ignite-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akuznet...@apache.org
Subject [16/50] [abbrv] incubator-ignite git commit: #ignite-gg-9809: Mock session tokens.
Date Tue, 24 Feb 2015 09:26:44 GMT
#ignite-gg-9809: Mock session tokens.


Project: http://git-wip-us.apache.org/repos/asf/incubator-ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ignite/commit/2a73b067
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ignite/tree/2a73b067
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ignite/diff/2a73b067

Branch: refs/heads/ignite-298
Commit: 2a73b067f082d1c24152145ca1453280a4b6a741
Parents: 36acc47
Author: ivasilinets <ivasilinets@gridgain.com>
Authored: Thu Feb 19 13:50:24 2015 +0300
Committer: ivasilinets <ivasilinets@gridgain.com>
Committed: Thu Feb 19 13:50:24 2015 +0300

----------------------------------------------------------------------
 .../processors/rest/GridRestProcessor.java      | 82 +++++++++++++++++++-
 1 file changed, 80 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/2a73b067/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
----------------------------------------------------------------------
diff --git a/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
b/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
index 51f8abe..8cf26cc 100644
--- a/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
+++ b/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
@@ -70,6 +70,9 @@ public class GridRestProcessor extends GridProcessorAdapter {
     /** Workers count. */
     private final LongAdder workersCnt = new LongAdder();
 
+    /** SecurityContext map. */
+    private ConcurrentMap<SubjectKey, SecurityContext> sesMap = new ConcurrentHashMap8<>();
+
     /** Protocol handler. */
     private final GridRestProtocolHandler protoHnd = new GridRestProtocolHandler() {
         @Override public GridRestResponse handle(GridRestRequest req) throws IgniteCheckedException
{
@@ -161,9 +164,9 @@ public class GridRestProcessor extends GridProcessorAdapter {
         if (log.isDebugEnabled())
             log.debug("Received request from client: " + req);
 
-        if (ctx.security().enabled()) {
-            SecurityContext subjCtx = null;
+        SecurityContext subjCtx = null;
 
+        if (ctx.security().enabled()) {
             try {
                 subjCtx = authenticate(req);
 
@@ -174,6 +177,14 @@ public class GridRestProcessor extends GridProcessorAdapter {
 
                 GridRestResponse res = new GridRestResponse(STATUS_SECURITY_CHECK_FAILED,
e.getMessage());
 
+                try {
+                    updateSession(req, subjCtx);
+                    res.sessionTokenBytes(new byte[0]);
+                }
+                catch (IgniteCheckedException e1) {
+                    U.warn(log, "Cannot update response session token: " + e1.getMessage());
+                }
+
                 return new GridFinishedFuture<>(ctx, res);
             }
             catch (IgniteCheckedException e) {
@@ -191,6 +202,8 @@ public class GridRestProcessor extends GridProcessorAdapter {
             return new GridFinishedFuture<>(ctx,
                 new IgniteCheckedException("Failed to find registered handler for command:
" + req.command()));
 
+        final SecurityContext subjCtx0 = subjCtx;
+
         return res.chain(new C1<IgniteInternalFuture<GridRestResponse>, GridRestResponse>()
{
             @Override public GridRestResponse apply(IgniteInternalFuture<GridRestResponse>
f) {
                 GridRestResponse res;
@@ -209,6 +222,14 @@ public class GridRestProcessor extends GridProcessorAdapter {
 
                 assert res != null;
 
+                try {
+                    updateSession(req, subjCtx0);
+                    res.sessionTokenBytes(new byte[0]);
+                }
+                catch (IgniteCheckedException e) {
+                    U.warn(log, "Cannot update response session token: " + e.getMessage());
+                }
+
                 interceptResponse(res, req);
 
                 return res;
@@ -439,6 +460,12 @@ public class GridRestProcessor extends GridProcessorAdapter {
      * @throws IgniteCheckedException If authentication failed.
      */
     private SecurityContext authenticate(GridRestRequest req) throws IgniteCheckedException
{
+        UUID clientId = req.clientId();
+        SecurityContext secCtx = sesMap.get(new SubjectKey(REMOTE_CLIENT, clientId));
+
+        if (secCtx != null)
+            return secCtx;
+
         // Authenticate client if invalid session.
         AuthenticationContext authCtx = new AuthenticationContext();
 
@@ -481,6 +508,15 @@ public class GridRestProcessor extends GridProcessorAdapter {
     }
 
     /**
+     * Update session.
+     * @param req REST request.
+     * @param sCtx Security context.
+     */
+    private void updateSession(GridRestRequest req, SecurityContext sCtx) throws IgniteCheckedException
{
+        sesMap.put(new SubjectKey(REMOTE_CLIENT, req.clientId()), sCtx);
+    }
+
+    /**
      * @param req REST request.
      * @param sCtx Security context.
      * @throws GridSecurityException If authorization failed.
@@ -639,4 +675,46 @@ public class GridRestProcessor extends GridProcessorAdapter {
         X.println(">>>   protosSize: " + protos.size());
         X.println(">>>   handlersSize: " + handlers.size());
     }
+
+    /**
+     * Subject key.
+     */
+    private static class SubjectKey {
+        /** */
+        private final GridSecuritySubjectType subjType;
+
+        /** */
+        private final UUID subjId;
+
+        /**
+         * @param subjType Subject type.
+         * @param subjId Subject ID.
+         */
+        private SubjectKey(GridSecuritySubjectType subjType, UUID subjId) {
+            this.subjType = subjType;
+            this.subjId = subjId;
+        }
+
+        /** {@inheritDoc} */
+        @Override public boolean equals(Object o) {
+            if (this == o)
+                return true;
+
+            if (!(o instanceof SubjectKey))
+                return false;
+
+            SubjectKey that = (SubjectKey)o;
+
+            return F.eq(subjId, that.subjId) && subjType == that.subjType;
+        }
+
+        /** {@inheritDoc} */
+        @Override public int hashCode() {
+            int res = subjType.hashCode();
+
+            res = 31 * res + (subjId == null ? 0 : subjId.hashCode());
+
+            return res;
+        }
+    }
 }


Mime
View raw message