Search in sources :

Example 1 with ClientPrincipal

use of com.hazelcast.client.impl.client.ClientPrincipal in project hazelcast by hazelcast.

the class ClientReAuthOperation method run.

@Override
public void run() throws Exception {
    ClientEngineImpl engine = getService();
    String memberUuid = getCallerUuid();
    if (!engine.trySetLastAuthenticationCorrelationId(clientUuid, authCorrelationId)) {
        String message = "Server already processed a newer authentication from client with uuid " + clientUuid + ". Not applying requested ownership change to " + memberUuid;
        getLogger().info(message);
        throw new AuthenticationException(message);
    }
    Set<ClientEndpoint> endpoints = engine.getEndpointManager().getEndpoints(clientUuid);
    for (ClientEndpoint endpoint : endpoints) {
        ClientPrincipal principal = new ClientPrincipal(clientUuid, memberUuid);
        endpoint.authenticated(principal);
    }
    String previousMemberUuid = engine.addOwnershipMapping(clientUuid, memberUuid);
    clientDisconnectOperationRun = previousMemberUuid == null;
}
Also used : ClientEngineImpl(com.hazelcast.client.impl.ClientEngineImpl) AuthenticationException(com.hazelcast.client.AuthenticationException) ClientEndpoint(com.hazelcast.client.ClientEndpoint) ClientPrincipal(com.hazelcast.client.impl.client.ClientPrincipal)

Example 2 with ClientPrincipal

use of com.hazelcast.client.impl.client.ClientPrincipal in project hazelcast by hazelcast.

the class AuthenticationBaseMessageTask method processMessage.

@Override
public void processMessage() throws Throwable {
    byte serializationServiceVersion = serializationService.getVersion();
    AuthenticationStatus authenticationStatus;
    if (clientSerializationVersion != serializationServiceVersion) {
        sendClientMessage(prepareSerializationVersionMismatchClientMessage());
        return;
    }
    authenticationStatus = authenticate();
    if (authenticationStatus == AuthenticationStatus.CREDENTIALS_FAILED) {
        sendClientMessage(prepareUnauthenticatedClientMessage());
        return;
    }
    if (!isOwnerConnection()) {
        prepareAndSendResponse(authenticationStatus);
        return;
    }
    String uuid = getUuid();
    String localMemberUUID = clientEngine.getThisUuid();
    principal = new ClientPrincipal(uuid, localMemberUUID);
    super.processMessage();
}
Also used : AuthenticationStatus(com.hazelcast.client.impl.protocol.AuthenticationStatus) ClientPrincipal(com.hazelcast.client.impl.client.ClientPrincipal)

Example 3 with ClientPrincipal

use of com.hazelcast.client.impl.client.ClientPrincipal in project hazelcast by hazelcast.

the class ClientConnectionManagerImpl method authenticate.

private void authenticate(final Address target, final ClientConnection connection, final boolean asOwner, final AuthenticationFuture callback) {
    SerializationService ss = client.getSerializationService();
    final ClientClusterServiceImpl clusterService = (ClientClusterServiceImpl) client.getClientClusterService();
    final ClientPrincipal principal = clusterService.getPrincipal();
    byte serializationVersion = ((InternalSerializationService) client.getSerializationService()).getVersion();
    String uuid = null;
    String ownerUuid = null;
    if (principal != null) {
        uuid = principal.getUuid();
        ownerUuid = principal.getOwnerUuid();
    }
    ClientMessage clientMessage = encodeAuthenticationRequest(asOwner, ss, serializationVersion, uuid, ownerUuid);
    ClientInvocation clientInvocation = new ClientInvocation(client, clientMessage, connection);
    ClientInvocationFuture future = clientInvocation.invokeUrgent();
    if (asOwner && clientInvocation.getSendConnection() != null) {
        correlationIddOfLastAuthentication.set(clientInvocation.getClientMessage().getCorrelationId());
    }
    future.andThen(new ExecutionCallback<ClientMessage>() {

        @Override
        public void onResponse(ClientMessage response) {
            ClientAuthenticationCodec.ResponseParameters result = ClientAuthenticationCodec.decodeResponse(response);
            AuthenticationStatus authenticationStatus = AuthenticationStatus.getById(result.status);
            switch(authenticationStatus) {
                case AUTHENTICATED:
                    connection.setConnectedServerVersion(result.serverHazelcastVersion);
                    connection.setRemoteEndpoint(result.address);
                    if (asOwner) {
                        if (!(correlationIddOfLastAuthentication.get() == response.getCorrelationId())) {
                            //if not same, client already gave up on this and send another authentication.
                            onFailure(new AuthenticationException("Owner authentication response from address " + target + " is late. Dropping the response. Principal : " + principal));
                            return;
                        }
                        connection.setIsAuthenticatedAsOwner();
                        ClientPrincipal principal = new ClientPrincipal(result.uuid, result.ownerUuid);
                        clusterService.setPrincipal(principal);
                        clusterService.setOwnerConnectionAddress(connection.getEndPoint());
                        logger.info("Setting " + connection + " as owner  with principal " + principal);
                    }
                    onAuthenticated(target, connection);
                    callback.onSuccess(connection, asOwner);
                    break;
                case CREDENTIALS_FAILED:
                    onFailure(new AuthenticationException("Invalid credentials! Principal: " + principal));
                    break;
                default:
                    onFailure(new AuthenticationException("Authentication status code not supported. status: " + authenticationStatus));
            }
        }

