Repository: cassandra Updated Branches: refs/heads/trunk 3c00a0674 -> f00e7a773
Expose metrics around client authentication Patch by Soumava Ghosh; reviewed by Sam Tunnicliffe and Chris Lohfink for CASSANDRA-10635 Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/f00e7a77 Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/f00e7a77 Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/f00e7a77 Branch: refs/heads/trunk Commit: f00e7a77313eb4e5d4d7159747bc88e1978adbe0 Parents: 3c00a06 Author: Soumava Ghosh <[email protected]> Authored: Fri Jun 17 09:56:33 2016 -0700 Committer: Sam Tunnicliffe <[email protected]> Committed: Fri Jul 15 13:11:52 2016 +0100 ---------------------------------------------------------------------- CHANGES.txt | 1 + NEWS.txt | 4 ++ .../apache/cassandra/metrics/AuthMetrics.java | 40 ++++++++++++++++++++ .../apache/cassandra/metrics/ClientMetrics.java | 22 ++++++----- .../service/NativeTransportService.java | 3 ++ .../transport/messages/AuthResponse.java | 3 ++ .../transport/messages/CredentialsMessage.java | 3 ++ 7 files changed, 66 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/CHANGES.txt ---------------------------------------------------------------------- diff --git a/CHANGES.txt b/CHANGES.txt index ec4be3e..caa0625 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,5 @@ 3.10 + * Expose metrics for successful/failed authentication attempts (CASSANDRA-10635) * Prepend snapshot name with "truncated" or "dropped" when a snapshot is taken before truncating or dropping a table (CASSANDRA-12178) * Optimize RestrictionSet (CASSANDRA-12153) http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/NEWS.txt ---------------------------------------------------------------------- diff --git a/NEWS.txt b/NEWS.txt index 56fb8cf..99948fe 100644 --- a/NEWS.txt +++ b/NEWS.txt @@ -32,6 +32,10 @@ New features - Snapshots that are automatically taken before a table is dropped or truncated will have a "dropped" or "truncated" prefix on their snapshot tag name. + - Metrics are exposed for successful and failed authentication attempts. + These can be located using the object names org.apache.cassandra.metrics:type=Client,name=AuthSuccess + and org.apache.cassandra.metrics:type=Client,name=AuthFailure respectively. + Upgrading --------- - Nothing specific to 3.10 but please see previous versions upgrading section, http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/src/java/org/apache/cassandra/metrics/AuthMetrics.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/metrics/AuthMetrics.java b/src/java/org/apache/cassandra/metrics/AuthMetrics.java new file mode 100644 index 0000000..126738c --- /dev/null +++ b/src/java/org/apache/cassandra/metrics/AuthMetrics.java @@ -0,0 +1,40 @@ +package org.apache.cassandra.metrics; + +import com.codahale.metrics.Meter; + +/** + * Metrics about authentication + */ +public class AuthMetrics +{ + + public static final AuthMetrics instance = new AuthMetrics(); + + public static void init() + { + // no-op, just used to force instance creation + } + + /** Number and rate of successful logins */ + protected final Meter success; + + /** Number and rate of login failures */ + protected final Meter failure; + + private AuthMetrics() + { + + success = ClientMetrics.instance.addMeter("AuthSuccess"); + failure = ClientMetrics.instance.addMeter("AuthFailure"); + } + + public void markSuccess() + { + success.mark(); + } + + public void markFailure() + { + failure.mark(); + } +} http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/src/java/org/apache/cassandra/metrics/ClientMetrics.