Example 1 with CDC
use of dmg.cells.nucleus.CDC in project dcache by dCache.
the class MiltonHandler method handle.
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
try (CDC ignored = CDC.reset(_myAddress)) {
Transfer.initSession(false, false);
ServletContext context = ContextHandler.getCurrentContext();
if ("USERINFO".equals(request.getMethod())) {
response.sendError(501);
} else {
Subject subject = Subject.getSubject(AccessController.getContext());
ServletRequest req = new DcacheServletRequest(request, context);
ServletResponse resp = new DcacheServletResponse(response);
/* Although we don't rely on the authorization tag
* ourselves, Milton uses it to detect that the request
* was preauthenticated.
*/
req.setAuthorization(new Auth(Subjects.getUserName(subject), subject));
baseRequest.setHandled(true);
_httpManager.process(req, resp);
}
if (!request.isAsyncStarted()) {
response.getOutputStream().flush();
response.flushBuffer();
}
}
}
Also used :
ServletRequest(io.milton.servlet.ServletRequest)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletResponse(io.milton.servlet.ServletResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
CDC(dmg.cells.nucleus.CDC)
Auth(io.milton.http.Auth)
ServletContext(javax.servlet.ServletContext)
Subject(javax.security.auth.Subject)
Example 2 with CDC
use of dmg.cells.nucleus.CDC in project dcache by dCache.
the class MoverRequestScheduler method sendToExecution.
private void sendToExecution(final PrioritizedRequest request) {
try (CDC ignore = request.getCdc().restore()) {
request.transfer(new CompletionHandler<Void, Void>() {
@Override
public void completed(Void result, Void attachment) {
postprocess();
}
@Override
public void failed(Throwable exc, Void attachment) {
if (exc instanceof InterruptedException || exc instanceof InterruptedIOException) {
request.getMover().setTransferStatus(CacheException.DEFAULT_ERROR_CODE, "Transfer was killed");
} else if (exc instanceof DiskErrorCacheException) {
FaultEvent faultEvent = new FaultEvent("transfer", FaultAction.DISABLED, exc.getMessage(), exc);
_faultListeners.forEach(l -> l.faultOccurred(faultEvent));
}
postprocess();
}
private void postprocess() {
try (CDC ignore = request.getCdc().restore()) {
request.getMover().close(new CompletionHandler<Void, Void>() {
@Override
public void completed(Void result, Void attachment) {
release();
}
@Override
public void failed(Throwable exc, Void attachment) {
if (exc instanceof DiskErrorCacheException) {
FaultEvent faultEvent = new FaultEvent("post-processing", FaultAction.DISABLED, exc.getMessage(), exc);
_faultListeners.forEach(l -> l.faultOccurred(faultEvent));
}
release();
}
private void release() {
request.done();
_jobs.remove(request.getId());
_moverByRequests.remove(request.getDoorUniqueId());
PrioritizedRequest nextRequest = nextOrRelease();
if (nextRequest != null) {
sendToExecution(nextRequest);
}
}
});
}
}
});
}
}
Also used :
InterruptedIOException(java.io.InterruptedIOException)
CDC(dmg.cells.nucleus.CDC)
CompletionHandler(java.nio.channels.CompletionHandler)
FaultEvent(org.dcache.pool.FaultEvent)
DiskErrorCacheException(diskCacheV111.util.DiskErrorCacheException)
Example 3 with CDC
use of dmg.cells.nucleus.CDC in project dcache by dCache.
the class NettyLineBasedDoor method channelRegistered.
@Override
public void channelRegistered(ChannelHandlerContext ctx) throws Exception {
try (CDC ignored = CDC.reset(getNucleus().getThisAddress())) {
Transfer.initSession(false, true);
cdc = new CDC();
}
channel = ctx.channel();
channel.config().setOption(ChannelOption.ALLOW_HALF_CLOSURE, true);
channel.config().setOption(ChannelOption.TCP_NODELAY, true);
channel.config().setOption(ChannelOption.SO_KEEPALIVE, true);
}
Also used :
CDC(dmg.cells.nucleus.CDC)
Example 4 with CDC
use of dmg.cells.nucleus.CDC in project dcache by dCache.
the class AnsiTerminalCommand method start.
@Override
public void start(ChannelSession channelSession, Environment env) throws IOException {
_pipedOut = new PipedOutputStream();
_pipedIn = new PipedInputStream(_pipedOut);
_userAdminShell.setUser(env.getEnv().get(Environment.ENV_USER));
_console = new ConsoleReader(_pipedIn, _out, new ConsoleReaderTerminal(env)) {
@Override
public void print(CharSequence s) throws IOException {
/* See https://github.com/jline/jline2/issues/205 */
getOutput().append(s);
}
};
CDC cdc = new CDC();
_adminShellThread = new Thread(() -> cdc.execute(this));
_adminShellThread.start();
_pipeThread = new Thread(() -> cdc.execute(new Pipe()));
_pipeThread.start();
}
Also used :
CDC(dmg.cells.nucleus.CDC)
ConsoleReader(jline.console.ConsoleReader)
PipedOutputStream(java.io.PipedOutputStream)
PipedInputStream(java.io.PipedInputStream)
InterruptedIOException(java.io.InterruptedIOException)
IOException(java.io.IOException)
Example 5 with CDC
use of dmg.cells.nucleus.CDC in project dcache by dCache.
the class CanlContextFactory method createDelegate.
