Examples with NDC - org.dcache.util.NDC

Example 1 with NDC

use of org.dcache.util.NDC in project dcache by dCache.

the class PluginChain method accept.

public void accept(PluginVisitor visitor) {
    for (PluginInstance pi : _plugins) {
        NDC ndc = NDC.cloneNdc();
        NDC.push(pi.getName());
        try {
            if (!visitor.visit(pi.getPlugin())) {
                break;
            }
        } finally {
            NDC.set(ndc);
        }
    }
}

Also used : NDC(org.dcache.util.NDC)

Example 2 with NDC

use of org.dcache.util.NDC in project dcache by dCache.

the class PluginChain method init.

public void init() {
    _plugins.clear();
    Splitter splitter = Splitter.on(',').trimResults().omitEmptyStrings();
    for (String name : splitter.split(_pluginList)) {
        NDC ndc = NDC.cloneNdc();
        NDC.push(name);
        try {
            createPlugin(name);
        } finally {
            NDC.set(ndc);
        }
    }
}

Also used : Splitter(com.google.common.base.Splitter) NDC(org.dcache.util.NDC)

Example 3 with NDC

use of org.dcache.util.NDC in project dcache by dCache.

the class GplazmaMultiMapFile method mapping.

public synchronized Map<PrincipalMatcher, Set<Principal>> mapping() throws AuthenticationException {
    if (!Instant.now().isBefore(nextStat)) {
        nextStat = Instant.now().plusMillis(100);
        try {
            Instant mtime = Files.readAttributes(file, BasicFileAttributes.class).lastModifiedTime().toInstant();
            if (!lastLoaded.equals(mtime)) {
                lastLoaded = mtime;
                NDC mappingNDC = NDC.cloneNdc();
                try {
                    NDC.clear();
                    NDC.push(file.toString());
                    map = parseMapFile();
                } finally {
                    NDC.set(mappingNDC);
                }
            }
        } catch (IOException e) {
            throw new AuthenticationException("failed to read " + file + ": " + Exceptions.messageOrClassName(e));
        }
    }
    return map;
}

Also used : AuthenticationException(org.dcache.gplazma.AuthenticationException) Instant(java.time.Instant) IOException(java.io.IOException) NDC(org.dcache.util.NDC)

Example 4 with NDC

use of org.dcache.util.NDC in project dcache by dCache.

the class StateMaintainer method enqueueUpdate.

@Override
public void enqueueUpdate(final StateUpdate pendingUpdate) {
    LOGGER.trace("enqueing job to process update {}", pendingUpdate);
    final NDC ndc = NDC.cloneNdc();
    _pendingRequestCount.incrementAndGet();
    _scheduler.execute(new FireAndForgetTask(() -> {
        CDC.reset(_myAddress);
        NDC.set(ndc);
        try {
            LOGGER.trace("starting job to process update {}", pendingUpdate);
            _caretaker.processUpdate(pendingUpdate);
            checkScheduledExpungeActivity();
            LOGGER.trace("finished job to process update {}", pendingUpdate);
        } finally {
            _pendingRequestCount.decrementAndGet();
            pendingUpdate.updateComplete();
            CDC.clear();
        }
    }));
}

Also used : FireAndForgetTask(org.dcache.util.FireAndForgetTask) NDC(org.dcache.util.NDC)

Example 5 with NDC

use of org.dcache.util.NDC in project dcache by dCache.

the class PAMStyleStrategy method callPlugins.

/**
 * Execute the the {@link PluginCaller#call(GPlazmaPluginService)} methods of the plugins
 * supplied in {@link PAMStyleStrategy(List<T>) constructor} in the order of the plugin elements
 * in the list. The implementation attempts to mimic the following PAM standard execution
 * policies based on the contol flag.
 * <br>
 * Source:
 * <i href="http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/ref-guide/s1-pam-control-flags.html">
 * Red Hat Manual, PAM Module Control Flags </i>
 * <br>
 * Four types of control flags are defined by the PAM standard:
 * <br>
 * <ul>
 * <li>
 * required - the module must be successfully checked in order to allow
 * authentication. If a required module check fails, the user is not
 * notified until all other modules of the same module type
 * have been checked.
 * </li>
 * <li>
 * requisite - the module must be successfully checked in order for the
 * authentication to be successful. However, if a requisite module check
 * fails, the user is notified immediately with a message reflecting the
 * first failed required or requisite module.
 * </li>
 * <li>
 * sufficient - the module checks are ignored if it fails. But, if a
 * sufficient flagged module is successfully checked and no required
 * flagged modules above it have failed, then no other modules of this
 * module type are checked and the user is authenticated.
 * </li>
 * <li>
 * optional - the module checks are ignored if it fails. If the module
 * check is successful, it does not play a role in the overall success
 * or failure for that module type. The only time a module flagged as
 * optional is necessary for successful authentication is when no other
 * modules of that type have succeeded or failed. In this case, an optional
 * module determines the overall PAM authentication for that module type.
 * </li>
 * </ul>
 */
public void callPlugins(PluginCaller<T> caller) throws AuthenticationException {
    AuthenticationException firstRequiredPluginException = null;
    for (GPlazmaPluginService<T> pluginElement : pluginElements) {
        ConfigurationItemControl control = pluginElement.getControl();
        NDC ndc = NDC.cloneNdc();
        try {
            NDC.push(pluginElement.getName());
            try {
                caller.call(pluginElement);
            } catch (RuntimeException e) {
                logger.error("Bug in plugin: ", e);
                throw new AuthenticationException("bug in plugin " + pluginElement.getName() + ": " + e.getMessage());
            }
            logger.debug("{} plugin completed", control.name());
            if (control == SUFFICIENT) {
                return;
            }
        } catch (AuthenticationException currentPluginException) {
            logger.debug("{} plugin failed: {}", control.name(), currentPluginException.getMessage());
            switch(control) {
                case SUFFICIENT:
                case OPTIONAL:
                    break;
                case REQUIRED:
                    if (firstRequiredPluginException == null) {
                        firstRequiredPluginException = currentPluginException;
                    }
                    break;
                case REQUISITE:
                    if (firstRequiredPluginException != null) {
                        throw firstRequiredPluginException;
                    }
                    throw currentPluginException;
                default:
            }
        } finally {
            NDC.set(ndc);
        }
    }
    if (firstRequiredPluginException != null) {
        logger.info("all session plugins ran, at least one required failed, throwing exception : {}", firstRequiredPluginException);
        throw firstRequiredPluginException;
    }
}

Also used : SUFFICIENT(org.dcache.gplazma.configuration.ConfigurationItemControl.SUFFICIENT) AuthenticationException(org.dcache.gplazma.AuthenticationException) ConfigurationItemControl(org.dcache.gplazma.configuration.ConfigurationItemControl) NDC(org.dcache.util.NDC)

Aggregations

NDC (org.dcache.util.NDC)6 AuthenticationException (org.dcache.gplazma.AuthenticationException)2 Splitter (com.google.common.base.Splitter)1 IOException (java.io.IOException)1 Instant (java.time.Instant)1 ConfigurationItemControl (org.dcache.gplazma.configuration.ConfigurationItemControl)1 SUFFICIENT (org.dcache.gplazma.configuration.ConfigurationItemControl.SUFFICIENT)1 FireAndForgetTask (org.dcache.util.FireAndForgetTask)1