http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/Services.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/Services.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/Services.java index 1404b3b..2d6af1a 100644 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/Services.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/Services.java @@ -26,7 +26,12 @@ import org.apache.geode.distributed.internal.membership.MembershipManager; import org.apache.geode.distributed.internal.membership.NetView; import org.apache.geode.distributed.internal.membership.gms.auth.GMSAuthenticator; import org.apache.geode.distributed.internal.membership.gms.fd.GMSHealthMonitor; -import org.apache.geode.distributed.internal.membership.gms.interfaces.*; +import org.apache.geode.distributed.internal.membership.gms.interfaces.Authenticator; +import org.apache.geode.distributed.internal.membership.gms.interfaces.HealthMonitor; +import org.apache.geode.distributed.internal.membership.gms.interfaces.JoinLeave; +import org.apache.geode.distributed.internal.membership.gms.interfaces.Locator; +import org.apache.geode.distributed.internal.membership.gms.interfaces.Manager; +import org.apache.geode.distributed.internal.membership.gms.interfaces.Messenger; import org.apache.geode.distributed.internal.membership.gms.locator.GMSLocator; import org.apache.geode.distributed.internal.membership.gms.membership.GMSJoinLeave; import org.apache.geode.distributed.internal.membership.gms.messenger.JGroupsMessenger; @@ -35,6 +40,8 @@ import org.apache.geode.internal.admin.remote.RemoteTransportConfig; import org.apache.geode.internal.logging.InternalLogWriter; import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.LoggingThreadGroup; +import org.apache.geode.internal.security.SecurityService; +import org.apache.geode.internal.security.SecurityServiceFactory; import org.apache.geode.security.AuthenticationFailedException; import org.apache.logging.log4j.Logger; @@ -51,26 +58,27 @@ public class Services { private static InternalLogWriter staticLogWriter; private static InternalLogWriter staticSecurityLogWriter; - final private Manager manager; - final private JoinLeave joinLeave; - private Locator locator; - final private HealthMonitor healthMon; - final private Messenger messenger; - final private Authenticator auth; - final private ServiceConfig config; - final private DMStats stats; - final private Stopper cancelCriterion; + private final Manager manager; + private final JoinLeave joinLeave; + private final HealthMonitor healthMon; + private final Messenger messenger; + private final Authenticator auth; + private final ServiceConfig config; + private final DMStats stats; + private final Stopper cancelCriterion; + private final SecurityService securityService; + private volatile boolean stopping; private volatile boolean stopped; private volatile Exception shutdownCause; + private Locator locator; + private InternalLogWriter logWriter; private InternalLogWriter securityLogWriter; private final Timer timer = new Timer("Geode Membership Timer", true); - - /** * A common logger for membership classes */ @@ -96,7 +104,6 @@ public class Services { return this.stopped; } - /** * for testing only - create a non-functional Services object with a Stopper */ @@ -108,11 +115,12 @@ public class Services { this.joinLeave = null; this.healthMon = null; this.messenger = null; + this.securityService = SecurityServiceFactory.create(); this.auth = null; } public Services(DistributedMembershipListener listener, DistributionConfig config, - RemoteTransportConfig transport, DMStats stats) { + RemoteTransportConfig transport, DMStats stats, SecurityService securityService) { this.cancelCriterion = new Stopper(); this.stats = stats; this.config = new ServiceConfig(transport, config); @@ -120,15 +128,16 @@ public class Services { this.joinLeave = new GMSJoinLeave(); this.healthMon = new GMSHealthMonitor(); this.messenger = new JGroupsMessenger(); + this.securityService = securityService; this.auth = new GMSAuthenticator(); } protected void init() { // InternalDistributedSystem establishes this log writer at boot time // TODO fix this so that IDS doesn't know about Services - securityLogWriter = staticSecurityLogWriter; + this.securityLogWriter = staticSecurityLogWriter; staticSecurityLogWriter = null; - logWriter = staticLogWriter; + this.logWriter = staticLogWriter; staticLogWriter = null; this.auth.init(this); this.messenger.init(this); @@ -186,29 +195,29 @@ public class Services { } public void emergencyClose() { - if (stopping) { + if (this.stopping) { return; } - stopping = true; + this.stopping = true; logger.info("Stopping membership services"); - timer.cancel(); + this.timer.cancel(); try { - joinLeave.emergencyClose(); + this.joinLeave.emergencyClose(); } finally { try { - healthMon.emergencyClose(); + this.healthMon.emergencyClose(); } finally { try { - auth.emergencyClose(); + this.auth.emergencyClose(); } finally { try { - messenger.emergencyClose(); + this.messenger.emergencyClose(); } finally { try { - manager.emergencyClose(); + this.manager.emergencyClose(); } finally { - cancelCriterion.cancel("Membership services are shut down"); - stopped = true; + this.cancelCriterion.cancel("Membership services are shut down"); + this.stopped = true; } } } @@ -217,31 +226,31 @@ public class Services { } public void stop() { - if (stopping) { + if (this.stopping) { return; } logger.info("Stopping membership services"); - stopping = true; + this.stopping = true; try { - timer.cancel(); + this.timer.cancel(); } finally { try { - joinLeave.stop(); + this.joinLeave.stop(); } finally { try { - healthMon.stop(); + this.healthMon.stop(); } finally { try { - auth.stop(); + this.auth.stop(); } finally { try { - messenger.stop(); + this.messenger.stop(); } finally { try { - manager.stop(); + this.manager.stop(); } finally { - cancelCriterion.cancel("Membership services are shut down"); - stopped = true; + this.cancelCriterion.cancel("Membership services are shut down"); + this.stopped = true; } } } @@ -258,6 +267,10 @@ public class Services { staticSecurityLogWriter = securityWriter; } + public SecurityService getSecurityService() { + return this.securityService; + } + public InternalLogWriter getLogWriter() { return this.logWriter; } @@ -267,38 +280,38 @@ public class Services { } public Authenticator getAuthenticator() { - return auth; + return this.auth; } public void installView(NetView v) { try { - auth.installView(v); + this.auth.installView(v); } catch (AuthenticationFailedException e) { return; } - if (locator != null) { - locator.installView(v); + if (this.locator != null) { + this.locator.installView(v); } - healthMon.installView(v); - messenger.installView(v); - manager.installView(v); + this.healthMon.installView(v); + this.messenger.installView(v); + this.manager.installView(v); } public void memberSuspected(InternalDistributedMember initiator, InternalDistributedMember suspect, String reason) { try { - joinLeave.memberSuspected(initiator, suspect, reason); + this.joinLeave.memberSuspected(initiator, suspect, reason); } finally { try { - healthMon.memberSuspected(initiator, suspect, reason); + this.healthMon.memberSuspected(initiator, suspect, reason); } finally { try { - auth.memberSuspected(initiator, suspect, reason); + this.auth.memberSuspected(initiator, suspect, reason); } finally { try { - messenger.memberSuspected(initiator, suspect, reason); + this.messenger.memberSuspected(initiator, suspect, reason); } finally { - manager.memberSuspected(initiator, suspect, reason); + this.manager.memberSuspected(initiator, suspect, reason); } } } @@ -306,11 +319,11 @@ public class Services { } public Manager getManager() { - return manager; + return this.manager; } public Locator getLocator() { - return locator; + return this.locator; } public void setLocator(Locator locator) { @@ -318,11 +331,11 @@ public class Services { } public JoinLeave getJoinLeave() { - return joinLeave; + return this.joinLeave; } public HealthMonitor getHealthMonitor() { - return healthMon; + return this.healthMon; } public ServiceConfig getConfig() { @@ -346,11 +359,11 @@ public class Services { } public Exception getShutdownCause() { - return shutdownCause; + return this.shutdownCause; } public boolean isShutdownDueToForcedDisconnect() { - return shutdownCause instanceof ForcedDisconnectException; + return this.shutdownCause instanceof ForcedDisconnectException; } public boolean isAutoReconnectEnabled() { @@ -358,8 +371,8 @@ public class Services { } public byte[] getPublicKey(InternalDistributedMember mbr) { - if (locator != null) { - return ((GMSLocator) locator).getPublicKey(mbr); + if (this.locator != null) { + return ((GMSLocator) this.locator).getPublicKey(mbr); } return null; } @@ -375,7 +388,7 @@ public class Services { public String cancelInProgress() { if (Services.this.shutdownCause != null) return Services.this.shutdownCause.toString(); - return reasonForStopping; + return this.reasonForStopping; } @Override