/**
* Creates an SslContextFactory to which SSLEngine creation can be delegated.
* <p>
* The reason to create a delegate is that SslContextFactory doesn't allow the SSLContext to be
* recreated once initialized. Thus the only means of reloading the host key is to recreate the
* entire factory.
*/
private SslContextFactory createDelegate() throws Exception {
// use instance of SslContextFactory.Server as it allows non 'https' protocol schemas.
// See: https://github.com/eclipse/jetty.project/issues/3454
SslContextFactory factory = new SslContextFactory.Server() {
/*
* PEMCredential does not consistently support keyPasswd being null
* https://github.com/eu-emi/canl-java/issues/114
*/
private final PEMCredential serverCredential = new PEMCredential(keyPath.toString(), certificatePath.toString(), new char[] {});
@Override
protected void doStart() throws Exception {
super.setCertAlias(CanlContextFactory.this.getCertAlias());
super.setCipherComparator(CanlContextFactory.this.getCipherComparator());
super.setExcludeCipherSuites(CanlContextFactory.this.getExcludeCipherSuites());
super.setExcludeProtocols(CanlContextFactory.this.getExcludeProtocols());
super.setIncludeCipherSuites(CanlContextFactory.this.getIncludeCipherSuites());
super.setIncludeProtocols(CanlContextFactory.this.getIncludeProtocols());
super.setMaxCertPathLength(CanlContextFactory.this.getMaxCertPathLength());
super.setProtocol(CanlContextFactory.this.getProtocol());
super.setProvider(CanlContextFactory.this.getProvider());
super.setRenegotiationAllowed(CanlContextFactory.this.isRenegotiationAllowed());
super.setSecureRandomAlgorithm(CanlContextFactory.this.getSecureRandomAlgorithm());
super.setSessionCachingEnabled(CanlContextFactory.this.isSessionCachingEnabled());
super.setSslSessionCacheSize(CanlContextFactory.this.getSslSessionCacheSize());
super.setSslSessionTimeout(CanlContextFactory.this.getSslSessionTimeout());
super.setStopTimeout(CanlContextFactory.this.getStopTimeout());
super.setUseCipherSuitesOrder(CanlContextFactory.this.isUseCipherSuitesOrder());
super.setWantClientAuth(CanlContextFactory.this.getWantClientAuth());
super.setNeedClientAuth(CanlContextFactory.this.getNeedClientAuth());
super.setKeyStore(serverCredential.getKeyStore());
super.doStart();
}
@Override
protected KeyStore loadKeyStore(Resource resource) throws Exception {
return null;
}
@Override
protected KeyStore loadTrustStore(Resource resource) throws Exception {
return null;
}
@Override
protected Collection<? extends CRL> loadCRL(String crlPath) throws Exception {
return null;
}
@Override
protected KeyManager[] getKeyManagers(KeyStore keyStore) throws Exception {
return new KeyManager[] { serverCredential.getKeyManager() };
}
@Override
protected TrustManager[] getTrustManagers(KeyStore trustStore, Collection<? extends CRL> crls) throws Exception {
return org.dcache.ssl.CanlContextFactory.custom().withOcspCheckingMode(ocspCheckingMode).withCrlCheckingMode(crlCheckingMode).withNamespaceMode(namespaceMode).withCertificateAuthorityPath(certificateAuthorityPath).withCertificateAuthorityUpdateInterval(certificateAuthorityUpdateInterval).withLazy(false).withLoggingContext(new CDC()::restore).withValidationCacheLifetime(validationCacheLifetime).build().getTrustManagers();
}
};
factory.start();
return factory;
}
Also used :
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
CDC(dmg.cells.nucleus.CDC)
Resource(org.eclipse.jetty.util.resource.Resource)
Collection(java.util.Collection)
PEMCredential(eu.emi.security.authn.x509.impl.PEMCredential)
CRL(java.security.cert.CRL)
KeyStore(java.security.KeyStore)
KeyManager(javax.net.ssl.KeyManager)
TrustManager(javax.net.ssl.TrustManager)
Aggregations
CDC (dmg.cells.nucleus.CDC)14
InterruptedIOException (java.io.InterruptedIOException)2
InetSocketAddress (java.net.InetSocketAddress)2
ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1
ListeningExecutorService (com.google.common.util.concurrent.ListeningExecutorService)1
CacheException (diskCacheV111.util.CacheException)1
DiskErrorCacheException (diskCacheV111.util.DiskErrorCacheException)1
FileNotFoundCacheException (diskCacheV111.util.FileNotFoundCacheException)1
FileNotInCacheException (diskCacheV111.util.FileNotInCacheException)1
PermissionDeniedCacheException (diskCacheV111.util.PermissionDeniedCacheException)1
PnfsId (diskCacheV111.util.PnfsId)1
PEMCredential (eu.emi.security.authn.x509.impl.PEMCredential)1
Auth (io.milton.http.Auth)1
ServletRequest (io.milton.servlet.ServletRequest)1
ServletResponse (io.milton.servlet.ServletResponse)1
ChannelFuture (io.netty.channel.ChannelFuture)1
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)1
ChannelPromise (io.netty.channel.ChannelPromise)1
ChannelPromiseNotifier (io.netty.channel.ChannelPromiseNotifier)1
IOException (java.io.IOException)1
