use of org.dcache.util.NDC in project dcache by dCache.
the class PluginChain method accept.
public void accept(PluginVisitor visitor) {
for (PluginInstance pi : _plugins) {
NDC ndc = NDC.cloneNdc();
NDC.push(pi.getName());
try {
if (!visitor.visit(pi.getPlugin())) {
break;
}
} finally {
NDC.set(ndc);
}
}
}
use of org.dcache.util.NDC in project dcache by dCache.
the class PluginChain method init.
public void init() {
_plugins.clear();
Splitter splitter = Splitter.on(',').trimResults().omitEmptyStrings();
for (String name : splitter.split(_pluginList)) {
NDC ndc = NDC.cloneNdc();
NDC.push(name);
try {
createPlugin(name);
} finally {
NDC.set(ndc);
}
}
}
use of org.dcache.util.NDC in project dcache by dCache.
the class GplazmaMultiMapFile method mapping.
public synchronized Map<PrincipalMatcher, Set<Principal>> mapping() throws AuthenticationException {
if (!Instant.now().isBefore(nextStat)) {
nextStat = Instant.now().plusMillis(100);
try {
Instant mtime = Files.readAttributes(file, BasicFileAttributes.class).lastModifiedTime().toInstant();
if (!lastLoaded.equals(mtime)) {
lastLoaded = mtime;
NDC mappingNDC = NDC.cloneNdc();
try {
NDC.clear();
NDC.push(file.toString());
map = parseMapFile();
} finally {
NDC.set(mappingNDC);
}
}
} catch (IOException e) {
throw new AuthenticationException("failed to read " + file + ": " + Exceptions.messageOrClassName(e));
}
}
return map;
}
use of org.dcache.util.NDC in project dcache by dCache.
the class StateMaintainer method enqueueUpdate.
@Override
public void enqueueUpdate(final StateUpdate pendingUpdate) {
LOGGER.trace("enqueing job to process update {}", pendingUpdate);
final NDC ndc = NDC.cloneNdc();
_pendingRequestCount.incrementAndGet();
_scheduler.execute(new FireAndForgetTask(() -> {
CDC.reset(_myAddress);
NDC.set(ndc);
try {
LOGGER.trace("starting job to process update {}", pendingUpdate);
_caretaker.processUpdate(pendingUpdate);
checkScheduledExpungeActivity();
LOGGER.trace("finished job to process update {}", pendingUpdate);
} finally {
_pendingRequestCount.decrementAndGet();
pendingUpdate.updateComplete();
CDC.clear();
}
}));
}
use of org.dcache.util.NDC in project dcache by dCache.
the class PAMStyleStrategy method callPlugins.
/**
* Execute the the {@link PluginCaller#call(GPlazmaPluginService)} methods of the plugins
* supplied in {@link PAMStyleStrategy(List<T>) constructor} in the order of the plugin elements
* in the list. The implementation attempts to mimic the following PAM standard execution
* policies based on the contol flag.
* <br>
* Source:
* <i href="http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/ref-guide/s1-pam-control-flags.html">
* Red Hat Manual, PAM Module Control Flags </i>
* <br>
* Four types of control flags are defined by the PAM standard:
* <br>
* <ul>
* <li>
* required - the module must be successfully checked in order to allow
* authentication. If a required module check fails, the user is not
* notified until all other modules of the same module type
* have been checked.
* </li>
* <li>
* requisite - the module must be successfully checked in order for the
* authentication to be successful. However, if a requisite module check
* fails, the user is notified immediately with a message reflecting the
* first failed required or requisite module.
* </li>
* <li>
* sufficient - the module checks are ignored if it fails. But, if a
* sufficient flagged module is successfully checked and no required
* flagged modules above it have failed, then no other modules of this
* module type are checked and the user is authenticated.
* </li>
* <li>
* optional - the module checks are ignored if it fails. If the module
* check is successful, it does not play a role in the overall success
* or failure for that module type. The only time a module flagged as
* optional is necessary for successful authentication is when no other
* modules of that type have succeeded or failed. In this case, an optional
* module determines the overall PAM authentication for that module type.
* </li>
* </ul>
*/
public void callPlugins(PluginCaller<T> caller) throws AuthenticationException {
AuthenticationException firstRequiredPluginException = null;
for (GPlazmaPluginService<T> pluginElement : pluginElements) {
ConfigurationItemControl control = pluginElement.getControl();
NDC ndc = NDC.cloneNdc();
try {
NDC.push(pluginElement.getName());
try {
caller.call(pluginElement);
} catch (RuntimeException e) {
logger.error("Bug in plugin: ", e);
throw new AuthenticationException("bug in plugin " + pluginElement.getName() + ": " + e.getMessage());
}
logger.debug("{} plugin completed", control.name());
if (control == SUFFICIENT) {
return;
}
} catch (AuthenticationException currentPluginException) {
logger.debug("{} plugin failed: {}", control.name(), currentPluginException.getMessage());
switch(control) {
case SUFFICIENT:
case OPTIONAL:
break;
case REQUIRED:
if (firstRequiredPluginException == null) {
firstRequiredPluginException = currentPluginException;
}
break;
case REQUISITE:
if (firstRequiredPluginException != null) {
throw firstRequiredPluginException;
}
throw currentPluginException;
default:
}
} finally {
NDC.set(ndc);
}
}
if (firstRequiredPluginException != null) {
logger.info("all session plugins ran, at least one required failed, throwing exception : {}", firstRequiredPluginException);
throw firstRequiredPluginException;
}
}
Aggregations