Search in sources :

Example 1 with ProtocolServer

use of org.infinispan.server.core.ProtocolServer in project infinispan by infinispan.

the class ServerStateManagerImpl method updateIpFilters.

private CompletionStage<Void> updateIpFilters(String connector, Collection<IpFilterRule> rules) {
    ProtocolServer protocolServer = server.getProtocolServers().get(connector);
    if (rules.isEmpty()) {
        protocolServer.getConfiguration().ipFilter().rules(Collections.emptyList());
        Server.log.connectorIpFilterCleared(connector);
        return CompletableFutures.completedNull();
    } else {
        List<IpSubnetFilterRule> localRules = new ArrayList<>(rules.size());
        for (IpFilterRule rule : rules) {
            localRules.add(new IpSubnetFilterRule(rule.cidr, IpFilterRuleType.valueOf(rule.type)));
        }
        protocolServer.getConfiguration().ipFilter().rules(localRules);
        Transport transport = getTransport(protocolServer);
        CompositeChannelMatcher matcher = new CompositeChannelMatcher(protocolServer.getChannelMatcher(), new IpFilterRuleChannelMatcher(localRules));
        return transport.closeChannels(matcher).thenApply(v -> {
            Server.log.connectorIpFilterSet(connector, localRules);
            return v;
        });
    }
}
Also used : ProtocolServer(org.infinispan.server.core.ProtocolServer) IpFilterRuleChannelMatcher(org.infinispan.server.core.transport.IpFilterRuleChannelMatcher) CompositeChannelMatcher(org.infinispan.server.core.transport.CompositeChannelMatcher) ArrayList(java.util.ArrayList) Transport(org.infinispan.server.core.transport.Transport) IpSubnetFilterRule(org.infinispan.server.core.transport.IpSubnetFilterRule)

Example 2 with ProtocolServer

use of org.infinispan.server.core.ProtocolServer in project infinispan by infinispan.

the class Server method run.