http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java index ab0ca6b..f895b96 100755 --- a/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java +++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/membership/gms/auth/GMSAuthenticator.java @@ -14,14 +14,14 @@ */ package org.apache.geode.distributed.internal.membership.gms.auth; -import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.apache.geode.internal.i18n.LocalizedStrings.*; - -import java.security.Principal; -import java.util.Properties; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTH_INIT; +import static org.apache.geode.internal.i18n.LocalizedStrings.AUTH_PEER_AUTHENTICATION_FAILED; +import static org.apache.geode.internal.i18n.LocalizedStrings.AUTH_PEER_AUTHENTICATION_FAILED_WITH_EXCEPTION; +import static org.apache.geode.internal.i18n.LocalizedStrings.AUTH_PEER_AUTHENTICATION_MISSING_CREDENTIALS; +import static org.apache.geode.internal.i18n.LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT; import org.apache.commons.lang.StringUtils; - import org.apache.geode.LogWriter; import org.apache.geode.distributed.DistributedMember; import org.apache.geode.distributed.internal.membership.InternalDistributedMember; @@ -31,16 +31,18 @@ import org.apache.geode.distributed.internal.membership.gms.interfaces.Authentic import org.apache.geode.internal.cache.tier.sockets.HandShake; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.InternalLogWriter; -import org.apache.geode.internal.security.IntegratedSecurityService; +import org.apache.geode.internal.security.CallbackInstantiator; import org.apache.geode.internal.security.SecurityService; import org.apache.geode.security.AuthenticationFailedException; import org.apache.geode.security.GemFireSecurityException; +import java.security.Principal; +import java.util.Properties; + public class GMSAuthenticator implements Authenticator { private Services services; private Properties securityProps; - private SecurityService securityService = IntegratedSecurityService.getSecurityService(); @Override public void init(Services s) { @@ -98,11 +100,12 @@ public class GMSAuthenticator implements Authenticator { */ String authenticate(DistributedMember member, Properties credentials, Properties secProps) throws AuthenticationFailedException { + SecurityService securityService = this.services.getSecurityService(); + // For older systems, locator might be started without cache, so secureService may not be - // initialized here. We need to check - // if the passed in secProps has peer authenticator or not + // initialized here. We need to check if the passed in secProps has peer authenticator or not at + // this point String authMethod = secProps.getProperty(SECURITY_PEER_AUTHENTICATOR); - // at this point, if (!securityService.isPeerSecurityRequired() && StringUtils.isBlank(authMethod)) { return null; } @@ -116,9 +119,9 @@ public class GMSAuthenticator implements Authenticator { String failMsg = null; try { - if (this.securityService.isIntegratedSecurity()) { - this.securityService.login(credentials); - this.securityService.authorizeClusterManage(); + if (securityService.isIntegratedSecurity()) { + securityService.login(credentials); + securityService.authorizeClusterManage(); } else { invokeAuthenticator(secProps, member, credentials); } @@ -140,15 +143,15 @@ public class GMSAuthenticator implements Authenticator { String authMethod = securityProps.getProperty(SECURITY_PEER_AUTHENTICATOR); org.apache.geode.security.Authenticator auth = null; try { - auth = SecurityService.getObjectOfType(authMethod, + auth = CallbackInstantiator.getObjectOfType(authMethod, org.apache.geode.security.Authenticator.class); LogWriter logWriter = this.services.getLogWriter(); LogWriter securityLogWriter = this.services.getSecurityLogWriter(); - auth.init(this.securityProps, logWriter, securityLogWriter); // this.securityProps contains - // security-ldap-basedn but - // security-ldap-baseDomainName - // is expected + + // this.securityProps contains security-ldap-basedn but security-ldap-baseDomainName is + // expected + auth.init(this.securityProps, logWriter, securityLogWriter); return auth.authenticate(credentials, member); } catch (GemFireSecurityException gse) { http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/ClassLoadUtil.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/ClassLoadUtil.java b/geode-core/src/main/java/org/apache/geode/internal/ClassLoadUtil.java index 60d1d39..5dad332 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/ClassLoadUtil.java +++ b/geode-core/src/main/java/org/apache/geode/internal/ClassLoadUtil.java @@ -21,39 +21,20 @@ import java.util.Map; public class ClassLoadUtil { - static Map primTypes; - static Map wrapperTypes; + private static final Map<String, Class> PRIMITIVE_TYPES = primitiveTypes(); - static { - - if (primTypes == null) { - Map ptMap = new HashMap(); - ptMap.put(boolean.class.getName(), boolean.class); - ptMap.put(char.class.getName(), char.class); - ptMap.put(byte.class.getName(), byte.class); - ptMap.put(short.class.getName(), short.class); - ptMap.put(int.class.getName(), int.class); - ptMap.put(long.class.getName(), long.class); - ptMap.put(float.class.getName(), float.class); - ptMap.put(double.class.getName(), double.class); - ptMap.put(void.class.getName(), void.class); - // Do this at the end to support multiple threads without synchronizing - primTypes = ptMap; - } - - if (wrapperTypes == null) { - Map wtMap = new HashMap(); - wtMap.put(boolean.class.getName(), Boolean.class); - wtMap.put(char.class.getName(), Character.class); - wtMap.put(byte.class.getName(), Byte.class); - wtMap.put(short.class.getName(), Short.class); - wtMap.put(int.class.getName(), Integer.class); - wtMap.put(long.class.getName(), Long.class); - wtMap.put(float.class.getName(), Float.class); - wtMap.put(double.class.getName(), Double.class); - // Do this at the end to support multiple threads without synchronizing - wrapperTypes = wtMap; - } + private static Map primitiveTypes() { + Map<String, Class> ptMap = new HashMap<>(); + ptMap.put(boolean.class.getName(), boolean.class); + ptMap.put(char.class.getName(), char.class); + ptMap.put(byte.class.getName(), byte.class); + ptMap.put(short.class.getName(), short.class); + ptMap.put(int.class.getName(), int.class); + ptMap.put(long.class.getName(), long.class); + ptMap.put(float.class.getName(), float.class); + ptMap.put(double.class.getName(), double.class); + ptMap.put(void.class.getName(), void.class); + return ptMap; } /** @@ -68,9 +49,9 @@ public class ClassLoadUtil { } /** - * Resolve the method from the given qualified name. + * Resolve the method from the given qualified name. Only zero argument methods are supported. */ - public static Method methodFromName(String fullyQualifiedMethodName, Class[] parameterTypes) + public static Method methodFromName(String fullyQualifiedMethodName) throws ClassNotFoundException, NoSuchMethodException, SecurityException { int classIndex = fullyQualifiedMethodName.lastIndexOf('.'); if (classIndex <= 0) { @@ -82,34 +63,16 @@ public class ClassLoadUtil { throw new NoSuchMethodException(className + " cannot be one of the primitive types"); } String methodName = fullyQualifiedMethodName.substring(classIndex + 1); - Class result = ClassPathLoader.getLatest().forName(className); - return result.getMethod(methodName, parameterTypes); - } - - /** - * Resolve the method from the given qualified name. Only zero argument methods are supported. - */ - public static Method methodFromName(String fullyQualifiedMethodName) - throws ClassNotFoundException, NoSuchMethodException, SecurityException { - return methodFromName(fullyQualifiedMethodName, (Class[]) null); + Class<?> result = ClassPathLoader.getLatest().forName(className); + return result.getMethod(methodName); } /** * If the argument className is the name of a primitive type (including "void"), return the * primitive type class (ex, boolean.class). Otherwise, return null. */ - public static Class checkForPrimType(String className) { - - return (Class) primTypes.get(className); - } - - /** - * If the argument className is the name of a primitive type (not including "void"), return the - * wrapper class for that type (ex, Boolean.class). Otherwise, return null. - */ - public static Class checkForWrapperType(String className) { - - return (Class) wrapperTypes.get(className); + private static Class checkForPrimType(String className) { + return PRIMITIVE_TYPES.get(className); } } http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/AbstractLRURegionMap.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/AbstractLRURegionMap.java b/geode-core/src/main/java/org/apache/geode/internal/cache/AbstractLRURegionMap.java index 988be0a..9f02c58 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/AbstractLRURegionMap.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/AbstractLRURegionMap.java @@ -192,7 +192,6 @@ public abstract class AbstractLRURegionMap extends AbstractRegionMap { } } } - // TODO:KIRK:OK if (le.getValueInVM((RegionEntryContext) _getOwnerObject()) != cd) return false; boolean result = false; int delta = le.updateEntrySize(_getCCHelper(), new CDValueWrapper(v)); if (delta != 0) { http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/CacheServerImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/CacheServerImpl.java b/geode-core/src/main/java/org/apache/geode/internal/cache/CacheServerImpl.java index 670c697..7d4b6d4 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/CacheServerImpl.