Example 6 with GemFireSecurityException
use of org.apache.geode.security.GemFireSecurityException in project geode by apache.
the class ConnectionFactoryImpl method createClientToServerConnection.
public Connection createClientToServerConnection(ServerLocation location, boolean forQueue) throws GemFireSecurityException {
ConnectionImpl connection = new ConnectionImpl(this.ds, this.cancelCriterion);
FailureTracker failureTracker = blackList.getFailureTracker(location);
boolean initialized = false;
try {
HandShake connHandShake = new HandShake(handshake);
connection.connect(endpointManager, location, connHandShake, socketBufferSize, handShakeTimeout, readTimeout, getCommMode(forQueue), this.gatewaySender, this.socketCreator);
failureTracker.reset();
connection.setHandShake(connHandShake);
authenticateIfRequired(connection);
initialized = true;
} catch (GemFireConfigException e) {
throw e;
} catch (CancelException e) {
// propagate this up, don't retry
throw e;
} catch (GemFireSecurityException e) {
// propagate this up, don't retry
throw e;
} catch (GatewayConfigurationException e) {
// propagate this up, don't retry
throw e;
} catch (ServerRefusedConnectionException src) {
// propagate this up, don't retry
logger.warn(LocalizedMessage.create(LocalizedStrings.AutoConnectionSourceImpl_COULD_NOT_CREATE_A_NEW_CONNECTION_TO_SERVER_0, src.getMessage()));
testFailedConnectionToServer = true;
throw src;
} catch (Exception e) {
if (e.getMessage() != null && (e.getMessage().equals("Connection refused") || e.getMessage().equals("Connection reset"))) {
// print an exception
if (logger.isDebugEnabled()) {
logger.debug("Unable to connect to {}: connection refused", location);
}
} else {
// print a warning with the exception stack trace
logger.warn(LocalizedMessage.create(LocalizedStrings.ConnectException_COULD_NOT_CONNECT_TO_0, location), e);
}
testFailedConnectionToServer = true;
} finally {
if (!initialized) {
connection.destroy();
failureTracker.addFailure();
connection = null;
}
}
return connection;
}
Also used :
HandShake(org.apache.geode.internal.cache.tier.sockets.HandShake)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
FailureTracker(org.apache.geode.cache.client.internal.ServerBlackList.FailureTracker)
GatewayConfigurationException(org.apache.geode.cache.GatewayConfigurationException)
GemFireConfigException(org.apache.geode.GemFireConfigException)
ServerRefusedConnectionException(org.apache.geode.cache.client.ServerRefusedConnectionException)
CancelException(org.apache.geode.CancelException)
ServerRefusedConnectionException(org.apache.geode.cache.client.ServerRefusedConnectionException)
GatewayConfigurationException(org.apache.geode.cache.GatewayConfigurationException)
GemFireConfigException(org.apache.geode.GemFireConfigException)
CancelException(org.apache.geode.CancelException)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
Example 7 with GemFireSecurityException
use of org.apache.geode.security.GemFireSecurityException in project geode by apache.
