geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-1673) SampleSecurityManager should cause start to fail if security.json cannot be found
Date Mon, 08 Aug 2016 15:42:20 GMT

    [ https://issues.apache.org/jira/browse/GEODE-1673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15411971#comment-15411971
] 

ASF GitHub Bot commented on GEODE-1673:
---------------------------------------

Github user jinmeiliao commented on a diff in the pull request:

    https://github.com/apache/incubator-geode/pull/228#discussion_r73898764
  
    --- Diff: geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
---
    @@ -126,26 +126,33 @@ public boolean authorize(final Principal principal, final ResourcePermission
con
     
       @Override
       public void init(final Properties securityProperties) throws NotAuthorizedException
{
    -    String jsonPropertyValue = securityProperties.getProperty(SECURITY_JSON);
    +    boolean initialized = false;
    +
    +    String jsonPropertyValue = securityProperties != null ? securityProperties.getProperty(SECURITY_JSON)
: null;
         if (jsonPropertyValue == null) {
    -      throw new AuthenticationFailedException("SampleSecurityManager: property [" + SECURITY_JSON
+ "] must be set.");
    -    }
    +      initialized = initializeFromJsonResource(DEFAULT_JSON_FILE_NAME);
    +    } else {
     
    -    // 1st try to load value as a json resource
    -    boolean initialized = initializeFromJsonResource(jsonPropertyValue);
    +      // 1st try to load value as a json resource
    +      initialized = initializeFromJsonResource(jsonPropertyValue);
     
    -    // 2nd try to load value as a json file
    -    if (!initialized) {
    -      initialized = initializeFromJsonFile(new File(jsonPropertyValue));
    -    }
    +      // 2nd try to load value as a json file
    --- End diff --
    
    Do we really need the 2nd try and 3rd try? We don't use SampleSeucurityManager this way.
If we can get rid these additional tries, then the init could be simple as this:
    
    String jsonPropertyValue = securityProperties.getProperty(SECURITY_JSON);
    if(jsonPropertyValue == null) jsonPropertyValue = DEFAULT_JSON_FILE_NAME;
    if(!initializeFromJsonResource(jsonPropertyValue)){
      // throw exception....
    }



> SampleSecurityManager should cause start to fail if security.json cannot be found
> ---------------------------------------------------------------------------------
>
>                 Key: GEODE-1673
>                 URL: https://issues.apache.org/jira/browse/GEODE-1673
>             Project: Geode
>          Issue Type: Bug
>          Components: security
>            Reporter: Kirk Lund
>            Assignee: Grace Meilen
>             Fix For: 1.0.0-incubating
>
>
> When following the instructions on https://cwiki.apache.org/confluence/display/GEODE/Using+Custom+SecurityManager,
if the user forgets to specify "--classpath=." then the locator will start up but cannot be
connected to.
> The SampleSecurityManager should instead cause the start to fail if security.json cannot
be found.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message