Search in sources :

Example 1 with AuthenticationContext

use of org.apache.ignite.plugin.security.AuthenticationContext in project ignite by apache.

the class GridRestProcessor method authenticate.

/**
     * Authenticates remote client.
     *
     * @param req Request to authenticate.
     * @return Authentication subject context.
     * @throws IgniteCheckedException If authentication failed.
     */
private SecurityContext authenticate(GridRestRequest req) throws IgniteCheckedException {
    assert req.clientId() != null;
    AuthenticationContext authCtx = new AuthenticationContext();
    authCtx.subjectType(REMOTE_CLIENT);
    authCtx.subjectId(req.clientId());
    authCtx.nodeAttributes(Collections.<String, Object>emptyMap());
    SecurityCredentials cred;
    if (req.credentials() instanceof SecurityCredentials)
        cred = (SecurityCredentials) req.credentials();
    else if (req.credentials() instanceof String) {
        String credStr = (String) req.credentials();
        int idx = credStr.indexOf(':');
        cred = idx >= 0 && idx < credStr.length() ? new SecurityCredentials(credStr.substring(0, idx), credStr.substring(idx + 1)) : new SecurityCredentials(credStr, null);
    } else {
        cred = new SecurityCredentials();
        cred.setUserObject(req.credentials());
    }
    authCtx.address(req.address());
    authCtx.credentials(cred);
    SecurityContext subjCtx = ctx.security().authenticate(authCtx);
    if (subjCtx == null) {
        if (req.credentials() == null)
            throw new IgniteCheckedException("Failed to authenticate remote client (secure session SPI not set?): " + req);
        else
            throw new IgniteCheckedException("Failed to authenticate remote client (invalid credentials?): " + req);
    }
    return subjCtx;
}
Also used : SecurityCredentials(org.apache.ignite.plugin.security.SecurityCredentials) AuthenticationContext(org.apache.ignite.plugin.security.AuthenticationContext) IgniteCheckedException(org.apache.ignite.IgniteCheckedException) SecurityContext(org.apache.ignite.internal.processors.security.SecurityContext)

Aggregations

IgniteCheckedException (org.apache.ignite.IgniteCheckedException)1 SecurityContext (org.apache.ignite.internal.processors.security.SecurityContext)1 AuthenticationContext (org.apache.ignite.plugin.security.AuthenticationContext)1 SecurityCredentials (org.apache.ignite.plugin.security.SecurityCredentials)1