Example 1 with AiravataSecurityManager
use of org.apache.airavata.service.security.AiravataSecurityManager in project airavata by apache.
the class AiravataAPIServer method startAiravataServer.
public void startAiravataServer(Airavata.Processor<Airavata.Iface> airavataAPIServer) throws AiravataSystemException {
try {
final String serverHost = ServerSettings.getSetting(Constants.API_SERVER_HOST, null);
if (!ServerSettings.isTLSEnabled()) {
final int serverPort = Integer.parseInt(ServerSettings.getSetting(Constants.API_SERVER_PORT, "8930"));
TServerTransport serverTransport;
if (ServerSettings.isAPIServerTLSEnabled()) {
logger.info("Starting API Server with TLS Security..");
String keystore = ServerSettings.getApiServerKeystore();
String keystorePWD = ServerSettings.getApiServerKeystorePasswd();
TSSLTransportFactory.TSSLTransportParameters tlsParams = new TSSLTransportFactory.TSSLTransportParameters();
tlsParams.setKeyStore(keystore, keystorePWD);
serverTransport = TSSLTransportFactory.getServerSocket(serverPort, 10000, InetAddress.getByName(serverHost), tlsParams);
} else {
if (serverHost == null) {
serverTransport = new TServerSocket(serverPort);
} else {
InetSocketAddress inetSocketAddress = new InetSocketAddress(serverHost, serverPort);
serverTransport = new TServerSocket(inetSocketAddress);
}
}
TThreadPoolServer.Args options = new TThreadPoolServer.Args(serverTransport);
options.minWorkerThreads = Integer.parseInt(ServerSettings.getSetting(Constants.API_SERVER_MIN_THREADS, "50"));
server = new TThreadPoolServer(options.processor(airavataAPIServer));
new Thread() {
public void run() {
server.serve();
setStatus(ServerStatus.STOPPED);
logger.info("Airavata API Server Stopped.");
}
}.start();
new Thread() {
public void run() {
while (!server.isServing()) {
try {
Thread.sleep(500);
} catch (InterruptedException e) {
break;
}
}
if (server.isServing()) {
setStatus(ServerStatus.STARTED);
logger.info("Starting Airavata API Server on Port " + serverPort);
logger.info("Listening to Airavata Clients ....");
}
}
}.start();
logger.info("Started API Server ....");
} else {
/**
********start thrift server over TLS*****************
*/
TSSLTransportFactory.TSSLTransportParameters TLSParams = new TSSLTransportFactory.TSSLTransportParameters();
TLSParams.setKeyStore(ServerSettings.getKeyStorePath(), ServerSettings.getKeyStorePassword());
TServerSocket TLSServerTransport = TSSLTransportFactory.getServerSocket(ServerSettings.getTLSServerPort(), ServerSettings.getTLSClientTimeout(), InetAddress.getByName(serverHost), TLSParams);
TThreadPoolServer.Args settings = new TThreadPoolServer.Args(TLSServerTransport);
settings.minWorkerThreads = Integer.parseInt(ServerSettings.getSetting(Constants.API_SERVER_MIN_THREADS, "50"));
TLSServer = new TThreadPoolServer(settings.processor(airavataAPIServer));
new Thread() {
public void run() {
TLSServer.serve();
setStatus(ServerStatus.STOPPED);
logger.info("Airavata API Server over TLS Stopped.");
}
}.start();
new Thread() {
public void run() {
while (!TLSServer.isServing()) {
try {
Thread.sleep(500);
} catch (InterruptedException e) {
break;
}
}
if (TLSServer.isServing()) {
setStatus(ServerStatus.STARTED);
}
}
}.start();
logger.info("API server started over TLS on Port: " + ServerSettings.getTLSServerPort() + " ...");
}
/*perform any security related initialization at the server startup, according to the underlying security
manager implementation being used.*/
AiravataSecurityManager securityManager = SecurityManagerFactory.getSecurityManager();
securityManager.initializeSecurityInfra();
} catch (TTransportException e) {
logger.error(e.getMessage(), e);
setStatus(ServerStatus.FAILED);
logger.error("Failed to start API server ...");
throw new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
} catch (ApplicationSettingsException e) {
logger.error(e.getMessage(), e);
throw new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
} catch (UnknownHostException e) {
logger.error(e.getMessage(), e);
throw new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
} catch (AiravataSecurityException e) {
logger.error(e.getMessage(), e);
throw new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
}
}
Also used :
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
UnknownHostException(java.net.UnknownHostException)
InetSocketAddress(java.net.InetSocketAddress)
AiravataSecurityManager(org.apache.airavata.service.security.AiravataSecurityManager)
TTransportException(org.apache.thrift.transport.TTransportException)
TSSLTransportFactory(org.apache.thrift.transport.TSSLTransportFactory)
TServerTransport(org.apache.thrift.transport.TServerTransport)
TServerSocket(org.apache.thrift.transport.TServerSocket)
AiravataSystemException(org.apache.airavata.model.error.AiravataSystemException)
TThreadPoolServer(org.apache.thrift.server.TThreadPoolServer)
AiravataSecurityException(org.apache.airavata.security.AiravataSecurityException)
Example 2 with AiravataSecurityManager
use of org.apache.airavata.service.security.AiravataSecurityManager in project airavata by apache.
the class SecurityInterceptor method authorize.
private void authorize(AuthzToken authzToken, Map<String, String> metaData) throws AuthorizationException {
try {
boolean isAPISecured = ServerSettings.isAPISecured();
if (isAPISecured) {
AiravataSecurityManager securityManager = SecurityManagerFactory.getSecurityManager();
boolean isAuthz = securityManager.isUserAuthorized(authzToken, metaData);
if (!isAuthz) {
throw new AuthorizationException("User is not authenticated or authorized.");
}
}
} catch (AiravataSecurityException e) {
logger.error(e.getMessage(), e);
throw new AuthorizationException("Error in authenticating or authorizing user.");
} catch (ApplicationSettingsException e) {
logger.error(e.getMessage(), e);
throw new AuthorizationException("Internal error in authenticating or authorizing user.");
}
}
Also used :
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
AuthorizationException(org.apache.airavata.model.error.AuthorizationException)
AiravataSecurityManager(org.apache.airavata.service.security.AiravataSecurityManager)
AiravataSecurityException(org.apache.airavata.security.AiravataSecurityException)
Aggregations
ApplicationSettingsException (org.apache.airavata.common.exception.ApplicationSettingsException)2
AiravataSecurityException (org.apache.airavata.security.AiravataSecurityException)2
AiravataSecurityManager (org.apache.airavata.service.security.AiravataSecurityManager)2
InetSocketAddress (java.net.InetSocketAddress)1
UnknownHostException (java.net.UnknownHostException)1
AiravataSystemException (org.apache.airavata.model.error.AiravataSystemException)1
AuthorizationException (org.apache.airavata.model.error.AuthorizationException)1
TThreadPoolServer (org.apache.thrift.server.TThreadPoolServer)1
TSSLTransportFactory (org.apache.thrift.transport.TSSLTransportFactory)1
TServerSocket (org.apache.thrift.transport.TServerSocket)1
TServerTransport (org.apache.thrift.transport.TServerTransport)1
TTransportException (org.apache.thrift.transport.TTransportException)1
