You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by kl...@apache.org on 2016/03/16 19:07:35 UTC
[1/2] incubator-geode git commit: Fix up formatting
Repository: incubator-geode
Updated Branches:
refs/heads/feature/GEODE-949-2 da4fe8755 -> 7d3bea091
Fix up formatting
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/d60d8a34
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/d60d8a34
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/d60d8a34
Branch: refs/heads/feature/GEODE-949-2
Commit: d60d8a3467450dbecedace3e551e797394007cc9
Parents: da4fe87
Author: Kirk Lund <kl...@apache.org>
Authored: Wed Mar 16 11:03:13 2016 -0700
Committer: Kirk Lund <kl...@apache.org>
Committed: Wed Mar 16 11:03:13 2016 -0700
----------------------------------------------------------------------
.../membership/gms/auth/GMSAuthenticator.java | 87 +++++++++++---------
1 file changed, 48 insertions(+), 39 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/d60d8a34/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
index ba35e46..d472de0 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
@@ -47,10 +47,13 @@ import static com.gemstone.gemfire.internal.i18n.LocalizedStrings.AUTH_FAILED_TO
import static com.gemstone.gemfire.distributed.internal.DistributionConfig.SECURITY_PEER_AUTH_INIT_NAME;
import static com.gemstone.gemfire.distributed.internal.DistributionConfig.SECURITY_PEER_AUTHENTICATOR_NAME;
-
public class GMSAuthenticator implements Authenticator {
+ private final static String secPrefix = "gemfire.sys.security-";
+ private final static int gemfireSysPrefixLen = "gemfire.sys.".length();
+
private Services services;
+ private Properties securityProps = getSecurityProps();
@Override
public void init(Services s) {
@@ -96,23 +99,25 @@ public class GMSAuthenticator implements Authenticator {
/**
* Authenticate peer member with authenticator class defined by property
* "security-peer-authenticator".
- * @param member the member to be authenticated
- * @param credentials the credentials used in authentication
+ *
+ * @param member
+ * the member to be authenticated
+ * @param credentials
+ * the credentials used in authentication
* @return null if authentication succeed (including no authenticator case),
* otherwise, return failure message
* @throws AuthenticationFailedException
* this will be removed since return string is used for failure
*/
@Override
- public String authenticate(InternalDistributedMember member, Object credentials)
- throws AuthenticationFailedException {
+ public String authenticate(InternalDistributedMember member, Object credentials) throws AuthenticationFailedException {
return authenticate(member, credentials, securityProps, services.getJoinLeave().getMemberID());
}
- // for unit test
- /* package */ String authenticate(
- DistributedMember member, Object credentials, Properties secProps, DistributedMember localMember)
- throws AuthenticationFailedException {
+ /**
+ * Method is package protected to be used in testing.
+ */
+ String authenticate(DistributedMember member, Object credentials, Properties secProps, DistributedMember localMember) throws AuthenticationFailedException {
String authMethod = secProps.getProperty(SECURITY_PEER_AUTHENTICATOR_NAME);
if (authMethod == null || authMethod.length() == 0) {
@@ -124,73 +129,82 @@ public class GMSAuthenticator implements Authenticator {
if (credentials != null) {
try {
invokeAuthenticator(authMethod, member, credentials);
+
} catch (Exception ex) {
- securityLogWriter.warning(
- AUTH_PEER_AUTHENTICATION_FAILED_WITH_EXCEPTION,
- new Object[] {member, authMethod, ex.getLocalizedMessage()}, ex);
+ securityLogWriter.warning(AUTH_PEER_AUTHENTICATION_FAILED_WITH_EXCEPTION, new Object[] {member, authMethod, ex.getLocalizedMessage()}, ex);
failMsg = AUTH_PEER_AUTHENTICATION_FAILED.toLocalizedString(localMember);
}
+
} else { // No credentials - need to send failure message
- securityLogWriter.warning(
- AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS, new Object[] {member, authMethod});
+ securityLogWriter.warning(AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS, new Object[] {member, authMethod});
failMsg = AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS.toLocalizedString(member, authMethod);
}
+
return failMsg;
}
- /* package */ Principal invokeAuthenticator(String authMethod, DistributedMember member, Object credentials)
- throws AuthenticationFailedException {
+ /**
+ * Method is package protected to be used in testing.
+ */
+ Principal invokeAuthenticator(String authMethod, DistributedMember member, Object credentials) throws AuthenticationFailedException {
com.gemstone.gemfire.security.Authenticator auth = null;
+
try {
Method getter = ClassLoadUtil.methodFromName(authMethod);
auth = (com.gemstone.gemfire.security.Authenticator) getter.invoke(null, (Object[]) null);
- if (auth == null)
- throw new AuthenticationFailedException(
- HandShake_AUTHENTICATOR_INSTANCE_COULD_NOT_BE_OBTAINED.toLocalizedString());
+ if (auth == null) {
+ throw new AuthenticationFailedException(HandShake_AUTHENTICATOR_INSTANCE_COULD_NOT_BE_OBTAINED.toLocalizedString());
+ }
LogWriter logWriter = services.getLogWriter();
LogWriter securityLogWriter = services.getSecurityLogWriter();
auth.init(securityProps, logWriter, securityLogWriter);
return auth.authenticate((Properties) credentials, member);
+
} catch (GemFireSecurityException gse) {
throw gse;
+
} catch (Exception ex) {
- throw new AuthenticationFailedException(
- HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
+ throw new AuthenticationFailedException(HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
+
} finally {
if (auth != null) auth.close();
}
}
/**
- * Get credential object for the given GemFire distributed member
- * @param member the target distributed member
+ * Get credential object for the given GemFire distributed member.
