Search in sources :

Example 6 with AuthorizeRequestPP

use of org.apache.geode.internal.security.AuthorizeRequestPP in project geode by apache.

the class GetAll70 method fillAndSendGetAllResponseChunks.

private void fillAndSendGetAllResponseChunks(Region region, String regionName, Object[] keys, ServerConnection servConn, boolean requestSerializedValues) throws IOException {
    // Interpret null keys object as a request to get all key,value entry pairs
    // of the region; otherwise iterate each key and perform the get behavior.
    Iterator allKeysIter;
    int numKeys;
    if (keys != null) {
        allKeysIter = null;
        numKeys = keys.length;
    } else {
        Set allKeys = region.keySet();
        allKeysIter = allKeys.iterator();
        numKeys = allKeys.size();
    }
    // Shouldn't it be 'keys != null' below?
    // The answer is no.
    // Note that the current implementation of client/server getAll the "keys" will always be
    // non-null.
    // The server callects and returns the values in the same order as the keys it received.
    // So the server does not need to send the keys back to the client.
    // When the client receives the server's "values" it calls setKeys using the key list the client
    // already has.
    // So the only reason we would tell the VersionedObjectList that it needs to track keys is if we
    // are running
    // in the old mode (which may be impossible since we only used that mode pre 7.0) in which the
    // client told us
    // to get and return all the keys and values. I think this was used for register interest.
    VersionedObjectList values = new VersionedObjectList(MAXIMUM_CHUNK_SIZE, keys == null, region.getAttributes().getConcurrencyChecksEnabled(), requestSerializedValues);
    try {
        AuthorizeRequest authzRequest = servConn.getAuthzRequest();
        AuthorizeRequestPP postAuthzRequest = servConn.getPostAuthzRequest();
        Get70 request = (Get70) Get70.getCommand();
        final boolean isDebugEnabled = logger.isDebugEnabled();
        for (int i = 0; i < numKeys; i++) {
            // Send the intermediate chunk if necessary
            if (values.size() == MAXIMUM_CHUNK_SIZE) {
                // Send the chunk and clear the list
                values.setKeys(null);
                sendGetAllResponseChunk(region, values, false, servConn);
                values.clear();
            }
            Object key;
            boolean keyNotPresent = false;
            if (keys != null) {
                key = keys[i];
            } else {
                key = allKeysIter.next();
            }
            if (isDebugEnabled) {
                logger.debug("{}: Getting value for key={}", servConn.getName(), key);
            }
            // Determine if the user authorized to get this key
            GetOperationContext getContext = null;
            if (authzRequest != null) {
                try {
                    getContext = authzRequest.getAuthorize(regionName, key, null);
                    if (isDebugEnabled) {
                        logger.debug("{}: Passed GET pre-authorization for key={}", servConn.getName(), key);
                    }
                } catch (NotAuthorizedException ex) {
                    logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                    values.addExceptionPart(key, ex);
                    continue;
                }
            }
            try {
                this.securityService.authorizeRegionRead(regionName, key.toString());
