You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by rick_tem <rv...@temenos.com> on 2017/02/01 11:49:04 UTC
SecurityContext in Ignite
Hi,
I'm new to Ignite. I'm creating a WhiteListSecurityProcessor and it is all
working fine, but when authorize is being called, I get a null
SecurityContext. Debugging I found that it is null coming from
GridCacheContext...Is this a bug?
public void checkSecurity(SecurityPermission op) throws
SecurityException {
if (CU.isSystemCache(name()))
return;
ctx.security().authorize(name(), op, *null*);
}
I am aware of GridGain, but want to create my own plugin as we have our own
security needs...All of the documentation out on the net is dated..Is there
anywhere I set this up in the Spring configuration? Below is the stacktrace
up to the authorize call....
Thread [TEST_FBNK_CURRENCY_109548147] (Suspended (breakpoint at line 182 in
WhiteListSecurityProcessor))
WhiteListSecurityProcessor.authorize(String, SecurityPermission,
SecurityContext) line: 182
GridCacheContext<K,V>.checkSecurity(SecurityPermission) line: 735
GridDhtAtomicCache<K,V>.get(K, String, boolean, boolean) line: 468
GridDhtAtomicCache<K,V>(GridCacheAdapter<K,V>).get(K, boolean, boolean)
line: 4783
GridDhtAtomicCache<K,V>(GridCacheAdapter<K,V>).get(K) line: 1395
IgniteCacheProxy<K,V>.get(K) line: 1118
Thanks,
Rick
--
View this message in context: http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-tp10353.html
Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: SecurityContext in Ignite
Posted by afedotov <al...@gmail.com>.
Rick,
Just follow JavaDoc for SecurityContext and implement it in the way that
will work for
the node where WhiteListSecurityProcessor is called with respect to your
custom logic.
On Wed, Feb 1, 2017 at 7:10 PM, rick_tem [via Apache Ignite Users] <
ml-node+s70518n10357h1@n6.nabble.com> wrote:
> SecurityContext is an interface (and doesn't appear to be in the
> JavaDoc). What implements it that I should create?
>
> Thanks,
> Rick
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
> http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-
> tp10353p10357.html
> To start a new topic under Apache Ignite Users, email
> ml-node+s70518n1h65@n6.nabble.com
> To unsubscribe from Apache Ignite Users, click here
> <http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=1&code=YWxleGFuZGVyLmZlZG90b2ZmQGdtYWlsLmNvbXwxfC0xMzYxNTU0NTg=>
> .
> NAML
> <http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
Kind regards,
Alexander.
--
View this message in context: http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-tp10353p10358.html
Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: SecurityContext in Ignite
Posted by rick_tem <rv...@temenos.com>.
SecurityContext is an interface (and doesn't appear to be in the JavaDoc).
What implements it that I should create?
Thanks,
Rick
--
View this message in context: http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-tp10353p10357.html
Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: SecurityContext in Ignite
Posted by afedotov <al...@gmail.com>.
Hello,
As you correctly noted, security features are part of GridGain.
To deal with the null SecurityContext just create a new one inside
WhiteListSecurityProcessor#authorize based
on the information proper for your case.
On Wed, Feb 1, 2017 at 2:49 PM, rick_tem [via Apache Ignite Users] <
ml-node+s70518n10353h77@n6.nabble.com> wrote:
> Hi,
>
> I'm new to Ignite. I'm creating a WhiteListSecurityProcessor and it is
> all working fine, but when authorize is being called, I get a null
> SecurityContext. Debugging I found that it is null coming from
> GridCacheContext...Is this a bug?
>
> public void checkSecurity(SecurityPermission op) throws
> SecurityException {
> if (CU.isSystemCache(name()))
> return;
>
> ctx.security().authorize(name(), op, *null*);
> }
>
> I am aware of GridGain, but want to create my own plugin as we have our
> own security needs...All of the documentation out on the net is dated..Is
> there anywhere I set this up in the Spring configuration? Below is the
> stacktrace up to the authorize call....
>
> Thread [TEST_FBNK_CURRENCY_109548147] (Suspended (breakpoint at line 182
> in WhiteListSecurityProcessor))
> WhiteListSecurityProcessor.authorize(String, SecurityPermission,
> SecurityContext) line: 182
> GridCacheContext<K,V>.checkSecurity(SecurityPermission) line: 735
> GridDhtAtomicCache<K,V>.get(K, String, boolean, boolean) line: 468
> GridDhtAtomicCache<K,V>(GridCacheAdapter<K,V>).get(K, boolean,
> boolean) line: 4783
> GridDhtAtomicCache<K,V>(GridCacheAdapter<K,V>).get(K) line: 1395
> IgniteCacheProxy<K,V>.get(K) line: 1118
>
>
>
>
> Thanks,
> Rick
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
> http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-
> tp10353.html
> To start a new topic under Apache Ignite Users, email
> ml-node+s70518n1h65@n6.nabble.com
> To unsubscribe from Apache Ignite Users, click here
> <http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=1&code=YWxleGFuZGVyLmZlZG90b2ZmQGdtYWlsLmNvbXwxfC0xMzYxNTU0NTg=>
> .
> NAML
> <http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
Kind regards,
Alexander.
--
View this message in context: http://apache-ignite-users.70518.x6.nabble.com/SecurityContext-in-Ignite-tp10353p10356.html
Sent from the Apache Ignite Users mailing list archive at Nabble.com.