the class Put method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
Part regionNamePart = null, keyPart = null, valuePart = null, callbackArgPart = null;
String regionName = null;
Object callbackArg = null, key = null;
Part eventPart = null;
String errMessage = "";
CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
CacheServerStats stats = serverConnection.getCacheServerStats();
// requiresResponse = true;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadPutRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
valuePart = clientMessage.getPart(2);
eventPart = clientMessage.getPart(3);
// callbackArgPart = null; (redundant assignment)
if (clientMessage.getNumberOfParts() > 4) {
callbackArgPart = clientMessage.getPart(4);
try {
callbackArg = callbackArgPart.getObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isTraceEnabled()) {
logger.trace("{}: Received put request ({} bytes) from {} for region {} key {} value {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key, valuePart);
}
// Process the put request
if (key == null || regionName == null) {
if (key == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.Put_0_THE_INPUT_KEY_FOR_THE_PUT_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.Put_THE_INPUT_KEY_FOR_THE_PUT_REQUEST_IS_NULL.toLocalizedString();
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.Put_0_THE_INPUT_REGION_NAME_FOR_THE_PUT_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.Put_THE_INPUT_REGION_NAME_FOR_THE_PUT_REQUEST_IS_NULL.toLocalizedString();
}
writeErrorResponse(clientMessage, MessageType.PUT_DATA_ERROR, errMessage.toString(), serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
LocalRegion region = (LocalRegion) serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = LocalizedStrings.Put_REGION_WAS_NOT_FOUND_DURING_PUT_REQUEST.toLocalizedString();
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (valuePart.isNull() && region.containsKey(key)) {
// Invalid to 'put' a null value in an existing key
logger.info(LocalizedMessage.create(LocalizedStrings.Put_0_ATTEMPTED_TO_PUT_A_NULL_VALUE_FOR_EXISTING_KEY_1, new Object[] { serverConnection.getName(), key }));
errMessage = LocalizedStrings.Put_ATTEMPTED_TO_PUT_A_NULL_VALUE_FOR_EXISTING_KEY_0.toLocalizedString();
writeErrorResponse(clientMessage, MessageType.PUT_DATA_ERROR, errMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
ByteBuffer eventIdPartsBuffer = ByteBuffer.wrap(eventPart.getSerializedForm());
long threadId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
long sequenceId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
EventID eventId = new EventID(serverConnection.getEventMemberIDByteArray(), threadId, sequenceId);
try {
byte[] value = valuePart.getSerializedForm();
boolean isObject = valuePart.isObject();
this.securityService.authorizeRegionWrite(regionName, key.toString());
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
if (DynamicRegionFactory.regionIsDynamicRegionList(regionName)) {
authzRequest.createRegionAuthorize((String) key);
} else // Allow PUT operations on meta regions (bug #38961)
if (!region.isUsedForMetaRegion()) {
PutOperationContext putContext = authzRequest.putAuthorize(regionName, key, value, isObject, callbackArg);
value = putContext.getSerializedValue();
isObject = putContext.isObject();
callbackArg = putContext.getCallbackArg();
}
}
// If the value is 1 byte and the byte represents null,
// attempt to create the entry. This test needs to be
// moved to DataSerializer or DataSerializer.NULL needs
// to be publicly accessible.
boolean result = false;
if (value == null) {
// Create the null entry. Since the value is null, the value of the
// isObject
// the true after null doesn't matter and is not used.
result = region.basicBridgeCreate(key, null, true, callbackArg, serverConnection.getProxyID(), true, new EventIDHolder(eventId), false);
} else {
// Put the entry
result = region.basicBridgePut(key, value, null, isObject, callbackArg, serverConnection.getProxyID(), true, new EventIDHolder(eventId));
}
if (result) {
serverConnection.setModificationInfo(true, regionName, key);
} else {
StringId message = LocalizedStrings.PUT_0_FAILED_TO_PUT_ENTRY_FOR_REGION_1_KEY_2_VALUE_3;
Object[] messageArgs = new Object[] { serverConnection.getName(), regionName, key, valuePart };
String s = message.toLocalizedString(messageArgs);
logger.info(s);
throw new Exception(s);
}
} catch (RegionDestroyedException rde) {
writeException(clientMessage, rde, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
} catch (ResourceException re) {
writeException(clientMessage, re, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
} catch (Exception ce) {
// If an interrupted exception is thrown , rethrow it
checkForInterrupt(serverConnection, ce);
// If an exception occurs during the put, preserve the connection
writeException(clientMessage, ce, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (ce instanceof GemFireSecurityException) {
// logged by the security logger
if (logger.isDebugEnabled()) {
logger.debug("{}: Unexpected Security exception", serverConnection.getName(), ce);
}
} else {
logger.warn(LocalizedMessage.create(LocalizedStrings.PUT_0_UNEXPECTED_EXCEPTION, serverConnection.getName()), ce);
}
return;
} finally {
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessPutTime(start - oldStart);
}
// Increment statistics and write the reply
writeReply(clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent put response back to {} for region {} key {} value {}", serverConnection.getName(), serverConnection.getSocketString(), regionName, key, valuePart);
}
stats.incWritePutResponseTime(DistributionStats.getStatTime() - start);
}
Also used :
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
EventIDHolder(org.apache.geode.internal.cache.EventIDHolder)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
LocalRegion(org.apache.geode.internal.cache.LocalRegion)
ByteBuffer(java.nio.ByteBuffer)
IOException(java.io.IOException)
ResourceException(org.apache.geode.cache.ResourceException)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
CachedRegionHelper(org.apache.geode.internal.cache.tier.CachedRegionHelper)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
StringId(org.apache.geode.i18n.StringId)
CacheServerStats(org.apache.geode.internal.cache.tier.sockets.CacheServerStats)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
EventID(org.apache.geode.internal.cache.EventID)
ResourceException(org.apache.geode.cache.ResourceException)
PutOperationContext(org.apache.geode.cache.operations.PutOperationContext)
Example 8 with GemFireSecurityException
use of org.apache.geode.security.GemFireSecurityException in project geode by apache.