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
            // Get the value and update the statistics. Do not deserialize
            // the value if it is a byte[].
            // Getting a value in serialized form is pretty nasty. I split this out
            // so the logic can be re-used by the CacheClientProxy.
            Get70.Entry entry = request.getEntry(region, key, null, servConn);
            @Retained final Object originalData = entry.value;
            Object data = originalData;
            if (logger.isDebugEnabled()) {
                logger.debug("retrieved key={} {}", key, entry);
            }
            boolean addedToValues = false;
            try {
                boolean isObject = entry.isObject;
                VersionTag versionTag = entry.versionTag;
                keyNotPresent = entry.keyNotPresent;
                if (postAuthzRequest != null) {
                    try {
                        getContext = postAuthzRequest.getAuthorize(regionName, key, data, isObject, getContext);
                        GetOperationContextImpl gci = (GetOperationContextImpl) getContext;
                        Object newData = gci.getRawValue();
                        if (newData != data) {
                            // user changed the value
                            isObject = getContext.isObject();
                            data = newData;
                        }
                    } catch (NotAuthorizedException ex) {
                        logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                        values.addExceptionPart(key, ex);
                        continue;
                    } finally {
                        if (getContext != null) {
                            ((GetOperationContextImpl) getContext).release();
                        }
                    }
                }
                data = this.securityService.postProcess(regionName, key, data, entry.isObject);
                // Add the entry to the list that will be returned to the client
                if (keyNotPresent) {
                    values.addObjectPartForAbsentKey(key, data, versionTag);
                    addedToValues = true;
                } else {
                    values.addObjectPart(key, data, isObject, versionTag);
                    addedToValues = true;
                }
            } finally {
                if (!addedToValues || data != originalData) {
                    OffHeapHelper.release(originalData);
                }
            }
        }
        // Send the last chunk even if the list is of zero size.
        if (Version.GFE_701.compareTo(servConn.getClientVersion()) <= 0) {
            // 7.0.1 and later clients do not expect the keys in the response
            values.setKeys(null);
        }
        sendGetAllResponseChunk(region, values, true, servConn);
        servConn.setAsTrue(RESPONDED);
    } finally {
        values.release();
    }
}
Also used : Set(java.util.Set) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP) VersionedObjectList(org.apache.geode.internal.cache.tier.sockets.VersionedObjectList) NotAuthorizedException(org.apache.geode.security.NotAuthorizedException) GetOperationContextImpl(org.apache.geode.cache.operations.internal.GetOperationContextImpl) GetOperationContext(org.apache.geode.cache.operations.GetOperationContext) Retained(org.apache.geode.internal.offheap.annotations.Retained) Iterator(java.util.Iterator) VersionTag(org.apache.geode.internal.cache.versions.VersionTag)

