Example 26 with AuthorizeRequest
use of org.apache.geode.internal.security.AuthorizeRequest in project geode by apache.
the class Query651 method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
// Based on MessageType.DESTROY
// Added by gregp 10/18/05
serverConnection.setAsTrue(REQUIRES_RESPONSE);
serverConnection.setAsTrue(REQUIRES_CHUNKED_RESPONSE);
// Retrieve the data from the message parts
String queryString = clientMessage.getPart(0).getString();
long compiledQueryId = 0;
Object[] queryParams = null;
try {
if (clientMessage.getMessageType() == MessageType.QUERY_WITH_PARAMETERS) {
// Query with parameters supported from 6.6 onwards.
// Number of parameters.
int params = clientMessage.getPart(1).getInt();
// In case of native client there will be extra two parameters at 2 and 3 index.
int paramStartIndex = 2;
if (clientMessage.getNumberOfParts() > (1 + /* type */
1 + /* query string */
1 + /* params length */
params)) {
int timeout = clientMessage.getPart(3).getInt();
serverConnection.setRequestSpecificTimeout(timeout);
paramStartIndex = 4;
}
// Get the query execution parameters.
queryParams = new Object[params];
for (int i = 0; i < queryParams.length; i++) {
queryParams[i] = clientMessage.getPart(i + paramStartIndex).getObject();
}
} else {
// need to take care while adding new message
if (clientMessage.getNumberOfParts() == 3) {
int timeout = clientMessage.getPart(2).getInt();
serverConnection.setRequestSpecificTimeout(timeout);
}
}
} catch (ClassNotFoundException cne) {
throw new QueryInvalidException(cne.getMessage() + queryString);
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received query request from {} queryString: {}{}", serverConnection.getName(), serverConnection.getSocketString(), queryString, (queryParams != null ? (" with num query parameters :" + queryParams.length) : ""));
}
try {
// Create query
QueryService queryService = serverConnection.getCachedRegionHelper().getCache().getLocalQueryService();
org.apache.geode.cache.query.Query query = null;
if (queryParams != null) {
// Its a compiled query.
CacheClientNotifier ccn = serverConnection.getAcceptor().getCacheClientNotifier();
query = ccn.getCompiledQuery(queryString);
if (query == null) {
// This is first time the query is seen by this server.
query = queryService.newQuery(queryString);
ccn.addCompiledQuery((DefaultQuery) query);
}
ccn.getStats().incCompiledQueryUsedCount(1);
((DefaultQuery) query).setLastUsed(true);
} else {
query = queryService.newQuery(queryString);
}
Set regionNames = ((DefaultQuery) query).getRegionsInQuery(queryParams);
// Authorization check
QueryOperationContext queryContext = null;
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
queryContext = authzRequest.queryAuthorize(queryString, regionNames, queryParams);
String newQueryString = queryContext.getQuery();
if (queryString != null && !queryString.equals(newQueryString)) {
query = queryService.newQuery(newQueryString);
queryString = newQueryString;
regionNames = queryContext.getRegionNames();
if (regionNames == null) {
regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
}
}
}
processQueryUsingParams(clientMessage, query, queryString, regionNames, start, null, queryContext, serverConnection, true, queryParams);
} catch (QueryInvalidException e) {
throw new QueryInvalidException(e.getMessage() + queryString);
}
}
Also used :
DefaultQuery(org.apache.geode.cache.query.internal.DefaultQuery)
Set(java.util.Set)
CacheClientNotifier(org.apache.geode.internal.cache.tier.sockets.CacheClientNotifier)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
QueryInvalidException(org.apache.geode.cache.query.QueryInvalidException)
QueryOperationContext(org.apache.geode.cache.operations.QueryOperationContext)
QueryService(org.apache.geode.cache.query.QueryService)
Example 27 with AuthorizeRequest
use of org.apache.geode.internal.security.AuthorizeRequest in project geode by apache.
