public void setPostAuthzCallback(AccessControl authzCallback) { // TODO:hitesh synchronization synchronized (this.clientUserAuthsLock) { if (this.postAuthzCallback != null) this.postAuthzCallback.close(); this.postAuthzCallback = authzCallback; } }
default void init(Principal principal, DistributedMember remoteMember) throws NotAuthorizedException { init(principal, remoteMember, null); }
public QueryOperationContext queryAuthorize(String queryString, Set regionNames, Object[] queryParams) throws NotAuthorizedException { if (regionNames == null) { regionNames = new HashSet(); } QueryOperationContext queryContext = new QueryOperationContext(queryString, regionNames, false, queryParams); if (!this.authzCallback.authorizeOperation(null, queryContext)) { String errStr = String.format("Not authorized to perfom QUERY operation [%s] on the cache", queryString); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest( toString() + ": Authorized to perform QUERY operation [" + queryString + "] on cache"); } } return queryContext; }
public ExecuteCQOperationContext executeCQAuthorize(String cqName, String queryString, Set regionNames) throws NotAuthorizedException { if (regionNames == null) { regionNames = new HashSet(); } ExecuteCQOperationContext executeCQContext = new ExecuteCQOperationContext(cqName, queryString, regionNames, false); if (!this.authzCallback.authorizeOperation(null, executeCQContext)) { String errStr = String.format("Not authorized to perfom EXECUTE_CQ operation [%s] on the cache", queryString); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform EXECUTE_CQ operation [" + queryString + "] on cache"); } } return executeCQContext; }
public void stopCQAuthorize(String cqName, String queryString, Set regionNames) throws NotAuthorizedException { StopCQOperationContext stopCQContext = new StopCQOperationContext(cqName, queryString, regionNames); if (!this.authzCallback.authorizeOperation(null, stopCQContext)) { String errStr = String.format("Not authorized to perfom STOP_CQ operation [%s] on the cache", cqName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform STOP_CQ operation [" + cqName + ',' + queryString + "] on cache"); } } }
default void init(Principal principal) throws NotAuthorizedException { init(principal, null, null); }
public void close() { this.postAuthzCallback.close(); }
public void containsKeyAuthorize(String regionName, Object key) throws NotAuthorizedException { ContainsKeyOperationContext containsKeyContext = new ContainsKeyOperationContext(key); if (!this.authzCallback.authorizeOperation(regionName, containsKeyContext)) { String errStr = String.format("Not authorized to perform CONTAINS_KEY operation on region %s", regionName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform CONTAINS_KEY operation on region [" + regionName + ']'); } } }
public AuthorizeRequest(String authzFactoryName, DistributedMember dm, Principal principal, Cache cache) throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException, NotAuthorizedException { this.principal = principal; if (this.principal instanceof Serializable) { this.isPrincipalSerializable = true; } else { this.isPrincipalSerializable = false; } this.logger = cache.getSecurityLogger(); Method authzMethod = ClassLoadUtil.methodFromName(authzFactoryName); this.authzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null); this.authzCallback.init(principal, dm, cache); this.id = null; }
public void close() { this.authzCallback.close(); }
public void closeCQAuthorize(String cqName, String queryString, Set regionNames) throws NotAuthorizedException { CloseCQOperationContext closeCQContext = new CloseCQOperationContext(cqName, queryString, regionNames); if (!this.authzCallback.authorizeOperation(null, closeCQContext)) { String errStr = String.format("Not authorized to perfom CLOSE_CQ operation [%s] on the cache", cqName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform CLOSE_CQ operation [" + cqName + ',' + queryString + "] on cache"); } } }
public AuthorizeRequestPP(String postAuthzFactoryName, ClientProxyMembershipID id, Principal principal, Cache cache) throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException { this.id = id; this.principal = principal; if (this.principal instanceof Serializable) { this.isPrincipalSerializable = true; } else { this.isPrincipalSerializable = false; } this.logger = cache.getSecurityLogger(); Method postAuthzMethod = ClassLoadUtil.methodFromName(postAuthzFactoryName); this.postAuthzCallback = (AccessControl) postAuthzMethod.invoke(null, (Object[]) null); this.postAuthzCallback.init(principal, id.getDistributedMember(), cache); if (this.logger.infoEnabled()) { this.logger.info( String.format( "AuthorizeRequestPP: Setting post process authorization callback to %s for client[%s].", new Object[] {id, postAuthzFactoryName})); } }