Example 7 with AuthorizeRequestPP

use of org.apache.geode.internal.security.AuthorizeRequestPP in project geode by apache.

the class GetAllWithCallback method fillAndSendGetAllResponseChunks.

private void fillAndSendGetAllResponseChunks(Region region, String regionName, Object[] keys, ServerConnection servConn, Object callback) throws IOException {
    assert keys != null;
    int numKeys = keys.length;
    VersionedObjectList values = new VersionedObjectList(MAXIMUM_CHUNK_SIZE, false, region.getAttributes().getConcurrencyChecksEnabled(), false);
    try {
        AuthorizeRequest authzRequest = servConn.getAuthzRequest();
        AuthorizeRequestPP postAuthzRequest = servConn.getPostAuthzRequest();
        Get70 request = (Get70) Get70.getCommand();
        for (int i = 0; i < numKeys; i++) {
            // Send the intermediate chunk if necessary
            if (values.size() == MAXIMUM_CHUNK_SIZE) {
                // Send the chunk and clear the list
                sendGetAllResponseChunk(region, values, false, servConn);
                values.clear();
            }
            Object key;
            boolean keyNotPresent = false;
            key = keys[i];
            if (logger.isDebugEnabled()) {
                logger.debug("{}: Getting value for key={}", servConn.getName(), key);
            }
            // Determine if the user authorized to get this key
            GetOperationContext getContext = null;
            if (authzRequest != null) {
                try {
                    getContext = authzRequest.getAuthorize(regionName, key, callback);
                    if (logger.isDebugEnabled()) {
                        logger.debug("{}: Passed GET pre-authorization for key={}", servConn.getName(), key);
                    }
                } catch (NotAuthorizedException ex) {
                    logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                    values.addExceptionPart(key, ex);
                    continue;
                }
            }
            try {
                this.securityService.authorizeRegionRead(regionName, key.toString());
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
            // Get the value and update the statistics. Do not deserialize
            // the value if it is a byte[].
            // Getting a value in serialized form is pretty nasty. I split this out
            // so the logic can be re-used by the CacheClientProxy.
            Get70.Entry entry = request.getEntry(region, key, callback, servConn);
            @Retained final Object originalData = entry.value;
            Object data = originalData;
            if (logger.isDebugEnabled()) {
                logger.debug("retrieved key={} {}", key, entry);
            }
            boolean addedToValues = false;
            try {
                boolean isObject = entry.isObject;
                VersionTag versionTag = entry.versionTag;
                keyNotPresent = entry.keyNotPresent;
                if (postAuthzRequest != null) {
                    try {
                        getContext = postAuthzRequest.getAuthorize(regionName, key, data, isObject, getContext);
                        GetOperationContextImpl gci = (GetOperationContextImpl) getContext;
                        Object newData = gci.getRawValue();
                        if (newData != data) {
                            // user changed the value
                            isObject = getContext.isObject();
                            data = newData;
                        }
                    } catch (NotAuthorizedException ex) {
                        logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                        values.addExceptionPart(key, ex);
                        continue;
                    } finally {
                        if (getContext != null) {
                            ((GetOperationContextImpl) getContext).release();
                        }
                    }
                }
                // Add the entry to the list that will be returned to the client
                if (keyNotPresent) {
                    values.addObjectPartForAbsentKey(key, data, versionTag);
                    addedToValues = true;
                } else {
                    values.addObjectPart(key, data, isObject, versionTag);
                    addedToValues = true;
                }
            } finally {
                if (!addedToValues || data != originalData) {
                    OffHeapHelper.release(originalData);
                }
            }
        }
        // Send the last chunk even if the list is of zero size.
        sendGetAllResponseChunk(region, values, true, servConn);
        servConn.setAsTrue(RESPONDED);
    } finally {
        values.release();
    }
}
Also used : AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP) VersionedObjectList(org.apache.geode.internal.cache.tier.sockets.VersionedObjectList) NotAuthorizedException(org.apache.geode.security.NotAuthorizedException) GetOperationContextImpl(org.apache.geode.cache.operations.internal.GetOperationContextImpl) GetOperationContext(org.apache.geode.cache.operations.GetOperationContext) Retained(org.apache.geode.internal.offheap.annotations.Retained) VersionTag(org.apache.geode.internal.cache.versions.VersionTag)

