geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-3447) Implement client authorization for the new protocol
Date Thu, 24 Aug 2017 23:31:00 GMT

    [ https://issues.apache.org/jira/browse/GEODE-3447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16140930#comment-16140930
] 

ASF GitHub Bot commented on GEODE-3447:
---------------------------------------

Github user pivotal-amurmann commented on a diff in the pull request:

    https://github.com/apache/geode/pull/719#discussion_r135153452
  
    --- Diff: geode-protobuf/src/main/java/org/apache/geode/protocol/protobuf/ProtobufOpsProcessor.java
---
    @@ -44,9 +46,15 @@ public ProtobufOpsProcessor(SerializationService serializationService,
         ClientProtocol.Response.Builder builder;
         Result result;
         try {
    -      result = operationContext.getOperationHandler().process(serializationService,
    -          operationContext.getFromRequest().apply(request), context);
    -    } catch (InvalidExecutionContextException e) {
    +      if (context.getAuthorizer().authorize(operationContext.getAccessPermissionRequired()))
{
    +        result = operationContext.getOperationHandler().process(serializationService,
    +            operationContext.getFromRequest().apply(request), context);
    +      } else {
    --- End diff --
    
    We might want to log this. Logging all security related events can be a life saver during
or after a security incident.


> Implement client authorization for the new protocol
> ---------------------------------------------------
>
>                 Key: GEODE-3447
>                 URL: https://issues.apache.org/jira/browse/GEODE-3447
>             Project: Geode
>          Issue Type: New Feature
>          Components: client/server
>            Reporter: Brian Baynes
>            Assignee: Bruce Schuchardt
>
> As a user of the new client/server protocol, I need to make sure the clients using the
protocol to access my grid are authorized to perform each operation they attempt.
> Implement client authorization for operations in new protocol based on existing authorization
configuration.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message