Re: Implementing Security Plugin
You need to implement only GridSecurityProcessor and return implementation instance from PluginProvider#createComponent(). DiscoverySpiNodeAuthenticator is an internal interface and Ignite already has an implementation which delegates to GridSecurityProcessor#authenticateNode(). 2016-08-19 11:52 GMT+03:00 pragmaticbigdata: > On further troubleshooting, I came across the DiscoverySpiNodeAuthenticator > interface. It seems that the authenticateNode() method is getting called on > the server node whenever a node (client/server) joins the cluster. > 1. Is this (DiscoverySpiNodeAuthenticator) the only interface we need to > implement then to add a secured access support to our ignite deployment? > 2. None of the methods of the security context returned in the > DiscoverySpiNodeAuthenticator.authenticateNode() method are getting > called. > Where should add the code that validates the username/password? > > Kindly let me know your thoughts. Thanks > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Implementing-Security-Plugin-tp7162p7164.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. >
Re: Implementing Security Plugin
On further troubleshooting, I came across the DiscoverySpiNodeAuthenticator interface. It seems that the authenticateNode() method is getting called on the server node whenever a node (client/server) joins the cluster. 1. Is this (DiscoverySpiNodeAuthenticator) the only interface we need to implement then to add a secured access support to our ignite deployment? 2. None of the methods of the security context returned in the DiscoverySpiNodeAuthenticator.authenticateNode() method are getting called. Where should add the code that validates the username/password? Kindly let me know your thoughts. Thanks -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Implementing-Security-Plugin-tp7162p7164.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Implementing Security Plugin
Hi, The plugin activation mechanism changed since RC1 to Java Service Provider [1]. You need to add a META-INF/services/your.plugin.Provider entry to your plugin jar in order for plugin to be activated. The file name should be the fully-qualified name of your plugin provider and it should contain a single string with the same fully-qualified name of the provider. If you've done everything right, you should see your plugin in the list of configured plugins in the node startup log. I will add a corresponding entry to the documentation when I get a spare minute. Hope this helps, AG [1] https://docs.oracle.com/javase/tutorial/ext/basics/spi.html 2016-08-19 9:31 GMT+03:00 pragmaticbigdata: > I am using apache ignite version 1.6 and trying to implement a security > plugin by following the post > (http://smartkey.co.uk/development/securing-an-apache-ignite-cluster/). > Since the plugin API has changed after the blog post, I am unable to > activate the plugin and configure only an authenticated and authorized > client to join the cluster. > > I implemented the marker interfaces PluginConfiguration and IgnitePlugin > along with PluginProvider & GridSecurityProcessor. I have passed the > instance of PluginConfiguration to the IgniteConfiguration class through > cfg.setPluginConfigurations() method. Ignite doesn't seem to call any of > the > PluginProvider implementation methods. I also do get the below message > during start up (for both the server/client) > Security status [*authentication=off*, tls/ssl=off] > which indicates that the authentication is not activated. > > Can someone guide me on what could be missing? > > Thanks. > > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Implementing-Security-Plugin-tp7162.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. >