geode-docs/managing/security/authorization_example.html.md.erb - geode - Git at Google

 ---
 title:  Authorization Example
 ---

 <!--
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
 this work for additional information regarding copyright ownership.
 The ASF licenses this file to You under the Apache License, Version 2.0
 (the "License"); you may not use this file except in compliance with
 the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 -->

 ## <a id="overview"></a>Disclaimer

 The security implementation of every installation is unique. These examples are provided for illustrative purposes only and must not be used in a production environment.

 The examples demonstrate the basics for implementing both user authorization (`SecurityManager.authorize`) and method invocation authorization (`MethodInvocationAuthorizer.authorize`) during query executions.
 The remainder of the examples may be found within the <%=vars.product_name_long%> source code under the `geode-core/src/main/java/org/apache/geode/examples/security` directory.

 ## <a id="user_authorization_example"></a>User Authorization Example

 This example assumes that a set of users, a set of roles that a user might take on within the system, and a mapping of users to their roles are described in a JSON format file.
 The roles define a set of authorized resource permissions granted for users in those roles.
 Code not shown here parses the file to compose a data structure with the information on roles and users.
 The `authorize` callback denies permission for any operation that does not have a principal representing the identity of the operation's requester.
 Given the principal, the method iterates through the data structure searching for the necessary permissions for the principal.
 When the necessary permission is found, authorization is granted by returning the value `true`.
 If the permission is not found in the data structure, then the method returns `false`, denying authorization of the operation.

 ``` pre
 public boolean authorize(final Object principal, final ResourcePermission context) {
     if (principal == null) return false;

     User user = this.userNameToUser.get(principal.toString());
     if (user == null) return false; // this user is not authorized to do anything

     // check if the user has this permission defined in the context
     for (Role role : this.userNameToUser.get(user.name).roles) {
         for (Permission permitted : role.permissions) {
             if (permitted.implies(context)) {
                 return true;
             }
         }
     }

     return false;
 }
 ```

 ## <a id="method_authorization_example"></a>Method Invocation Authorization Example

 This example assumes that the entire domain model is deployed to the cluster and that the user is allowed to modify these classes.
 The `authorize` callback denies access to methods that have been permanently forbidden by the [RestrictedMethodAuthorizer](method_invocation_authorizers.html#restrictedMethodAuthorizer) and returns `false` right away.
 When the method is not permanently forbidden, the implementation checks whether the method has been annotated with a custom annotation. When the necessary annotation is found, authorization is granted by returning the value `true`.
 If the annotation is not found, then the method returns `false`, denying the invocation of the method during the query execution.

 ``` pre
 public boolean authorize(Method method, Object target) {
     // Check if forbidden by default.
     if (defaultAuthorizer.isPermanentlyForbiddenMethod(method, target)) {
         return false;
     }

     // Check if annotation is present
     return method.isAnnotationPresent(Authorized.class);
   }
 ```
	---
	title: Authorization Example
	---

	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to You under the Apache License, Version 2.0
	(the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->

	## <a id="overview"></a>Disclaimer

	The security implementation of every installation is unique. These examples are provided for illustrative purposes only and must not be used in a production environment.

	The examples demonstrate the basics for implementing both user authorization (`SecurityManager.authorize`) and method invocation authorization (`MethodInvocationAuthorizer.authorize`) during query executions.
	The remainder of the examples may be found within the <%=vars.product_name_long%> source code under the `geode-core/src/main/java/org/apache/geode/examples/security` directory.

	## <a id="user_authorization_example"></a>User Authorization Example

	This example assumes that a set of users, a set of roles that a user might take on within the system, and a mapping of users to their roles are described in a JSON format file.
	The roles define a set of authorized resource permissions granted for users in those roles.
	Code not shown here parses the file to compose a data structure with the information on roles and users.
	The `authorize` callback denies permission for any operation that does not have a principal representing the identity of the operation's requester.
	Given the principal, the method iterates through the data structure searching for the necessary permissions for the principal.
	When the necessary permission is found, authorization is granted by returning the value `true`.
	If the permission is not found in the data structure, then the method returns `false`, denying authorization of the operation.

	``` pre
	public boolean authorize(final Object principal, final ResourcePermission context) {
	if (principal == null) return false;

	User user = this.userNameToUser.get(principal.toString());
	if (user == null) return false; // this user is not authorized to do anything

	// check if the user has this permission defined in the context
	for (Role role : this.userNameToUser.get(user.name).roles) {
	for (Permission permitted : role.permissions) {
	if (permitted.implies(context)) {
	return true;
	}
	}
	}

	return false;
	}
	```

	## <a id="method_authorization_example"></a>Method Invocation Authorization Example

	This example assumes that the entire domain model is deployed to the cluster and that the user is allowed to modify these classes.
	The `authorize` callback denies access to methods that have been permanently forbidden by the [RestrictedMethodAuthorizer](method_invocation_authorizers.html#restrictedMethodAuthorizer) and returns `false` right away.
	When the method is not permanently forbidden, the implementation checks whether the method has been annotated with a custom annotation. When the necessary annotation is found, authorization is granted by returning the value `true`.
	If the annotation is not found, then the method returns `false`, denying the invocation of the method during the query execution.

	``` pre
	public boolean authorize(Method method, Object target) {
	// Check if forbidden by default.
	if (defaultAuthorizer.isPermanentlyForbiddenMethod(method, target)) {
	return false;
	}

	// Check if annotation is present
	return method.isAnnotationPresent(Authorized.class);
	}
	```