+ *
+ * @param member
+ * the target distributed member
* @return the credential object
*/
@Override
public Object getCredentials(InternalDistributedMember member) {
try {
return getCredentials(member, securityProps);
+
} catch (Exception e) {
String authMethod = securityProps.getProperty(SECURITY_PEER_AUTH_INIT_NAME);
- services.getSecurityLogWriter().warning(
- LocalizedStrings.AUTH_FAILED_TO_OBTAIN_CREDENTIALS_IN_0_USING_AUTHINITIALIZE_1_2,
- new Object[] {authMethod, e.getLocalizedMessage()});
+ services.getSecurityLogWriter().warning(LocalizedStrings.AUTH_FAILED_TO_OBTAIN_CREDENTIALS_IN_0_USING_AUTHINITIALIZE_1_2, new Object[] { authMethod, e.getLocalizedMessage() });
return null;
}
}
- // for unit test
+ /**
+ * For testing only.
+ */
Properties getCredentials(DistributedMember member, Properties secProps) {
Properties credentials = null;
String authMethod = secProps.getProperty(SECURITY_PEER_AUTH_INIT_NAME);
+
try {
if (authMethod != null && authMethod.length() > 0) {
Method getter = ClassLoadUtil.methodFromName(authMethod);
AuthInitialize auth = (AuthInitialize)getter.invoke(null, (Object[]) null);
- if (auth == null)
- throw new AuthenticationRequiredException(
- AUTH_FAILED_TO_ACQUIRE_AUTHINITIALIZE_INSTANCE.toLocalizedString(authMethod));
+ if (auth == null) {
+ throw new AuthenticationRequiredException(AUTH_FAILED_TO_ACQUIRE_AUTHINITIALIZE_INSTANCE.toLocalizedString(authMethod));
+ }
try {
LogWriter logWriter = services.getLogWriter();
@@ -201,19 +215,17 @@ public class GMSAuthenticator implements Authenticator {
auth.close();
}
}
+
} catch (GemFireSecurityException gse) {
throw gse;
+
} catch (Exception ex) {
- throw new AuthenticationRequiredException(
- HandShake_FAILED_TO_ACQUIRE_AUTHINITIALIZE_METHOD_0.toLocalizedString(authMethod), ex);
+ throw new AuthenticationRequiredException(HandShake_FAILED_TO_ACQUIRE_AUTHINITIALIZE_METHOD_0.toLocalizedString(authMethod), ex);
}
+
return credentials;
}
- private final static String secPrefix = "gemfire.sys.security-";
- private final static int gemfireSysPrefixLen = "gemfire.sys.".length();
- private Properties securityProps = getSecurityProps();
-
Properties getSecurityProps() {
Properties props = new Properties();
Set keys = System.getProperties().keySet();
@@ -228,8 +240,5 @@ public class GMSAuthenticator implements Authenticator {
@Override
public void emergencyClose() {
- // TODO Auto-generated method stub
-
}
-
}
[2/2] incubator-geode git commit: Add comment
Posted by kl...@apache.org.
Add comment
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7d3bea09
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7d3bea09
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7d3bea09
Branch: refs/heads/feature/GEODE-949-2
Commit: 7d3bea0910d7779df8da13d83e57794af9c2e98a
Parents: d60d8a3
Author: Kirk Lund <kl...@apache.org>
Authored: Wed Mar 16 11:07:21 2016 -0700
Committer: Kirk Lund <kl...@apache.org>
Committed: Wed Mar 16 11:07:21 2016 -0700
----------------------------------------------------------------------
.../internal/membership/gms/auth/GMSAuthenticator.java | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7d3bea09/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
index d472de0..741eb2c 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/auth/GMSAuthenticator.java
@@ -111,7 +111,7 @@ public class GMSAuthenticator implements Authenticator {
*/
@Override
public String authenticate(InternalDistributedMember member, Object credentials) throws AuthenticationFailedException {
- return authenticate(member, credentials, securityProps, services.getJoinLeave().getMemberID());
+ return authenticate(member, credentials, this.securityProps, this.services.getJoinLeave().getMemberID());
}
/**
@@ -124,7 +124,7 @@ public class GMSAuthenticator implements Authenticator {
return null;
}
- InternalLogWriter securityLogWriter = services.getSecurityLogWriter();
+ InternalLogWriter securityLogWriter = this.services.getSecurityLogWriter();
String failMsg = null;
if (credentials != null) {
try {
@@ -156,9 +156,10 @@ public class GMSAuthenticator implements Authenticator {
throw new AuthenticationFailedException(HandShake_AUTHENTICATOR_INSTANCE_COULD_NOT_BE_OBTAINED.toLocalizedString());
}
- LogWriter logWriter = services.getLogWriter();
- LogWriter securityLogWriter = services.getSecurityLogWriter();
- auth.init(securityProps, logWriter, securityLogWriter);
+ LogWriter logWriter = this.services.getLogWriter();
+ LogWriter securityLogWriter = this.services.getSecurityLogWriter();
+
+ auth.init(this.securityProps, logWriter, securityLogWriter); // this.securityProps contains security-ldap-basedn but security-ldap-baseDomainName is expected
return auth.authenticate((Properties) credentials, member);
} catch (GemFireSecurityException gse) {