You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2016/07/12 16:34:27 UTC
incubator-geode git commit: GEODE-1571: fix nightly failure
Repository: incubator-geode
Updated Branches:
refs/heads/develop b35d330fc -> dbdf76c34
GEODE-1571: fix nightly failure
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/dbdf76c3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/dbdf76c3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/dbdf76c3
Branch: refs/heads/develop
Commit: dbdf76c341b7aa146101b8e055e893e97ec87c0f
Parents: b35d330
Author: Jinmei Liao <ji...@pivotal.io>
Authored: Tue Jul 12 09:31:47 2016 -0700
Committer: Jinmei Liao <ji...@pivotal.io>
Committed: Tue Jul 12 09:31:47 2016 -0700
----------------------------------------------------------------------
.../internal/security/GeodeSecurityUtil.java | 30 ++++++++++++++++++--
.../security/shiro/CustomAuthRealm.java | 17 ++++-------
.../GeodeSecurityUtilWithIniFileJUnitTest.java | 1 -
.../gemfire/tools/pulse/tests/Server.java | 7 +----
4 files changed, 34 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/dbdf76c3/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
index 9a3be04..ecf16f6 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
@@ -315,9 +315,11 @@ public class GeodeSecurityUtil {
// only set up shiro realm if user has implemented SecurityManager
else if (!StringUtils.isBlank(securityConfig)) {
- Realm realm = new CustomAuthRealm(securityProps);
- org.apache.shiro.mgt.SecurityManager securityManager = new DefaultSecurityManager(realm);
- SecurityUtils.setSecurityManager(securityManager);
+ securityManager = getObject(securityConfig, SecurityManager.class);
+ securityManager.init(securityProps);
+ Realm realm = new CustomAuthRealm(securityManager);
+ org.apache.shiro.mgt.SecurityManager shiroManager = new DefaultSecurityManager(realm);
+ SecurityUtils.setSecurityManager(shiroManager);
}
else {
SecurityUtils.setSecurityManager(null);
@@ -373,6 +375,26 @@ public class GeodeSecurityUtil {
}
+ public static <T> T getObject(String factoryName, Class<T> clazz) {
+ Object object = null;
+
+ if (StringUtils.isBlank(factoryName)) {
+ return null;
+ }
+ try {
+ Method instanceGetter = ClassLoadUtil.methodFromName(factoryName);
+ object = instanceGetter.invoke(null, (Object[]) null);
+ }
+ catch (Exception ex) {
+ throw new AuthenticationRequiredException(ex.toString(), ex);
+ }
+
+ if(!clazz.isAssignableFrom(object.getClass())){
+ throw new GemFireSecurityException("Expecting a "+clazz.getName()+" interface.");
+ }
+ return (T)object;
+ }
+
public static Object getObject(String factoryName) {
if (StringUtils.isBlank(factoryName)) {
return null;
@@ -386,6 +408,8 @@ public class GeodeSecurityUtil {
}
}
+
+
public static boolean isSecurityRequired(Properties securityProps){
String authenticator = securityProps.getProperty(SECURITY_CLIENT_AUTHENTICATOR);
String securityManager = securityProps.getProperty(SECURITY_MANAGER);
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/dbdf76c3/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
index 48f6a40..f31189d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
@@ -16,8 +16,6 @@
*/
package com.gemstone.gemfire.internal.security.shiro;
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.SECURITY_MANAGER;
-
import java.security.Principal;
import java.util.Properties;
@@ -35,9 +33,8 @@ import org.apache.shiro.subject.PrincipalCollection;
import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-import com.gemstone.gemfire.security.SecurityManager;
-import com.gemstone.gemfire.security.GemFireSecurityException;
import com.gemstone.gemfire.security.GeodePermission;
+import com.gemstone.gemfire.security.SecurityManager;
public class CustomAuthRealm extends AuthorizingRealm{
public static final String REALM_NAME = "CUSTOMAUTHREALM";
@@ -45,14 +42,12 @@ public class CustomAuthRealm extends AuthorizingRealm{
private static final Logger logger = LogManager.getLogger(CustomAuthRealm.class);
private SecurityManager securityManager = null;
- public CustomAuthRealm (Properties securityProps) {
- Object manager = GeodeSecurityUtil.getObject(securityProps.getProperty(SECURITY_MANAGER));
+ public CustomAuthRealm(SecurityManager securityManager) {
+ this.securityManager = securityManager;
+ }
- if(!(manager instanceof SecurityManager)){
- throw new GemFireSecurityException("Integrated Security requires SecurityManager interface.");
- }
- securityManager = (SecurityManager) manager;
- securityManager.init(securityProps);
+ public CustomAuthRealm (String authenticatorFactory) {
+ this.securityManager = GeodeSecurityUtil.getObject(authenticatorFactory, SecurityManager.class);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/dbdf76c3/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
index 6a3d382..487548d 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -136,5 +136,4 @@ public class GeodeSecurityUtilWithIniFileJUnitTest {
private void assertNotAuthorized(GeodePermission context){
assertThatThrownBy(()-> GeodeSecurityUtil.authorize(context)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
}
-
}
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/dbdf76c3/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
index 429a11b..9356eb9 100644
--- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
+++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
@@ -18,8 +18,6 @@
*/
package com.vmware.gemfire.tools.pulse.tests;
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
-
import java.io.IOException;
import java.lang.management.ManagementFactory;
import java.net.Inet4Address;
@@ -28,7 +26,6 @@ import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.HashMap;
import java.util.Map;
-import java.util.Properties;
import javax.management.InstanceAlreadyExistsException;
import javax.management.MBeanRegistrationException;
@@ -75,9 +72,7 @@ public class Server {
Map<String, Object> env = new HashMap<String, Object>();
// set up Shiro Security Manager
- Properties securityProps = new Properties();
- securityProps.put(SECURITY_MANAGER, JSONAuthorization.class.getName() + ".create");
- Realm realm = new CustomAuthRealm(securityProps);
+ Realm realm = new CustomAuthRealm(JSONAuthorization.class.getName() + ".create");
SecurityManager securityManager = new DefaultSecurityManager(realm);
SecurityUtils.setSecurityManager(securityManager);