the class Request method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException {
Part regionNamePart = null, keyPart = null, valuePart = null;
String regionName = null;
Object callbackArg = null, key = null;
CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
CacheServerStats stats = serverConnection.getCacheServerStats();
StringId errMessage = null;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
// requiresResponse = true;
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadGetRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
int parts = clientMessage.getNumberOfParts();
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
// valuePart = null; (redundant assignment)
if (parts > 2) {
valuePart = clientMessage.getPart(2);
try {
callbackArg = valuePart.getObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
// responded = true;
serverConnection.setAsTrue(RESPONDED);
return;
}
}
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
// responded = true;
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received get request ({} bytes) from {} for region {} key {} txId {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key, clientMessage.getTransactionId());
}
// Process the get request
if (key == null || regionName == null) {
if ((key == null) && (regionName == null)) {
errMessage = LocalizedStrings.Request_THE_INPUT_REGION_NAME_AND_KEY_FOR_THE_GET_REQUEST_ARE_NULL;
} else if (key == null) {
errMessage = LocalizedStrings.Request_THE_INPUT_KEY_FOR_THE_GET_REQUEST_IS_NULL;
} else if (regionName == null) {
errMessage = LocalizedStrings.Request_THE_INPUT_REGION_NAME_FOR_THE_GET_REQUEST_IS_NULL;
}
String s = errMessage.toLocalizedString();
logger.warn("{}: {}", serverConnection.getName(), s);
writeErrorResponse(clientMessage, MessageType.REQUESTDATAERROR, s, serverConnection);
// responded = true;
serverConnection.setAsTrue(RESPONDED);
} else {
Region region = serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = LocalizedStrings.Request__0_WAS_NOT_FOUND_DURING_GET_REQUEST.toLocalizedString(regionName);
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
} else {
GetOperationContext getContext = null;
try {
this.securityService.authorizeRegionRead(regionName, key.toString());
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
getContext = authzRequest.getAuthorize(regionName, key, callbackArg);
callbackArg = getContext.getCallbackArg();
}
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
// Get the value and update the statistics. Do not deserialize
// the value if it is a byte[].
Object[] valueAndIsObject = new Object[3];
try {
getValueAndIsObject(region, key, callbackArg, serverConnection, valueAndIsObject);
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
Object data = valueAndIsObject[0];
boolean isObject = ((Boolean) valueAndIsObject[1]).booleanValue();
try {
AuthorizeRequestPP postAuthzRequest = serverConnection.getPostAuthzRequest();
if (postAuthzRequest != null) {
getContext = postAuthzRequest.getAuthorize(regionName, key, data, isObject, getContext);
byte[] serializedValue = getContext.getSerializedValue();
if (serializedValue == null) {
data = getContext.getObject();
} else {
data = serializedValue;
}
isObject = getContext.isObject();
}
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessGetTime(start - oldStart);
}
if (region instanceof PartitionedRegion) {
PartitionedRegion pr = (PartitionedRegion) region;
if (pr.getNetworkHopType() != PartitionedRegion.NETWORK_HOP_NONE) {
writeResponseWithRefreshMetadata(data, callbackArg, clientMessage, isObject, serverConnection, pr, pr.getNetworkHopType());
pr.clearNetworkHopData();
} else {
writeResponse(data, callbackArg, clientMessage, isObject, serverConnection);
}
} else {
writeResponse(data, callbackArg, clientMessage, isObject, serverConnection);
}
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Wrote get response back to {} for region {} key {} value: {}", serverConnection.getName(), serverConnection.getSocketString(), regionName, key, data);
}
stats.incWriteGetResponseTime(DistributionStats.getStatTime() - start);
}
}
}
Also used :
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
IOException(java.io.IOException)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
GetOperationContext(org.apache.geode.cache.operations.GetOperationContext)
CachedRegionHelper(org.apache.geode.internal.cache.tier.CachedRegionHelper)
StringId(org.apache.geode.i18n.StringId)
CacheServerStats(org.apache.geode.internal.cache.tier.sockets.CacheServerStats)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
PartitionedRegion(org.apache.geode.internal.cache.PartitionedRegion)
LocalRegion(org.apache.geode.internal.cache.LocalRegion)
Region(org.apache.geode.cache.Region)
PartitionedRegion(org.apache.geode.internal.cache.PartitionedRegion)
Example 28 with AuthorizeRequest
use of org.apache.geode.internal.security.AuthorizeRequest in project geode by apache.
the class ClientUserAuths method cleanUserAuth.
public void cleanUserAuth(UserAuthAttributes userAuth) {
if (userAuth != null) {
AuthorizeRequest authReq = userAuth.getAuthzRequest();
try {
if (authReq != null) {
authReq.close();
authReq = null;
}
} catch (Exception ex) {
// TODO:hitesh
/*
* if (securityLogger.warningEnabled()) { securityLogger.warning( LocalizedStrings.