the class Put61 method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long p_start) throws IOException, InterruptedException {
long start = p_start;
Part regionNamePart = null, keyPart = null, valuePart = null, callbackArgPart = null;
String regionName = null;
Object callbackArg = null, key = null;
Part eventPart = null;
StringBuffer errMessage = new StringBuffer();
boolean isDelta = false;
CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
CacheServerStats stats = serverConnection.getCacheServerStats();
// requiresResponse = true;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadPutRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
try {
isDelta = (Boolean) clientMessage.getPart(2).getObject();
} catch (Exception e) {
writeException(clientMessage, MessageType.PUT_DELTA_ERROR, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
// CachePerfStats not available here.
return;
}
valuePart = clientMessage.getPart(3);
eventPart = clientMessage.getPart(4);
if (clientMessage.getNumberOfParts() > 5) {
callbackArgPart = clientMessage.getPart(5);
try {
callbackArg = callbackArgPart.getObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
final boolean isDebugEnabled = logger.isDebugEnabled();
if (isDebugEnabled) {
logger.debug("{}: Received 6.1{}put request ({} bytes) from {} for region {} key {}", serverConnection.getName(), (isDelta ? " delta " : " "), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key);
}
// Process the put request
if (key == null || regionName == null) {
if (key == null) {
String putMsg = " The input key for the 6.1 put request is null";
if (isDebugEnabled) {
logger.debug("{}:{}", serverConnection.getName(), putMsg);
}
errMessage.append(putMsg);
}
if (regionName == null) {
String putMsg = " The input region name for the 6.1 put request is null";
if (isDebugEnabled) {
logger.debug("{}:{}", serverConnection.getName(), putMsg);
}
errMessage.append(putMsg);
}
writeErrorResponse(clientMessage, MessageType.PUT_DATA_ERROR, errMessage.toString(), serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
LocalRegion region = (LocalRegion) serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = " was not found during 6.1 put request";
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (valuePart.isNull() && region.containsKey(key)) {
// Invalid to 'put' a null value in an existing key
String putMsg = " Attempted to 6.1 put a null value for existing key " + key;
if (isDebugEnabled) {
logger.debug("{}:{}", serverConnection.getName(), putMsg);
}
errMessage.append(putMsg);
writeErrorResponse(clientMessage, MessageType.PUT_DATA_ERROR, errMessage.toString(), serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
// try {
// this.eventId = (EventID)eventPart.getObject();
ByteBuffer eventIdPartsBuffer = ByteBuffer.wrap(eventPart.getSerializedForm());
long threadId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
long sequenceId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
EventID eventId = new EventID(serverConnection.getEventMemberIDByteArray(), threadId, sequenceId);
try {
Object value = null;
if (!isDelta) {
value = valuePart.getSerializedForm();
}
boolean isObject = valuePart.isObject();
boolean isMetaRegion = region.isUsedForMetaRegion();
clientMessage.setMetaRegion(isMetaRegion);
this.securityService.authorizeRegionWrite(regionName, key.toString());
AuthorizeRequest authzRequest = null;
if (!isMetaRegion) {
authzRequest = serverConnection.getAuthzRequest();
}
if (authzRequest != null) {
if (DynamicRegionFactory.regionIsDynamicRegionList(regionName)) {
authzRequest.createRegionAuthorize((String) key);
} else // Allow PUT operations on meta regions (bug #38961)
{
PutOperationContext putContext = authzRequest.putAuthorize(regionName, key, value, isObject, callbackArg);
value = putContext.getValue();
isObject = putContext.isObject();
callbackArg = putContext.getCallbackArg();
}
}
// If the value is 1 byte and the byte represents null,
// attempt to create the entry. This test needs to be
// moved to DataSerializer or DataSerializer.NULL needs
// to be publicly accessible.