if (!pauseDurable) { if (this.postAuthzCallback != null) {// for single user this.postAuthzCallback.close(); this.postAuthzCallback = null; } else if (this.clientUserAuths != null) {// for multiple users
public void createRegionAuthorize(String regionName) throws NotAuthorizedException { RegionCreateOperationContext regionCreateContext = new RegionCreateOperationContext(false); if (!this.authzCallback.authorizeOperation(regionName, regionCreateContext)) { String errStr = String.format("Not authorized to perform CREATE_REGION operation for the region %s", regionName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform REGION_CREATE operation of region [" + regionName + ']'); } } }
Method authzMethod = ClassLoadUtil.methodFromName(postAuthzFactoryName); authzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null); authzCallback.init(principal, member, this.getCache());
public KeySetOperationContext keySetAuthorize(String regionName) throws NotAuthorizedException { KeySetOperationContext keySetContext = new KeySetOperationContext(false); if (!this.authzCallback.authorizeOperation(regionName, keySetContext)) { String errStr = String.format("Not authorized to perform KEY_SET operation on region %s", regionName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(toString() + ": Authorized to perform KEY_SET operation on region [" + regionName + ']'); } } return keySetContext; }
public ExecuteFunctionOperationContext executeFunctionAuthorize(Object oneResult, ExecuteFunctionOperationContext executeContext) throws NotAuthorizedException { executeContext.setResult(oneResult); final String regionName = executeContext.getRegionName(); if (!this.postAuthzCallback.authorizeOperation(regionName, executeContext)) { String errStr = String.format( "%s: In post-process: Not authorized to perform EXECUTE_REGION_FUNCTION operation on region [%s]", new Object[] {toString(), regionName}); if (this.logger.warningEnabled()) { this.logger.warning(String.format("%s", errStr)); } if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest(this.id + ": In post-process: authorized to perform EXECUTE_REGION_FUNCTION operation on region [" + regionName + ']'); } } return executeContext; }
.authorizeOperation(regionNameHolder[0], opctxt)) { isAuthorized = true; .authorizeOperation(regionNameHolder[0], opctxt)) { isAuthorized = true; isAuthorize = this.postAuthzCallback.authorizeOperation(regionNameHolder[0], opctxt); isAuthorize = this.postAuthzCallback.authorizeOperation(regionNameHolder[0], opctxt);
public RegisterInterestOperationContext registerInterestListAuthorize(String regionName, List keys, InterestResultPolicy policy) throws NotAuthorizedException { RegisterInterestOperationContext registerInterestListContext; registerInterestListContext = new RegisterInterestOperationContext(keys, InterestType.LIST, policy); if (!this.authzCallback.authorizeOperation(regionName, registerInterestListContext)) { String errStr = String.format("Not authorized to perform REGISTER_INTEREST_LIST operation for region %s", regionName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest( toString() + ": Authorized to perform REGISTER_INTEREST_LIST operation for region [" + regionName + ']'); } } return registerInterestListContext; }
public UnregisterInterestOperationContext unregisterInterestListAuthorize(String regionName, List keys) throws NotAuthorizedException { UnregisterInterestOperationContext unregisterInterestListContext; unregisterInterestListContext = new UnregisterInterestOperationContext(keys, InterestType.LIST); if (!this.authzCallback.authorizeOperation(regionName, unregisterInterestListContext)) { String errStr = String.format( "Not authorized to perform UNREGISTER_INTEREST_LIST operation for region %s", regionName); this.logger.warning(String.format("%s : %s", new Object[] {this, errStr})); if (this.isPrincipalSerializable) { throw new NotAuthorizedException(errStr, this.principal); } else { throw new NotAuthorizedException(errStr); } } else { if (this.logger.finestEnabled()) { this.logger.finest( toString() + ": Authorized to perform UNREGISTER_INTEREST_LIST operation for region [" + regionName + ']'); } } return unregisterInterestListContext; }