* ServerConnection_0_AN_EXCEPTION_WAS_THROWN_WHILE_CLOSING_CLIENT_AUTHORIZATION_CALLBACK_1,
* new Object[] {"", ex}); }
*/
}
try {
AuthorizeRequestPP postAuthzReq = userAuth.getPostAuthzRequest();
if (postAuthzReq != null) {
postAuthzReq.close();
postAuthzReq = null;
}
} catch (Exception ex) {
// TODO:hitesh
/*
* if (securityLogger.warningEnabled()) { securityLogger.warning( LocalizedStrings.
* ServerConnection_0_AN_EXCEPTION_WAS_THROWN_WHILE_CLOSING_CLIENT_POSTPROCESS_AUTHORIZATION_CALLBACK_1,
* new Object[] {"", ex}); }
*/
}
}
}
Also used :
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP)
Example 29 with AuthorizeRequest
use of org.apache.geode.internal.security.AuthorizeRequest in project geode by apache.
the class UnregisterInterest method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws ClassNotFoundException, IOException {
Part regionNamePart = null, keyPart = null;
String regionName = null;
Object key = null;
int interestType = 0;
StringId errMessage = null;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
regionNamePart = clientMessage.getPart(0);
interestType = clientMessage.getPart(1).getInt();
keyPart = clientMessage.getPart(2);
Part isClosingPart = clientMessage.getPart(3);
byte[] isClosingPartBytes = (byte[]) isClosingPart.getObject();
boolean isClosing = isClosingPartBytes[0] == 0x01;
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
boolean keepalive = false;
try {
Part keepalivePart = clientMessage.getPart(4);
byte[] keepaliveBytes = (byte[]) keepalivePart.getObject();
keepalive = keepaliveBytes[0] != 0x00;
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received unregister interest request ({} bytes) from {} for region {} key {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key);
}
// Process the unregister interest request
if ((key == null) && (regionName == null)) {
errMessage = LocalizedStrings.UnRegisterInterest_THE_INPUT_REGION_NAME_AND_KEY_FOR_THE_UNREGISTER_INTEREST_REQUEST_ARE_NULL;
} else if (key == null) {
errMessage = LocalizedStrings.UnRegisterInterest_THE_INPUT_KEY_FOR_THE_UNREGISTER_INTEREST_REQUEST_IS_NULL;
} else if (regionName == null) {
errMessage = LocalizedStrings.UnRegisterInterest_THE_INPUT_REGION_NAME_FOR_THE_UNREGISTER_INTEREST_REQUEST_IS_NULL;
String s = errMessage.toLocalizedString();
logger.warn("{}: {}", serverConnection.getName(), s);
writeErrorResponse(clientMessage, MessageType.UNREGISTER_INTEREST_DATA_ERROR, s, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
try {
if (interestType == InterestType.REGULAR_EXPRESSION) {
this.securityService.authorizeRegionRead(regionName);
} else {
this.securityService.authorizeRegionRead(regionName, key.toString());
}
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
if (!DynamicRegionFactory.regionIsDynamicRegionList(regionName)) {
try {
UnregisterInterestOperationContext unregisterContext = authzRequest.unregisterInterestAuthorize(regionName, key, interestType);
key = unregisterContext.getKey();
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
}
// Yogesh : bug fix for 36457 :
/*
* Region destroy message from server to client results in client calling unregister to server
* (an unnecessary callback). The unregister encounters an error because the region has been
* destroyed on the server and hence falsely marks the server dead.
