geode-core/src/main/java/org/apache/geode/internal/security/SecurityServiceFactory.java - geode - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
  * agreements. See the NOTICE file distributed with this work for additional information regarding
  * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance with the License. You may obtain a
  * copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software distributed under the License
  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
 package org.apache.geode.internal.security;

 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;

 import java.util.Properties;

 import org.apache.commons.lang3.StringUtils;

 import org.apache.geode.internal.cache.CacheConfig;
 import org.apache.geode.internal.security.shiro.SecurityManagerProvider;
 import org.apache.geode.security.PostProcessor;
 import org.apache.geode.security.SecurityManager;

 public class SecurityServiceFactory {

   private SecurityServiceFactory() {
     // do not instantiate
   }

   public static SecurityService create() {
     return new LegacySecurityService();
   }

   public static SecurityService create(Properties securityProps) {
     return create(securityProps, null, null);
   }

   public static SecurityService create(Properties securityProps, CacheConfig cacheConfig) {
     if (cacheConfig == null) {
       return create(securityProps, null, null);
     }

     return create(securityProps, cacheConfig.getSecurityManager(), cacheConfig.getPostProcessor());
   }

   public static SecurityService create(Properties securityProps,
       SecurityManager preferredSecurityManager, PostProcessor preferredPostProcessor) {
     if (securityProps == null) {
       // avoid NPE, and we can stil use preferredSecurityManager to create the service
       securityProps = new Properties();
     }

     String shiroConfig = securityProps.getProperty(SECURITY_SHIRO_INIT);
     SecurityManager securityManager = CallbackInstantiator.getSecurityManager(securityProps);
     PostProcessor postProcessor = CallbackInstantiator.getPostProcessor(securityProps);

     // cacheConfig's securityManager/postprocessor takes precedence over those defined in
     // securityProps
     if (preferredSecurityManager != null) {
       // cacheConfig's security manager will override property's shiro.ini settings
       shiroConfig = null;
       securityManager = preferredSecurityManager;
     }
     if (preferredPostProcessor != null) {
       postProcessor = preferredPostProcessor;
     }

     if (StringUtils.isNotBlank(shiroConfig)) {
       return new IntegratedSecurityService(new SecurityManagerProvider(shiroConfig), postProcessor);
     } else if (securityManager != null) {
       return new IntegratedSecurityService(new SecurityManagerProvider(securityManager),
           postProcessor);
     } else if (isShiroInUse()) {
       return new IntegratedSecurityService(new SecurityManagerProvider(), postProcessor);
     }

     // if not return legacy security service
     String clientAuthenticatorConfig = securityProps.getProperty(SECURITY_CLIENT_AUTHENTICATOR);
     String peerAuthenticatorConfig = securityProps.getProperty(SECURITY_PEER_AUTHENTICATOR);
     return new LegacySecurityService(clientAuthenticatorConfig, peerAuthenticatorConfig);
   }

   private static boolean isShiroInUse() {
     // Don't import Shiro otherwise clients must include on classpath
     try {
       return null != Class.forName("org.apache.shiro.SecurityUtils").getMethod("getSecurityManager")
           .invoke(null);
     } catch (Exception e) {
       return false;
     }
   }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
	* agreements. See the NOTICE file distributed with this work for additional information regarding
	* copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance with the License. You may obtain a
	* copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software distributed under the License
	* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
	* or implied. See the License for the specific language governing permissions and limitations under
	* the License.
	*/
	package org.apache.geode.internal.security;

	import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
	import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
	import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;

	import java.util.Properties;

	import org.apache.commons.lang3.StringUtils;

	import org.apache.geode.internal.cache.CacheConfig;
	import org.apache.geode.internal.security.shiro.SecurityManagerProvider;
	import org.apache.geode.security.PostProcessor;
	import org.apache.geode.security.SecurityManager;

	public class SecurityServiceFactory {

	private SecurityServiceFactory() {
	// do not instantiate
	}

	public static SecurityService create() {
	return new LegacySecurityService();
	}

	public static SecurityService create(Properties securityProps) {
	return create(securityProps, null, null);
	}

	public static SecurityService create(Properties securityProps, CacheConfig cacheConfig) {
	if (cacheConfig == null) {
	return create(securityProps, null, null);
	}

	return create(securityProps, cacheConfig.getSecurityManager(), cacheConfig.getPostProcessor());
	}

	public static SecurityService create(Properties securityProps,
	SecurityManager preferredSecurityManager, PostProcessor preferredPostProcessor) {
	if (securityProps == null) {
	// avoid NPE, and we can stil use preferredSecurityManager to create the service
	securityProps = new Properties();
	}

	String shiroConfig = securityProps.getProperty(SECURITY_SHIRO_INIT);
	SecurityManager securityManager = CallbackInstantiator.getSecurityManager(securityProps);
	PostProcessor postProcessor = CallbackInstantiator.getPostProcessor(securityProps);

	// cacheConfig's securityManager/postprocessor takes precedence over those defined in
	// securityProps
	if (preferredSecurityManager != null) {
	// cacheConfig's security manager will override property's shiro.ini settings
	shiroConfig = null;
	securityManager = preferredSecurityManager;
	}
	if (preferredPostProcessor != null) {
	postProcessor = preferredPostProcessor;
	}

	if (StringUtils.isNotBlank(shiroConfig)) {
	return new IntegratedSecurityService(new SecurityManagerProvider(shiroConfig), postProcessor);
	} else if (securityManager != null) {
	return new IntegratedSecurityService(new SecurityManagerProvider(securityManager),
	postProcessor);
	} else if (isShiroInUse()) {
	return new IntegratedSecurityService(new SecurityManagerProvider(), postProcessor);
	}

	// if not return legacy security service
	String clientAuthenticatorConfig = securityProps.getProperty(SECURITY_CLIENT_AUTHENTICATOR);
	String peerAuthenticatorConfig = securityProps.getProperty(SECURITY_PEER_AUTHENTICATOR);
	return new LegacySecurityService(clientAuthenticatorConfig, peerAuthenticatorConfig);
	}

	private static boolean isShiroInUse() {
	// Don't import Shiro otherwise clients must include on classpath
	try {
	return null != Class.forName("org.apache.shiro.SecurityUtils").getMethod("getSecurityManager")
	.invoke(null);
	} catch (Exception e) {
	return false;
	}
	}

	}