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/CacheServerImpl.java @@ -72,6 +72,7 @@ import org.apache.geode.internal.cache.tier.sockets.ClientProxyMembershipID; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.log4j.LocalizedMessage; +import org.apache.geode.internal.security.SecurityService; import org.apache.geode.management.membership.ClientMembership; import org.apache.geode.management.membership.ClientMembershipListener; @@ -88,6 +89,8 @@ public class CacheServerImpl extends AbstractCacheServer implements Distribution private static final int FORCE_LOAD_UPDATE_FREQUENCY = getInteger( DistributionConfig.GEMFIRE_PREFIX + "BridgeServer.FORCE_LOAD_UPDATE_FREQUENCY", 10); + private final SecurityService securityService; + /** The acceptor that does the actual serving */ private volatile AcceptorImpl acceptor; @@ -135,6 +138,7 @@ public class CacheServerImpl extends AbstractCacheServer implements Distribution public CacheServerImpl(InternalCache cache, boolean isGatewayReceiver) { super(cache); this.isGatewayReceiver = isGatewayReceiver; + this.securityService = cache.getSecurityService(); } // //////////////////// Instance Methods /////////////////// http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/DiskStoreImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/DiskStoreImpl.java b/geode-core/src/main/java/org/apache/geode/internal/cache/DiskStoreImpl.java index 67fcce8..5a121a8 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/DiskStoreImpl.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/DiskStoreImpl.java @@ -3913,7 +3913,6 @@ public class DiskStoreImpl implements DiskStore { public void writeBatch(Map<Object, RecoveredEntry> entries) throws IOException { for (Map.Entry<Object, RecoveredEntry> re : entries.entrySet()) { Object key = re.getKey(); - // TODO:KIRK:OK Rusty's code was value = de.getValueWithContext(drv); Object value = re.getValue().getValue(); writer.snapshotEntry(new SnapshotRecord(key, value)); } http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/GemFireCacheImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/GemFireCacheImpl.java b/geode-core/src/main/java/org/apache/geode/internal/cache/GemFireCacheImpl.java index 5e35224..40df0c7 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/GemFireCacheImpl.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/GemFireCacheImpl.java @@ -213,6 +213,7 @@ import org.apache.geode.internal.net.SocketCreator; import org.apache.geode.internal.offheap.MemoryAllocator; import org.apache.geode.internal.process.ClusterConfigurationNotAvailableException; import org.apache.geode.internal.security.SecurityService; +import org.apache.geode.internal.security.SecurityServiceFactory; import org.apache.geode.internal.sequencelog.SequenceLoggerImpl; import org.apache.geode.internal.tcp.ConnectionTable; import org.apache.geode.internal.util.concurrent.FutureResult; @@ -583,7 +584,7 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has private final Map<Class<? extends CacheService>, CacheService> services = new HashMap<>(); - private final SecurityService securityService = SecurityService.getSecurityService(); + private final SecurityService securityService; static { // this works around jdk bug 6427854, reported in ticket #44434 @@ -726,26 +727,26 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has return result; } - public static GemFireCacheImpl createClient(DistributedSystem system, PoolFactory pf, + public static GemFireCacheImpl createClient(InternalDistributedSystem system, PoolFactory pf, CacheConfig cacheConfig) { return basicCreate(system, true, cacheConfig, pf, true, ASYNC_EVENT_LISTENERS, null); } - public static GemFireCacheImpl create(DistributedSystem system, CacheConfig cacheConfig) { + public static GemFireCacheImpl create(InternalDistributedSystem system, CacheConfig cacheConfig) { return basicCreate(system, true, cacheConfig, null, false, ASYNC_EVENT_LISTENERS, null); } - static GemFireCacheImpl createWithAsyncEventListeners(DistributedSystem system, + static GemFireCacheImpl createWithAsyncEventListeners(InternalDistributedSystem system, CacheConfig cacheConfig, TypeRegistry typeRegistry) { return basicCreate(system, true, cacheConfig, null, false, true, typeRegistry); } - public static Cache create(DistributedSystem system, boolean existingOk, + public static Cache create(InternalDistributedSystem system, boolean existingOk, CacheConfig cacheConfig) { return basicCreate(system, existingOk, cacheConfig, null, false, ASYNC_EVENT_LISTENERS, null); } - private static GemFireCacheImpl basicCreate(DistributedSystem system, boolean existingOk, + private static GemFireCacheImpl basicCreate(InternalDistributedSystem system, boolean existingOk, CacheConfig cacheConfig, PoolFactory pf, boolean isClient, boolean asyncEventListeners, TypeRegistry typeRegistry) throws CacheExistsException, TimeoutException, CacheWriterException, GatewayException, RegionExistsException { @@ -793,7 +794,7 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has * * @param typeRegistry: currently only unit tests set this parameter to a non-null value */ - private GemFireCacheImpl(boolean isClient, PoolFactory pf, DistributedSystem system, + private GemFireCacheImpl(boolean isClient, PoolFactory pf, InternalDistributedSystem system, CacheConfig cacheConfig, boolean asyncEventListeners, TypeRegistry typeRegistry) { this.isClient = isClient; this.poolFactory = pf; @@ -807,8 +808,11 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has // start JTA transaction manager within this synchronized block // to prevent race with cache close. fixes bug 43987 JNDIInvoker.mapTransactions(system); - this.system = (InternalDistributedSystem) system; + this.system = system; this.dm = this.system.getDistributionManager(); + + this.securityService = this.system.getSecurityService(); + if (!this.isClient && PoolManager.getAll().isEmpty()) { // We only support management on members of a distributed system // Should do this: if (!getSystem().isLoner()) { @@ -928,6 +932,11 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has } @Override + public SecurityService getSecurityService() { + return this.securityService; + } + + @Override public boolean isRESTServiceRunning() { return this.isRESTServiceRunning; } @@ -1153,17 +1162,6 @@ public class GemFireCacheImpl implements InternalCache, InternalClientCache, Has ClusterConfigurationLoader.applyClusterPropertiesConfiguration(this, configurationResponse, this.system.getConfig()); - // first initialize the security service using the security properties - this.securityService.initSecurity(this.system.getConfig().getSecurityProps()); - // secondly if cacheConfig has a securityManager, use that instead - if (this.cacheConfig.getSecurityManager() != null) { - this.securityService.setSecurityManager(this.cacheConfig.getSecurityManager()); - } - // if cacheConfig has a postProcessor, use that instead - if (this.cacheConfig.getPostProcessor() != null) { - this.securityService.setPostProcessor(this.cacheConfig.getPostProcessor()); - } - SystemMemberCacheEventProcessor.send(this, Operation.CACHE_CREATE); this.resourceAdvisor.initializationGate(); http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/InternalCache.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/InternalCache.java b/geode-core/src/main/java/org/apache/geode/internal/cache/InternalCache.java index d9a34e1..4c229db 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/InternalCache.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/InternalCache.java @@ -60,6 +60,7 @@ import org.apache.geode.internal.cache.tier.sockets.CacheClientNotifier; import org.apache.geode.internal.cache.tier.sockets.ClientProxyMembershipID; import org.apache.geode.internal.logging.InternalLogWriter; import org.apache.geode.internal.offheap.MemoryAllocator; +import org.apache.geode.internal.security.SecurityService; import org.apache.geode.management.internal.JmxManagerAdvisor; import org.apache.geode.management.internal.RestAgent; import org.apache.geode.pdx.PdxInstanceFactory; @@ -309,4 +310,6 @@ public interface InternalCache extends Cache, Extensible<Cache>, CacheTime { PdxInstanceFactory createPdxInstanceFactory(String className, boolean expectDomainClass); void waitForRegisterInterestsInProgress(); + + SecurityService getSecurityService(); } http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/PartitionedRegionDataStore.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/PartitionedRegionDataStore.java b/geode-core/src/main/java/org/apache/geode/internal/cache/PartitionedRegionDataStore.java index 037bff6..7cef0a5 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/PartitionedRegionDataStore.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/PartitionedRegionDataStore.java @@ -1995,8 +1995,6 @@ public class PartitionedRegionDataStore implements HasCachePerfStats { throw new EntryNotFoundException( LocalizedStrings.PartitionedRegionDataStore_ENTRY_NOT_FOUND.toLocalizedString()); - // TODO:KIRK:OK } else if ((ent.isTombstone() && allowTombstones) || - // !Token.isRemoved(ent.getValueInVM(getPartitionedRegion()))) { } else if ((ent.isTombstone() && allowTombstones) || !ent.isDestroyedOrRemoved()) { res = new EntrySnapshot(ent, bucketRegion, partitionedRegion, allowTombstones); } http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/partitioned/FetchEntriesMessage.