*/
/*
* Region region = crHelper.getRegion(regionName); if (region == null) {
* logger.warning(this.name + ": Region named " + regionName + " was not found during unregister
* interest request"); writeErrorResponse(msg, MessageType.UNREGISTER_INTEREST_DATA_ERROR);
* responded = true; } else {
*/
// Unregister interest irrelevent of whether the region is present it or
// not
serverConnection.getAcceptor().getCacheClientNotifier().unregisterClientInterest(regionName, key, interestType, isClosing, serverConnection.getProxyID(), keepalive);
// Update the statistics and write the reply
// bserverStats.incLong(processDestroyTimeId,
// DistributionStats.getStatTime() - start);
// start = DistributionStats.getStatTime();
writeReply(clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent unregister interest response for region {} key {}", serverConnection.getName(), regionName, key);
}
// bserverStats.incLong(writeDestroyResponseTimeId,
// DistributionStats.getStatTime() - start);
// bserverStats.incInt(destroyResponsesId, 1);
// }
}
Also used :
StringId(org.apache.geode.i18n.StringId)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
UnregisterInterestOperationContext(org.apache.geode.cache.operations.UnregisterInterestOperationContext)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
IOException(java.io.IOException)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
Example 30 with AuthorizeRequest
use of org.apache.geode.internal.security.AuthorizeRequest in project geode by apache.
the class Query method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
// Based on MessageType.DESTROY
// Added by gregp 10/18/05
serverConnection.setAsTrue(REQUIRES_RESPONSE);
serverConnection.setAsTrue(REQUIRES_CHUNKED_RESPONSE);
// Retrieve the data from the message parts
String queryString = clientMessage.getPart(0).getString();
if (clientMessage.getNumberOfParts() == 3) {
int timeout = clientMessage.getPart(2).getInt();
serverConnection.setRequestSpecificTimeout(timeout);
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received query request from {} queryString: {}", serverConnection.getName(), serverConnection.getSocketString(), queryString);
}
try {
// Create query
QueryService queryService = serverConnection.getCachedRegionHelper().getCache().getLocalQueryService();
org.apache.geode.cache.query.Query query = queryService.newQuery(queryString);
Set regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
// Authorization check
QueryOperationContext queryContext = null;
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
queryContext = authzRequest.queryAuthorize(queryString, regionNames);
String newQueryString = queryContext.getQuery();
if (queryString != null && !queryString.equals(newQueryString)) {
query = queryService.newQuery(newQueryString);
queryString = newQueryString;
regionNames = queryContext.getRegionNames();
if (regionNames == null) {
regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
}
}
}
processQuery(clientMessage, query, queryString, regionNames, start, null, queryContext, serverConnection, true);
} catch (QueryInvalidException e) {
throw new QueryInvalidException(e.getMessage() + queryString);
} catch (QueryExecutionLowMemoryException e) {
writeQueryResponseException(clientMessage, e, serverConnection);
}
}
Also used :
Set(java.util.Set)
DefaultQuery(org.apache.geode.cache.query.internal.DefaultQuery)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
QueryExecutionLowMemoryException(org.apache.geode.cache.query.QueryExecutionLowMemoryException)
QueryInvalidException(org.apache.geode.cache.query.QueryInvalidException)
QueryOperationContext(org.apache.geode.cache.operations.QueryOperationContext)
QueryService(org.apache.geode.cache.query.QueryService)
Aggregations
AuthorizeRequest (org.apache.geode.internal.security.AuthorizeRequest)48
IOException (java.io.IOException)40
Part (org.apache.geode.internal.cache.tier.sockets.Part)33
CachedRegionHelper (org.apache.geode.internal.cache.tier.CachedRegionHelper)26
LocalRegion (org.apache.geode.internal.cache.LocalRegion)23
CacheServerStats (org.apache.geode.internal.cache.tier.sockets.CacheServerStats)21
PartitionedRegion (org.apache.geode.internal.cache.PartitionedRegion)16
EventID (org.apache.geode.internal.cache.EventID)13
ByteBuffer (java.nio.ByteBuffer)12
ChunkedMessage (org.apache.geode.internal.cache.tier.sockets.ChunkedMessage)12
NotAuthorizedException (org.apache.geode.security.NotAuthorizedException)12
Set (java.util.Set)11
RegionDestroyedException (org.apache.geode.cache.RegionDestroyedException)11
StringId (org.apache.geode.i18n.StringId)11
Region (org.apache.geode.cache.Region)8
Function (org.apache.geode.cache.execute.Function)8
FunctionException (org.apache.geode.cache.execute.FunctionException)8
ExecuteFunctionOperationContext (org.apache.geode.cache.operations.ExecuteFunctionOperationContext)8
InternalFunctionInvocationTargetException (org.apache.geode.internal.cache.execute.InternalFunctionInvocationTargetException)8
MemberMappedArgument (org.apache.geode.internal.cache.execute.MemberMappedArgument)8