Example 8 with AuthorizeRequestPP

use of org.apache.geode.internal.security.AuthorizeRequestPP in project geode by apache.

the class GetAll method fillAndSendGetAllResponseChunks.

private void fillAndSendGetAllResponseChunks(Region region, String regionName, Object[] keys, ServerConnection servConn) throws IOException {
    // Interpret null keys object as a request to get all key,value entry pairs
    // of the region; otherwise iterate each key and perform the get behavior.
    Iterator allKeysIter;
    int numKeys;
    if (keys != null) {
        allKeysIter = null;
        numKeys = keys.length;
    } else {
        Set allKeys = region.keySet();
        allKeysIter = allKeys.iterator();
        numKeys = allKeys.size();
    }
    ObjectPartList values = new ObjectPartList(MAXIMUM_CHUNK_SIZE, keys == null);
    AuthorizeRequest authzRequest = servConn.getAuthzRequest();
    AuthorizeRequestPP postAuthzRequest = servConn.getPostAuthzRequest();
    Request request = (Request) Request.getCommand();
    Object[] valueAndIsObject = new Object[3];
    for (int i = 0; i < numKeys; i++) {
        // Send the intermediate chunk if necessary
        if (values.size() == MAXIMUM_CHUNK_SIZE) {
            // Send the chunk and clear the list
            sendGetAllResponseChunk(region, values, false, servConn);
            values.clear();
        }
        Object key;
        if (keys != null) {
            key = keys[i];
        } else {
            key = allKeysIter.next();
        }
        if (logger.isDebugEnabled()) {
            logger.debug("{}: Getting value for key={}", servConn.getName(), key);
        }
        // Determine if the user authorized to get this key
        GetOperationContext getContext = null;
        if (authzRequest != null) {
            try {
                getContext = authzRequest.getAuthorize(regionName, key, null);
                if (logger.isDebugEnabled()) {
                    logger.debug("{}: Passed GET pre-authorization for key={}", servConn.getName(), key);
                }
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
        }
        try {
            this.securityService.authorizeRegionRead(regionName, key.toString());
        } catch (NotAuthorizedException ex) {
            logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
            values.addExceptionPart(key, ex);
            continue;
        }
        // Get the value and update the statistics. Do not deserialize
        // the value if it is a byte[].
        // Getting a value in serialized form is pretty nasty. I split this out
        // so the logic can be re-used by the CacheClientProxy.
        request.getValueAndIsObject(region, key, null, servConn, valueAndIsObject);
        Object value = valueAndIsObject[0];
        boolean isObject = ((Boolean) valueAndIsObject[1]).booleanValue();
        if (logger.isDebugEnabled()) {
            logger.debug("{}: Retrieved value for key={}: {}", servConn.getName(), key, value);
        }
        if (postAuthzRequest != null) {
            try {
                getContext = postAuthzRequest.getAuthorize(regionName, key, value, isObject, getContext);
                byte[] serializedValue = getContext.getSerializedValue();
                if (serializedValue == null) {
                    value = getContext.getObject();
                } else {
                    value = serializedValue;
                }
                isObject = getContext.isObject();
                if (logger.isDebugEnabled()) {
                    logger.debug("{}: Passed GET post-authorization for key={}: {}", servConn.getName(), key, value);
                }
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
        }
        // post process
        value = this.securityService.postProcess(regionName, key, value, isObject);
        if (logger.isDebugEnabled()) {
            logger.debug("{}: Returning value for key={}: {}", servConn.getName(), key, value);
        }
        // Add the value to the list of values
        values.addObjectPart(key, value, isObject, null);
    }
    // Send the last chunk even if the list is of zero size.
    sendGetAllResponseChunk(region, values, true, servConn);
    servConn.setAsTrue(RESPONDED);
}
Also used : Set(java.util.Set) ObjectPartList(org.apache.geode.internal.cache.tier.sockets.ObjectPartList) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) NotAuthorizedException(org.apache.geode.security.NotAuthorizedException) GetOperationContext(org.apache.geode.cache.operations.GetOperationContext) Iterator(java.util.Iterator)

Example 9 with AuthorizeRequestPP

use of org.apache.geode.internal.security.AuthorizeRequestPP in project geode by apache.

the class GetAll651 method fillAndSendGetAllResponseChunks.

