geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-3705) Refactor Authentication request to be processed as a "normal" protobuf message
Date Tue, 24 Oct 2017 20:45:00 GMT

    [ https://issues.apache.org/jira/browse/GEODE-3705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16217658#comment-16217658
] 

ASF GitHub Bot commented on GEODE-3705:
---------------------------------------

kohlmu-pivotal commented on a change in pull request #967: GEODE-3705: Refactor Authentication
request to be processed as a "normal" protobuf message
URL: https://github.com/apache/geode/pull/967#discussion_r146686976
 
 

 ##########
 File path: geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
 ##########
 @@ -34,47 +39,51 @@
 @Experimental
 public class ProtobufOpsProcessor {
 
-  private final OperationContextRegistry operationContextRegistry;
+  private final ProtobufOperationContextRegistry protobufOperationContextRegistry;
   private final SerializationService serializationService;
   private static final Logger logger = LogService.getLogger(ProtobufOpsProcessor.class);
 
   public ProtobufOpsProcessor(SerializationService serializationService,
-      OperationContextRegistry operationContextRegistry) {
+      ProtobufOperationContextRegistry protobufOperationContextRegistry) {
     this.serializationService = serializationService;
-    this.operationContextRegistry = operationContextRegistry;
+    this.protobufOperationContextRegistry = protobufOperationContextRegistry;
   }
 
   public ClientProtocol.Response process(ClientProtocol.Request request,
-      MessageExecutionContext context) {
+      MessageExecutionContext messageExecutionContext) {
     ClientProtocol.Request.RequestAPICase requestType = request.getRequestAPICase();
     logger.debug("Processing request of type {}", requestType);
-    OperationContext operationContext = operationContextRegistry.getOperationContext(requestType);
-    ClientProtocol.Response.Builder builder;
+    OperationContext operationContext =
+        protobufOperationContextRegistry.getOperationContext(requestType);
     Result result;
+
+    SecurityProcessor securityProcessor = messageExecutionContext.getSecurityProcessor();
     try {
-      if (context.getAuthorizer().authorize(context.getSubject(),
-          operationContext.getAccessPermissionRequired())) {
-        result = operationContext.getOperationHandler().process(serializationService,
-            operationContext.getFromRequest().apply(request), context);
-      } else {
-        logger.warn("Received unauthorized request");
-        recordAuthorizationViolation(context);
-        result = Failure.of(ProtobufResponseUtilities.makeErrorResponse(AUTHORIZATION_FAILED,
-            "User isn't authorized for this operation."));
-      }
-    } catch (InvalidExecutionContextException exception) {
-      logger.error("Invalid execution context found for operation {}", requestType);
-      result = Failure.of(ProtobufResponseUtilities.makeErrorResponse(UNSUPPORTED_OPERATION,
-          "Invalid execution context found for operation."));
+      securityProcessor.validateOperation(request, messageExecutionContext, operationContext);
+      result = processOperation(request, messageExecutionContext, requestType, operationContext);
+    } catch (AuthenticationRequiredException e) {
+      logger.warn(e);
+      result = Failure
+          .of(ProtobufResponseUtilities.makeErrorResponse(AUTHENTICATION_FAILED, e.getMessage()));
+    } catch (NotAuthorizedException e) {
+      logger.warn(e);
+      result = Failure.of(ProtobufResponseUtilities.makeErrorResponse(AUTHORIZATION_FAILED,
+          "The user is not authorized to complete this operation"));
 
 Review comment:
   good catch. thx

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Refactor Authentication request to be processed as a "normal" protobuf message
> ------------------------------------------------------------------------------
>
>                 Key: GEODE-3705
>                 URL: https://issues.apache.org/jira/browse/GEODE-3705
>             Project: Geode
>          Issue Type: New Feature
>          Components: client/server
>            Reporter: Galen O'Sullivan
>            Assignee: Udo Kohlmeyer
>
> Refactor authentication and Authorization for the new protocol to process the AuthenticationRequest
as a "normal" protobuf message.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message