boolean result = false;
if (value == null && !isDelta) {
// Create the null entry. Since the value is null, the value of the
// isObject
// the true after null doesn't matter and is not used.
result = region.basicBridgeCreate(key, null, true, callbackArg, serverConnection.getProxyID(), true, new EventIDHolder(eventId), false);
} else {
// Put the entry
byte[] delta = null;
if (isDelta) {
delta = valuePart.getSerializedForm();
}
result = region.basicBridgePut(key, value, delta, isObject, callbackArg, serverConnection.getProxyID(), true, new EventIDHolder(eventId));
}
if (result) {
serverConnection.setModificationInfo(true, regionName, key);
} else {
String message = serverConnection.getName() + ": Failed to 6.1 put entry for region " + regionName + " key " + key + " value " + valuePart;
if (isDebugEnabled) {
logger.debug(message);
}
throw new Exception(message);
}
} catch (RegionDestroyedException rde) {
writeException(clientMessage, rde, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
} catch (ResourceException re) {
writeException(clientMessage, re, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
} catch (InvalidDeltaException ide) {
logger.info(LocalizedMessage.create(LocalizedStrings.UpdateOperation_ERROR_APPLYING_DELTA_FOR_KEY_0_OF_REGION_1, new Object[] { key, regionName }));
writeException(clientMessage, MessageType.PUT_DELTA_ERROR, ide, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
region.getCachePerfStats().incDeltaFullValuesRequested();
return;
} catch (Exception ce) {
// If an interrupted exception is thrown , rethrow it
checkForInterrupt(serverConnection, ce);
// If an exception occurs during the put, preserve the connection
writeException(clientMessage, ce, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (ce instanceof GemFireSecurityException) {
// logged by the security logger
if (isDebugEnabled) {
logger.debug("{}: Unexpected Security exception", serverConnection.getName(), ce);
}
} else if (isDebugEnabled) {
logger.debug("{}: Unexpected Exception", serverConnection.getName(), ce);
}
return;
} finally {
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessPutTime(start - oldStart);
}
// Increment statistics and write the reply
if (region instanceof PartitionedRegion) {
PartitionedRegion pr = (PartitionedRegion) region;
if (pr.getNetworkHopType() != PartitionedRegion.NETWORK_HOP_NONE) {
writeReplyWithRefreshMetadata(clientMessage, serverConnection, pr, pr.getNetworkHopType());
pr.clearNetworkHopData();
} else {
writeReply(clientMessage, serverConnection);
}
} else {
writeReply(clientMessage, serverConnection);
}
serverConnection.setAsTrue(RESPONDED);
if (isDebugEnabled) {
logger.debug("{}: Sent 6.1 put response back to {} for region {} key {} value {}", serverConnection.getName(), serverConnection.getSocketString(), regionName, key, valuePart);
}
stats.incWritePutResponseTime(DistributionStats.getStatTime() - start);
}
Also used :
InvalidDeltaException(org.apache.geode.InvalidDeltaException)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
EventIDHolder(org.apache.geode.internal.cache.EventIDHolder)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
LocalRegion(org.apache.geode.internal.cache.LocalRegion)
ByteBuffer(java.nio.ByteBuffer)
InvalidDeltaException(org.apache.geode.InvalidDeltaException)
IOException(java.io.IOException)
ResourceException(org.apache.geode.cache.ResourceException)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
CachedRegionHelper(org.apache.geode.internal.cache.tier.CachedRegionHelper)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
CacheServerStats(org.apache.geode.internal.cache.tier.sockets.CacheServerStats)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
PartitionedRegion(org.apache.geode.internal.cache.PartitionedRegion)
EventID(org.apache.geode.internal.cache.EventID)
ResourceException(org.apache.geode.cache.ResourceException)
PutOperationContext(org.apache.geode.cache.operations.PutOperationContext)
Example 9 with GemFireSecurityException
use of org.apache.geode.security.GemFireSecurityException in project geode by apache.
