org.apache.ignite.internal.processors.security

Class NoOpIgniteSecurityProcessor

java.lang.Object

org.apache.ignite.internal.processors.GridProcessorAdapter

org.apache.ignite.internal.processors.security.IgniteSecurityAdapter

org.apache.ignite.internal.processors.security.NoOpIgniteSecurityProcessor

All Implemented Interfaces:

GridComponent, GridProcessor, IgniteSecurity

public class NoOpIgniteSecurityProcessor
extends IgniteSecurityAdapter

No operation IgniteSecurity.

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.ignite.internal.GridComponent

GridComponent.DiscoveryDataExchangeType

Field Summary

Fields

Modifier and Type	Field and Description
static String	SECURITY_DISABLED_ERROR_MSG Error message that occurs when trying to perform security operations if security disabled.

Fields inherited from class org.apache.ignite.internal.processors.GridProcessorAdapter

ctx, diagnosticLog, log

Constructor Summary

Constructors

Constructor and Description
NoOpIgniteSecurityProcessor(GridKernalContext ctx)

Method Summary

Modifier and Type	Method and Description
void	alterUser(String login, char[] pwd) Alters password of user with the specified login.
SecurityContext	authenticate(AuthenticationContext ctx) Delegates call to GridSecurityProcessor.authenticate(AuthenticationContext)
SecuritySubject	authenticatedSubject(UUID subjId) Delegates call to GridSecurityProcessor.authenticatedSubject(UUID)
Collection<SecuritySubject>	authenticatedSubjects() Delegates call to GridSecurityProcessor.authenticatedSubjects()
SecurityContext	authenticateNode(ClusterNode node, SecurityCredentials cred) Delegates call to GridSecurityProcessor.authenticateNode(org.apache.ignite.cluster.ClusterNode, org.apache.ignite.plugin.security.SecurityCredentials)
void	authorize(String name, SecurityPermission perm) Authorizes grid operation.
void	createUser(String login, char[] pwd) Creates user with the specified login and password.
void	dropUser(String login) Drops user with the specified login.
boolean	enabled()
boolean	isDefaultContext()
boolean	isGlobalNodeAuthentication() Delegates call to GridSecurityProcessor.isGlobalNodeAuthentication()
void	onLocalJoin() Callback for local join events for which the regular events are not generated.
void	onSessionExpired(UUID subjId) Delegates call to GridSecurityProcessor.onSessionExpired(UUID)
IgniteSandbox	sandbox()
SecurityContext	securityContext()
@Nullable IgniteNodeValidationResult	validateNode(ClusterNode node) Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.
@Nullable IgniteNodeValidationResult	validateNode(ClusterNode node, DiscoveryDataBag.JoiningNodeDiscoveryData discoData) Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.
OperationSecurityContext	withContext(SecurityContext secCtx) Creates OperationSecurityContext.
OperationSecurityContext	withContext(UUID nodeId) Creates OperationSecurityContext.

Methods inherited from class org.apache.ignite.internal.processors.security.IgniteSecurityAdapter

isSystemType

Methods inherited from class org.apache.ignite.internal.processors.GridProcessorAdapter

assertParameter, collectGridNodeData, collectJoiningNodeData, discoveryDataType, onDisconnected, onGridDataReceived, onJoiningNodeDataReceived, onKernalStart, onKernalStop, onReconnected, printMemoryStats, start, stop, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.ignite.internal.processors.security.IgniteSecurity

authorize

Field Detail

SECURITY_DISABLED_ERROR_MSG

public static final String SECURITY_DISABLED_ERROR_MSG

Error message that occurs when trying to perform security operations if security disabled.

See Also:

Constant Field Values

Constructor Detail

NoOpIgniteSecurityProcessor

public NoOpIgniteSecurityProcessor(GridKernalContext ctx)

Parameters:

ctx - Grid kernal context.

Method Detail

withContext

public OperationSecurityContext withContext(SecurityContext secCtx)

Creates OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of passed SecurityContext until holder OperationSecurityContext will be closed.

Parameters:

secCtx - Security Context.

Returns:

Security context holder.

withContext

public OperationSecurityContext withContext(UUID nodeId)

Creates OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of SecurityContext that is owned by the node with given nodeId until holder OperationSecurityContext will be closed.

Parameters:

nodeId - Node id.

Returns:

Security context holder.

isDefaultContext

public boolean isDefaultContext()

Returns:

True if current thread executed in default security context.

securityContext

public SecurityContext securityContext()

Returns:

SecurityContext of holder OperationSecurityContext.

authenticateNode

public SecurityContext authenticateNode(ClusterNode node,
                                        SecurityCredentials cred)

Delegates call to GridSecurityProcessor.authenticateNode(org.apache.ignite.cluster.ClusterNode, org.apache.ignite.plugin.security.SecurityCredentials)

isGlobalNodeAuthentication

public boolean isGlobalNodeAuthentication()

Delegates call to GridSecurityProcessor.isGlobalNodeAuthentication()

authenticate

public SecurityContext authenticate(AuthenticationContext ctx)

Delegates call to GridSecurityProcessor.authenticate(AuthenticationContext)

authenticatedSubjects

public Collection<SecuritySubject> authenticatedSubjects()

Delegates call to GridSecurityProcessor.authenticatedSubjects()

authenticatedSubject

public SecuritySubject authenticatedSubject(UUID subjId)

Delegates call to GridSecurityProcessor.authenticatedSubject(UUID)

onSessionExpired

public void onSessionExpired(UUID subjId)

Delegates call to GridSecurityProcessor.onSessionExpired(UUID)

authorize

public void authorize(String name,
                      SecurityPermission perm)
               throws SecurityException

Authorizes grid operation.

Parameters:

name - Cache name or task class name.

perm - Permission to authorize.

Throws:

SecurityException - If security check failed.

sandbox

public IgniteSandbox sandbox()

Returns:

Instance of IgniteSandbox.

enabled

public boolean enabled()

Returns:

True if IgniteSecurity is a plugin implementation, false if it's used a default NoOp implementation.

validateNode

@Nullable
public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node)

Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.

Specified by:

validateNode in interface GridComponent

Overrides:

validateNode in class GridProcessorAdapter

Parameters:

node - Joining node.

Returns:

Validation result or null in case of success.

validateNode

@Nullable
public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node,
                                                                   DiscoveryDataBag.JoiningNodeDiscoveryData discoData)

Validates that new node can join grid topology, this method is called on coordinator node before new node joins topology.

Specified by:

validateNode in interface GridComponent

Overrides:

validateNode in class GridProcessorAdapter

Parameters:

node - Joining node.

discoData - Joining node discovery data.

Returns:

Validation result or null in case of success.

createUser

public void createUser(String login,
                       char[] pwd)
                throws IgniteCheckedException

Creates user with the specified login and password.

Parameters:

login - Login of the user to be created.

pwd - User password.

Throws:

IgniteCheckedException - If error occurred.

alterUser

public void alterUser(String login,
                      char[] pwd)
               throws IgniteCheckedException

Alters password of user with the specified login.

Parameters:

login - Login of the user which password should be altered.

pwd - User password to alter.

Throws:

IgniteCheckedException - If error occurred.

dropUser

public void dropUser(String login)
              throws IgniteCheckedException

Drops user with the specified login.

Parameters:

login - Login of the user to be dropped.

Throws:

IgniteCheckedException - If error occurred.

onLocalJoin

public void onLocalJoin()

Callback for local join events for which the regular events are not generated.

Local join event is expected in cases of joining to topology or client reconnect.