Repository: incubator-geode Updated Branches: refs/heads/develop 654b06ed2 -> febc634e8
GEODE-1973: having GMSAuthenticator work on a locator with no cache. Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/febc634e Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/febc634e Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/febc634e Branch: refs/heads/develop Commit: febc634e80ff902f161b5e3e09cb214199df9566 Parents: 654b06e Author: Jinmei Liao <[email protected]> Authored: Fri Oct 7 14:13:38 2016 -0700 Committer: Jinmei Liao <[email protected]> Committed: Fri Oct 7 15:08:23 2016 -0700 ---------------------------------------------------------------------- .../internal/membership/gms/auth/GMSAuthenticator.java | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/febc634e/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java index 8e4c15d..3cd9aa0 100755 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java @@ -22,6 +22,8 @@ import static org.apache.geode.internal.i18n.LocalizedStrings.*; import java.security.Principal; import java.util.Properties; +import org.apache.commons.lang.StringUtils; + import org.apache.geode.LogWriter; import org.apache.geode.distributed.DistributedMember; import org.apache.geode.distributed.internal.membership.InternalDistributedMember; @@ -106,7 +108,11 @@ public class GMSAuthenticator implements Authenticator { * Method is package protected to be used in testing. */ String authenticate(DistributedMember member, Properties credentials, Properties secProps) throws AuthenticationFailedException { - if (!securityService.isPeerSecurityRequired()) { + // For older systems, locator might be started without cache, so secureService may not be initialized here. We need to check + // if the passed in secProps has peer authenticator or not + String authMethod = secProps.getProperty(SECURITY_PEER_AUTHENTICATOR); + // at this point, + if (!securityService.isPeerSecurityRequired() && StringUtils.isBlank(authMethod)) { return null; } @@ -141,14 +147,13 @@ public class GMSAuthenticator implements Authenticator { * Method is package protected to be used in testing. */ Principal invokeAuthenticator(Properties securityProps, DistributedMember member, Properties credentials) throws AuthenticationFailedException { - String authMethod = securityProps.getProperty(SECURITY_PEER_AUTHENTICATOR); + String authMethod = securityProps.getProperty(SECURITY_PEER_AUTHENTICATOR); org.apache.geode.security.Authenticator auth = null; try { - auth = SecurityService.getObjectOfTypeFromFactoryMethod(authMethod, org.apache.geode.security.Authenticator.class); + auth = SecurityService.getObjectOfType(authMethod, org.apache.geode.security.Authenticator.class); LogWriter logWriter = this.services.getLogWriter(); LogWriter securityLogWriter = this.services.getSecurityLogWriter(); - auth.init(this.securityProps, logWriter, securityLogWriter); // this.securityProps contains security-ldap-basedn but security-ldap-baseDomainName is expected return auth.authenticate(credentials, member);