public synchronized CompletableFuture<ExitStatus> run() {
    CompletableFuture<ExitStatus> r = exitHandler.getExitFuture();
    if (status == ComponentStatus.RUNNING) {
        return r;
    }
    protocolServers = new ConcurrentHashMap<>(4);
    try {
        // Load any server extensions
        extensions = new Extensions();
        extensions.load(classLoader);
        // Create the cache manager
        cacheManager = new DefaultCacheManager(configurationBuilderHolder, false);
        // Retrieve the server configuration
        serverConfiguration = SecurityActions.getCacheManagerConfiguration(cacheManager).module(ServerConfiguration.class);
        serverConfiguration.setServer(this);
        // Initialize the data sources
        dataSources = new HashMap<>();
        InitialContext initialContext = new InitialContext();
        for (DataSourceConfiguration dataSourceConfiguration : serverConfiguration.dataSources().values()) {
            DataSource dataSource = DataSourceFactory.create(dataSourceConfiguration);
            dataSources.put(dataSourceConfiguration.name(), dataSource);
            initialContext.bind(dataSourceConfiguration.jndiName(), dataSource);
        }
        // Start the cache manager
        SecurityActions.startCacheManager(cacheManager);
        BasicComponentRegistry bcr = SecurityActions.getGlobalComponentRegistry(cacheManager).getComponent(BasicComponentRegistry.class.getName());
        blockingManager = bcr.getComponent(BlockingManager.class).running();
        serverStateManager = new ServerStateManagerImpl(this, cacheManager, bcr.getComponent(GlobalConfigurationManager.class).running());
        bcr.registerComponent(ServerStateManager.class, serverStateManager, false);
        ScheduledExecutorService timeoutExecutor = bcr.getComponent(KnownComponentNames.TIMEOUT_SCHEDULE_EXECUTOR, ScheduledExecutorService.class).running();
        // BlockingManager of single container used for writing the global manifest, but this will need to change
        // when multiple containers are supported by the server. Similarly, the default cache manager is used to create
        // the clustered locks.
        Path dataRoot = serverRoot.toPath().resolve(properties.getProperty(INFINISPAN_SERVER_DATA_PATH));
        backupManager = new BackupManagerImpl(blockingManager, cacheManager, dataRoot);
        backupManager.init();
        // Register the task manager
        taskManager = bcr.getComponent(TaskManager.class).running();
        taskManager.registerTaskEngine(extensions.getServerTaskEngine(cacheManager));
        // Initialize the OpenTracing integration
        RequestTracer.start();
        for (EndpointConfiguration endpoint : serverConfiguration.endpoints().endpoints()) {
            // Start the protocol servers
            SinglePortRouteSource routeSource = new SinglePortRouteSource();
            Set<Route<? extends RouteSource, ? extends RouteDestination>> routes = ConcurrentHashMap.newKeySet();
            endpoint.connectors().parallelStream().forEach(configuration -> {
                try {
                    Class<? extends ProtocolServer> protocolServerClass = configuration.getClass().getAnnotation(ConfigurationFor.class).value().asSubclass(ProtocolServer.class);
                    ProtocolServer protocolServer = Util.getInstance(protocolServerClass);
                    protocolServer.setServerManagement(this, endpoint.admin());
                    if (configuration instanceof HotRodServerConfiguration) {
                        ElytronSASLAuthenticationProvider.init((HotRodServerConfiguration) configuration, serverConfiguration, timeoutExecutor);
                    } else if (configuration instanceof RestServerConfiguration) {
                        ElytronHTTPAuthenticator.init((RestServerConfiguration) configuration, serverConfiguration);
                    } else if (configuration instanceof RespServerConfiguration) {
                        ElytronRESPAuthenticator.init((RespServerConfiguration) configuration, serverConfiguration, blockingManager);
                    }
                    protocolServers.put(protocolServer.getName() + "-" + configuration.name(), protocolServer);
                    SecurityActions.startProtocolServer(protocolServer, configuration, cacheManager);
                    ProtocolServerConfiguration protocolConfig = protocolServer.getConfiguration();
                    if (protocolConfig.startTransport()) {
                        log.protocolStarted(protocolServer.getName(), configuration.socketBinding(), protocolConfig.host(), protocolConfig.port());
                    } else {
                        if (protocolServer instanceof HotRodServer) {
                            routes.add(new Route<>(routeSource, new HotRodServerRouteDestination(protocolServer.getName(), (HotRodServer) protocolServer)));
                            extensions.apply((HotRodServer) protocolServer);
                        } else if (protocolServer instanceof RestServer) {
                            routes.add(new Route<>(routeSource, new RestServerRouteDestination(protocolServer.getName(), (RestServer) protocolServer)));
                        } else if (protocolServer instanceof RespServer) {
                            routes.add(new Route<>(routeSource, new RespServerRouteDestination(protocolServer.getName(), (RespServer) protocolServer)));
                        }
                        log.protocolStarted(protocolServer.getName());
                    }
                } catch (Throwable t) {
                    throw t instanceof RuntimeException ? (RuntimeException) t : new RuntimeException(t);
                }
            });