        @Override
        public void onFailure(Throwable t) {
            onAuthenticationFailed(target, connection, t);
            callback.onFailure(t);
        }
    });
}
Also used : AuthenticationException(com.hazelcast.client.AuthenticationException) SerializationService(com.hazelcast.spi.serialization.SerializationService) InternalSerializationService(com.hazelcast.internal.serialization.InternalSerializationService) ClientInvocation(com.hazelcast.client.spi.impl.ClientInvocation) ClientMessage(com.hazelcast.client.impl.protocol.ClientMessage) ClientPrincipal(com.hazelcast.client.impl.client.ClientPrincipal) ClientInvocationFuture(com.hazelcast.client.spi.impl.ClientInvocationFuture) AuthenticationStatus(com.hazelcast.client.impl.protocol.AuthenticationStatus) InternalSerializationService(com.hazelcast.internal.serialization.InternalSerializationService) ClientClusterServiceImpl(com.hazelcast.client.spi.impl.ClientClusterServiceImpl)

Example 4 with ClientPrincipal

use of com.hazelcast.client.impl.client.ClientPrincipal in project hazelcast by hazelcast.

the class AuthenticationCustomCredentialsMessageTask method decodeClientMessage.

@Override
protected ClientAuthenticationCustomCodec.RequestParameters decodeClientMessage(ClientMessage clientMessage) {
    ClientAuthenticationCustomCodec.RequestParameters parameters = ClientAuthenticationCustomCodec.decodeRequest(clientMessage);
    String uuid = parameters.uuid;
    String ownerUuid = parameters.ownerUuid;
    if (uuid != null && uuid.length() > 0) {
        principal = new ClientPrincipal(uuid, ownerUuid);
    }
    credentials = serializationService.toObject(parameters.credentials);
    clientSerializationVersion = parameters.serializationVersion;
    if (parameters.clientHazelcastVersionExist) {
        clientVersion = parameters.clientHazelcastVersion;
    }
    return parameters;
}
Also used : ClientPrincipal(com.hazelcast.client.impl.client.ClientPrincipal) ClientAuthenticationCustomCodec(com.hazelcast.client.impl.protocol.codec.ClientAuthenticationCustomCodec)

Example 5 with ClientPrincipal

use of com.hazelcast.client.impl.client.ClientPrincipal in project hazelcast by hazelcast.

the class AuthenticationMessageTask method decodeClientMessage.

@Override
protected ClientAuthenticationCodec.RequestParameters decodeClientMessage(ClientMessage clientMessage) {
    final ClientAuthenticationCodec.RequestParameters parameters = ClientAuthenticationCodec.decodeRequest(clientMessage);
    final String uuid = parameters.uuid;
    final String ownerUuid = parameters.ownerUuid;
    if (uuid != null && uuid.length() > 0) {
        principal = new ClientPrincipal(uuid, ownerUuid);
    }
    credentials = new UsernamePasswordCredentials(parameters.username, parameters.password);
    clientSerializationVersion = parameters.serializationVersion;
    if (parameters.clientHazelcastVersionExist) {
        clientVersion = parameters.clientHazelcastVersion;
    }
    return parameters;
}
Also used : ClientAuthenticationCodec(com.hazelcast.client.impl.protocol.codec.ClientAuthenticationCodec) ClientPrincipal(com.hazelcast.client.impl.client.ClientPrincipal) UsernamePasswordCredentials(com.hazelcast.security.UsernamePasswordCredentials)

Aggregations

ClientPrincipal (com.hazelcast.client.impl.client.ClientPrincipal)5 AuthenticationException (com.hazelcast.client.AuthenticationException)2 AuthenticationStatus (com.hazelcast.client.impl.protocol.AuthenticationStatus)2 ClientEndpoint (com.hazelcast.client.ClientEndpoint)1 ClientEngineImpl (com.hazelcast.client.impl.ClientEngineImpl)1 ClientMessage (com.hazelcast.client.impl.protocol.ClientMessage)1 ClientAuthenticationCodec (com.hazelcast.client.impl.protocol.codec.ClientAuthenticationCodec)1 ClientAuthenticationCustomCodec (com.hazelcast.client.impl.protocol.codec.ClientAuthenticationCustomCodec)1 ClientClusterServiceImpl (com.hazelcast.client.spi.impl.ClientClusterServiceImpl)1 ClientInvocation (com.hazelcast.client.spi.impl.ClientInvocation)1 ClientInvocationFuture (com.hazelcast.client.spi.impl.ClientInvocationFuture)1 InternalSerializationService (com.hazelcast.internal.serialization.InternalSerializationService)1 UsernamePasswordCredentials (com.hazelcast.security.UsernamePasswordCredentials)1 SerializationService (com.hazelcast.spi.serialization.SerializationService)1