Re: Unable to get the security context
Hi! It will be available in 2.8. сб, 22 февр. 2020 г. в 15:53, VeenaMithare : > HI Denis, > > Which version of Apache Ignite are the changes you mention in the comment( > security context always not null ) above available with ? In 2.7.6 I do get > security context as null in authorize method. > > regards, > Veena. > > > > -- > Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/ >
Re: Unable to get the security context
HI Denis, Which version of Apache Ignite are the changes you mention in the comment( security context always not null ) above available with ? In 2.7.6 I do get security context as null in authorize method. regards, Veena. -- Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/
Re: Unable to get the security context
Hi, Radha Jai!
You should update your master branch AI.
Today we don't have the SecurityContextHolder class, but we have a
guaranty, that SecurityContext argument in the authorize method will not be
null.
Good luck!
ср, 29 мая 2019 г. в 08:00, radha jai :
> Hi,
> I have implemented the grid security processor and setting the
> securityconext holder in the authenticate function as below,
>
> public class MySecurityProcessor extends GridProcessorAdapter implements
> DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin
> {
>
>
> public SecurityContext authenticate(AuthenticationContext
> authenticationContext) throws IgniteCheckedException
> {
>SecuritySubject secureSecuritySubject = new SecuritySubject(
> authenticationContext.subjectId(),
> authenticationContext.subjectType(),
> authenticationContext.credentials().getLogin(),
> authenticationContext.address()
> );
> SecurityContext securityContext = new
> MySecurityContext(secureSecuritySubject, accessToken);
> SecurityContextHolder.set(securityContext);
> return securityContext;
> }
> public void authorize(String name, SecurityPermission perm, SecurityContext
> securityCtx) throws SecurityException {
> System.out.println( SecurityContextHolder.get());
> System.out.println( securityCtx );
> //do some authorization
> .
> }
>
> public boolean isGlobalNodeAuthentication() {
> // TODO Auto-generated method stub
> return false;
> }
> ..
> }
> In plugin provider i am creating the component : GridSecurityProcessor.
> During Rest api call:
> -> when rest call is made authorise function in the security processor is
> getting called twice one by the GridRestProcessor and another
> GridCacheProcessor, is it mandatory to call that twice? When authorise
> function is called by the GridRestProcessor security context is available
> but when the GridCacheProcessor is called security context is coming as
> null always. Hence the security context is not available in the authorise
> function. So i used the SecurityContextHolder.get() to get the security
> context.
> But for some of the commands SecurityContextHolder.get() is not working
> like prepend and append.
>
> -> When cache create and cache destroy is made, authorise function is
> receiving the name as NULL. Why is it so? Because based on the name i am
> trying to validate wheather the user is allowed to perform this action
>
> During Sqlline access:
> -> authorise function receive the security context as NULL always . So used
> the SecurityContextHolder.get() , but still getting NULL. How do i get the
> context?
>-> While performing create table and drop table, the authorise function
> is receiving the name as NULL.
>
> One last question: when the security context is null(during rest call or
> sqlline access), can we use the local node context in the authorise
> function?
>
>
> Regards
> Radha
>
Re: Unable to get the security context
Hi radha!
Regarding your question about SecurityContext as null, you should update
your master branch. Today
ср, 29 мая 2019 г. в 08:00, radha jai :
> Hi,
> I have implemented the grid security processor and setting the
> securityconext holder in the authenticate function as below,
>
> public class MySecurityProcessor extends GridProcessorAdapter implements
> DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin
> {
>
>
> public SecurityContext authenticate(AuthenticationContext
> authenticationContext) throws IgniteCheckedException
> {
>SecuritySubject secureSecuritySubject = new SecuritySubject(
> authenticationContext.subjectId(),
> authenticationContext.subjectType(),
> authenticationContext.credentials().getLogin(),
> authenticationContext.address()
> );
> SecurityContext securityContext = new
> MySecurityContext(secureSecuritySubject, accessToken);
> SecurityContextHolder.set(securityContext);
> return securityContext;
> }
> public void authorize(String name, SecurityPermission perm, SecurityContext
> securityCtx) throws SecurityException {
> System.out.println( SecurityContextHolder.get());
> System.out.println( securityCtx );
> //do some authorization
> .
> }
>
> public boolean isGlobalNodeAuthentication() {
> // TODO Auto-generated method stub
> return false;
> }
> ..
> }
> In plugin provider i am creating the component : GridSecurityProcessor.
> During Rest api call:
> -> when rest call is made authorise function in the security processor is
> getting called twice one by the GridRestProcessor and another
> GridCacheProcessor, is it mandatory to call that twice? When authorise
> function is called by the GridRestProcessor security context is available
> but when the GridCacheProcessor is called security context is coming as
> null always. Hence the security context is not available in the authorise
> function. So i used the SecurityContextHolder.get() to get the security
> context.
> But for some of the commands SecurityContextHolder.get() is not working
> like prepend and append.
>
> -> When cache create and cache destroy is made, authorise function is
> receiving the name as NULL. Why is it so? Because based on the name i am
> trying to validate wheather the user is allowed to perform this action
>
> During Sqlline access:
> -> authorise function receive the security context as NULL always . So used
> the SecurityContextHolder.get() , but still getting NULL. How do i get the
> context?
>-> While performing create table and drop table, the authorise function
> is receiving the name as NULL.
>
> One last question: when the security context is null(during rest call or
> sqlline access), can we use the local node context in the authorise
> function?
>
>
> Regards
> Radha
>
Unable to get the security context
Hi,
I have implemented the grid security processor and setting the
securityconext holder in the authenticate function as below,
public class MySecurityProcessor extends GridProcessorAdapter implements
DiscoverySpiNodeAuthenticator, GridSecurityProcessor, IgnitePlugin
{
public SecurityContext authenticate(AuthenticationContext
authenticationContext) throws IgniteCheckedException
{
SecuritySubject secureSecuritySubject = new SecuritySubject(
authenticationContext.subjectId(),
authenticationContext.subjectType(),
authenticationContext.credentials().getLogin(),
authenticationContext.address()
);
SecurityContext securityContext = new
MySecurityContext(secureSecuritySubject, accessToken);
SecurityContextHolder.set(securityContext);
return securityContext;
}
public void authorize(String name, SecurityPermission perm, SecurityContext
securityCtx) throws SecurityException {
System.out.println( SecurityContextHolder.get());
System.out.println( securityCtx );
//do some authorization
.
}
public boolean isGlobalNodeAuthentication() {
// TODO Auto-generated method stub
return false;
}
..
}
In plugin provider i am creating the component : GridSecurityProcessor.
During Rest api call:
-> when rest call is made authorise function in the security processor is
getting called twice one by the GridRestProcessor and another
GridCacheProcessor, is it mandatory to call that twice? When authorise
function is called by the GridRestProcessor security context is available
but when the GridCacheProcessor is called security context is coming as
null always. Hence the security context is not available in the authorise
function. So i used the SecurityContextHolder.get() to get the security
context.
But for some of the commands SecurityContextHolder.get() is not working
like prepend and append.
-> When cache create and cache destroy is made, authorise function is
receiving the name as NULL. Why is it so? Because based on the name i am
trying to validate wheather the user is allowed to perform this action
During Sqlline access:
-> authorise function receive the security context as NULL always . So used
the SecurityContextHolder.get() , but still getting NULL. How do i get the
context?
-> While performing create table and drop table, the authorise function
is receiving the name as NULL.
One last question: when the security context is null(during rest call or
sqlline access), can we use the local node context in the authorise
function?
Regards
Radha