            // Next we start the single-port endpoints
            SinglePortRouterConfiguration singlePortRouter = endpoint.singlePortRouter();
            SinglePortEndpointRouter endpointServer = new SinglePortEndpointRouter(singlePortRouter);
            endpointServer.start(new RoutingTable(routes), cacheManager);
            protocolServers.put("endpoint-" + endpoint.socketBinding(), endpointServer);
            log.protocolStarted(endpointServer.getName(), singlePortRouter.socketBinding(), singlePortRouter.host(), singlePortRouter.port());
            log.endpointUrl(Util.requireNonNullElse(cacheManager.getAddress(), "local"), singlePortRouter.ssl().enabled() ? "https" : "http", singlePortRouter.host(), singlePortRouter.port());
        }
        serverStateManager.start();
        // Change status
        this.status = ComponentStatus.RUNNING;
        log.serverStarted(Version.getBrandName(), Version.getBrandVersion(), timeService.timeDuration(startTime, TimeUnit.MILLISECONDS));
    } catch (Exception e) {
        r.completeExceptionally(e);
    }
    r = r.handle((status, t) -> {
        if (t != null) {
            Server.log.serverFailedToStart(Version.getBrandName(), t);
        }
        localShutdown(status);
        return null;
    });
    return r;
}
Also used : SSLContext(javax.net.ssl.SSLContext) ConfigurationBuilder(org.infinispan.configuration.cache.ConfigurationBuilder) LogFactory(org.infinispan.util.logging.LogFactory) DataSourceFactory(org.infinispan.server.datasource.DataSourceFactory) WildFlyElytronHttpBasicProvider(org.wildfly.security.http.basic.WildFlyElytronHttpBasicProvider) KnownComponentNames(org.infinispan.factories.KnownComponentNames) GlobalConfigurationManager(org.infinispan.globalstate.GlobalConfigurationManager) Log(org.infinispan.server.logging.Log) WildFlyElytronHttpSpnegoProvider(org.wildfly.security.http.spnego.WildFlyElytronHttpSpnegoProvider) WildFlyElytronHttpClientCertProvider(org.wildfly.security.http.cert.WildFlyElytronHttpClientCertProvider) BasicComponentRegistry(org.infinispan.factories.impl.BasicComponentRegistry) DefaultCacheManager(org.infinispan.manager.DefaultCacheManager) ConfigurationBuilderHolder(org.infinispan.configuration.parsing.ConfigurationBuilderHolder) Map(java.util.Map) TaskManager(org.infinispan.tasks.TaskManager) DataSourceConfiguration(org.infinispan.server.configuration.DataSourceConfiguration) ElytronSASLAuthenticationProvider(org.infinispan.server.security.ElytronSASLAuthenticationProvider) ServerStateManagerImpl(org.infinispan.server.state.ServerStateManagerImpl) Path(java.nio.file.Path) NamingManager(javax.naming.spi.NamingManager) HotRodServer(org.infinispan.server.hotrod.HotRodServer) WildFlyElytronSaslExternalProvider(org.wildfly.security.sasl.external.WildFlyElytronSaslExternalProvider) WildFlyElytronSaslScramProvider(org.wildfly.security.sasl.scram.WildFlyElytronSaslScramProvider) InitialContext(javax.naming.InitialContext) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) JGroupsTransport(org.infinispan.remoting.transport.jgroups.JGroupsTransport) NamedSocketFactory(org.infinispan.remoting.transport.jgroups.NamedSocketFactory) AuthorizationPermission(org.infinispan.security.AuthorizationPermission) Set(java.util.Set) EndpointConfiguration(org.infinispan.server.configuration.endpoint.EndpointConfiguration) Executors(java.util.concurrent.Executors) ComponentStatus(org.infinispan.lifecycle.ComponentStatus) RouteDestination(org.infinispan.server.router.routes.RouteDestination) CompletionStage(java.util.concurrent.CompletionStage) ConfigurationFor(org.infinispan.commons.configuration.ConfigurationFor) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) SerializeWith(org.infinispan.commons.marshall.SerializeWith) ProtocolServerConfiguration(org.infinispan.server.core.configuration.ProtocolServerConfiguration) RouteSource(org.infinispan.server.router.routes.RouteSource) StringBuilderWriter(org.infinispan.commons.io.StringBuilderWriter) SerializableFunction(org.infinispan.util.function.SerializableFunction) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) EndpointConfigurationBuilder(org.infinispan.server.configuration.endpoint.EndpointConfigurationBuilder) Supplier(java.util.function.Supplier) EmbeddedCacheManager(org.infinispan.manager.EmbeddedCacheManager) ClusterExecutor(org.infinispan.manager.ClusterExecutor) WildFlyElytronSaslLocalUserProvider(org.wildfly.security.sasl.localuser.WildFlyElytronSaslLocalUserProvider) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) ProtocolServerConfigurationBuilder(org.infinispan.server.core.configuration.ProtocolServerConfigurationBuilder) Address(org.infinispan.remoting.transport.Address) Route(org.infinispan.server.router.routes.Route) PrivilegedActionException(java.security.PrivilegedActionException) Properties(java.util.Properties) GlobalConfigurationBuilder(org.infinispan.configuration.global.GlobalConfigurationBuilder) IOException(java.io.IOException) Authenticator(org.infinispan.rest.authentication.Authenticator) ServerManagement(org.infinispan.server.core.ServerManagement) InputStreamReader(java.io.InputStreamReader) TransportSecurityConfiguration(org.infinispan.server.configuration.security.TransportSecurityConfiguration) File(java.io.File) BackupManager(org.infinispan.server.core.BackupManager) WildFlyElytronSaslGs2Provider(org.wildfly.security.sasl.gs2.WildFlyElytronSaslGs2Provider) ServerConfiguration(org.infinispan.server.configuration.ServerConfiguration) Paths(java.nio.file.Paths) RespServerConfiguration(org.infinispan.server.resp.configuration.RespServerConfiguration) BufferedReader(java.io.BufferedReader) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) DefaultTimeService(org.infinispan.commons.time.DefaultTimeService) ConfigurationWriter(org.infinispan.commons.configuration.io.ConfigurationWriter) URL(java.net.URL) ObjectOutput(java.io.ObjectOutput) ServerAdminOperationsHandler(org.infinispan.server.tasks.admin.ServerAdminOperationsHandler) LoggingAuditLogger(org.infinispan.security.audit.LoggingAuditLogger) ProtocolServer(org.infinispan.server.core.ProtocolServer) CompletableFutures(org.infinispan.util.concurrent.CompletableFutures) ProcessInfo(org.infinispan.commons.jdkspecific.ProcessInfo) CacheConfigurationException(org.infinispan.commons.CacheConfigurationException) WildFlyElytronHttpBearerProvider(org.wildfly.security.http.bearer.WildFlyElytronHttpBearerProvider) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination) Collectors(java.util.stream.Collectors) List(java.util.List) OS(org.infinispan.commons.util.OS) ObjectInput(java.io.ObjectInput) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) SinglePortRouterConfiguration(org.infinispan.server.router.configuration.SinglePortRouterConfiguration) RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) WildFlyElytronHttpDigestProvider(org.wildfly.security.http.digest.WildFlyElytronHttpDigestProvider) RestServer(org.infinispan.rest.RestServer) HashMap(java.util.HashMap) CompletableFuture(java.util.concurrent.CompletableFuture) WildFlyElytronSaslOAuth2Provider(org.wildfly.security.sasl.oauth2.WildFlyElytronSaslOAuth2Provider) RequestTracer(org.infinispan.server.core.RequestTracer) WildFlyElytronSaslGssapiProvider(org.wildfly.security.sasl.gssapi.WildFlyElytronSaslGssapiProvider) ServerStateManager(org.infinispan.server.core.ServerStateManager) Version(org.infinispan.commons.util.Version) BackupManagerImpl(org.infinispan.server.core.backup.BackupManagerImpl) WildFlyElytronSaslDigestProvider(org.wildfly.security.sasl.digest.WildFlyElytronSaslDigestProvider) DataSource(javax.sql.DataSource) ServerConfigurationSerializer(org.infinispan.server.configuration.ServerConfigurationSerializer) ElytronRESPAuthenticator(org.infinispan.server.security.ElytronRESPAuthenticator) Util(org.infinispan.commons.util.Util) RoutingTable(org.infinispan.server.router.RoutingTable) ServerInitialContextFactoryBuilder(org.infinispan.server.context.ServerInitialContextFactoryBuilder) HotRodServerConfiguration(org.infinispan.server.hotrod.configuration.HotRodServerConfiguration) RespServer(org.infinispan.server.resp.RespServer) Security(org.infinispan.security.Security) TimeUnit(java.util.concurrent.TimeUnit) WildFlyElytronSaslPlainProvider(org.wildfly.security.sasl.plain.WildFlyElytronSaslPlainProvider) ServerConfigurationBuilder(org.infinispan.server.configuration.ServerConfigurationBuilder) Configuration(org.infinispan.configuration.cache.Configuration) ParserRegistry(org.infinispan.configuration.parsing.ParserRegistry) ElytronHTTPAuthenticator(org.infinispan.server.security.ElytronHTTPAuthenticator) SinglePortEndpointRouter(org.infinispan.server.router.router.impl.singleport.SinglePortEndpointRouter) BlockingManager(org.infinispan.util.concurrent.BlockingManager) Collections(java.util.Collections) LogManager(org.apache.logging.log4j.LogManager) TimeService(org.infinispan.commons.time.TimeService) ProtocolServerConfiguration(org.infinispan.server.core.configuration.ProtocolServerConfiguration) ServerConfiguration(org.infinispan.server.configuration.ServerConfiguration) RespServerConfiguration(org.infinispan.server.resp.configuration.RespServerConfiguration) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) HotRodServerConfiguration(org.infinispan.server.hotrod.configuration.HotRodServerConfiguration) HotRodServerConfiguration(org.infinispan.server.hotrod.configuration.HotRodServerConfiguration) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) DataSourceConfiguration(org.infinispan.server.configuration.DataSourceConfiguration) BasicComponentRegistry(org.infinispan.factories.impl.BasicComponentRegistry) ProtocolServer(org.infinispan.server.core.ProtocolServer) GlobalConfigurationManager(org.infinispan.globalstate.GlobalConfigurationManager) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) RouteSource(org.infinispan.server.router.routes.RouteSource) BackupManagerImpl(org.infinispan.server.core.backup.BackupManagerImpl) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) SinglePortEndpointRouter(org.infinispan.server.router.router.impl.singleport.SinglePortEndpointRouter) RespServerConfiguration(org.infinispan.server.resp.configuration.RespServerConfiguration) RespServer(org.infinispan.server.resp.RespServer) Route(org.infinispan.server.router.routes.Route) Path(java.nio.file.Path) DefaultCacheManager(org.infinispan.manager.DefaultCacheManager) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) ServerStateManagerImpl(org.infinispan.server.state.ServerStateManagerImpl) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) InitialContext(javax.naming.InitialContext) PrivilegedActionException(java.security.PrivilegedActionException) IOException(java.io.IOException) CacheConfigurationException(org.infinispan.commons.CacheConfigurationException) DataSource(javax.sql.DataSource) SinglePortRouterConfiguration(org.infinispan.server.router.configuration.SinglePortRouterConfiguration) RestServer(org.infinispan.rest.RestServer) ProtocolServerConfiguration(org.infinispan.server.core.configuration.ProtocolServerConfiguration) RoutingTable(org.infinispan.server.router.RoutingTable) HotRodServer(org.infinispan.server.hotrod.HotRodServer) EndpointConfiguration(org.infinispan.server.configuration.endpoint.EndpointConfiguration) RouteDestination(org.infinispan.server.router.routes.RouteDestination) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination)

