public class IgniteSecurityProcessor extends Object implements IgniteSecurity, GridProcessor
IgniteSecurity implementation.
IgniteSecurityProcessor serves here as a facade with is exposed to Ignite internal code,
while GridSecurityProcessor is hidden and managed from IgniteSecurityProcessor.
This implementation of IgniteSecurity is responsible for:
GridSecurityProcessor;GridComponent.DiscoveryDataExchangeType| Modifier and Type | Field and Description |
|---|---|
static String |
ATTR_GRID_SEC_PROC_CLASS
Internal attribute name constant.
|
| Constructor and Description |
|---|
IgniteSecurityProcessor(GridKernalContext ctx,
GridSecurityProcessor secPrc) |
| Modifier and Type | Method and Description |
|---|---|
SecurityContext |
authenticate(AuthenticationContext ctx)
Delegates call to
GridSecurityProcessor.authenticate(AuthenticationContext) |
SecuritySubject |
authenticatedSubject(UUID subjId)
Delegates call to
GridSecurityProcessor.authenticatedSubject(UUID) |
Collection<SecuritySubject> |
authenticatedSubjects()
Delegates call to
GridSecurityProcessor.authenticatedSubjects() |
SecurityContext |
authenticateNode(ClusterNode node,
SecurityCredentials cred)
|
void |
authorize(String name,
SecurityPermission perm)
Authorizes grid operation.
|
void |
collectGridNodeData(DiscoveryDataBag dataBag)
Collects discovery data on nodes already in grid on receiving
TcpDiscoveryNodeAddedMessage. |
void |
collectJoiningNodeData(DiscoveryDataBag dataBag)
Collects discovery data on joining node before sending
TcpDiscoveryJoinRequestMessage request. |
@Nullable GridComponent.DiscoveryDataExchangeType |
discoveryDataType()
Gets unique component type to distinguish components providing discovery data.
|
boolean |
enabled() |
boolean |
isGlobalNodeAuthentication()
Delegates call to
GridSecurityProcessor.isGlobalNodeAuthentication() |
void |
onDisconnected(IgniteFuture<?> reconnectFut)
Client disconnected callback.
|
void |
onGridDataReceived(DiscoveryDataBag.GridDiscoveryData data)
Receives discovery data object from remote nodes (called
on new node during discovery process).
|
void |
onJoiningNodeDataReceived(DiscoveryDataBag.JoiningNodeDiscoveryData data)
Method is called on nodes that are already in grid (not on joining node).
|
void |
onKernalStart(boolean active)
Callback that notifies that kernal has successfully started,
including all managers and processors.
|
void |
onKernalStop(boolean cancel)
Callback to notify that kernal is about to stop.
|
@Nullable IgniteInternalFuture<?> |
onReconnected(boolean clusterRestarted)
Client reconnected callback.
|
void |
onSessionExpired(UUID subjId)
Delegates call to
GridSecurityProcessor.onSessionExpired(UUID) |
void |
printMemoryStats()
Prints memory statistics (sizes of internal structures, etc.).
|
IgniteSandbox |
sandbox() |
SecurityContext |
securityContext() |
void |
start()
Starts grid component.
|
void |
stop(boolean cancel)
Stops grid component.
|
@Nullable IgniteNodeValidationResult |
validateNode(ClusterNode node)
Validates that new node can join grid topology, this method is called on coordinator
node before new node joins topology.
|
@Nullable IgniteNodeValidationResult |
validateNode(ClusterNode node,
DiscoveryDataBag.JoiningNodeDiscoveryData discoData)
Validates that new node can join grid topology, this method is called on coordinator
node before new node joins topology.