the class Invalidate method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
Part regionNamePart = null, keyPart = null, callbackArgPart = null;
String regionName = null;
Object callbackArg = null, key = null;
Part eventPart = null;
StringBuffer errMessage = new StringBuffer();
CacheServerStats stats = serverConnection.getCacheServerStats();
serverConnection.setAsTrue(REQUIRES_RESPONSE);
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadInvalidateRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
eventPart = clientMessage.getPart(2);
// callbackArgPart = null; (redundant assignment)
if (clientMessage.getNumberOfParts() > 3) {
callbackArgPart = clientMessage.getPart(3);
try {
callbackArg = callbackArgPart.getObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isDebugEnabled()) {
logger.debug(serverConnection.getName() + ": Received invalidate request (" + clientMessage.getPayloadLength() + " bytes) from " + serverConnection.getSocketString() + " for region " + regionName + " key " + key);
}
// Process the invalidate request
if (key == null || regionName == null) {
if (key == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.BaseCommand__THE_INPUT_KEY_FOR_THE_0_REQUEST_IS_NULL, "invalidate"));
errMessage.append(LocalizedStrings.BaseCommand__THE_INPUT_KEY_FOR_THE_0_REQUEST_IS_NULL.toLocalizedString("invalidate"));
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.BaseCommand__THE_INPUT_REGION_NAME_FOR_THE_0_REQUEST_IS_NULL, "invalidate"));
errMessage.append(LocalizedStrings.BaseCommand__THE_INPUT_REGION_NAME_FOR_THE_0_REQUEST_IS_NULL.toLocalizedString("invalidate"));
}
writeErrorResponse(clientMessage, MessageType.DESTROY_DATA_ERROR, errMessage.toString(), serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
LocalRegion region = (LocalRegion) serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = LocalizedStrings.BaseCommand__0_WAS_NOT_FOUND_DURING_1_REQUEST.toLocalizedString(regionName, "invalidate");
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
// Invalidate the entry
ByteBuffer eventIdPartsBuffer = ByteBuffer.wrap(eventPart.getSerializedForm());
long threadId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
long sequenceId = EventID.readEventIdPartsFromOptmizedByteArray(eventIdPartsBuffer);
EventID eventId = new EventID(serverConnection.getEventMemberIDByteArray(), threadId, sequenceId);
Breadcrumbs.setEventId(eventId);
VersionTag tag = null;
try {
// for integrated security
this.securityService.authorizeRegionWrite(regionName, key.toString());
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
InvalidateOperationContext invalidateContext = authzRequest.invalidateAuthorize(regionName, key, callbackArg);
callbackArg = invalidateContext.getCallbackArg();
}
EventIDHolder clientEvent = new EventIDHolder(eventId);
// msg.isRetry might be set by v7.0 and later clients
if (clientMessage.isRetry()) {
// if (logger.isDebugEnabled()) {
// logger.debug("DEBUG: encountered isRetry in Invalidate");
// }
clientEvent.setPossibleDuplicate(true);
if (region.getAttributes().getConcurrencyChecksEnabled()) {
// recover the version tag from other servers
clientEvent.setRegion(region);
if (!recoverVersionTagForRetriedOperation(clientEvent)) {
// no-one has seen this event
clientEvent.setPossibleDuplicate(false);
}
}
}
region.basicBridgeInvalidate(key, callbackArg, serverConnection.getProxyID(), true, clientEvent);
tag = clientEvent.getVersionTag();
serverConnection.setModificationInfo(true, regionName, key);
} catch (EntryNotFoundException e) {
// Don't send an exception back to the client if this
// exception happens. Just log it and continue.
