Re: Unable to get the security context
Hi! It will be available in 2.8. сб, 22 февр. 2020 г. в 15:53, VeenaMithare : > HI Denis, > > Which version of Apache Ignite are the changes you mention in the comment( > security context always not null ) above available with ? In 2.7.6 I do get > security context as null in authorize method. > > regards, > Veena. > > > > -- > Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/ >
Re: Unable to get the security context
HI Denis, Which version of Apache Ignite are the changes you mention in the comment( security context always not null ) above available with ? In 2.7.6 I do get security context as null in authorize method. regards, Veena. -- Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/
Re: Unable to get the security context
Hi, Radha Jai! You should update your master branch AI. Today we don't have the SecurityContextHolder class, but we have a guaranty, that SecurityContext argument in the authorize method will not be null. Good luck! ср, 29 мая 2019 г. в 08:00, radha jai : > Hi, > I have implemented the grid security processor and setting the > securityconext holder in the authenticate function as below, > > public class MySecurityProcessor extends GridProcessorAdapter implements > DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin > { > > > public SecurityContext authenticate(AuthenticationContext > authenticationContext) throws IgniteCheckedException > { >SecuritySubject secureSecuritySubject = new SecuritySubject( > authenticationContext.subjectId(), > authenticationContext.subjectType(), > authenticationContext.credentials().getLogin(), > authenticationContext.address() > ); > SecurityContext securityContext = new > MySecurityContext(secureSecuritySubject, accessToken); > SecurityContextHolder.set(securityContext); > return securityContext; > } > public void authorize(String name, SecurityPermission perm, SecurityContext > securityCtx) throws SecurityException { > System.out.println( SecurityContextHolder.get()); > System.out.println( securityCtx ); > //do some authorization > . > } > > public boolean isGlobalNodeAuthentication() { > // TODO Auto-generated method stub > return false; > } > .. > } > In plugin provider i am creating the component : GridSecurityProcessor. > During Rest api call: > -> when rest call is made authorise function in the security processor is > getting called twice one by the GridRestProcessor and another > GridCacheProcessor, is it mandatory to call that twice? When authorise > function is called by the GridRestProcessor security context is available > but when the GridCacheProcessor is called security context is coming as > null always. Hence the security context is not available in the authorise > function. So i used the SecurityContextHolder.get() to get the security > context. > But for some of the commands SecurityContextHolder.get() is not working > like prepend and append. > > -> When cache create and cache destroy is made, authorise function is > receiving the name as NULL. Why is it so? Because based on the name i am > trying to validate wheather the user is allowed to perform this action > > During Sqlline access: > -> authorise function receive the security context as NULL always . So used > the SecurityContextHolder.get() , but still getting NULL. How do i get the > context? >-> While performing create table and drop table, the authorise function > is receiving the name as NULL. > > One last question: when the security context is null(during rest call or > sqlline access), can we use the local node context in the authorise > function? > > > Regards > Radha >
Re: Unable to get the security context
Hi radha! Regarding your question about SecurityContext as null, you should update your master branch. Today ср, 29 мая 2019 г. в 08:00, radha jai : > Hi, > I have implemented the grid security processor and setting the > securityconext holder in the authenticate function as below, > > public class MySecurityProcessor extends GridProcessorAdapter implements > DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin > { > > > public SecurityContext authenticate(AuthenticationContext > authenticationContext) throws IgniteCheckedException > { >SecuritySubject secureSecuritySubject = new SecuritySubject( > authenticationContext.subjectId(), > authenticationContext.subjectType(), > authenticationContext.credentials().getLogin(), > authenticationContext.address() > ); > SecurityContext securityContext = new > MySecurityContext(secureSecuritySubject, accessToken); > SecurityContextHolder.set(securityContext); > return securityContext; > } > public void authorize(String name, SecurityPermission perm, SecurityContext > securityCtx) throws SecurityException { > System.out.println( SecurityContextHolder.get()); > System.out.println( securityCtx ); > //do some authorization > . > } > > public boolean isGlobalNodeAuthentication() { > // TODO Auto-generated method stub > return false; > } > .. > } > In plugin provider i am creating the component : GridSecurityProcessor. > During Rest api call: > -> when rest call is made authorise function in the security processor is > getting called twice one by the GridRestProcessor and another > GridCacheProcessor, is it mandatory to call that twice? When authorise > function is called by the GridRestProcessor security context is available > but when the GridCacheProcessor is called security context is coming as > null always. Hence the security context is not available in the authorise > function. So i used the SecurityContextHolder.get() to get the security > context. > But for some of the commands SecurityContextHolder.get() is not working > like prepend and append. > > -> When cache create and cache destroy is made, authorise function is > receiving the name as NULL. Why is it so? Because based on the name i am > trying to validate wheather the user is allowed to perform this action > > During Sqlline access: > -> authorise function receive the security context as NULL always . So used > the SecurityContextHolder.get() , but still getting NULL. How do i get the > context? >-> While performing create table and drop table, the authorise function > is receiving the name as NULL. > > One last question: when the security context is null(during rest call or > sqlline access), can we use the local node context in the authorise > function? > > > Regards > Radha >
Unable to get the security context
Hi, I have implemented the grid security processor and setting the securityconext holder in the authenticate function as below, public class MySecurityProcessor extends GridProcessorAdapter implements DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin { public SecurityContext authenticate(AuthenticationContext authenticationContext) throws IgniteCheckedException { SecuritySubject secureSecuritySubject = new SecuritySubject( authenticationContext.subjectId(), authenticationContext.subjectType(), authenticationContext.credentials().getLogin(), authenticationContext.address() ); SecurityContext securityContext = new MySecurityContext(secureSecuritySubject, accessToken); SecurityContextHolder.set(securityContext); return securityContext; } public void authorize(String name, SecurityPermission perm, SecurityContext securityCtx) throws SecurityException { System.out.println( SecurityContextHolder.get()); System.out.println( securityCtx ); //do some authorization . } public boolean isGlobalNodeAuthentication() { // TODO Auto-generated method stub return false; } .. } In plugin provider i am creating the component : GridSecurityProcessor. During Rest api call: -> when rest call is made authorise function in the security processor is getting called twice one by the GridRestProcessor and another GridCacheProcessor, is it mandatory to call that twice? When authorise function is called by the GridRestProcessor security context is available but when the GridCacheProcessor is called security context is coming as null always. Hence the security context is not available in the authorise function. So i used the SecurityContextHolder.get() to get the security context. But for some of the commands SecurityContextHolder.get() is not working like prepend and append. -> When cache create and cache destroy is made, authorise function is receiving the name as NULL. Why is it so? Because based on the name i am trying to validate wheather the user is allowed to perform this action During Sqlline access: -> authorise function receive the security context as NULL always . So used the SecurityContextHolder.get() , but still getting NULL. How do i get the context? -> While performing create table and drop table, the authorise function is receiving the name as NULL. One last question: when the security context is null(during rest call or sqlline access), can we use the local node context in the authorise function? Regards Radha