Hi
I following the instructions in
http://smartkey.co.uk/development/securing-an-apache-ignite-cluster/ and
implemented a custom GridSecurityProcessor plugin. I got Ignite to recognize
the custom provider and the provider is returning my custom
GridSecurityProcessor like this:
@Nullable
@Override
@SuppressWarnings("unchecked")
public <T> T createComponent(PluginContext ctx, Class<T> cls) {
System.out.println("TenantGroupSecurityPluginProvider:createComponent
called for class " + cls.toString());
if (cls.isAssignableFrom(GridSecurityProcessor.class)) {
System.out.println("TenantGroupSecurityPluginProvider:createComponent
returning TenantGroupSecurityProcessor");
return (T) new TenantGroupSecurityProcessor();
}
else {
System.out.println("TenantGroupSecurityPluginProvider:createComponent
returning null");
return null;
}
}
All is fine when the first node starts up. When the second node starts up,
TenantGroupSecurityProcessor.authenticateNode does not get called, but
TenantGroupSecurityProcessor.validateNode gets called which is implemented like
this:
@Nullable
@Override
public IgniteNodeValidationResult validateNode(ClusterNode node) {
System.out.println("TenantGroupSecurityProcessor:validateNode called");
return new IgniteNodeValidationResult(node.id(), "Access Denied", "Access
Denied");
}
Because of this, the second node is unable to join the cluster and it dies.
[22:21:18,821][SEVERE][main][IgniteKernal] Failed to start manager:
GridManagerAdapter [enabled=true,
name=o.a.i.i.managers.discovery.GridDiscoveryManager]
class org.apache.ignite.IgniteCheckedException: Failed to start SPI:
TcpDiscoverySpi [addrRslvr=null, sockTimeout=5000, ackTimeout=5000,
reconCnt=10, maxAckTimeout=600000, forceSrvMode=false,
clientReconnectDisabled=false]
at
org.apache.ignite.internal.managers.GridManagerAdapter.startSpi(GridManagerAdapter.java:255)
at
org.apache.ignite.internal.managers.discovery.GridDiscoveryManager.start(GridDiscoveryManager.java:660)
at
org.apache.ignite.internal.IgniteKernal.startManager(IgniteKernal.java:1500)
at org.apache.ignite.internal.IgniteKernal.start(IgniteKernal.java:915)
at
org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start0(IgnitionEx.java:1618)
at
org.apache.ignite.internal.IgnitionEx$IgniteNamedInstance.start(IgnitionEx.java:1485)
at org.apache.ignite.internal.IgnitionEx.start0(IgnitionEx.java:965)
at
org.apache.ignite.internal.IgnitionEx.startConfigurations(IgnitionEx.java:892)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:784)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:705)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:576)
at org.apache.ignite.internal.IgnitionEx.start(IgnitionEx.java:546)
at org.apache.ignite.Ignition.start(Ignition.java:346)
at
org.apache.ignite.startup.cmdline.CommandLineStartup.main(CommandLineStartup.java:302)
Caused by: class org.apache.ignite.spi.IgniteSpiException: Access Denied
at
org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.checkFailedError(TcpDiscoverySpi.java:1627)
at
org.apache.ignite.spi.discovery.tcp.ServerImpl.joinTopology(ServerImpl.java:879)
at
org.apache.ignite.spi.discovery.tcp.ServerImpl.spiStart(ServerImpl.java:328)
at
org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi.spiStart(TcpDiscoverySpi.java:1815)
at
org.apache.ignite.internal.managers.GridManagerAdapter.startSpi(GridManagerAdapter.java:252)
... 13 more
Why isn’t the authenticateNode callback did not get called back? Did I miss
anything?
Thanks for the help.
--
anand
