Hi, It looks like you need to implement *DiscoverySpiNodeAuthenticator*. You can use *ClusterNode *attribute to authenticate node inside ' *DiscoverySpiNodeAuthenticator.authenticateNode()'* method.
You can find in source code how *IgniteNodeAttributes.ATTR_SECURITY_CREDENTIALS *attribute passed to *DiscoverySpiNodeAuthenticator.authenticateNode()* as *SecurityCredentials*. On Mon, Mar 6, 2017 at 3:25 PM, conor <[email protected]> wrote: > Hi, I'm trying to implement authentication for an ignite cluster. I've > read > the blog post mentioned in other posts here but it's incomplete and also > quite old so I was hoping for some guidance. (blog post: > http://smartkey.co.uk/development/securing-an-apache-ignite-cluster/) > > The authentication mechanism I'm intending to use is to check for a common > password shared by nodes. So when a node starts up by itself, it obtains > the shared password from the local system using a library call. So I need > to do two things. > * when a node starts up it needs to fetch the local password and store it > in it's own configuration > * when a node joins the cluster other nodes need to compare the provided > password with the one they have locally > > So I tried setting the credentials locally as follows: > > TcpDiscoverySpi spi = new TcpDiscoverySpi(); > SecurityCredentials securityCredentials = new > SecurityCredentials(getModuleName(), passwordService.getPassword()); > Map<String, Object> nodeAttributes = new HashMap<>(); > nodeAttributes.put("org.apache.ignite.security.cred", > securityCredentials); > IgniteProductVersion igniteProductVersion = new > IgniteProductVersion(); > spi.setNodeAttributes(nodeAttributes, igniteProductVersion); > > However I run into an issue here because when setNodeAttributes is called > on > TcpDiscoverySpi I get a NullPointerException. The exception is thrown in > line 963 which is shown below. > > 959 @Override public void setNodeAttributes(Map<String, Object> attrs, > IgniteProductVersion ver) { > 960 assert locNodeAttrs == null; > 961 assert locNodeVer == null; > 962 > 963 if (log.isDebugEnabled()) { > 964 log.debug("Node attributes to set: " + attrs); > 965 log.debug("Node version to set: " + ver); > 966 } > 967 > 968 locNodeAttrs = attrs; > 969 locNodeVer = ver; > 970 } > > The instance of IgniteLogger named 'log' is null when this method is > called. > This seems like a bug to me but if it's not, am I doing something wrong? > Is > there another way I should be fetching and setting this property on my > local > node? > > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Authentication-tp11037.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. > -- Best regards, Andrey V. Mashenkov
