Search in sources :

Example 1 with DummyAuthenticator

use of org.apache.synapse.commons.throttle.module.utils.impl.DummyAuthenticator in project wso2-synapse by wso2.

the class ThrottleHandler method doRoleBasedAccessThrottling.

/**
 * Helper method for handling role based Access throttling
 *
 * @param messageContext             MessageContext - message level states
 * @return true if access is allowed through concurrent throttling ,o.w false
 */
private boolean doRoleBasedAccessThrottling(Throttle throttle, MessageContext messageContext) throws AxisFault, ThrottleException {
    boolean canAccess = true;
    if (throttle.getThrottleContext(ThrottleConstants.ROLE_BASED_THROTTLE_KEY) == null) {
        // if no role base throttle config return immediately
        return canAccess;
    }
    ConfigurationContext cc = messageContext.getConfigurationContext();
    String throttleId = throttle.getId();
    // acquiring  cache manager.
    Cache<String, ConcurrentAccessController> cache;
    CacheManager cacheManager = Caching.getCacheManagerFactory().getCacheManager(THROTTLING_CACHE_MANAGER);
    if (cacheManager != null) {
        cache = cacheManager.getCache(THROTTLING_CACHE);
    } else {
        cache = Caching.getCacheManager().getCache(THROTTLING_CACHE);
    }
    if (log.isDebugEnabled()) {
        log.debug("created throttling cache : " + cache);
    }
    String key = null;
    ConcurrentAccessController cac = null;
    key = ThrottleConstants.THROTTLE_PROPERTY_PREFIX + throttleId + ThrottleConstants.CAC_SUFFIX;
    cac = cache.get(key);
    if (messageContext.getFLOW() == MessageContext.IN_FLOW) {
        // gets the remote caller role name
        String consumerKey = null;
        boolean isAuthenticated = false;
        String roleID = null;
        HttpServletRequest request = (HttpServletRequest) messageContext.getPropertyNonReplicable(HTTPConstants.MC_HTTP_SERVLETREQUEST);
        if (request != null) {
            String oAuthHeader = request.getHeader("OAuth");
            // consumerKey = Utils.extractCustomerKeyFromAuthHeader(oAuthHeader);
            // roleID = Utils.extractCustomerKeyFromAuthHeader(oAuthHeader);
            DummyAuthenticator authFuture = new DummyAuthenticator(oAuthHeader);
            consumerKey = authFuture.getAPIKey();
            new DummyHandler().authenticateUser(authFuture);
            roleID = (String) authFuture.getAuthorizedRoles().get(0);
            isAuthenticated = authFuture.isAuthenticated();
        }
        if (!isAuthenticated) {
            throw new AxisFault(" Access deny for a " + "caller with consumer Key: " + consumerKey + " " + " : Reason : Authentication failure");
        }
        // Domain name based throttling
        // check whether a configuration has been defined for this role name or not
        String consumerRoleID = null;
        if (consumerKey != null && isAuthenticated) {
            // loads the ThrottleContext
            ThrottleContext context = throttle.getThrottleContext(ThrottleConstants.ROLE_BASED_THROTTLE_KEY);
            if (context != null) {
                // Loads the ThrottleConfiguration
                ThrottleConfiguration config = context.getThrottleConfiguration();
                if (config != null) {
                    // check for configuration for this caller
                    consumerRoleID = config.getConfigurationKeyOfCaller(roleID);
                    if (consumerRoleID != null) {
                        context.setThrottleId(throttleId);
                        AccessInformation infor = roleBasedAccessController.canAccess(context, consumerKey, consumerRoleID);
                        StatCollector.collect(infor, consumerKey, ThrottleConstants.ROLE_BASE);
                        // check for the permission for access
                        if (!infor.isAccessAllowed()) {
                            // if the access has denied by rate based throttling
                            if (cac != null) {
                                cac.incrementAndGet();
                                cache.put(key, cac);
                                if (debugOn) {
                                    log.debug("Added the state of ConcurrentAccessController " + "to cache with key : " + key);
                                }
                            }
                            throw new AxisFault(" Access deny for a " + "caller with Domain " + consumerKey + " " + " : Reason : " + infor.getFaultReason());
                        }
                    } else {
                        if (debugOn) {
                            log.debug("Could not find the Throttle Context for role-Based " + "Throttling for role name " + consumerKey + " Throttling for this " + "role name may not be configured from policy");
                        }
                    }
                }
            }
        } else {
            if (debugOn) {
                log.debug("Could not find the role of the caller - role based throttling NOT applied");
            }
        }
    }
    return canAccess;
}
Also used : AxisFault(org.apache.axis2.AxisFault) ThrottleContext(org.apache.synapse.commons.throttle.core.ThrottleContext) ConfigurationContext(org.apache.axis2.context.ConfigurationContext) AccessInformation(org.apache.synapse.commons.throttle.core.AccessInformation) DummyAuthenticator(org.apache.synapse.commons.throttle.module.utils.impl.DummyAuthenticator) ThrottleConfiguration(org.apache.synapse.commons.throttle.core.ThrottleConfiguration) HttpServletRequest(javax.servlet.http.HttpServletRequest) DummyHandler(org.apache.synapse.commons.throttle.module.utils.impl.DummyHandler) CacheManager(javax.cache.CacheManager) ConcurrentAccessController(org.apache.synapse.commons.throttle.core.ConcurrentAccessController)

Aggregations

CacheManager (javax.cache.CacheManager)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 AxisFault (org.apache.axis2.AxisFault)1 ConfigurationContext (org.apache.axis2.context.ConfigurationContext)1 AccessInformation (org.apache.synapse.commons.throttle.core.AccessInformation)1 ConcurrentAccessController (org.apache.synapse.commons.throttle.core.ConcurrentAccessController)1 ThrottleConfiguration (org.apache.synapse.commons.throttle.core.ThrottleConfiguration)1 ThrottleContext (org.apache.synapse.commons.throttle.core.ThrottleContext)1 DummyAuthenticator (org.apache.synapse.commons.throttle.module.utils.impl.DummyAuthenticator)1 DummyHandler (org.apache.synapse.commons.throttle.module.utils.impl.DummyHandler)1