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/metrics/ClientMetrics.java b/src/java/org/apache/cassandra/metrics/ClientMetrics.java index 4a384eb..db6422c 100644 --- a/src/java/org/apache/cassandra/metrics/ClientMetrics.java +++ b/src/java/org/apache/cassandra/metrics/ClientMetrics.java @@ -21,6 +21,7 @@ package org.apache.cassandra.metrics; import java.util.concurrent.Callable; import com.codahale.metrics.Gauge; +import com.codahale.metrics.Meter; import static org.apache.cassandra.metrics.CassandraMetricsRegistry.Metrics; @@ -37,18 +38,19 @@ public class ClientMetrics public void addCounter(String name, final Callable<Integer> provider) { - Metrics.register(factory.createMetricName(name), new Gauge<Integer>() - { - public Integer getValue() + Metrics.register(factory.createMetricName(name), (Gauge<Integer>) () -> { + try { - try - { - return provider.call(); - } catch (Exception e) - { - throw new RuntimeException(e); - } + return provider.call(); + } catch (Exception e) + { + throw new RuntimeException(e); } }); } + + public Meter addMeter(String name) + { + return Metrics.meter(factory.createMetricName(name)); + } } http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/src/java/org/apache/cassandra/service/NativeTransportService.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/service/NativeTransportService.java b/src/java/org/apache/cassandra/service/NativeTransportService.java index 48839f1..70debeb 100644 --- a/src/java/org/apache/cassandra/service/NativeTransportService.java +++ b/src/java/org/apache/cassandra/service/NativeTransportService.java @@ -34,6 +34,7 @@ import io.netty.channel.nio.NioEventLoopGroup; import io.netty.util.concurrent.EventExecutor; import io.netty.util.concurrent.Future; import org.apache.cassandra.config.DatabaseDescriptor; +import org.apache.cassandra.metrics.AuthMetrics; import org.apache.cassandra.metrics.ClientMetrics; import org.apache.cassandra.transport.RequestThreadPoolExecutor; import org.apache.cassandra.transport.Server; @@ -116,6 +117,8 @@ public class NativeTransportService return ret; }); + AuthMetrics.init(); + initialized = true; } http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/src/java/org/apache/cassandra/transport/messages/AuthResponse.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/transport/messages/AuthResponse.java b/src/java/org/apache/cassandra/transport/messages/AuthResponse.java index ca7a0c3..8b3e866 100644 --- a/src/java/org/apache/cassandra/transport/messages/AuthResponse.java +++ b/src/java/org/apache/cassandra/transport/messages/AuthResponse.java @@ -23,6 +23,7 @@ import io.netty.buffer.ByteBuf; import org.apache.cassandra.auth.AuthenticatedUser; import org.apache.cassandra.auth.IAuthenticator; import org.apache.cassandra.exceptions.AuthenticationException; +import org.apache.cassandra.metrics.AuthMetrics; import org.apache.cassandra.service.QueryState; import org.apache.cassandra.transport.*; @@ -77,6 +78,7 @@ public class AuthResponse extends Message.Request { AuthenticatedUser user = negotiator.getAuthenticatedUser(); queryState.getClientState().login(user); + AuthMetrics.instance.markSuccess(); // authentication is complete, send a ready message to the client return new AuthSuccess(challenge); } @@ -87,6 +89,7 @@ public class AuthResponse extends Message.Request } catch (AuthenticationException e) { + AuthMetrics.instance.markFailure(); return ErrorMessage.fromException(e); } } http://git-wip-us.apache.org/repos/asf/cassandra/blob/f00e7a77/src/java/org/apache/cassandra/transport/messages/CredentialsMessage.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/cassandra/transport/messages/CredentialsMessage.java b/src/java/org/apache/cassandra/transport/messages/CredentialsMessage.java index fc959ab..4c51cce 100644 --- a/src/java/org/apache/cassandra/transport/messages/CredentialsMessage.java +++ b/src/java/org/apache/cassandra/transport/messages/CredentialsMessage.java @@ -24,6 +24,7 @@ import io.netty.buffer.ByteBuf; import org.apache.cassandra.auth.AuthenticatedUser; import org.apache.cassandra.config.DatabaseDescriptor; import org.apache.cassandra.exceptions.AuthenticationException; +import org.apache.cassandra.metrics.AuthMetrics; import org.apache.cassandra.service.QueryState; import org.apache.cassandra.transport.CBUtil; import org.apache.cassandra.transport.Message; @@ -76,9 +77,11 @@ public class CredentialsMessage extends Message.Request { AuthenticatedUser user = DatabaseDescriptor.getAuthenticator().legacyAuthenticate(credentials); state.getClientState().login(user); + AuthMetrics.instance.markSuccess(); } catch (AuthenticationException e) { + AuthMetrics.instance.markFailure(); return ErrorMessage.fromException(e); }