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/partitioned/FetchEntriesMessage.java b/geode-core/src/main/java/org/apache/geode/internal/cache/partitioned/FetchEntriesMessage.java index 489ffba..2a1c07a 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/partitioned/FetchEntriesMessage.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/partitioned/FetchEntriesMessage.java @@ -12,23 +12,8 @@ * or implied. See the License for the specific language governing permissions and limitations under * the License. */ - package org.apache.geode.internal.cache.partitioned; -import java.io.ByteArrayInputStream; -import java.io.DataInput; -import java.io.DataInputStream; -import java.io.DataOutput; -import java.io.IOException; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; -import java.util.Set; -import java.util.concurrent.ConcurrentHashMap; - -import org.apache.logging.log4j.Logger; - import org.apache.geode.CancelException; import org.apache.geode.DataSerializer; import org.apache.geode.cache.CacheException; @@ -64,6 +49,19 @@ import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.logging.log4j.LogMarker; import org.apache.geode.internal.offheap.OffHeapHelper; import org.apache.geode.internal.util.ObjectIntProcedure; +import org.apache.logging.log4j.Logger; + +import java.io.ByteArrayInputStream; +import java.io.DataInput; +import java.io.DataInputStream; +import java.io.DataOutput; +import java.io.IOException; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; public class FetchEntriesMessage extends PartitionMessage { private static final Logger logger = LogService.getLogger(); @@ -232,9 +230,6 @@ public class FetchEntriesMessage extends PartitionMessage { * @return true to continue to next chunk */ public boolean executeWith(Object a, int b) { - // if (this.last) - // throw new - // InternalGemFireError(LocalizedStrings.FetchEntriesMessage_ALREADY_PROCESSED_LAST_CHUNK.toLocalizedString()); HeapDataOutputStream chunk = (HeapDataOutputStream) a; this.last = b > 0; try { @@ -269,7 +264,6 @@ public class FetchEntriesMessage extends PartitionMessage { return (failures == null) || (failures.size() == 0); } - /** * Serialize the given map's entries into byte[] chunks, calling proc for each one. proc args: * the byte[] chunk and an int indicating whether it is the last chunk (positive means last @@ -301,7 +295,6 @@ public class FetchEntriesMessage extends PartitionMessage { LocalRegion.NonTXEntry entry = (LocalRegion.NonTXEntry) it.next(); RegionEntry re = entry.getRegionEntry(); synchronized (re) { - // TODO:KIRK:OK Object value = re.getValueInVM(map); Object value = re._getValueRetain(map, true); try { if (value == null) { @@ -350,7 +343,6 @@ public class FetchEntriesMessage extends PartitionMessage { return sentLastChunk; } - /** * Processes this message. This method is invoked by the receiver of the message. * @@ -377,7 +369,6 @@ public class FetchEntriesMessage extends PartitionMessage { dm.getStats().incReplyMessageTime(DistributionStats.getStatTime() - startTime); } - @Override public void toData(DataOutput out) throws IOException { super.toData(out); @@ -409,7 +400,7 @@ public class FetchEntriesMessage extends PartitionMessage { @Override public String toString() { - StringBuffer sb = new StringBuffer(); + StringBuilder sb = new StringBuilder(); sb.append("FetchEntriesReplyMessage ").append("processorid=").append(this.processorId) .append(",bucketId=").append(this.bucketId); if (getSender() != null) { @@ -472,18 +463,12 @@ public class FetchEntriesMessage extends PartitionMessage { @Override public String toString() { - // int sz; - // synchronized(this) { - // sz = this.size(); - // } return "Bucket id = " + bucketId + " from member = " + recipient + ": " + super.toString(); } }; } - - @Override public void process(DistributionMessage msg) { // If the reply is a region version vector, store it in our RVV field. @@ -503,8 +488,6 @@ public class FetchEntriesMessage extends PartitionMessage { super.process(msg); } - - void processChunk(FetchEntriesReplyMessage msg) { // this processing algorighm won't work well if there are multiple recipients. currently the // retry logic for failed recipients is in PartitionedRegion. If we parallelize the sending http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/Command.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/Command.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/Command.java index d7f7c7b..110d6ef 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/Command.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/Command.java @@ -16,9 +16,11 @@ package org.apache.geode.internal.cache.tier; import org.apache.geode.internal.cache.tier.sockets.Message; import org.apache.geode.internal.cache.tier.sockets.ServerConnection; +import org.apache.geode.internal.security.SecurityService; public interface Command { - void execute(Message message, ServerConnection serverConnection); + void execute(Message clientMessage, ServerConnection serverConnection, + SecurityService securityService); int RESPONDED = 1; http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java index 9658f98..2a8818c 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/AcceptorImpl.java @@ -15,7 +15,42 @@ package org.apache.geode.internal.cache.tier.sockets; -import static org.apache.geode.distributed.ConfigurationProperties.*; +import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_ACCESSOR_PP; + +import org.apache.geode.CancelException; +import org.apache.geode.SystemFailure; +import org.apache.geode.ToDataException; +import org.apache.geode.cache.Cache; +import org.apache.geode.cache.RegionDestroyedException; +import org.apache.geode.cache.client.internal.PoolImpl; +import org.apache.geode.cache.server.CacheServer; +import org.apache.geode.cache.wan.GatewayTransportFilter; +import org.apache.geode.distributed.internal.DM; +import org.apache.geode.distributed.internal.DistributionConfig; +import org.apache.geode.distributed.internal.InternalDistributedSystem; +import org.apache.geode.distributed.internal.LonerDistributionManager; +import org.apache.geode.distributed.internal.PooledExecutorWithDMStats; +import org.apache.geode.distributed.internal.ReplyProcessor21; +import org.apache.geode.internal.SystemTimer; +import org.apache.geode.internal.cache.BucketAdvisor; +import org.apache.geode.internal.cache.BucketAdvisor.BucketProfile; +import org.apache.geode.internal.cache.InternalCache; +import org.apache.geode.internal.cache.PartitionedRegion; +import org.apache.geode.internal.cache.partitioned.AllBucketProfilesUpdateMessage; +import org.apache.geode.internal.cache.tier.Acceptor; +import org.apache.geode.internal.cache.tier.CachedRegionHelper; +import org.apache.geode.internal.cache.wan.GatewayReceiverStats; +import org.apache.geode.internal.i18n.LocalizedStrings; +import org.apache.geode.internal.logging.LogService; +import org.apache.geode.internal.logging.LoggingThreadGroup; +import org.apache.geode.internal.logging.log4j.LocalizedMessage; +import org.apache.geode.internal.net.SocketCreator; +import org.apache.geode.internal.net.SocketCreatorFactory; +import org.apache.geode.internal.security.SecurableCommunicationChannel; +import org.apache.geode.internal.security.SecurityService; +import org.apache.geode.internal.tcp.ConnectionTable; +import org.apache.geode.internal.util.ArrayUtils; +import org.apache.logging.log4j.Logger; import java.io.EOFException; import java.io.IOException; @@ -54,46 +89,8 @@ import java.util.concurrent.ThreadFactory; import java.util.concurrent.ThreadPoolExecutor; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicInteger; - import javax.net.ssl.SSLException; -import org.apache.logging.log4j.Logger; - -import org.apache.geode.CancelException; -import org.apache.geode.SystemFailure; -import org.apache.geode.ToDataException; -import org.apache.geode.cache.Cache; -import org.apache.geode.cache.RegionDestroyedException; -import org.apache.geode.cache.client.internal.PoolImpl; -import org.apache.geode.cache.server.CacheServer; -import org.apache.geode.cache.wan.GatewayTransportFilter; -import org.apache.geode.distributed.internal.DM; -import org.apache.geode.distributed.internal.DistributionConfig; -import org.apache.geode.distributed.internal.InternalDistributedSystem; -import org.apache.geode.distributed.internal.LonerDistributionManager; -import org.apache.geode.distributed.internal.PooledExecutorWithDMStats; -import org.apache.geode.distributed.internal.ReplyProcessor21; -import org.apache.geode.internal.SystemTimer; -import org.apache.geode.internal.cache.BucketAdvisor; -import org.apache.geode.internal.cache.BucketAdvisor.BucketProfile; -import org.apache.geode.internal.cache.InternalCache; -import org.apache.geode.internal.cache.PartitionedRegion; -import org.apache.geode.internal.cache.partitioned.AllBucketProfilesUpdateMessage; -import org.apache.geode.internal.cache.tier.Acceptor; -import org.apache.geode.internal.cache.tier.CachedRegionHelper; -import org.apache.geode.internal.cache.wan.GatewayReceiverStats; -import org.apache.geode.internal.i18n.LocalizedStrings; -import org.apache.geode.internal.logging.LogService; -import org.apache.geode.internal.logging.LoggingThreadGroup; -import org.apache.geode.internal.logging.log4j.LocalizedMessage; -import org.apache.geode.internal.net.SocketCreator; -import org.apache.geode.internal.net.SocketCreatorFactory; -import org.apache.geode.internal.security.IntegratedSecurityService; -import