use of org.infinispan.security.Security in project infinispan by infinispan.
the class Server method parseConfiguration.
private void parseConfiguration(List<Path> configurationFiles) {
ParserRegistry parser = new ParserRegistry(classLoader, false, properties);
try {
// load the defaults first
URL defaults = this.getClass().getClassLoader().getResource(SERVER_DEFAULTS);
defaultsHolder = parser.parse(defaults);
// Set a default audit logger
defaultsHolder.getGlobalConfigurationBuilder().security().authorization().auditLogger(new LoggingAuditLogger());
// base the global configuration to the default
configurationBuilderHolder = new ConfigurationBuilderHolder(classLoader);
GlobalConfigurationBuilder global = configurationBuilderHolder.getGlobalConfigurationBuilder();
global.read(defaultsHolder.getGlobalConfigurationBuilder().build());
// Copy all default templates
for (Map.Entry<String, ConfigurationBuilder> entry : defaultsHolder.getNamedConfigurationBuilders().entrySet()) {
configurationBuilderHolder.newConfigurationBuilder(entry.getKey()).read(entry.getValue().build());
}
// then load the user configurations
for (Path configurationFile : configurationFiles) {
if (!configurationFile.isAbsolute()) {
configurationFile = serverConf.toPath().resolve(configurationFile);
}
parser.parse(configurationFile.toUri().toURL(), configurationBuilderHolder);
}
if (log.isDebugEnabled()) {
StringBuilderWriter sw = new StringBuilderWriter();
try (ConfigurationWriter w = ConfigurationWriter.to(sw).build()) {
Map<String, Configuration> configs = configurationBuilderHolder.getNamedConfigurationBuilders().entrySet().stream().collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().build()));
parser.serialize(w, global.build(), configs);
}
log.debugf("Actual configuration: %s", sw);
}
// Amend the named caches configurations with the defaults
for (Map.Entry<String, ConfigurationBuilder> entry : configurationBuilderHolder.getNamedConfigurationBuilders().entrySet()) {
Configuration cfg = entry.getValue().build();
ConfigurationBuilder defaultCfg = defaultsHolder.getNamedConfigurationBuilders().get("org.infinispan." + cfg.clustering().cacheMode().name());
ConfigurationBuilder rebased = new ConfigurationBuilder().read(defaultCfg.build());
rebased.read(cfg);
entry.setValue(rebased);
}
// Process the server configuration
ServerConfigurationBuilder serverBuilder = global.module(ServerConfigurationBuilder.class);
// Set up transport security
TransportSecurityConfiguration transportSecurityConfiguration = serverBuilder.security().transport().create();
if (transportSecurityConfiguration.securityRealm() != null) {
String securityRealm = transportSecurityConfiguration.securityRealm();
Supplier<SSLContext> serverSSLContextSupplier = serverBuilder.serverSSLContextSupplier(securityRealm);
Supplier<SSLContext> clientSSLContextSupplier = serverBuilder.clientSSLContextSupplier(securityRealm);
NamedSocketFactory namedSocketFactory = new NamedSocketFactory(() -> clientSSLContextSupplier.get().getSocketFactory(), () -> serverSSLContextSupplier.get().getServerSocketFactory());
global.transport().addProperty(JGroupsTransport.SOCKET_FACTORY, namedSocketFactory);
Server.log.sslTransport(securityRealm);
}
// Set the operation handler on all endpoints
ServerAdminOperationsHandler adminOperationsHandler = new ServerAdminOperationsHandler(defaultsHolder);
ServerConfigurationBuilder serverConfigurationBuilder = global.module(ServerConfigurationBuilder.class);
for (EndpointConfigurationBuilder endpoint : serverConfigurationBuilder.endpoints().endpoints().values()) {
for (ProtocolServerConfigurationBuilder<?, ?> connector : endpoint.connectors()) {
connector.adminOperationsHandler(adminOperationsHandler);
}
}
configurationBuilderHolder.validate();
} catch (IOException e) {
throw new CacheConfigurationException(e);
}
}
Aggregations