This is an automated email from the ASF dual-hosted git repository.
udo pushed a commit to branch feature/GEODE-3705
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/feature/GEODE-3705 by this
push:
new 4a8b763 GEODE-3705: Applying changes from review
4a8b763 is described below
commit 4a8b76370e6aca2e9ff017805ff78581b1f79937
Author: kohlmu-pivotal <[email protected]>
AuthorDate: Tue Oct 24 13:47:48 2017 -0700
GEODE-3705: Applying changes from review
---
.../java/org/apache/geode/internal/protocol/Failure.java | 2 +-
.../apache/geode/internal/protocol/ProtocolErrorCode.java | 1 +
.../internal/protocol/protobuf/ProtobufOpsProcessor.java | 1 +
.../security/AuthenticationRequestOperationHandler.java | 14 +++++++++++++-
.../internal/protocol/security/NoOpAuthenticator.java | 2 +-
.../internal/protocol/security/SecurityLookupService.java | 2 +-
.../protobuf/ProtobufShiroAuthenticatorJUnitTest.java | 4 ++--
7 files changed, 20 insertions(+), 6 deletions(-)
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
index 7bb22e7..f390247 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/Failure.java
@@ -27,7 +27,7 @@ public class Failure<SuccessType> implements
Result<SuccessType> {
this.errorResponse = errorResponse;
}
- public static <T, V> Failure<T> of(ClientProtocol.ErrorResponse
errorResponse) {
+ public static <T> Failure<T> of(ClientProtocol.ErrorResponse errorResponse) {
return new Failure<>(errorResponse);
}
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
index c9813c1..302889c 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtocolErrorCode.java
@@ -22,6 +22,7 @@ public enum ProtocolErrorCode {
UNSUPPORTED_AUTHENTICATION_MODE(1103),
AUTHENTICATION_FAILED(1200),
AUTHORIZATION_FAILED(1201),
+ ALREADY_AUTHENTICATED(1202),
LOW_MEMORY(1300),
DATA_UNREACHABLE(1301),
OPERATION_TIMEOUT(1302),
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
index 5529553..5968e8e 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
@@ -67,6 +67,7 @@ public class ProtobufOpsProcessor {
.of(ProtobufResponseUtilities.makeErrorResponse(AUTHENTICATION_FAILED,
e.getMessage()));
} catch (NotAuthorizedException e) {
logger.warn(e);
+ messageExecutionContext.getStatistics().incAuthorizationViolations();
result =
Failure.of(ProtobufResponseUtilities.makeErrorResponse(AUTHORIZATION_FAILED,
"The user is not authorized to complete this operation"));
}
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
index eaaf87f..ffc3c04 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/operations/security/AuthenticationRequestOperationHandler.java
@@ -44,6 +44,14 @@ public class AuthenticationRequestOperationHandler implements
SerializationService serializationService,
AuthenticationAPI.AuthenticationRequest request,
MessageExecutionContext messageExecutionContext) throws
InvalidExecutionContextException {
+ if (messageExecutionContext.getAuthenticationToken() != null) {
+ return Failure.of(ClientProtocol.ErrorResponse.newBuilder()
+ .setError(buildAndLogError(ProtocolErrorCode.ALREADY_AUTHENTICATED,
+ "The user has already been authenticated for this connection.
Re-authentication is not supported at this time.",
+ null))
+ .build());
+ }
+
Authenticator authenticator = messageExecutionContext.getAuthenticator();
Properties properties = new Properties();
properties.putAll(request.getCredentialsMap());
@@ -66,7 +74,11 @@ public class AuthenticationRequestOperationHandler implements
private BasicTypes.Error buildAndLogError(ProtocolErrorCode errorCode,
String message,
Exception ex) {
- logger.warn(message, ex);
+ if (ex == null) {
+ logger.warn(message);
+ } else {
+ logger.warn(message, ex);
+ }
return
BasicTypes.Error.newBuilder().setErrorCode(errorCode.codeValue).setMessage(message)
.build();
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
index 9cdeb6e..022fa30 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/NoOpAuthenticator.java
@@ -29,6 +29,6 @@ public class NoOpAuthenticator implements
Authenticator<Object, Object> {
@Override
public Object authenticate(Object inputObject) throws
AuthenticationFailedException {
- return new Object();
+ return null;
}
}
diff --git
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
index dc70ec8..3d500d7 100644
---
a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
+++
b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/security/SecurityLookupService.java
@@ -47,7 +47,7 @@ public class SecurityLookupService {
}
public SecurityProcessor lookupProcessor(SecurityService securityService) {
- return isSecurityEnabled(securityService) ? securityProcessors[1] :
securityProcessors[0];
+ return securityProcessors[isSecurityEnabled(securityService) ? 1 : 0];
}
public Authenticator lookupAuthenticator(SecurityService securityService) {
diff --git
a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
index 9b0ea9d..1dfdfd7 100644
---
a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
+++
b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
@@ -41,8 +41,8 @@ import org.apache.geode.test.junit.categories.UnitTest;
public class ProtobufShiroAuthenticatorJUnitTest {
private static final String TEST_USERNAME = "user1";
private static final String TEST_PASSWORD = "hunter2";
- private ByteArrayInputStream byteArrayInputStream; // initialized with an
incoming request in
- // setUp.
+ // initialized with an incoming request in setUp.
+ private ByteArrayInputStream byteArrayInputStream;
private ByteArrayOutputStream byteArrayOutputStream;
private ProtobufShiroAuthenticator protobufShiroAuthenticator;
private SecurityService mockSecurityService;
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
