You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@rocketmq.apache.org by GitBox <gi...@apache.org> on 2018/10/19 07:21:39 UTC

[GitHub] dongeforever commented on a change in pull request #485: Develop acl

dongeforever commented on a change in pull request #485: Develop acl
URL: https://github.com/apache/rocketmq/pull/485#discussion_r226550705
 
 

 ##########
 File path: broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java
 ##########
 @@ -486,6 +496,47 @@ private void initialTransaction() {
         this.transactionalMessageCheckService = new TransactionalMessageCheckService(this);
     }
 
+    private void initialAclPlug() {
+        try {
+            if (!this.brokerConfig.isAclPlug()) {
+                log.info("Default does not start acl plug");
+                return;
+            }
+            ControllerParameters controllerParameters = new ControllerParameters();
+            controllerParameters.setFileHome(brokerConfig.getRocketmqHome());
+            aclPlugController = new AclPlugController(controllerParameters);
+            if (!aclPlugController.isStartSucceed()) {
+                log.error("start acl plug failure");
+                return;
+            }
+            final AclRemotingService aclRemotingService = aclPlugController.getAclRemotingService();
+            this.registerServerRPCHook(new RPCHook() {
+
+                @Override
+                public void doBeforeRequest(String remoteAddr, RemotingCommand request) {
+                    HashMap<String, String> extFields = request.getExtFields();
+                    AccessControl accessControl = new AccessControl();
+                    accessControl.setCode(request.getCode());
+                    accessControl.setRecognition(remoteAddr);
+                    if (extFields != null) {
+                        accessControl.setAccount(extFields.get("account"));
+                        accessControl.setPassword(extFields.get("password"));
+                        accessControl.setNetaddress(StringUtils.split(remoteAddr, ":")[0]);
+                        accessControl.setTopic(extFields.get("topic"));
+                    }
+                    aclRemotingService.check(accessControl);
+                }
 
 Review comment:
   For some requests like UPDATE_CONSUMER_OFFSET, it may contain several topics, how to handle such situation?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services