorAdapter

org.apache.ignite.internal.processors.security.NoOpIgniteSecurityProcessor

All Implemented Interfaces:

GridComponent, GridProcessor, IgniteSecurity

public class NoOpIgniteSecurityProcessor
extends GridProcessorAdapter
implements IgniteSecurity

No operation IgniteSecurity.

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.ignite.internal.GridComponent

GridComponent.DiscoveryDataExchangeType

Field Summary

Fields

Modifier and Type	Field and Description
static String	SECURITY_DISABLED_ERROR_MSG Error message that occurs when trying to perform security operations if security disabled.

Fields inherited from class org.apache.ignite.internal.processors.GridProcessorAdapter

ctx, diagnosticLog, log

Constructor Summary

Constructors

Constructor and Description
NoOpIgniteSecurityProcessor(GridKernalContext ctx)

Method Summary

Modifier and Type	Method and Description
void	alterUser(String login, char[] pwd) Alters password of user with the specified login.
SecurityContext	authenticate(AuthenticationContext ctx) Delegates call to GridSecurityProcessor.authenticate(AuthenticationContext)
SecuritySubject	authenticatedSubject(UUID subjId) Delegates call to GridSecurityProcessor.authenticatedSubject(UUID)
Collection<SecuritySubject>	authenticatedSubjects() Delegates call to GridSecurityProcessor.authenticatedSubjects()
SecurityContext	authenticateNode(ClusterNode node, SecurityCredentials cred) Delegates call to GridSecurityProcessor.authenticateNode(org.apache.ignite.cluster.ClusterNode, org.apache.ignite.plugin.security.SecurityCredentials)
void	authorize(String name, SecurityPermission perm) Authorizes grid operation.
void	createUser(String login, char[] pwd) Creates user with the specified login and password.
void	dropUser(String login) Drops user with the specified login.
boolean	enabled()
boolean	isGlobalNodeAuthentication() Delegates call to GridSecurityProcessor.isGlobalNodeAuthentication()
void	onSessionExpired(UUID subjId) Delegates call to GridSecurityProcessor.onSessionExpired(UUID)
IgniteSandbox	sandbox()
SecurityContext	securityContext()
@Nullable IgniteNodeValidationResult	validateNode(ClusterNode node) Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.
@Nullable IgniteNodeValidationResult	validateNode(ClusterNode node, DiscoveryDataBag.JoiningNodeDiscoveryData discoData) Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.
OperationSecurityContext	withContext(SecurityContext secCtx) Creates OperationSecurityContext.
OperationSecurityContext	withContext(UUID nodeId) Creates OperationSecurityContext.

Methods inherited from class org.apache.ignite.internal.processors.GridProcessorAdapter

assertParameter, collectGridNodeData, collectJoiningNodeData, discoveryDataType, onDisconnected, onGridDataReceived, onJoiningNodeDataReceived, onKernalStart, onKernalStop, onReconnected, printMemoryStats, start, stop, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.ignite.internal.processors.security.IgniteSecurity

authorize

Field Detail

SECURITY_DISABLED_ERROR_MSG

public static final String SECURITY_DISABLED_ERROR_MSG

Error message that occurs when trying to perform security operations if security disabled.

See Also:

Constant Field Values

Constructor Detail

NoOpIgniteSecurityProcessor

public NoOpIgniteSecurityProcessor(GridKernalContext ctx)

Parameters:

ctx - Grid kernal context.

Method Detail

withContext

public OperationSecurityContext withContext(SecurityContext secCtx)

Creates OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of passed SecurityContext until holder OperationSecurityContext will be closed.

Specified by:

withContext in interface IgniteSecurity

Parameters:

secCtx - Security Context.

Returns:

Security context holder.

withContext

public OperationSecurityContext withContext(UUID nodeId)

Creates OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of SecurityContext that is owned by the node with given nodeId until holder OperationSecurityContext will be closed.