Example 3 with ProtocolServer

use of org.infinispan.server.core.ProtocolServer in project infinispan by infinispan.

the class Server method getLoginConfiguration.

@Override
public Map<String, String> getLoginConfiguration(ProtocolServer protocolServer) {
    Map<String, String> loginConfiguration = new HashMap<>();
    // Get the REST endpoint's authentication configuration
    RestServerConfiguration rest = (RestServerConfiguration) protocolServer.getConfiguration();
    if (rest.authentication().mechanisms().contains("BEARER_TOKEN")) {
        // Find the token realm
        RealmConfiguration realm = serverConfiguration.security().realms().getRealm(rest.authentication().securityRealm());
        TokenRealmConfiguration realmConfiguration = realm.realmProviders().stream().filter(r -> r instanceof TokenRealmConfiguration).map(r -> (TokenRealmConfiguration) r).findFirst().get();
        loginConfiguration.put("mode", "OIDC");
        loginConfiguration.put("url", realmConfiguration.authServerUrl());
        loginConfiguration.put("realm", realmConfiguration.name());
        loginConfiguration.put("clientId", realmConfiguration.clientId());
    } else {
        loginConfiguration.put("mode", "HTTP");
        for (String mechanism : rest.authentication().mechanisms()) {
            loginConfiguration.put(mechanism, "true");
        }
    }
    Authenticator authenticator = rest.authentication().authenticator();
    loginConfiguration.put("ready", Boolean.toString(authenticator == null || authenticator.isReadyForHttpChallenge()));
    return loginConfiguration;
}
Also used : SSLContext(javax.net.ssl.SSLContext) ConfigurationBuilder(org.infinispan.configuration.cache.ConfigurationBuilder) LogFactory(org.infinispan.util.logging.LogFactory) DataSourceFactory(org.infinispan.server.datasource.DataSourceFactory) WildFlyElytronHttpBasicProvider(org.wildfly.security.http.basic.WildFlyElytronHttpBasicProvider) KnownComponentNames(org.infinispan.factories.KnownComponentNames) GlobalConfigurationManager(org.infinispan.globalstate.GlobalConfigurationManager) Log(org.infinispan.server.logging.Log) WildFlyElytronHttpSpnegoProvider(org.wildfly.security.http.spnego.WildFlyElytronHttpSpnegoProvider) WildFlyElytronHttpClientCertProvider(org.wildfly.security.http.cert.WildFlyElytronHttpClientCertProvider) BasicComponentRegistry(org.infinispan.factories.impl.BasicComponentRegistry) DefaultCacheManager(org.infinispan.manager.DefaultCacheManager) ConfigurationBuilderHolder(org.infinispan.configuration.parsing.ConfigurationBuilderHolder) Map(java.util.Map) TaskManager(org.infinispan.tasks.TaskManager) DataSourceConfiguration(org.infinispan.server.configuration.DataSourceConfiguration) ElytronSASLAuthenticationProvider(org.infinispan.server.security.ElytronSASLAuthenticationProvider) ServerStateManagerImpl(org.infinispan.server.state.ServerStateManagerImpl) Path(java.nio.file.Path) NamingManager(javax.naming.spi.NamingManager) HotRodServer(org.infinispan.server.hotrod.HotRodServer) WildFlyElytronSaslExternalProvider(org.wildfly.security.sasl.external.WildFlyElytronSaslExternalProvider) WildFlyElytronSaslScramProvider(org.wildfly.security.sasl.scram.WildFlyElytronSaslScramProvider) InitialContext(javax.naming.InitialContext) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) JGroupsTransport(org.infinispan.remoting.transport.jgroups.JGroupsTransport) NamedSocketFactory(org.infinispan.remoting.transport.jgroups.NamedSocketFactory) AuthorizationPermission(org.infinispan.security.AuthorizationPermission) Set(java.util.Set) EndpointConfiguration(org.infinispan.server.configuration.endpoint.EndpointConfiguration) Executors(java.util.concurrent.Executors) ComponentStatus(org.infinispan.lifecycle.ComponentStatus) RouteDestination(org.infinispan.server.router.routes.RouteDestination) CompletionStage(java.util.concurrent.CompletionStage) ConfigurationFor(org.infinispan.commons.configuration.ConfigurationFor) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) SerializeWith(org.infinispan.commons.marshall.SerializeWith) ProtocolServerConfiguration(org.infinispan.server.core.configuration.ProtocolServerConfiguration) RouteSource(org.infinispan.server.router.routes.RouteSource) StringBuilderWriter(org.infinispan.commons.io.StringBuilderWriter) SerializableFunction(org.infinispan.util.function.SerializableFunction) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) EndpointConfigurationBuilder(org.infinispan.server.configuration.endpoint.EndpointConfigurationBuilder) Supplier(java.util.function.Supplier) EmbeddedCacheManager(org.infinispan.manager.EmbeddedCacheManager) ClusterExecutor(org.infinispan.manager.ClusterExecutor) WildFlyElytronSaslLocalUserProvider(org.wildfly.security.sasl.localuser.WildFlyElytronSaslLocalUserProvider) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) ProtocolServerConfigurationBuilder(org.infinispan.server.core.configuration.ProtocolServerConfigurationBuilder) Address(org.infinispan.remoting.transport.Address) Route(org.infinispan.server.router.routes.Route) PrivilegedActionException(java.security.PrivilegedActionException) Properties(java.util.Properties) GlobalConfigurationBuilder(org.infinispan.configuration.global.GlobalConfigurationBuilder) IOException(java.io.IOException) Authenticator(org.infinispan.rest.authentication.Authenticator) ServerManagement(org.infinispan.server.core.ServerManagement) InputStreamReader(java.io.InputStreamReader) TransportSecurityConfiguration(org.infinispan.server.configuration.security.TransportSecurityConfiguration) File(java.io.File) BackupManager(org.infinispan.server.core.BackupManager) WildFlyElytronSaslGs2Provider(org.wildfly.security.sasl.gs2.WildFlyElytronSaslGs2Provider) ServerConfiguration(org.infinispan.server.configuration.ServerConfiguration) Paths(java.nio.file.Paths) RespServerConfiguration(org.infinispan.server.resp.configuration.RespServerConfiguration) BufferedReader(java.io.BufferedReader) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) DefaultTimeService(org.infinispan.commons.time.DefaultTimeService) ConfigurationWriter(org.infinispan.commons.configuration.io.ConfigurationWriter) URL(java.net.URL) ObjectOutput(java.io.ObjectOutput) ServerAdminOperationsHandler(org.infinispan.server.tasks.admin.ServerAdminOperationsHandler) LoggingAuditLogger(org.infinispan.security.audit.LoggingAuditLogger) ProtocolServer(org.infinispan.server.core.ProtocolServer) CompletableFutures(org.infinispan.util.concurrent.CompletableFutures) ProcessInfo(org.infinispan.commons.jdkspecific.ProcessInfo) CacheConfigurationException(org.infinispan.commons.CacheConfigurationException) WildFlyElytronHttpBearerProvider(org.wildfly.security.http.bearer.WildFlyElytronHttpBearerProvider) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination) Collectors(java.util.stream.Collectors) List(java.util.List) OS(org.infinispan.commons.util.OS) ObjectInput(java.io.ObjectInput) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) SinglePortRouterConfiguration(org.infinispan.server.router.configuration.SinglePortRouterConfiguration) RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) WildFlyElytronHttpDigestProvider(org.wildfly.security.http.digest.WildFlyElytronHttpDigestProvider) RestServer(org.infinispan.rest.RestServer) HashMap(java.util.HashMap) CompletableFuture(java.util.concurrent.CompletableFuture) WildFlyElytronSaslOAuth2Provider(org.wildfly.security.sasl.oauth2.WildFlyElytronSaslOAuth2Provider) RequestTracer(org.infinispan.server.core.RequestTracer) WildFlyElytronSaslGssapiProvider(org.wildfly.security.sasl.gssapi.WildFlyElytronSaslGssapiProvider) ServerStateManager(org.infinispan.server.core.ServerStateManager) Version(org.infinispan.commons.util.Version) BackupManagerImpl(org.infinispan.server.core.backup.BackupManagerImpl) WildFlyElytronSaslDigestProvider(org.wildfly.security.sasl.digest.WildFlyElytronSaslDigestProvider) DataSource(javax.sql.DataSource) ServerConfigurationSerializer(org.infinispan.server.configuration.ServerConfigurationSerializer) ElytronRESPAuthenticator(org.infinispan.server.security.ElytronRESPAuthenticator) Util(org.infinispan.commons.util.Util) RoutingTable(org.infinispan.server.router.RoutingTable) ServerInitialContextFactoryBuilder(org.infinispan.server.context.ServerInitialContextFactoryBuilder) HotRodServerConfiguration(org.infinispan.server.hotrod.configuration.HotRodServerConfiguration) RespServer(org.infinispan.server.resp.RespServer) Security(org.infinispan.security.Security) TimeUnit(java.util.concurrent.TimeUnit) WildFlyElytronSaslPlainProvider(org.wildfly.security.sasl.plain.WildFlyElytronSaslPlainProvider) ServerConfigurationBuilder(org.infinispan.server.configuration.ServerConfigurationBuilder) Configuration(org.infinispan.configuration.cache.Configuration) ParserRegistry(org.infinispan.configuration.parsing.ParserRegistry) ElytronHTTPAuthenticator(org.infinispan.server.security.ElytronHTTPAuthenticator) SinglePortEndpointRouter(org.infinispan.server.router.router.impl.singleport.SinglePortEndpointRouter) BlockingManager(org.infinispan.util.concurrent.BlockingManager) Collections(java.util.Collections) LogManager(org.apache.logging.log4j.LogManager) TimeService(org.infinispan.commons.time.TimeService) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) Authenticator(org.infinispan.rest.authentication.Authenticator) ElytronRESPAuthenticator(org.infinispan.server.security.ElytronRESPAuthenticator) ElytronHTTPAuthenticator(org.infinispan.server.security.ElytronHTTPAuthenticator)