|
OperationSecurityContext |
withContext(SecurityContext secCtx)
Creates
OperationSecurityContext. |
OperationSecurityContext |
withContext(UUID subjId)
Creates
OperationSecurityContext. |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitauthorizepublic static final String ATTR_GRID_SEC_PROC_CLASS
public IgniteSecurityProcessor(GridKernalContext ctx, GridSecurityProcessor secPrc)
ctx - Grid kernal context.secPrc - Security processor.public OperationSecurityContext withContext(SecurityContext secCtx)
OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of passed SecurityContext until
holder OperationSecurityContext will be closed.withContext in interface IgniteSecuritysecCtx - Security Context.public OperationSecurityContext withContext(UUID subjId)
OperationSecurityContext. All calls of methods IgniteSecurity.authorize(String, SecurityPermission) or IgniteSecurity.authorize(SecurityPermission) will be processed into the context of SecurityContext that is owned by
the node with given nodeId until holder OperationSecurityContext will be closed.withContext in interface IgniteSecuritysubjId - Node id.public SecurityContext securityContext()
securityContext in interface IgniteSecurityOperationSecurityContext.public SecurityContext authenticateNode(ClusterNode node, SecurityCredentials cred) throws IgniteCheckedException
GridSecurityProcessor.authenticateNode(org.apache.ignite.cluster.ClusterNode,
org.apache.ignite.plugin.security.SecurityCredentials)authenticateNode in interface IgniteSecurityIgniteCheckedExceptionpublic boolean isGlobalNodeAuthentication()
GridSecurityProcessor.isGlobalNodeAuthentication()isGlobalNodeAuthentication in interface IgniteSecuritypublic SecurityContext authenticate(AuthenticationContext ctx) throws IgniteCheckedException
GridSecurityProcessor.authenticate(AuthenticationContext)authenticate in interface IgniteSecurityIgniteCheckedExceptionpublic Collection<SecuritySubject> authenticatedSubjects() throws IgniteCheckedException
GridSecurityProcessor.authenticatedSubjects()authenticatedSubjects in interface IgniteSecurityIgniteCheckedExceptionpublic SecuritySubject authenticatedSubject(UUID subjId) throws IgniteCheckedException
GridSecurityProcessor.authenticatedSubject(UUID)authenticatedSubject in interface IgniteSecurityIgniteCheckedExceptionpublic void onSessionExpired(UUID subjId)
GridSecurityProcessor.onSessionExpired(UUID)onSessionExpired in interface IgniteSecuritypublic void authorize(String name, SecurityPermission perm) throws SecurityException
authorize in interface IgniteSecurityname - Cache name or task class name.perm - Permission to authorize.SecurityException - If security check failed.public IgniteSandbox sandbox()
sandbox in interface IgniteSecuritypublic boolean enabled()
enabled in interface IgniteSecuritypublic void start()
throws IgniteCheckedException
start in interface GridComponentIgniteCheckedException - Throws in case of any errors.public void stop(boolean cancel)
throws IgniteCheckedException
stop in interface GridComponentcancel - If true, then all ongoing tasks or jobs for relevant
components need to be cancelled.IgniteCheckedException - Thrown in case of any errors.public void onKernalStart(boolean active)
throws IgniteCheckedException
onKernalStart in interface GridComponentactive - Cluster active flag (note: should be used carefully since state can
change concurrently).IgniteCheckedException - Thrown in case of any errors.public void onKernalStop(boolean cancel)
onKernalStop in interface GridComponentcancel - Flag indicating whether jobs should be canceled.public void collectJoiningNodeData(DiscoveryDataBag dataBag)
TcpDiscoveryJoinRequestMessage request.collectJoiningNodeData in interface GridComponentdataBag - container object to store discovery data in.public void collectGridNodeData(DiscoveryDataBag dataBag)
TcpDiscoveryNodeAddedMessage.collectGridNodeData in interface GridComponentdataBag - container object to store discovery data in.public void onGridDataReceived(DiscoveryDataBag.GridDiscoveryData data)
onGridDataReceived in interface GridComponentdata - DiscoveryDataBag.GridDiscoveryData interface to retrieve discovery data collected on remote nodes
(data common for all nodes in grid and specific for each node).public void onJoiningNodeDataReceived(DiscoveryDataBag.JoiningNodeDiscoveryData data)
onJoiningNodeDataReceived in interface GridComponentdata - DiscoveryDataBag.JoiningNodeDiscoveryData interface to retrieve discovery data of joining node.public void printMemoryStats()
printMemoryStats in interface GridComponent@Nullable public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node)
validateNode in interface GridComponentnode - Joining node.null in case of success.@Nullable public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node, DiscoveryDataBag.JoiningNodeDiscoveryData discoData)
validateNode in interface GridComponentnode - Joining node.discoData - Joining node discovery data.null in case of success.@Nullable public @Nullable GridComponent.DiscoveryDataExchangeType discoveryDataType()
GridComponent.collectJoiningNodeData(DiscoveryDataBag)
or GridComponent.collectGridNodeData(DiscoveryDataBag).discoveryDataType in interface GridComponentpublic void onDisconnected(IgniteFuture<?> reconnectFut) throws IgniteCheckedException
onDisconnected in interface GridComponentreconnectFut - Reconnect future.IgniteCheckedException - If failed.@Nullable public @Nullable IgniteInternalFuture<?> onReconnected(boolean clusterRestarted) throws IgniteCheckedException
onReconnected in interface GridComponentclusterRestarted - Cluster restarted flag.IgniteCheckedException - If failed.
Follow @ApacheIgnite
Ignite Database and Caching Platform : ver. 2.9.1 Release Date : December 9 2020