You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2017/10/24 20:47:55 UTC
[geode] branch feature/GEODE-3705 updated: GEODE-3705: Applying
changes from review
This is an automated email from the ASF dual-hosted git repository.
udo pushed a commit to branch feature/GEODE-3705
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/feature/GEODE-3705 by this push:
new 4a8b763 GEODE-3705: Applying changes from review
4a8b763 is described below
commit 4a8b76370e6aca2e9ff017805ff78581b1f79937
Author: kohlmu-pivotal <uk...@pivotal.io>
AuthorDate: Tue Oct 24 13:47:48 2017 -0700
GEODE-3705: Applying changes from review
---
.../java/org/apache/geode/internal/protocol/Failure.java | 2 +-
.../apache/geode/internal/protocol/ProtocolErrorCode.java | 1 +
.../internal/protocol/protobuf/ProtobufOpsProcessor.java | 1 +
.../security/AuthenticationRequestOperationHandler.java | 14 +++++++++++++-
.../internal/protocol/security/NoOpAuthenticator.java | 2 +-
.../internal/protocol/security/SecurityLookupService.java | 2 +-
.../protobuf/ProtobufShiroAuthenticatorJUnitTest.java | 4 ++--
7 files changed, 20 insertions(+), 6 deletions(-)
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
index 7bb22e7..f390247 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
@@ -27,7 +27,7 @@ public class Failure<SuccessType> implements Result<SuccessType> {
this.errorResponse = errorResponse;
}
- public static <T, V> Failure<T> of(ClientProtocol.ErrorResponse errorResponse) {
+ public static <T> Failure<T> of(ClientProtocol.ErrorResponse errorResponse) {
return new Failure<>(errorResponse);
}
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
index c9813c1..302889c 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
@@ -22,6 +22,7 @@ public enum ProtocolErrorCode {
UNSUPPORTED_AUTHENTICATION_MODE(1103),
AUTHENTICATION_FAILED(1200),
AUTHORIZATION_FAILED(1201),
+ ALREADY_AUTHENTICATED(1202),
LOW_MEMORY(1300),
DATA_UNREACHABLE(1301),
OPERATION_TIMEOUT(1302),
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
index 5529553..5968e8e 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
@@ -67,6 +67,7 @@ public class ProtobufOpsProcessor {
.of(ProtobufResponseUtilities.makeErrorResponse(AUTHENTICATION_FAILED, e.getMessage()));
} catch (NotAuthorizedException e) {
logger.warn(e);
+ messageExecutionContext.getStatistics().incAuthorizationViolations();
result = Failure.of(ProtobufResponseUtilities.makeErrorResponse(AUTHORIZATION_FAILED,
"The user is not authorized to complete this operation"));
}
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
index eaaf87f..ffc3c04 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
@@ -44,6 +44,14 @@ public class AuthenticationRequestOperationHandler implements
SerializationService serializationService, AuthenticationAPI.AuthenticationRequest request,
MessageExecutionContext messageExecutionContext) throws InvalidExecutionContextException {
+ if (messageExecutionContext.getAuthenticationToken() != null) {
+ return Failure.of(ClientProtocol.ErrorResponse.newBuilder()
+ .setError(buildAndLogError(ProtocolErrorCode.ALREADY_AUTHENTICATED,
+ "The user has already been authenticated for this connection. Re-authentication is not supported at this time.",
+ null))
+ .build());
+ }
+
Authenticator authenticator = messageExecutionContext.getAuthenticator();
Properties properties = new Properties();
properties.putAll(request.getCredentialsMap());
@@ -66,7 +74,11 @@ public class AuthenticationRequestOperationHandler implements
private BasicTypes.Error buildAndLogError(ProtocolErrorCode errorCode, String message,
Exception ex) {
- logger.warn(message, ex);
+ if (ex == null) {
+ logger.warn(message);
+ } else {
+ logger.warn(message, ex);
+ }
return BasicTypes.Error.newBuilder().setErrorCode(errorCode.codeValue).setMessage(message)
.build();
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
index 9cdeb6e..022fa30 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
@@ -29,6 +29,6 @@ public class NoOpAuthenticator implements Authenticator<Object, Object> {
@Override
public Object authenticate(Object inputObject) throws AuthenticationFailedException {
- return new Object();
+ return null;
}
}
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
index dc70ec8..3d500d7 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
@@ -47,7 +47,7 @@ public class SecurityLookupService {
}
public SecurityProcessor lookupProcessor(SecurityService securityService) {
- return isSecurityEnabled(securityService) ? securityProcessors[1] : securityProcessors[0];
+ return securityProcessors[isSecurityEnabled(securityService) ? 1 : 0];
}
public Authenticator lookupAuthenticator(SecurityService securityService) {
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
index 9b0ea9d..1dfdfd7 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
@@ -41,8 +41,8 @@ import org.apache.geode.test.junit.categories.UnitTest;
public class ProtobufShiroAuthenticatorJUnitTest {
private static final String TEST_USERNAME = "user1";
private static final String TEST_PASSWORD = "hunter2";
- private ByteArrayInputStream byteArrayInputStream; // initialized with an incoming request in
- // setUp.
+ // initialized with an incoming request in setUp.
+ private ByteArrayInputStream byteArrayInputStream;
private ByteArrayOutputStream byteArrayOutputStream;
private ProtobufShiroAuthenticator protobufShiroAuthenticator;
private SecurityService mockSecurityService;
--
To stop receiving notification emails like this one, please contact
['"commits@geode.apache.org" <co...@geode.apache.org>'].