Example 4 with ProtocolServer

use of org.infinispan.server.core.ProtocolServer in project infinispan by infinispan.

the class SinglePortEndpointRouter method getInitializer.

@Override
public ChannelInitializer<Channel> getInitializer() {
    Map<String, ProtocolServer<?>> upgradeServers = new HashMap<>();
    RestServer restServer = routingTable.streamRoutes(SinglePortRouteSource.class, RestServerRouteDestination.class).findFirst().map(r -> r.getRouteDestination().getProtocolServer()).orElseThrow(() -> new IllegalStateException("There must be a REST route!"));
    routingTable.streamRoutes(SinglePortRouteSource.class, HotRodServerRouteDestination.class).findFirst().ifPresent(r -> upgradeServers.put("HR", r.getRouteDestination().getProtocolServer()));
    routingTable.streamRoutes(SinglePortRouteSource.class, RespServerRouteDestination.class).findFirst().ifPresent(r -> upgradeServers.put("RP", r.getRouteDestination().getProtocolServer()));
    SinglePortChannelInitializer restChannelInitializer = new SinglePortChannelInitializer(this, transport, restServer, upgradeServers);
    return new NettyInitializers(restChannelInitializer);
}
Also used : RestServer(org.infinispan.rest.RestServer) RouterLogger(org.infinispan.server.router.logging.RouterLogger) SinglePortRouterConfiguration(org.infinispan.server.router.configuration.SinglePortRouterConfiguration) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) NettyTransport(org.infinispan.server.core.transport.NettyTransport) SecurityActions.getGlobalComponentRegistry(org.infinispan.server.router.router.impl.singleport.SecurityActions.getGlobalComponentRegistry) RestServer(org.infinispan.rest.RestServer) ChannelInboundHandler(io.netty.channel.ChannelInboundHandler) HashMap(java.util.HashMap) InetAddress(java.net.InetAddress) BasicComponentRegistry(org.infinispan.factories.impl.BasicComponentRegistry) AbstractProtocolServer(org.infinispan.server.core.AbstractProtocolServer) ProtocolServer(org.infinispan.server.core.ProtocolServer) EmbeddedCacheManager(org.infinispan.manager.EmbeddedCacheManager) Map(java.util.Map) ChannelMatcher(io.netty.channel.group.ChannelMatcher) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) ChannelInitializer(io.netty.channel.ChannelInitializer) ChannelOutboundHandler(io.netty.channel.ChannelOutboundHandler) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination) RoutingTable(org.infinispan.server.router.RoutingTable) InetSocketAddress(java.net.InetSocketAddress) UnknownHostException(java.net.UnknownHostException) Channel(io.netty.channel.Channel) NettyInitializers(org.infinispan.server.core.transport.NettyInitializers) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) EndpointRouter(org.infinispan.server.router.router.EndpointRouter) AbstractProtocolServer(org.infinispan.server.core.AbstractProtocolServer) ProtocolServer(org.infinispan.server.core.ProtocolServer) HashMap(java.util.HashMap) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) NettyInitializers(org.infinispan.server.core.transport.NettyInitializers) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination)