private void fillAndSendGetAllResponseChunks(Region region, String regionName, Object[] keys, ServerConnection servConn) throws IOException {
    // Interpret null keys object as a request to get all key,value entry pairs
    // of the region; otherwise iterate each key and perform the get behavior.
    Iterator allKeysIter;
    int numKeys;
    if (keys != null) {
        allKeysIter = null;
        numKeys = keys.length;
    } else {
        Set allKeys = region.keySet();
        allKeysIter = allKeys.iterator();
        numKeys = allKeys.size();
    }
    ObjectPartList651 values = getObjectPartsList(keys == null);
    AuthorizeRequest authzRequest = servConn.getAuthzRequest();
    AuthorizeRequestPP postAuthzRequest = servConn.getPostAuthzRequest();
    Request request = (Request) Request.getCommand();
    Object[] valueAndIsObject = new Object[3];
    final boolean isDebugEnabled = logger.isDebugEnabled();
    for (int i = 0; i < numKeys; i++) {
        // Send the intermediate chunk if necessary
        if (values.size() == MAXIMUM_CHUNK_SIZE) {
            // Send the chunk and clear the list
            sendGetAllResponseChunk(region, values, false, servConn);
            values.clear();
        }
        Object key;
        boolean keyNotPresent = false;
        if (keys != null) {
            key = keys[i];
        } else {
            key = allKeysIter.next();
        }
        if (isDebugEnabled) {
            logger.debug("{}: Getting value for key={}", servConn.getName(), key);
        }
        // Determine if the user authorized to get this key
        GetOperationContext getContext = null;
        if (authzRequest != null) {
            try {
                getContext = authzRequest.getAuthorize(regionName, key, null);
                if (isDebugEnabled) {
                    logger.debug("{}: Passed GET pre-authorization for key={}", servConn.getName(), key);
                }
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
        }
        try {
            this.securityService.authorizeRegionRead(regionName, key.toString());
        } catch (NotAuthorizedException ex) {
            logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
            values.addExceptionPart(key, ex);
            continue;
        }
        // Get the value and update the statistics. Do not deserialize
        // the value if it is a byte[].
        // Getting a value in serialized form is pretty nasty. I split this out
        // so the logic can be re-used by the CacheClientProxy.
        request.getValueAndIsObject(region, key, null, servConn, valueAndIsObject);
        Object value = valueAndIsObject[0];
        boolean isObject = ((Boolean) valueAndIsObject[1]).booleanValue();
        keyNotPresent = ((Boolean) valueAndIsObject[2]).booleanValue();
        ;
        if (isDebugEnabled) {
            logger.debug("{}: Retrieved value for key={}: {}", servConn.getName(), key, value);
        }
        if (postAuthzRequest != null) {
            try {
                getContext = postAuthzRequest.getAuthorize(regionName, key, value, isObject, getContext);
                byte[] serializedValue = getContext.getSerializedValue();
                if (serializedValue == null) {
                    value = getContext.getObject();
                } else {
                    value = serializedValue;
                }
                isObject = getContext.isObject();
                if (isDebugEnabled) {
                    logger.debug("{}: Passed GET post-authorization for key={}: {}", servConn.getName(), key, value);
                }
            } catch (NotAuthorizedException ex) {
                logger.warn(LocalizedMessage.create(LocalizedStrings.GetAll_0_CAUGHT_THE_FOLLOWING_EXCEPTION_ATTEMPTING_TO_GET_VALUE_FOR_KEY_1, new Object[] { servConn.getName(), key }), ex);
                values.addExceptionPart(key, ex);
                continue;
            }
        }
        value = this.securityService.postProcess(regionName, key, value, isObject);
        if (isDebugEnabled) {
            logger.debug("{}: Returning value for key={}: {}", servConn.getName(), key, value);
        }
        // Add the value to the list of values
        if (keyNotPresent) {
            if (logger.isDebugEnabled()) {
                logger.debug("{}: key={} is not present on server.", servConn.getName(), key);
            }
            values.addObjectPartForAbsentKey(key, value);
        } else {
            values.addObjectPart(key, value, isObject, null);
        }
    }
    // Send the last chunk even if the list is of zero size.
    sendGetAllResponseChunk(region, values, true, servConn);
    servConn.setAsTrue(RESPONDED);
}
Also used : Set(java.util.Set) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) ObjectPartList651(org.apache.geode.internal.cache.tier.sockets.ObjectPartList651) AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) NotAuthorizedException(org.apache.geode.security.NotAuthorizedException) GetOperationContext(org.apache.geode.cache.operations.GetOperationContext) Iterator(java.util.Iterator)

Example 10 with AuthorizeRequestPP

use of org.apache.geode.internal.security.AuthorizeRequestPP in project geode by apache.

the class ServerHandShakeProcessor method getUniqueId.

