public class SecurityUtils extends Object
| Modifier and Type | Field and Description |
|---|---|
static Permissions |
ALL_PERMISSIONS
Permissions that contain
AllPermission. |
static String |
IGNITE_INTERNAL_PACKAGE
Ignite internal package.
|
static String |
MSG_SEC_PROC_CLS_IS_INVALID |
public static final String MSG_SEC_PROC_CLS_IS_INVALID
public static final String IGNITE_INTERNAL_PACKAGE
public static final Permissions ALL_PERMISSIONS
AllPermission.public static boolean isSecurityCompatibilityMode()
public static void serializeVersion(int ver)
ver - Serialize version.public static int serializeVersion()
public static void restoreDefaultSerializeVersion()
DFLT_SERIALIZE_VERSION.public static Map<String,Collection<SecurityPermission>> compatibleServicePermissions()
public static SecurityContext nodeSecurityContext(Marshaller marsh, ClassLoader ldr, ClusterNode node)
marsh - Marshaller.ldr - Class loader.node - Node.public static SecurityContext remoteSecurityContext(GridKernalContext ctx)
null.withRemoteSecurityContext(GridKernalContext, SecurityContext)public static UUID securitySubjectId(GridKernalContext ctx)
public static UUID securitySubjectId(GridCacheContext<?,?> cctx)
public static UUID securitySubjectId(GridCacheSharedContext<?,?> cctx)
public static OperationSecurityContext withRemoteSecurityContext(GridKernalContext ctx, SecurityContext secCtx)
null.
null means that security context of the local node is specified or security is disabled so no security
context change is needed.
Note that this method is safe to use only when it is known to be called in the security context of the local node
(e.g. in system workers).OperationSecurityContext instance if new security context is set, otherwise null.public static <T,E extends Exception> T doPrivileged(Callable<T> c) throws E extends Exception
T - Type of result.E - Type of Exception.c - Instance of SandboxCallable.E - if unable to compute a result.E extends Exceptionpublic static boolean hasSecurityManager()
public static boolean isSystemType(GridKernalContext ctx, Object target, boolean considerWrapperCls)
target is a system type.public static boolean isInsideSandbox()
public static <T> T sandboxedProxy(GridKernalContext ctx, Class cls, T instance)
instance if the sandbox is enabled and class of instance is not a system type
otherwise instance.public static Map<String,Object> withSecurityContext(SecurityContext secCtx, Map<String,Object> nodeAttrs, Marshaller marsh) throws IgniteCheckedException
secCtx - Security context to be added.nodeAttrs - Cluster node attributes to which security context attribute is to be added.marsh - Marshaller.IgniteCheckedException - If security context serialization exception occurs.public static SecurityContext authenticateLocalNode(ClusterNode node, SecurityCredentials cred, DiscoverySpiNodeAuthenticator nodeAuth)
node - Cluster node to authenticate.cred - Node credentials.nodeAuth - Node authenticator.SecurityContext instance as authentication result.public static void authorizeAll(IgniteSecurity security, SecurityPermissionSet permissions)
Follow @ApacheIgnite
Ignite Database and Caching Platform : ver. 2.15.0 Release Date : April 25 2023