[01/21] ignite git commit: Corrected fix for REST processor wrt authentication

Mon, 17 Jul 2017 01:22:54 -0700 

Repository: ignite
Updated Branches:
  refs/heads/ignite-5578-locJoin 73add3106 -> 5307bcb52


Corrected fix for REST processor wrt authentication


Project: http://git-wip-us.apache.org/repos/asf/ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/ignite/commit/707c454a
Tree: http://git-wip-us.apache.org/repos/asf/ignite/tree/707c454a
Diff: http://git-wip-us.apache.org/repos/asf/ignite/diff/707c454a

Branch: refs/heads/ignite-5578-locJoin
Commit: 707c454ad9c3b4132e2d0a20d15dc1eb2ed295b0
Parents: 478d3b5
Author: Alexey Goncharuk <alexey.goncha...@gmail.com>
Authored: Wed Jul 12 10:53:46 2017 +0300
Committer: Alexey Goncharuk <alexey.goncha...@gmail.com>
Committed: Wed Jul 12 10:53:46 2017 +0300

----------------------------------------------------------------------
 .../processors/rest/GridRestProcessor.java      | 45 ++++++--------------
 1 file changed, 12 insertions(+), 33 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ignite/blob/707c454a/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
----------------------------------------------------------------------
diff --git 
a/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
 
b/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
index fd5583d..9842883 100644
--- 
a/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
+++ 
b/modules/core/src/main/java/org/apache/ignite/internal/processors/rest/GridRestProcessor.java
@@ -243,23 +243,21 @@ public class GridRestProcessor extends 
GridProcessorAdapter {
 
             SecurityContext secCtx0 = ses.secCtx;
 
-            if (ctx.state().publicApiActiveState() || 
!isClusterActivateTaskRequest(req)) {
-                try {
-                    if (secCtx0 == null)
-                        ses.secCtx = secCtx0 = authenticate(req);
+            try {
+                if (secCtx0 == null)
+                    ses.secCtx = secCtx0 = authenticate(req);
 
-                    authorize(req, secCtx0);
-                }
-                catch (SecurityException e) {
-                    assert secCtx0 != null;
+                authorize(req, secCtx0);
+            }
+            catch (SecurityException e) {
+                assert secCtx0 != null;
 
-                    GridRestResponse res = new 
GridRestResponse(STATUS_SECURITY_CHECK_FAILED, e.getMessage());
+                GridRestResponse res = new 
GridRestResponse(STATUS_SECURITY_CHECK_FAILED, e.getMessage());
 
-                    return new GridFinishedFuture<>(res);
-                }
-                catch (IgniteCheckedException e) {
-                    return new GridFinishedFuture<>(new 
GridRestResponse(STATUS_AUTH_FAILED, e.getMessage()));
-                }
+                return new GridFinishedFuture<>(res);
+            }
+            catch (IgniteCheckedException e) {
+                return new GridFinishedFuture<>(new 
GridRestResponse(STATUS_AUTH_FAILED, e.getMessage()));
             }
         }
 
@@ -321,25 +319,6 @@ public class GridRestProcessor extends 
GridProcessorAdapter {
     }
 
     /**
-     * We skip authentication for activate cluster request.
-     * It's necessary workaround to make possible cluster activation through 
Visor,
-     * as security checks require working caches.
-     *
-     * @param req Request.
-     */
-    private boolean isClusterActivateTaskRequest(GridRestRequest req) {
-        if (req instanceof GridRestTaskRequest) {
-            GridRestTaskRequest taskReq = (GridRestTaskRequest)req;
-
-            if 
(VisorGatewayTask.class.getCanonicalName().equals(taskReq.taskName()) &&
-                
taskReq.params().contains(VisorChangeGridActiveStateTask.class.getCanonicalName()))
-                return true;
-        }
-
-        return false;
-    }
-
-    /**
      * @param req Request.
      * @return Not null session.
      * @throws IgniteCheckedException If failed.

Reply via email to