| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| /* |
| * The MultiuserSecurityExample QuickStart Example. |
| * |
| * This example takes the following steps: |
| * |
| * 1. Create a Geode Cache with multiuser enabled. |
| * 2. Creates userCache using user "root". Who is authorized to do get and put operations. |
| * 3. Creates userCache using user "writer2". Who is authorized to do only put operation. It tries to do get operation and gets NotAuthorizedException. |
| * 4. Close the Cache. |
| * |
| */ |
| |
| // Use standard namespaces |
| using System; |
| |
| // Use the Geode namespace |
| using Apache.Geode.Client; |
| using System.Collections.Generic; |
| using System.Collections; |
| namespace Apache.Geode.Client.QuickStart |
| { |
| // The MultiuserSecurityExample QuickStart example. |
| class MultiuserSecurityExample |
| { |
| private static string getFuncIName = "MultiGetFunctionI"; |
| |
| public void RunMultiuserSecurityExample() |
| { |
| // Create client's Authentication Intializer and Credentials using api ( Same can be set to gfcpp.properties & comment following code ). |
| Properties<string, string> secProp = Properties<string, string>.Create<string, string>(); |
| |
| //By setting this property client will send credential in encrypted form. |
| //to do this one need to setup OpenSSL. |
| //secProp.Insert("security-client-dhalgo", "Blowfish:128"); |
| |
| // Connect to the Geode Distributed System using the settings from the gfcpp.properties file by default. |
| // Create a Geode Cache. |
| CacheFactory cacheFactory = CacheFactory.CreateCacheFactory(null); |
| |
| Cache cache = cacheFactory.SetMultiuserAuthentication(true).Create(); |
| |
| Console.WriteLine("Created the Geode Cache"); |
| |
| RegionFactory regionFactory = cache.CreateRegionFactory(RegionShortcut.PROXY); |
| |
| IRegion<string, string> region = regionFactory.Create<string, string>("partition_region"); |
| |
| Console.WriteLine("Created the Region Programmatically."); |
| |
| runWithUserRoot(cache); |
| runWithUserWriter(cache); |
| |
| cache.Close(); |
| |
| Console.WriteLine("Client disconnected from the Geode Distributed System"); |
| } |
| |
| void runWithUserRoot(Cache cache) |
| { |
| Console.WriteLine("Created the Region Programmatically. 0"); |
| //user "root" 's credential |
| Properties<string, object> credentials = Properties<string, object>.Create<string, object>(); |
| //user = "root" has permission to do put/get both |
| credentials.Insert("security-username", "root"); |
| credentials.Insert("security-password", "root"); |
| |
| Console.WriteLine("Created the Region Programmatically. 1"); |
| // Create user cache by passing credentials |
| IRegionService userCache1 = cache.CreateAuthenticatedView(credentials); |
| |
| Console.WriteLine("Created the Region Programmatically. 2"); |
| // Create region using usercache |
| IRegion<string, string> userRegion1 = userCache1.GetRegion<string, string>("partition_region"); |
| |
| //doing operation on behalf of user "root" |
| userRegion1["key-1"] = "val-1"; |
| |
| string result = userRegion1["key-1"]; |
| |
| //to execute function on server |
| Execution<object> exc = FunctionService<object>.OnServer(userCache1); |
| |
| ArrayList args1 = new ArrayList(); |
| args1.Add("key-1"); |
| |
| IResultCollector<object> rc = exc.WithArgs<ArrayList>(args1).Execute(getFuncIName); |
| ICollection<object> executeFunctionResult = rc.GetResult(); |
| Console.WriteLine("on one server: result count= {0}.", executeFunctionResult.Count); |
| |
| List<object> resultList1 = new List<object>(); |
| foreach (List<object> item in executeFunctionResult) |
| { |
| foreach (object subitem in item) |
| { |
| resultList1.Add(subitem); |
| } |
| } |
| |
| for (int i = 0; i < resultList1.Count; i++) |
| { |
| Console.WriteLine("on one server:get:result[{0}]={1}.", i, (string)resultList1[i]); |
| } |
| |
| //to execute Query |
| |
| // Get the QueryService from the Cache. |
| QueryService<string, string> qrySvc = userCache1.GetQueryService<string, string>(); |
| |
| Console.WriteLine("Got the QueryService from the user Cache"); |
| |
| // Execute a Query which returns a ResultSet. |
| Query<string> qry = qrySvc.NewQuery("SELECT DISTINCT * FROM /partition_region"); |
| ISelectResults<string> results = qry.Execute(); |
| |
| Console.WriteLine("ResultSet Query returned {0} rows", results.Size); |
| |
| userCache1.Close(); |
| |
| Console.WriteLine("User root done put/get ops successfully"); |
| } |
| |
| void runWithUserWriter(Cache cache) |
| { |
| //user "writer2" 's credential |
| Properties<string, object> credentials = Properties<string, object>.Create<string, object>(); |
| //user = "writer2" has permission to do put ops only |
| credentials.Insert("security-username", "writer2"); |
| credentials.Insert("security-password", "writer2"); |
| |
| // Create user cache by passing credentials |
| IRegionService userCache2 = cache.CreateAuthenticatedView(credentials); |
| |
| // Create region using usercache |
| IRegion<string, string> userRegion2 = userCache2.GetRegion<string, string>("partition_region"); |
| |
| bool exceptiongot = false; |
| |
| try |
| { |
| //"writer2" trying to do get operation on region, it should get NotAuthorized exception |
| string res = userRegion2["key-1"]; |
| } |
| catch (NotAuthorizedException ex) |
| { |
| Console.WriteLine("Got expected UnAuthorizedException: {0}", ex.Message); |
| exceptiongot = true; |
| } |
| |
| if (exceptiongot == false) |
| { |
| Console.WriteLine("Example FAILED: Did not get expected NotAuthorizedException"); |
| } |
| else |
| { |
| Console.WriteLine("User writer2 got expected while doing get operation."); |
| } |
| |
| //close the user cache |
| userCache2.Close(); |
| } |
| |
| static void Main(string[] args) |
| { |
| try |
| { |
| MultiuserSecurityExample ex = new MultiuserSecurityExample(); |
| |
| //Run Security Client |
| ex.RunMultiuserSecurityExample(); |
| |
| } |
| // An exception should not occur |
| catch (GeodeException gfex) |
| { |
| Console.WriteLine("FAILED: MultiuserSecurityExample Geode Exception: {0}", gfex.Message); |
| } |
| } |
| } |
| } |