logger.info(LocalizedMessage.create(LocalizedStrings.BaseCommand_DURING_0_NO_ENTRY_WAS_FOUND_FOR_KEY_1, new Object[] { "invalidate", key }));
} catch (RegionDestroyedException rde) {
writeException(clientMessage, rde, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
} catch (Exception e) {
// If an interrupted exception is thrown , rethrow it
checkForInterrupt(serverConnection, e);
// If an exception occurs during the destroy, preserve the connection
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (e instanceof GemFireSecurityException) {
// logged by the security logger
if (logger.isDebugEnabled()) {
logger.debug("{}: Unexpected Security exception", serverConnection.getName(), e);
}
} else {
logger.warn(LocalizedMessage.create(LocalizedStrings.BaseCommand_0_UNEXPECTED_EXCEPTION, serverConnection.getName()), e);
}
return;
}
// Update the statistics and write the reply
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessInvalidateTime(start - oldStart);
}
if (region instanceof PartitionedRegion) {
PartitionedRegion pr = (PartitionedRegion) region;
if (pr.getNetworkHopType() != PartitionedRegion.NETWORK_HOP_NONE) {
writeReplyWithRefreshMetadata(clientMessage, serverConnection, pr, pr.getNetworkHopType(), tag);
pr.clearNetworkHopData();
} else {
writeReply(clientMessage, serverConnection, tag);
}
} else {
writeReply(clientMessage, serverConnection, tag);
}
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent invalidate response for region {} key {}", serverConnection.getName(), regionName, key);
}
stats.incWriteInvalidateResponseTime(DistributionStats.getStatTime() - start);
}
Also used :
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
EventIDHolder(org.apache.geode.internal.cache.EventIDHolder)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
LocalRegion(org.apache.geode.internal.cache.LocalRegion)
ByteBuffer(java.nio.ByteBuffer)
IOException(java.io.IOException)
RegionDestroyedException(org.apache.geode.cache.RegionDestroyedException)
EntryNotFoundException(org.apache.geode.cache.EntryNotFoundException)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
InvalidateOperationContext(org.apache.geode.cache.operations.InvalidateOperationContext)
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
CacheServerStats(org.apache.geode.internal.cache.tier.sockets.CacheServerStats)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
PartitionedRegion(org.apache.geode.internal.cache.PartitionedRegion)
VersionTag(org.apache.geode.internal.cache.versions.VersionTag)
EntryNotFoundException(org.apache.geode.cache.EntryNotFoundException)
EventID(org.apache.geode.internal.cache.EventID)
Example 10 with GemFireSecurityException
use of org.apache.geode.security.GemFireSecurityException in project geode by apache.
the class IntegratedSecurityService method logout.
public void logout() {
Subject currentUser = getSubject();
if (currentUser == null) {
return;
}
try {
logger.debug("Logging out " + currentUser.getPrincipal());
currentUser.logout();
} catch (ShiroException e) {
logger.info(e.getMessage(), e);
throw new GemFireSecurityException(e.getMessage(), e);
}
// clean out Shiro's thread local content
ThreadContext.remove();
}
Also used :
GemFireSecurityException(org.apache.geode.security.GemFireSecurityException)
Subject(org.apache.shiro.subject.Subject)
ShiroException(org.apache.shiro.ShiroException)
Aggregations
GemFireSecurityException (org.apache.geode.security.GemFireSecurityException)39
IOException (java.io.IOException)18
GemFireConfigException (org.apache.geode.GemFireConfigException)13
CancelException (org.apache.geode.CancelException)9
LocalRegion (org.apache.geode.internal.cache.LocalRegion)8
Part (org.apache.geode.internal.cache.tier.sockets.Part)8
AuthenticationRequiredException (org.apache.geode.security.AuthenticationRequiredException)8
GatewayConfigurationException (org.apache.geode.cache.GatewayConfigurationException)7
RegionDestroyedException (org.apache.geode.cache.RegionDestroyedException)7
ServerRefusedConnectionException (org.apache.geode.cache.client.ServerRefusedConnectionException)7
ServerLocation (org.apache.geode.distributed.internal.ServerLocation)7
CacheServerStats (org.apache.geode.internal.cache.tier.sockets.CacheServerStats)7
AuthenticationFailedException (org.apache.geode.security.AuthenticationFailedException)7
EOFException (java.io.EOFException)6
ByteBuffer (java.nio.ByteBuffer)6
Properties (java.util.Properties)6
InternalGemFireException (org.apache.geode.InternalGemFireException)5
EventID (org.apache.geode.internal.cache.EventID)5
EventIDHolder (org.apache.geode.internal.cache.EventIDHolder)5
CachedRegionHelper (org.apache.geode.internal.cache.tier.CachedRegionHelper)5
