Repository: atlas Updated Branches: refs/heads/master 729d92386 -> 31eb3664c
ATLAS-2505: add client IP address in authorization requests Signed-off-by: Madhan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/atlas/repo Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/31eb3664 Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/31eb3664 Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/31eb3664 Branch: refs/heads/master Commit: 31eb3664ce8722f4323fa4a5369ebec26959aa1f Parents: 729d923 Author: nixonrodrigues <[email protected]> Authored: Mon Mar 19 16:32:59 2018 +0530 Committer: Madhan Neethiraj <[email protected]> Committed: Sun Mar 25 01:24:11 2018 -0700 ---------------------------------------------------------------------- authorization/pom.xml | 5 +++++ .../apache/atlas/authorize/AtlasAuthorizationUtils.java | 8 ++++---- .../src/main/java/org/apache/atlas/RequestContextV1.java | 10 ++++++++++ .../java/org/apache/atlas/web/filters/AuditFilter.java | 2 +- 4 files changed, 20 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/atlas/blob/31eb3664/authorization/pom.xml ---------------------------------------------------------------------- diff --git a/authorization/pom.xml b/authorization/pom.xml index 92be82e..62a6ebb 100644 --- a/authorization/pom.xml +++ b/authorization/pom.xml @@ -41,6 +41,11 @@ </dependency> <dependency> + <groupId>org.apache.atlas</groupId> + <artifactId>atlas-server-api</artifactId> + </dependency> + + <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>${javax.servlet.version}</version> http://git-wip-us.apache.org/repos/asf/atlas/blob/31eb3664/authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java ---------------------------------------------------------------------- diff --git a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java index 8c57946..e7726b9 100644 --- a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java +++ b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java @@ -33,7 +33,7 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.util.HashSet; import java.util.Set; - +import org.apache.atlas.RequestContextV1; public class AtlasAuthorizationUtils { private static final Logger LOG = LoggerFactory.getLogger(AtlasAuthorizationUtils.class); @@ -71,7 +71,7 @@ public class AtlasAuthorizationUtils { AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer(); request.setUser(userName, getCurrentUserGroups()); - + request.setClientIPAddress(RequestContextV1.get().getClientIPAddress()); ret = authorizer.isAccessAllowed(request); } catch (AtlasAuthorizationException e) { LOG.error("Unable to obtain AtlasAuthorizer", e); @@ -92,7 +92,7 @@ public class AtlasAuthorizationUtils { AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer(); request.setUser(getCurrentUserName(), getCurrentUserGroups()); - + request.setClientIPAddress(RequestContextV1.get().getClientIPAddress()); ret = authorizer.isAccessAllowed(request); } catch (AtlasAuthorizationException e) { LOG.error("Unable to obtain AtlasAuthorizer", e); @@ -113,7 +113,7 @@ public class AtlasAuthorizationUtils { AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer(); request.setUser(getCurrentUserName(), getCurrentUserGroups()); - + request.setClientIPAddress(RequestContextV1.get().getClientIPAddress()); ret = authorizer.isAccessAllowed(request); } catch (AtlasAuthorizationException e) { LOG.error("Unable to obtain AtlasAuthorizer", e); http://git-wip-us.apache.org/repos/asf/atlas/blob/31eb3664/server-api/src/main/java/org/apache/atlas/RequestContextV1.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/RequestContextV1.java b/server-api/src/main/java/org/apache/atlas/RequestContextV1.java index 4f96287..b7c5686 100644 --- a/server-api/src/main/java/org/apache/atlas/RequestContextV1.java +++ b/server-api/src/main/java/org/apache/atlas/RequestContextV1.java @@ -37,6 +37,8 @@ public class RequestContextV1 { private String user; private Set<String> userGroups; + private String clientIPAddress; + private RequestContextV1() { } @@ -79,6 +81,14 @@ public class RequestContextV1 { this.userGroups = userGroups; } + public String getClientIPAddress() { + return clientIPAddress; + } + + public void setClientIPAddress(String clientIPAddress) { + this.clientIPAddress = clientIPAddress; + } + public void recordEntityUpdate(AtlasObjectId entity) { if (entity != null && entity.getGuid() != null) { updatedEntities.put(entity.getGuid(), entity); http://git-wip-us.apache.org/repos/asf/atlas/blob/31eb3664/webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java b/webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java index 073d7ee..545f4c2 100755 --- a/webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java +++ b/webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java @@ -76,7 +76,7 @@ public class AuditFilter implements Filter { RequestContextV1.clear(); RequestContextV1 requestContext = RequestContextV1.get(); requestContext.setUser(user, userGroups); - + requestContext.setClientIPAddress(AtlasAuthorizationUtils.getRequestIpAddress(httpRequest)); filterChain.doFilter(request, response); } finally { long timeTaken = System.currentTimeMillis() - startTime;
