Example 66 with NotAuthorizedException
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class ContainsKey method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException {
Part regionNamePart = null;
Part keyPart = null;
String regionName = null;
Object key = null;
CacheServerStats stats = serverConnection.getCacheServerStats();
serverConnection.setAsTrue(REQUIRES_RESPONSE);
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadContainsKeyRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received containsKey request ({} bytes) from {} for region {} key {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key);
}
// Process the containsKey request
if (key == null || regionName == null) {
String errMessage = "";
if (key == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.ContainsKey_0_THE_INPUT_KEY_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.ContainsKey_THE_INPUT_KEY_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL.toLocalizedString();
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.ContainsKey_0_THE_INPUT_REGION_NAME_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.ContainsKey_THE_INPUT_REGION_NAME_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL.toLocalizedString();
}
writeErrorResponse(clientMessage, MessageType.CONTAINS_KEY_DATA_ERROR, errMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
LocalRegion region = (LocalRegion) serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = LocalizedStrings.ContainsKey_WAS_NOT_FOUND_DURING_CONTAINSKEY_REQUEST.toLocalizedString();
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
try {
this.securityService.authorizeRegionRead(regionName, key.toString());
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
try {
authzRequest.containsKeyAuthorize(regionName, key);
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
// Execute the containsKey
boolean containsKey = region.containsKey(key);
// Update the statistics and write the reply
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessContainsKeyTime(start - oldStart);
}
writeContainsKeyResponse(containsKey, clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent containsKey response for region {} key {}", serverConnection.getName(), regionName, key);
}
stats.incWriteContainsKeyResponseTime(DistributionStats.getStatTime() - start);
}
Also used :
CacheServerStats(org.apache.geode.internal.cache.tier.sockets.CacheServerStats)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
LocalRegion(org.apache.geode.internal.cache.LocalRegion)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
IOException(java.io.IOException)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
Example 67 with NotAuthorizedException
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class CreateRegion method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException {
Part regionNamePart = null;
String regionName = null;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
// bserverStats.incLong(readDestroyRequestTimeId,
// DistributionStats.getStatTime() - start);
// bserverStats.incInt(destroyRequestsId, 1);
// start = DistributionStats.getStatTime();
// Retrieve the data from the message parts
Part parentRegionNamePart = clientMessage.getPart(0);
String parentRegionName = parentRegionNamePart.getString();
regionNamePart = clientMessage.getPart(1);
regionName = regionNamePart.getString();
if (logger.isDebugEnabled()) {
logger.debug("{}: Received create region request ({} bytes) from {} for parent region {} region {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), parentRegionName, regionName);
}
// Process the create region request
if (parentRegionName == null || regionName == null) {
String errMessage = "";
if (parentRegionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.CreateRegion_0_THE_INPUT_PARENT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.CreateRegion_THE_INPUT_PARENT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL.toLocalizedString();
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.CreateRegion_0_THE_INPUT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.CreateRegion_THE_INPUT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL.toLocalizedString();
}
writeErrorResponse(clientMessage, MessageType.CREATE_REGION_DATA_ERROR, errMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
Region parentRegion = serverConnection.getCache().getRegion(parentRegionName);
if (parentRegion == null) {
String reason = LocalizedStrings.CreateRegion__0_WAS_NOT_FOUND_DURING_SUBREGION_CREATION_REQUEST.toLocalizedString(parentRegionName);
writeRegionDestroyedEx(clientMessage, parentRegionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
try {
this.securityService.authorizeDataManage();
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
try {
authzRequest.createRegionAuthorize(parentRegionName + '/' + regionName);
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
// Create or get the subregion
Region region = parentRegion.getSubregion(regionName);
if (region == null) {
AttributesFactory factory = new AttributesFactory(parentRegion.getAttributes());
region = parentRegion.createSubregion(regionName, factory.create());
if (logger.isDebugEnabled()) {
logger.debug("{}: Created region {}", serverConnection.getName(), region);
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("{}: Retrieved region {}", serverConnection.getName(), region);
}
}
// Update the statistics and write the reply
// start = DistributionStats.getStatTime(); WHY ARE WE GETTING START AND
// NOT USING IT
// bserverStats.incLong(processDestroyTimeId,
// DistributionStats.getStatTime() - start);
writeReply(clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent create region response for parent region {} region {}", serverConnection.getName(), parentRegionName, regionName);
}
}
Also used :
AttributesFactory(org.apache.geode.cache.AttributesFactory)
AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest)
Part(org.apache.geode.internal.cache.tier.sockets.Part)
Region(org.apache.geode.cache.Region)
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
Example 68 with NotAuthorizedException
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method executeCQAuthorize.