public static long getUniqueId(ServerConnection connection, Principal principal) throws Exception {
    try {
        InternalLogWriter securityLogWriter = connection.getSecurityLogWriter();
        DistributedSystem system = connection.getDistributedSystem();
        Properties systemProperties = system.getProperties();
        // hitesh:auth callbacks
        String authzFactoryName = systemProperties.getProperty(SECURITY_CLIENT_ACCESSOR);
        String postAuthzFactoryName = systemProperties.getProperty(SECURITY_CLIENT_ACCESSOR_PP);
        AuthorizeRequest authzRequest = null;
        AuthorizeRequestPP postAuthzRequest = null;
        if (authzFactoryName != null && authzFactoryName.length() > 0) {
            if (securityLogWriter.fineEnabled())
                securityLogWriter.fine(connection.getName() + ": Setting pre-process authorization callback to: " + authzFactoryName);
            if (principal == null) {
                if (securityLogWriter.warningEnabled()) {
                    securityLogWriter.warning(LocalizedStrings.ServerHandShakeProcessor_0_AUTHORIZATION_ENABLED_BUT_AUTHENTICATION_CALLBACK_1_RETURNED_WITH_NULL_CREDENTIALS_FOR_PROXYID_2, new Object[] { connection.getName(), SECURITY_CLIENT_AUTHENTICATOR, connection.getProxyID() });
                }
            }
            authzRequest = new AuthorizeRequest(authzFactoryName, connection.getProxyID(), principal, connection.getCache());
        // connection.setAuthorizeRequest(authzRequest);
        }
        if (postAuthzFactoryName != null && postAuthzFactoryName.length() > 0) {
            if (securityLogWriter.fineEnabled())
                securityLogWriter.fine(connection.getName() + ": Setting post-process authorization callback to: " + postAuthzFactoryName);
            if (principal == null) {
                if (securityLogWriter.warningEnabled()) {
                    securityLogWriter.warning(LocalizedStrings.ServerHandShakeProcessor_0_POSTPROCESS_AUTHORIZATION_ENABLED_BUT_NO_AUTHENTICATION_CALLBACK_2_IS_CONFIGURED, new Object[] { connection.getName(), SECURITY_CLIENT_AUTHENTICATOR });
                }
            }
            postAuthzRequest = new AuthorizeRequestPP(postAuthzFactoryName, connection.getProxyID(), principal, connection.getCache());
        // connection.setPostAuthorizeRequest(postAuthzRequest);
        }
        return connection.setUserAuthorizeAndPostAuthorizeRequest(authzRequest, postAuthzRequest);
    } catch (Exception ex) {
        throw ex;
    }
}
Also used : InternalLogWriter(org.apache.geode.internal.logging.InternalLogWriter) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) AuthorizeRequestPP(org.apache.geode.internal.security.AuthorizeRequestPP) ConfigurationProperties(org.apache.geode.distributed.ConfigurationProperties) Properties(java.util.Properties) DistributedSystem(org.apache.geode.distributed.DistributedSystem) InternalDistributedSystem(org.apache.geode.distributed.internal.InternalDistributedSystem) VersionException(org.apache.geode.cache.VersionException) AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException) SocketException(java.net.SocketException) SocketTimeoutException(java.net.SocketTimeoutException) IOException(java.io.IOException) EOFException(java.io.EOFException) IncompatibleVersionException(org.apache.geode.cache.IncompatibleVersionException) AuthenticationRequiredException(org.apache.geode.security.AuthenticationRequiredException) UnsupportedVersionException(org.apache.geode.cache.UnsupportedVersionException)

Aggregations

AuthorizeRequestPP (org.apache.geode.internal.security.AuthorizeRequestPP)13 AuthorizeRequest (org.apache.geode.internal.security.AuthorizeRequest)8 IOException (java.io.IOException)6 GetOperationContext (org.apache.geode.cache.operations.GetOperationContext)6 NotAuthorizedException (org.apache.geode.security.NotAuthorizedException)6 Iterator (java.util.Iterator)5 Set (java.util.Set)4 GetOperationContextImpl (org.apache.geode.cache.operations.internal.GetOperationContextImpl)3 CachedRegionHelper (org.apache.geode.internal.cache.tier.CachedRegionHelper)3 VersionTag (org.apache.geode.internal.cache.versions.VersionTag)3 Retained (org.apache.geode.internal.offheap.annotations.Retained)3 SocketException (java.net.SocketException)2 Region (org.apache.geode.cache.Region)2 RegionDestroyedException (org.apache.geode.cache.RegionDestroyedException)2 StringId (org.apache.geode.i18n.StringId)2 LocalRegion (org.apache.geode.internal.cache.LocalRegion)2 PartitionedRegion (org.apache.geode.internal.cache.PartitionedRegion)2 CacheServerStats (org.apache.geode.internal.cache.tier.sockets.CacheServerStats)2 Part (org.apache.geode.internal.cache.tier.sockets.Part)2 VersionedObjectList (org.apache.geode.internal.cache.tier.sockets.VersionedObjectList)2