org.apache.geode.internal.security.SecurableCommunicationChannel; -import org.apache.geode.internal.security.SecurityService; -import org.apache.geode.internal.tcp.ConnectionTable; -import org.apache.geode.internal.util.ArrayUtils; - /** * Implements the acceptor thread on the bridge server. Accepts connections from the edge and starts * up threads to process requests from these. @@ -272,7 +269,7 @@ public class AcceptorImpl extends Acceptor implements Runnable { private List<GatewayTransportFilter> gatewayTransportFilters; private final SocketCreator socketCreator; - private SecurityService securityService = IntegratedSecurityService.getSecurityService(); + private final SecurityService securityService; /** * Initializes this acceptor thread to listen for connections on the given port. @@ -297,6 +294,7 @@ public class AcceptorImpl extends Acceptor implements Runnable { int maxConnections, int maxThreads, int maximumMessageCount, int messageTimeToLive, ConnectionListener listener, List overflowAttributesList, boolean isGatewayReceiver, List<GatewayTransportFilter> transportFilter, boolean tcpNoDelay) throws IOException { + this.securityService = internalCache.getSecurityService(); this.bindHostName = calcBindHostName(internalCache, bindHostName); this.connectionListener = listener == null ? new ConnectionListenerAdapter() : listener; this.notifyBySubscription = notifyBySubscription; @@ -1470,7 +1468,7 @@ public class AcceptorImpl extends Acceptor implements Runnable { } ServerConnection serverConn = new ServerConnection(s, this.cache, this.crHelper, this.stats, AcceptorImpl.handShakeTimeout, this.socketBufferSize, communicationModeStr, - communicationMode, this); + communicationMode, this, this.securityService); synchronized (this.allSCsLock) { this.allSCs.add(serverConn); ServerConnection snap[] = this.allSCList; // avoid volatile read http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommand.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommand.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommand.java index 1fb8c8c..cc78cca 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommand.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommand.java @@ -14,25 +14,6 @@ */ package org.apache.geode.internal.cache.tier.sockets; -import java.io.EOFException; -import java.io.IOException; -import java.io.InterruptedIOException; -import java.io.PrintWriter; -import java.io.StringWriter; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Set; -import java.util.concurrent.Semaphore; -import java.util.regex.Pattern; - -import edu.umd.cs.findbugs.annotations.SuppressWarnings; -import org.apache.logging.log4j.Logger; - import org.apache.geode.CopyException; import org.apache.geode.InternalGemFireError; import org.apache.geode.SerializationException; @@ -77,10 +58,27 @@ import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.offheap.OffHeapHelper; -import org.apache.geode.internal.security.IntegratedSecurityService; import org.apache.geode.internal.security.SecurityService; import org.apache.geode.internal.sequencelog.EntryLogger; import org.apache.geode.security.GemFireSecurityException; +import org.apache.logging.log4j.Logger; + +import java.io.EOFException; +import java.io.IOException; +import java.io.InterruptedIOException; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; +import java.util.concurrent.Semaphore; +import java.util.regex.Pattern; +import edu.umd.cs.findbugs.annotations.SuppressWarnings; public abstract class BaseCommand implements Command { protected static final Logger logger = LogService.getLogger(); @@ -115,8 +113,6 @@ public abstract class BaseCommand implements Command { private static final Semaphore INCOMING_MSG_LIMITER; - protected SecurityService securityService = IntegratedSecurityService.getSecurityService(); - static { Semaphore semaphore; if (MAX_INCOMING_DATA > 0) { @@ -140,7 +136,8 @@ public abstract class BaseCommand implements Command { } @Override - public void execute(Message clientMessage, ServerConnection serverConnection) { + public void execute(Message clientMessage, ServerConnection serverConnection, + SecurityService securityService) { // Read the request and update the statistics long start = DistributionStats.getStatTime(); if (EntryLogger.isEnabled() && serverConnection != null) { @@ -156,13 +153,13 @@ public abstract class BaseCommand implements Command { TXStateProxy tx = null; try { tx = txMgr.masqueradeAs(clientMessage, member, false); - cmdExecute(clientMessage, serverConnection, start); + cmdExecute(clientMessage, serverConnection, securityService, start); tx.updateProxyServer(txMgr.getMemberId()); } finally { txMgr.unmasquerade(tx); } } else { - cmdExecute(clientMessage, serverConnection, start); + cmdExecute(clientMessage, serverConnection, securityService, start); } } catch (TransactionException | CopyException | SerializationException | CacheWriterException @@ -265,8 +262,9 @@ public abstract class BaseCommand implements Command { return tag; } - public abstract void cmdExecute(Message clientMessage, ServerConnection serverConnection, - long start) throws IOException, ClassNotFoundException, InterruptedException; + public abstract void cmdExecute(final Message clientMessage, + final ServerConnection serverConnection, final SecurityService securityService, + final long start) throws IOException, ClassNotFoundException, InterruptedException; protected void writeReply(Message origMsg, ServerConnection serverConnection) throws IOException { Message replyMsg = serverConnection.getReplyMessage(); http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommandQuery.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommandQuery.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommandQuery.java index adf702a..184aa36 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommandQuery.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/BaseCommandQuery.java @@ -14,12 +14,6 @@ */ package org.apache.geode.internal.cache.tier.sockets; -import java.io.IOException; -import java.util.Collection; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - import org.apache.geode.cache.RegionDestroyedException; import org.apache.geode.cache.operations.QueryOperationContext; import org.apache.geode.cache.query.Query; @@ -42,48 +36,38 @@ import org.apache.geode.internal.cache.tier.MessageType; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.security.AuthorizeRequestPP; +import org.apache.geode.internal.security.SecurityService; + +import java.io.IOException; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; +import java.util.Set; public abstract class BaseCommandQuery extends BaseCommand { /** * Process the give query and sends the resulset back to the client. * - * @param msg - * @param query - * @param queryString - * @param regionNames - * @param start - * @param cqQuery - * @param queryContext - * @param servConn * @return true if successful execution false in case of failure. - * @throws IOException */ protected boolean processQuery(Message msg, Query query, String queryString, Set regionNames, long start, ServerCQ cqQuery, QueryOperationContext queryContext, ServerConnection servConn, - boolean sendResults) throws IOException, InterruptedException { + boolean sendResults, final SecurityService securityService) + throws IOException, InterruptedException { return processQueryUsingParams(msg, query, queryString, regionNames, start, cqQuery, - queryContext, servConn, sendResults, null); + queryContext, servConn, sendResults, null, securityService); } /** * Process the give query and sends the resulset back to the client. * - * @param msg - * @param query - * @param queryString - * @param regionNames - * @param start - * @param cqQuery - * @param queryContext - * @param servConn * @return true if successful execution false in case of failure. - * @throws IOException */ protected boolean processQueryUsingParams(Message msg, Query query, String queryString, Set regionNames, long start, ServerCQ cqQuery, QueryOperationContext queryContext, - ServerConnection servConn, boolean sendResults, Object[] params) - throws IOException, InterruptedException { + ServerConnection servConn, boolean sendResults, Object[] params, + final SecurityService securityService) throws IOException, InterruptedException { ChunkedMessage queryResponseMsg = servConn.getQueryResponseMessage(); CacheServerStats stats = servConn.getCacheServerStats(); CachedRegionHelper crHelper = servConn.getCachedRegionHelper(); @@ -103,7 +87,7 @@ public abstract class BaseCommandQuery extends BaseCommand { try { // integrated security for (Object regionName : regionNames) { - this.securityService.authorizeRegionRead(regionName.toString()); + securityService.authorizeRegionRead(regionName.toString()); } // Execute query @@ -226,7 +210,8 @@ public abstract class BaseCommandQuery extends BaseCommand { // send it as a part of ObjectPartList if (hasSerializedObjects) { sendResultsAsObjectPartList(numberOfChunks, servConn, selectResults.asList(), isStructs, - collectionType, queryString, cqQuery, sendCqResultsWithKey, sendResults); + collectionType, queryString, cqQuery, sendCqResultsWithKey, sendResults, + securityService); } else { sendResultsAsObjectArray(selectResults, numberOfChunks, servConn, isStructs, collectionType, queryString, cqQuery, sendCqResultsWithKey, sendResults); @@ -456,7 +441,8 @@ public abstract