Specified by:

withContext in interface IgniteSecurity

Parameters:

nodeId - Node id.

Returns:

Security context holder.

securityContext

public SecurityContext securityContext()

Specified by:

securityContext in interface IgniteSecurity

Returns:

SecurityContext of holder OperationSecurityContext.

authenticateNode

public SecurityContext authenticateNode(ClusterNode node,
                                        SecurityCredentials cred)

Delegates call to GridSecurityProcessor.authenticateNode(org.apache.ignite.cluster.ClusterNode, org.apache.ignite.plugin.security.SecurityCredentials)

Specified by:

authenticateNode in interface IgniteSecurity

isGlobalNodeAuthentication

public boolean isGlobalNodeAuthentication()

Delegates call to GridSecurityProcessor.isGlobalNodeAuthentication()

Specified by:

isGlobalNodeAuthentication in interface IgniteSecurity

authenticate

public SecurityContext authenticate(AuthenticationContext ctx)

Delegates call to GridSecurityProcessor.authenticate(AuthenticationContext)

Specified by:

authenticate in interface IgniteSecurity

authenticatedSubjects

public Collection<SecuritySubject> authenticatedSubjects()

Delegates call to GridSecurityProcessor.authenticatedSubjects()

Specified by:

authenticatedSubjects in interface IgniteSecurity

authenticatedSubject

public SecuritySubject authenticatedSubject(UUID subjId)

Delegates call to GridSecurityProcessor.authenticatedSubject(UUID)

Specified by:

authenticatedSubject in interface IgniteSecurity

onSessionExpired

public void onSessionExpired(UUID subjId)

Delegates call to GridSecurityProcessor.onSessionExpired(UUID)

Specified by:

onSessionExpired in interface IgniteSecurity

authorize

public void authorize(String name,
                      SecurityPermission perm)
               throws SecurityException

Authorizes grid operation.

Specified by:

authorize in interface IgniteSecurity

Parameters:

name - Cache name or task class name.

perm - Permission to authorize.

Throws:

SecurityException - If security check failed.

sandbox

public IgniteSandbox sandbox()

Specified by:

sandbox in interface IgniteSecurity

Returns:

Instance of IgniteSandbox.

enabled

public boolean enabled()

Specified by:

enabled in interface IgniteSecurity

Returns:

True if IgniteSecurity is a plugin implementation, false if it's used a default NoOp implementation.

validateNode

@Nullable
public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node)

Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.

Specified by:

validateNode in interface GridComponent

Overrides:

validateNode in class GridProcessorAdapter

Parameters:

node - Joining node.

Returns:

Validation result or null in case of success.

validateNode

@Nullable
public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node,
                                                                   DiscoveryDataBag.JoiningNodeDiscoveryData discoData)

Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.

Specified by:

validateNode in interface GridComponent

Overrides:

validateNode in class GridProcessorAdapter

Parameters:

node - Joining node.

discoData - Joining node discovery data.

Returns:

Validation result or null in case of success.

createUser

public void createUser(String login,
                       char[] pwd)
                throws IgniteCheckedException

Creates user with the specified login and password.

Specified by:

createUser in interface IgniteSecurity

Parameters:

login - Login of the user to be created.

pwd - User password.

Throws:

IgniteCheckedException - If error occurred.

alterUser

public void alterUser(String login,
                      char[] pwd)
               throws IgniteCheckedException

Alters password of user with the specified login.

Specified by:

alterUser in interface IgniteSecurity

Parameters:

login - Login of the user which password should be altered.

pwd - User password to alter.

Throws:

IgniteCheckedException - If error occurred.

dropUser

public void dropUser(String login)
              throws IgniteCheckedException

Drops user with the specified login.

Specified by:

dropUser in interface IgniteSecurity

Parameters:

login - Login of the user to be dropped.

Throws:

IgniteCheckedException - If error occurred.