public ExecuteCQOperationContext executeCQAuthorize(String cqName, String queryString, Set regionNames) throws NotAuthorizedException {
if (regionNames == null) {
regionNames = new HashSet();
}
ExecuteCQOperationContext executeCQContext = new ExecuteCQOperationContext(cqName, queryString, regionNames, false);
if (!this.authzCallback.authorizeOperation(null, executeCQContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFOM_EXECUTE_CQ_OPERATION_0_ON_THE_CACHE.toLocalizedString(queryString);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform EXECUTE_CQ operation [" + queryString + "] on cache");
}
}
return executeCQContext;
}
Also used :
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
HashSet(java.util.HashSet)
Example 69 with NotAuthorizedException
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method containsKeyAuthorize.
public void containsKeyAuthorize(String regionName, Object key) throws NotAuthorizedException {
ContainsKeyOperationContext containsKeyContext = new ContainsKeyOperationContext(key);
if (!this.authzCallback.authorizeOperation(regionName, containsKeyContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFORM_CONTAINS_KEY_OPERATION_ON_REGION_0.toLocalizedString(regionName);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform CONTAINS_KEY operation on region [" + regionName + ']');
}
}
}
Also used :
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
ContainsKeyOperationContext(org.apache.geode.internal.cache.operations.ContainsKeyOperationContext)
Example 70 with NotAuthorizedException
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method queryAuthorize.
public QueryOperationContext queryAuthorize(String queryString, Set regionNames, Object[] queryParams) throws NotAuthorizedException {
if (regionNames == null) {
regionNames = new HashSet();
}
QueryOperationContext queryContext = new QueryOperationContext(queryString, regionNames, false, queryParams);
if (!this.authzCallback.authorizeOperation(null, queryContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFOM_QUERY_OPERATION_0_ON_THE_CACHE.toLocalizedString(queryString);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform QUERY operation [" + queryString + "] on cache");
}
}
return queryContext;
}
Also used :
NotAuthorizedException(org.apache.geode.security.NotAuthorizedException)
HashSet(java.util.HashSet)
Aggregations
NotAuthorizedException (org.apache.geode.security.NotAuthorizedException)75
UnitTest (org.apache.geode.test.junit.categories.UnitTest)54
Test (org.junit.Test)54
AuthorizeRequest (org.apache.geode.internal.security.AuthorizeRequest)12
IOException (java.io.IOException)9
ObjectPartList (org.apache.geode.internal.cache.tier.sockets.ObjectPartList)9
Part (org.apache.geode.internal.cache.tier.sockets.Part)8
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)8
GetOperationContext (org.apache.geode.cache.operations.GetOperationContext)6
AuthorizeRequestPP (org.apache.geode.internal.security.AuthorizeRequestPP)6
LocalRegion (org.apache.geode.internal.cache.LocalRegion)5
GetOperationContextImpl (org.apache.geode.cache.operations.internal.GetOperationContextImpl)4
StringId (org.apache.geode.i18n.StringId)4
CacheServerStats (org.apache.geode.internal.cache.tier.sockets.CacheServerStats)4
Result (org.apache.geode.management.cli.Result)4
HashSet (java.util.HashSet)3
Iterator (java.util.Iterator)3
Set (java.util.Set)3
Region (org.apache.geode.cache.Region)3
VersionTag (org.apache.geode.internal.cache.versions.VersionTag)3