class BaseCommandQuery extends BaseCommand { private void sendResultsAsObjectPartList(int numberOfChunks, ServerConnection servConn, List objs, boolean isStructs, CollectionType collectionType, String queryString, ServerCQ cqQuery, - boolean sendCqResultsWithKey, boolean sendResults) throws IOException { + boolean sendCqResultsWithKey, boolean sendResults, final SecurityService securityService) + throws IOException { int resultIndex = 0; Object result = null; for (int j = 0; j < numberOfChunks; j++) { @@ -499,7 +485,8 @@ public abstract class BaseCommandQuery extends BaseCommand { result = objs.get(resultIndex); } if (sendResults) { - addToObjectPartList(serializedObjs, result, collectionType, false, servConn, isStructs); + addToObjectPartList(serializedObjs, result, collectionType, false, servConn, isStructs, + securityService); } resultIndex++; } @@ -518,13 +505,13 @@ public abstract class BaseCommandQuery extends BaseCommand { private void addToObjectPartList(ObjectPartList serializedObjs, Object res, CollectionType collectionType, boolean lastChunk, ServerConnection servConn, - boolean isStructs) throws IOException { + boolean isStructs, final SecurityService securityService) throws IOException { if (isStructs && (res instanceof Struct)) { Object[] values = ((Struct) res).getFieldValues(); // create another ObjectPartList for the struct ObjectPartList serializedValueObjs = new ObjectPartList(values.length, false); for (Object value : values) { - addObjectToPartList(serializedValueObjs, null, value); + addObjectToPartList(serializedValueObjs, null, value, securityService); } serializedObjs.addPart(null, serializedValueObjs, ObjectPartList.OBJECT, null); } else if (res instanceof Object[]) {// for CQ key-value pairs @@ -534,15 +521,16 @@ public abstract class BaseCommandQuery extends BaseCommand { for (int i = 0; i < values.length; i += 2) { Object key = values[i]; Object value = values[i + 1]; - addObjectToPartList(serializedValueObjs, key, value); + addObjectToPartList(serializedValueObjs, key, value, securityService); } serializedObjs.addPart(null, serializedValueObjs, ObjectPartList.OBJECT, null); } else { // for deserialized objects - addObjectToPartList(serializedObjs, null, res); + addObjectToPartList(serializedObjs, null, res, securityService); } } - private void addObjectToPartList(ObjectPartList objPartList, Object key, Object value) { + private void addObjectToPartList(ObjectPartList objPartList, Object key, Object value, + final SecurityService securityService) { Object object = value; boolean isObject = true; if (value instanceof CachedDeserializable) { @@ -551,7 +539,7 @@ public abstract class BaseCommandQuery extends BaseCommand { isObject = false; } - object = this.securityService.postProcess(null, key, object, isObject); + object = securityService.postProcess(null, key, object, isObject); if (key != null) { objPartList.addPart(null, key, ObjectPartList.OBJECT, null); } http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientNotifier.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientNotifier.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientNotifier.java index fd5154f..e2612fc 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientNotifier.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientNotifier.java @@ -17,9 +17,7 @@ package org.apache.geode.internal.cache.tier.sockets; import static org.apache.geode.distributed.ConfigurationProperties.*; import java.io.BufferedOutputStream; -import java.io.DataInput; import java.io.DataInputStream; -import java.io.DataOutput; import java.io.DataOutputStream; import java.io.IOException; import java.lang.reflect.Method; @@ -70,12 +68,7 @@ import org.apache.geode.distributed.DistributedMember; import org.apache.geode.distributed.DistributedSystem; import org.apache.geode.distributed.internal.DM; import org.apache.geode.distributed.internal.DistributionConfig; -import org.apache.geode.distributed.internal.DistributionManager; -import org.apache.geode.distributed.internal.HighPriorityDistributionMessage; import org.apache.geode.distributed.internal.InternalDistributedSystem; -import org.apache.geode.distributed.internal.MessageWithReply; -import org.apache.geode.distributed.internal.ReplyMessage; -import org.apache.geode.distributed.internal.ReplyProcessor21; import org.apache.geode.internal.ClassLoadUtil; import org.apache.geode.internal.cache.InternalCache; import org.apache.geode.internal.statistics.DummyStatisticsFactory; @@ -337,14 +330,16 @@ public class CacheClientNotifier { proxy = registerClient(socket, proxyID, proxy, isPrimary, clientConflation, clientVersion, acceptorId, notifyBySubscription); - Properties credentials = HandShake.readCredentials(dis, dos, system); + Properties credentials = + HandShake.readCredentials(dis, dos, system, this.cache.getSecurityService()); if (credentials != null && proxy != null) { if (securityLogWriter.fineEnabled()) { securityLogWriter .fine("CacheClientNotifier: verifying credentials for proxyID: " + proxyID); } - Object subject = HandShake.verifyCredentials(authenticator, credentials, - system.getSecurityProperties(), this.logWriter, this.securityLogWriter, member); + Object subject = + HandShake.verifyCredentials(authenticator, credentials, system.getSecurityProperties(), + this.logWriter, this.securityLogWriter, member, this.cache.getSecurityService()); if (subject instanceof Principal) { Principal principal = (Principal) subject; if (securityLogWriter.fineEnabled()) { @@ -460,7 +455,7 @@ public class CacheClientNotifier { proxyId.getDurableId()); } l_proxy = new CacheClientProxy(this, socket, proxyId, isPrimary, clientConflation, - clientVersion, acceptorId, notifyBySubscription); + clientVersion, acceptorId, notifyBySubscription, this.cache.getSecurityService()); successful = this.initializeProxy(l_proxy); } else { if (proxy.isPrimary()) { @@ -538,7 +533,7 @@ public class CacheClientNotifier { if (toCreateNewProxy) { // Create the new proxy for this non-durable client l_proxy = new CacheClientProxy(this, socket, proxyId, isPrimary, clientConflation, - clientVersion, acceptorId, notifyBySubscription); + clientVersion, acceptorId, notifyBySubscription, this.cache.getSecurityService()); successful = this.initializeProxy(l_proxy); } } @@ -963,8 +958,8 @@ public class CacheClientNotifier { private void singletonRouteClientMessage(Conflatable conflatable, Collection<ClientProxyMembershipID> filterClients) { - this._cache.getCancelCriterion().checkCancelInProgress(null); // bug #43942 - client notified - // but no p2p distribution + this.cache.getCancelCriterion().checkCancelInProgress(null); // bug #43942 - client notified + // but no p2p distribution List<CacheClientProxy> deadProxies = null; for (ClientProxyMembershipID clientId : filterClients) { @@ -1845,15 +1840,15 @@ public class CacheClientNotifier { * @return this <code>CacheClientNotifier</code>'s <code>InternalCache</code> */ protected InternalCache getCache() { // TODO:SYNC: looks wrong - if (this._cache != null && this._cache.isClosed()) { + if (this.cache != null && this.cache.isClosed()) { InternalCache cache = GemFireCacheImpl.getInstance(); if (cache != null) { - this._cache = cache; + this.cache = cache; this.logWriter = cache.getInternalLogWriter(); this.securityLogWriter = cache.getSecurityInternalLogWriter(); } } - return this._cache; + return this.cache; } /** @@ -2016,7 +2011,7 @@ public class CacheClientNotifier { if (!isCompiledQueryCleanupThreadStarted) { long period = DefaultQuery.TEST_COMPILED_QUERY_CLEAR_TIME > 0 ? DefaultQuery.TEST_COMPILED_QUERY_CLEAR_TIME : DefaultQuery.COMPILED_QUERY_CLEAR_TIME; - _cache.getCCPTimer().scheduleAtFixedRate(task, period, period); + cache.getCCPTimer().scheduleAtFixedRate(task, period, period); } isCompiledQueryCleanupThreadStarted = true; } @@ -2063,7 +2058,7 @@ public class CacheClientNotifier { if (logger.isDebugEnabled()) { logger.debug("Scheduling client ping task with period={} ms", CLIENT_PING_TASK_PERIOD); } - CacheClientNotifier.this._cache.getCCPTimer().scheduleAtFixedRate(this.clientPingTask, + CacheClientNotifier.this.cache.getCCPTimer().scheduleAtFixedRate(this.clientPingTask, CLIENT_PING_TASK_PERIOD, CLIENT_PING_TASK_PERIOD); } @@ -2098,10 +2093,10 @@ public class CacheClientNotifier { /** * The GemFire <code>InternalCache</code>. Note that since this is a singleton class you should - * not use a direct reference to _cache in CacheClientNotifier code. Instead, you should always - * use <code>getCache()</code> + * not use a direct reference to cache in CacheClientNotifier code. Instead, you should always use + * <code>getCache()</code> */ - private InternalCache _cache; + private InternalCache cache; private InternalLogWriter logWriter; @@ -2216,8 +2211,8 @@ public class CacheClientNotifier { // lazily initialize haContainer in case this CCN instance was created by a gateway receiver if (overflowAttributesList != null && !HARegionQueue.HA_EVICTION_POLICY_NONE.equals(overflowAttributesList.get(0))) { - haContainer = new HAContainerRegion(_cache.getRegion(Region.SEPARATOR - + CacheServerImpl.clientMessagesRegion(_cache, (String) overflowAttributesList.get(0), + haContainer = new HAContainerRegion(cache.getRegion(Region.SEPARATOR + + CacheServerImpl.clientMessagesRegion(cache, (String) overflowAttributesList.get(0), ((Integer) overflowAttributesList.get(1)).intValue(), ((Integer) overflowAttributesList.get(2)).intValue(), (String) overflowAttributesList.get(3), (Boolean) overflowAttributesList.get(4)))); @@ -2246,10 +2241,10 @@ public class CacheClientNotifier { } /** - * @param _cache the _cache to set + * @param _cache the cache to set */ private void setCache(InternalCache _cache) { - this._cache = _cache; + this.cache = _cache; } private class ExpireBlackListTask extends PoolTask { http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java index 8450db9..d7e3548 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java @@ -327,7 +327,7 @@ public class CacheClientProxy implements ClientSession { private int numDrainsInProgress = 0; private final Object drainsInProgressLock = new Object(); - private SecurityService securityService = SecurityService.getSecurityService(); + private final SecurityService securityService; /** * Constructor. @@ -340,10 +340,13 @@ public class CacheClientProxy implements ClientSession { */ protected CacheClientProxy(CacheClientNotifier ccn, Socket socket, ClientProxyMembershipID proxyID, boolean isPrimary, byte clientConflation, - Version clientVersion, long acceptorId, boolean notifyBySubscription) throws CacheException { + Version clientVersion, long acceptorId, boolean notifyBySubscription, + SecurityService securityService) throws CacheException { + initializeTransientFields(socket, proxyID, isPrimary, clientConflation, clientVersion); this._cacheClientNotifier = ccn; this._cache = ccn.getCache(); + this.securityService = securityService; this._maximumMessageCount = ccn.getMaximumMessageCount(); this._messageTimeToLive = ccn.getMessageTimeToLive(); this._acceptorId = acceptorId; http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/HandShake.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/HandShake.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/HandShake.java index 388f838..32735b9 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/HandShake.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/HandShake.java @@ -48,8 +48,10 @@ import org.apache.geode.internal.cache.tier.ConnectionProxy; import org.apache.geode.internal.i18n.LocalizedStrings; import org.apache.geode.internal.logging.InternalLogWriter; import org.apache.geode.internal.logging.LogService; -import org.apache.geode.internal.security.IntegratedSecurityService; +import org.apache.geode.internal.security.CallbackInstantiator; +import org.apache.geode.internal.security.Credentials; import org.apache.geode.internal.security.SecurityService; +import org.apache.geode.internal.security.SecurityServiceFactory; import org.apache.geode.pdx.internal.PeerTypeRegistration; import org.apache.geode.security.AuthInitialize; import org.apache.geode.security.AuthenticationFailedException; @@ -120,7 +122,7 @@ public class HandShake implements ClientHandShake { public static final byte REPLY_SERVER_IS_LOCATOR = (byte) 67; - private static SecurityService securityService = IntegratedSecurityService.getSecurityService(); + private final SecurityService securityService; private byte code; private int clientReadTimeout = PoolFactory.DEFAULT_READ_TIMEOUT; @@ -248,19 +250,21 @@ public class HandShake implements ClientHandShake { protected HandShake() { system = null; id = null; + this.securityService = SecurityServiceFactory.create(); } /** * HandShake Constructor used by server side connection */ public HandShake(Socket sock, int timeout, DistributedSystem sys, Version clientVersion, - byte communicationMode) throws IOException, AuthenticationRequiredException { + byte communicationMode, SecurityService securityService) + throws IOException, AuthenticationRequiredException { + this.clientVersion = clientVersion; this.system = sys; - // SocketChannel sc = sock.getChannel(); - /* - * if (sc != null) { } else - */ { + this.securityService = securityService; + + { int soTimeout = -1; try { soTimeout = sock.getSoTimeout(); @@ -298,7 +302,7 @@ public class HandShake implements ClientHandShake { // Hitesh if (this.clientVersion.compareTo(Version.GFE_65) < 0 || communicationMode == Acceptor.GATEWAY_TO_GATEWAY) { - this.credentials = readCredentials(dis, dos, sys); + this.credentials = readCredentials(dis, dos, sys, this.securityService); } else { this.credentials = this.readCredential(dis, dos, sys); } @@ -335,6 +339,7 @@ public class HandShake implements ClientHandShake { this.system = sys; setOverrides(); this.credentials = null; + this.securityService = SecurityServiceFactory.create(); } public void updateProxyID(InternalDistributedMember idm) { @@ -358,6 +363,7 @@ public class HandShake implements ClientHandShake { this.overrides = handShake.overrides; this.system = handShake.system; this.id = handShake.id; + this.securityService = handShake.securityService; // create new one this._decrypt = null; this._encrypt = null; @@ -1085,7 +1091,8 @@ public class HandShake implements ClientHandShake { // Initialize the keys when either the host is a client that has // non-blank setting for DH symmetric algo, or this is a server // that has authenticator defined. - if ((dhSKAlgo != null && dhSKAlgo.length() > 0) || securityService.isClientSecurityRequired()) { + if ((dhSKAlgo != null + && dhSKAlgo.length() > 0) /* || securityService.isClientSecurityRequired() */) { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); DHParameterSpec dhSpec = new DHParameterSpec(dhP, dhG, dhL); keyGen.initialize(dhSpec); @@ -1503,12 +1510,13 @@ public class HandShake implements ClientHandShake { Properties credentials = null; // if no authInit, Try to extract the credentials directly from securityProps if (StringUtils.isBlank(authInitMethod)) { - return SecurityService.getCredentials(securityProperties); + return Credentials.getCredentials(securityProperties); } // if authInit exists try { - AuthInitialize auth = SecurityService.getObjectOfType(authInitMethod, AuthInitialize.class); + AuthInitialize auth = + CallbackInstantiator.getObjectOfType(authInitMethod, AuthInitialize.class); auth.init(logWriter, securityLogWriter); try { credentials = auth.getCredentials(securityProperties, server, isPeer); @@ -1536,7 +1544,8 @@ public class HandShake implements ClientHandShake { // This assumes that authentication is the last piece of info in handshake public static Properties readCredentials(DataInputStream dis, DataOutputStream dos, - DistributedSystem system) throws GemFireSecurityException, IOException { + DistributedSystem system, SecurityService securityService) + throws GemFireSecurityException, IOException { boolean requireAuthentication = securityService.isClientSecurityRequired(); Properties credentials = null; @@ -1671,7 +1680,8 @@ public class HandShake implements ClientHandShake { */ public static Object verifyCredentials(String authenticatorMethod, Properties credentials, Properties securityProperties, InternalLogWriter logWriter, - InternalLogWriter securityLogWriter, DistributedMember member) + InternalLogWriter securityLogWriter, DistributedMember member, + SecurityService securityService) throws AuthenticationRequiredException, AuthenticationFailedException { if (!AcceptorImpl.isAuthenticationRequired()) { @@ -1704,7 +1714,8 @@ public class HandShake implements ClientHandShake { String methodName = this.system.getProperties().getProperty(SECURITY_CLIENT_AUTHENTICATOR); return verifyCredentials(methodName, this.credentials, this.system.getSecurityProperties(), (InternalLogWriter) this.system.getLogWriter(), - (InternalLogWriter) this.system.getSecurityLogWriter(), this.id.getDistributedMember()); + (InternalLogWriter) this.system.getSecurityLogWriter(), this.id.getDistributedMember(), + this.securityService); } public void sendCredentialsForWan(OutputStream out, InputStream in) { @@ -1730,10 +1741,10 @@ public class HandShake implements ClientHandShake { return; } String authenticator = this.system.getProperties().getProperty(SECURITY_CLIENT_AUTHENTICATOR); - Properties peerWanProps = readCredentials(dis, dos, this.system); + Properties peerWanProps = readCredentials(dis, dos, this.system, this.securityService); verifyCredentials(authenticator, peerWanProps, this.system.getSecurityProperties(), (InternalLogWriter) this.system.getLogWriter(), - (InternalLogWriter) this.system.getSecurityLogWriter(), member); + (InternalLogWriter) this.system.getSecurityLogWriter(), member, this.securityService); } private static int getKeySize(String skAlgo) { http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java index 485ccae..947b836 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java @@ -39,7 +39,6 @@ import org.apache.shiro.util.ThreadState; import org.apache.geode.CancelException; import org.apache.geode.DataSerializer; import org.apache.geode.SystemFailure; -import org.apache.geode.cache.Cache; import org.apache.geode.cache.client.internal.AbstractOp; import org.apache.geode.cache.client.internal.Connection; import org.apache.geode.distributed.DistributedSystem; @@ -62,7 +61,6 @@ import org.apache.geode.internal.logging.LogService; import org.apache.geode.internal.logging.log4j.LocalizedMessage; import org.apache.geode.internal.security.AuthorizeRequest; import org.apache.geode.internal.security.AuthorizeRequestPP; -import org.apache.geode.internal.security.IntegratedSecurityService; import org.apache.geode.internal.security.SecurityService; import