Example 5 with ProtocolServer

use of org.infinispan.server.core.ProtocolServer in project infinispan by infinispan.

the class ServerResource method connectorIpFilterSet.

private CompletionStage<RestResponse> connectorIpFilterSet(RestRequest restRequest) {
    NettyRestResponse.Builder builder = new NettyRestResponse.Builder().status(NO_CONTENT);
    String connectorName = restRequest.variables().get("connector");
    ProtocolServer connector = invocationHelper.getServer().getProtocolServers().get(connectorName);
    if (connector == null)
        return completedFuture(builder.status(NOT_FOUND).build());
    Json json = Json.read(restRequest.contents().asString());
    if (!json.isArray()) {
        return completedFuture(builder.status(BAD_REQUEST).build());
    }
    List<Json> list = json.asJsonList();
    List<IpSubnetFilterRule> rules = new ArrayList<>(list.size());
    for (Json o : list) {
        if (!o.has("type") || !o.has("cidr")) {
            return completedFuture(builder.status(BAD_REQUEST).build());
        } else {
            rules.add(new IpSubnetFilterRule(o.at("cidr").asString(), IpFilterRuleType.valueOf(o.at("type").asString())));
        }
    }
    // Verify that none of the REJECT rules match the address from which the request was made
    if (connector.equals(invocationHelper.getProtocolServer()) || connector.equals(invocationHelper.getProtocolServer().getEnclosingProtocolServer())) {
        InetSocketAddress remoteAddress = restRequest.getRemoteAddress();
        for (IpSubnetFilterRule rule : rules) {
            if (rule.ruleType() == IpFilterRuleType.REJECT && rule.matches(remoteAddress)) {
                return completedFuture(builder.status(CONFLICT).entity(Messages.MSG.rejectRuleMatchesRequestAddress(rule, remoteAddress)).build());
            }
        }
    }
    ServerStateManager serverStateManager = invocationHelper.getServer().getServerStateManager();
    return Security.doAs(restRequest.getSubject(), (PrivilegedAction<CompletionStage<RestResponse>>) () -> serverStateManager.setConnectorIpFilterRule(connectorName, rules).thenApply(r -> builder.build()));
}
Also used : ProtocolServer(org.infinispan.server.core.ProtocolServer) ServerStateManager(org.infinispan.server.core.ServerStateManager) InetSocketAddress(java.net.InetSocketAddress) ArrayList(java.util.ArrayList) ResourceUtil.addEntityAsJson(org.infinispan.rest.resources.ResourceUtil.addEntityAsJson) Json(org.infinispan.commons.dataconversion.internal.Json) NettyRestResponse(org.infinispan.rest.NettyRestResponse) CompletionStage(java.util.concurrent.CompletionStage) IpSubnetFilterRule(org.infinispan.server.core.transport.IpSubnetFilterRule)

Aggregations

ProtocolServer (org.infinispan.server.core.ProtocolServer)9 CompletionStage (java.util.concurrent.CompletionStage)6 NettyRestResponse (org.infinispan.rest.NettyRestResponse)5 ServerStateManager (org.infinispan.server.core.ServerStateManager)4 HashMap (java.util.HashMap)3 Map (java.util.Map)3 BasicComponentRegistry (org.infinispan.factories.impl.BasicComponentRegistry)3 EmbeddedCacheManager (org.infinispan.manager.EmbeddedCacheManager)3 RestServer (org.infinispan.rest.RestServer)3 RoutingTable (org.infinispan.server.router.RoutingTable)3 SinglePortRouterConfiguration (org.infinispan.server.router.configuration.SinglePortRouterConfiguration)3 HotRodServerRouteDestination (org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination)3 RespServerRouteDestination (org.infinispan.server.router.routes.resp.RespServerRouteDestination)3 RestServerRouteDestination (org.infinispan.server.router.routes.rest.RestServerRouteDestination)3 SinglePortRouteSource (org.infinispan.server.router.routes.singleport.SinglePortRouteSource)3 BufferedReader (java.io.BufferedReader)2 File (java.io.File)2 IOException (java.io.IOException)2 InputStreamReader (java.io.InputStreamReader)2 ObjectInput (java.io.ObjectInput)2