org.apache.geode.internal.util.Breadcrumbs; import org.apache.geode.security.AuthenticationFailedException; @@ -88,7 +86,7 @@ public class ServerConnection implements Runnable { private Map commands; - private SecurityService securityService = IntegratedSecurityService.getSecurityService(); + private final SecurityService securityService; final protected CacheServerStats stats; @@ -250,25 +248,26 @@ public class ServerConnection implements Runnable { * Creates a new <code>ServerConnection</code> that processes messages received from an edge * client over a given <code>Socket</code>. */ - public ServerConnection(Socket s, Cache c, CachedRegionHelper helper, CacheServerStats stats, - int hsTimeout, int socketBufferSize, String communicationModeStr, byte communicationMode, - Acceptor acceptor) { - StringBuffer buffer = new StringBuffer(100); + public ServerConnection(Socket socket, InternalCache internalCache, CachedRegionHelper helper, + CacheServerStats stats, int hsTimeout, int socketBufferSize, String communicationModeStr, + byte communicationMode, Acceptor acceptor, SecurityService securityService) { + + StringBuilder buffer = new StringBuilder(100); if (((AcceptorImpl) acceptor).isGatewayReceiver()) { buffer.append("GatewayReceiver connection from ["); } else { buffer.append("Server connection from ["); } buffer.append(communicationModeStr).append(" host address=") - .append(s.getInetAddress().getHostAddress()).append("; ").append(communicationModeStr) - .append(" port=").append(s.getPort()).append("]"); + .append(socket.getInetAddress().getHostAddress()).append("; ").append(communicationModeStr) + .append(" port=").append(socket.getPort()).append("]"); this.name = buffer.toString(); this.stats = stats; this.acceptor = (AcceptorImpl) acceptor; this.crHelper = helper; - this.logWriter = (InternalLogWriter) c.getLoggerI18n(); - this.securityLogWriter = (InternalLogWriter) c.getSecurityLoggerI18n(); + this.logWriter = (InternalLogWriter) internalCache.getLoggerI18n(); + this.securityLogWriter = (InternalLogWriter) internalCache.getSecurityLoggerI18n(); this.communicationModeStr = communicationModeStr; this.communicationMode = communicationMode; this.principal = null; @@ -276,20 +275,18 @@ public class ServerConnection implements Runnable { this.postAuthzRequest = null; this.randomConnectionIdGen = new Random(this.hashCode()); + this.securityService = securityService; + final boolean isDebugEnabled = logger.isDebugEnabled(); try { - // requestMsg.setUseDataStream(useDataStream); - // replyMsg.setUseDataStream(useDataStream); - // responseMsg.setUseDataStream(useDataStream); - // errorMsg.setUseDataStream(useDataStream); - initStreams(s, socketBufferSize, stats); + initStreams(socket, socketBufferSize, stats); if (isDebugEnabled) { logger.debug( "{}: Accepted client connection from {}[client host name={}; client host address={}; client port={}]", - getName(), s.getInetAddress().getCanonicalHostName(), - s.getInetAddress().getHostAddress(), s.getPort()); + getName(), communicationModeStr, socket.getInetAddress().getCanonicalHostName(), + socket.getInetAddress().getHostAddress(), socket.getPort()); } this.handShakeTimeout = hsTimeout; } catch (Exception e) { @@ -323,7 +320,7 @@ public class ServerConnection implements Runnable { synchronized (this.handShakeMonitor) { if (this.handshake == null) { // synchronized (getCleanupTable()) { - boolean readHandShake = ServerHandShakeProcessor.readHandShake(this); + boolean readHandShake = ServerHandShakeProcessor.readHandShake(this, getSecurityService()); if (readHandShake) { if (this.handshake.isOK()) { try { @@ -441,6 +438,10 @@ public class ServerConnection implements Runnable { return this.securityLogWriter; } + private SecurityService getSecurityService() { + return this.securityService; + } + private boolean incedCleanupTableRef = false; private boolean incedCleanupProxyIdTableRef = false; @@ -777,7 +778,7 @@ public class ServerConnection implements Runnable { } } - command.execute(msg, this); + command.execute(msg, this, this.securityService); } } finally { // Keep track of the fact that a message is no longer being @@ -1031,7 +1032,8 @@ public class ServerConnection implements Runnable { Object principal = HandShake.verifyCredentials(methodName, credentials, system.getSecurityProperties(), (InternalLogWriter) system.getLogWriter(), - (InternalLogWriter) system.getSecurityLogWriter(), this.proxyId.getDistributedMember()); + (InternalLogWriter) system.getSecurityLogWriter(), this.proxyId.getDistributedMember(), + this.securityService); if (principal instanceof Subject) { Subject subject = (Subject) principal; uniqueId = this.clientUserAuths.putSubject(subject); http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerHandShakeProcessor.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerHandShakeProcessor.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerHandShakeProcessor.java index 6534b68..8b89694 100755 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerHandShakeProcessor.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerHandShakeProcessor.java @@ -29,6 +29,7 @@ import java.net.SocketTimeoutException; import java.security.Principal; import java.util.Properties; +import org.apache.geode.internal.security.SecurityService; import org.apache.logging.log4j.Logger; import org.apache.shiro.subject.Subject; @@ -77,7 +78,8 @@ public class ServerHandShakeProcessor { currentServerVersion = Version.fromOrdinalOrCurrent(ver); } - public static boolean readHandShake(ServerConnection connection) { + public static boolean readHandShake(ServerConnection connection, + SecurityService securityService) { boolean validHandShake = false; Version clientVersion = null; try { @@ -120,7 +122,7 @@ public class ServerHandShakeProcessor { // Read the appropriate handshake if (clientVersion.compareTo(Version.GFE_57) >= 0) { - validHandShake = readGFEHandshake(connection, clientVersion); + validHandShake = readGFEHandshake(connection, clientVersion, securityService); } else { connection.refuseHandshake( "Unsupported version " + clientVersion + "Server's current version " + Acceptor.VERSION, @@ -196,7 +198,8 @@ public class ServerHandShakeProcessor { hdos.close(); } - private static boolean readGFEHandshake(ServerConnection connection, Version clientVersion) { + private static boolean readGFEHandshake(ServerConnection connection, Version clientVersion, + SecurityService securityService) { int handShakeTimeout = connection.getHandShakeTimeout(); InternalLogWriter securityLogWriter = connection.getSecurityLogWriter(); try { @@ -204,7 +207,7 @@ public class ServerHandShakeProcessor { DistributedSystem system = connection.getDistributedSystem(); // hitesh:it will set credentials and principals HandShake handshake = new HandShake(socket, handShakeTimeout, system, clientVersion, - connection.getCommunicationMode()); + connection.getCommunicationMode(), securityService); connection.setHandshake(handshake); ClientProxyMembershipID proxyId = handshake.getMembership(); connection.setProxyId(proxyId); http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxEnum.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxEnum.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxEnum.java index 2cb36cd..5a4a07b 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxEnum.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxEnum.java @@ -24,6 +24,7 @@ import org.apache.geode.internal.cache.tier.sockets.BaseCommand; import org.apache.geode.internal.cache.tier.sockets.Message; import org.apache.geode.internal.cache.tier.sockets.ServerConnection; import org.apache.geode.internal.logging.LogService; +import org.apache.geode.internal.security.SecurityService; import org.apache.geode.pdx.internal.EnumInfo; import org.apache.geode.pdx.internal.TypeRegistry; @@ -39,7 +40,8 @@ public class AddPdxEnum extends BaseCommand { private AddPdxEnum() {} @Override - public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) + public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, + final SecurityService securityService, long start) throws IOException, ClassNotFoundException { serverConnection.setAsTrue(REQUIRES_RESPONSE); if (logger.isDebugEnabled()) { http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxType.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxType.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxType.java index 3feba0d..cb4b261 100644 --- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxType.java +++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/AddPdxType.java @@ -24,6 +24,7 @@ import org.apache.geode.internal.cache.tier.sockets.BaseCommand; import org.apache.geode.internal.cache.tier.sockets.Message; import org.apache.geode.internal.cache.tier.sockets.ServerConnection; import org.apache.geode.internal.logging.LogService; +import org.apache.geode.internal.security.SecurityService; import org.apache.geode.pdx.internal.PdxType; import org.apache.geode.pdx.internal.TypeRegistry; @@ -39,7 +40,8 @@ public class AddPdxType extends BaseCommand { private AddPdxType() {} @Override - public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) + public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, + final SecurityService securityService, long start) throws IOException, ClassNotFoundException { serverConnection.setAsTrue(REQUIRES_RESPONSE); if (logger.isDebugEnabled()) {