blob: f69cb8dec97cc0676fcc3578099ff2a67a9bcc2f [file] [log] [blame]
/*
* The MultiuserSecurityExample QuickStart Example.
*
* This example takes the following steps:
*
* 1. Create a GemFire Cache with multiuser enabled.
* 2. Creates userCache using user "root". Who is authorized to do get and put operations.
* 3. Creates userCache using user "writer2". Who is authorized to do only put operation. It tries to do get operation and gets NotAuthorizedException.
* 4. Close the Cache.
*
*/
// Include the GemFire library.
#include <gfcpp/GemfireCppCache.hpp>
// Use the "gemfire" namespace.
using namespace gemfire;
char* getFuncIName = (char*)"MultiGetFunctionI";
void runWithUserRoot(CachePtr cachePtr)
{
//user root's credential who is authorized to do put/get operations
PropertiesPtr credentials = Properties::create();
credentials->insert("security-username", "root");
credentials->insert("security-password", "root");
// Create user cache by passing credentials
RegionServicePtr userCache1 = cachePtr->createAuthenticatedView( credentials );
// Create region using usercache
RegionPtr regionPtr1 = userCache1->getRegion("partition_region");
LOGINFO("Obtained the Region from the Cache");
CacheableKeyPtr key = CacheableKey::create("Key1");
//doing operation on behalf of user "writer2"
regionPtr1->put(key, "Value1");
LOGINFO("Entry created in the Region");
// Get Entries back out of the Region.
CacheablePtr result1Ptr = regionPtr1->get(key);
//to execute function on server
bool getResult = true;
CacheableVectorPtr routingObj = CacheableVector::create();
routingObj->push_back(key);
//test data independant function with result on one server
LOGINFO("test data independant function with result on one server");
CacheablePtr args = routingObj;
char buf[128];
ExecutionPtr exc = FunctionService::onServer(userCache1);
CacheableVectorPtr executeFunctionResult =
exc->withArgs(args)->execute(getFuncIName, getResult)->getResult();
CacheableVectorPtr resultList = CacheableVector::create();
if(executeFunctionResult==NULLPTR)
{
LOGINFO("get executeFunctionResult is NULL");
}
else
{
for (int item=0; item < executeFunctionResult->size(); item++)
{
CacheableArrayListPtr arrayList = dynCast<CacheableArrayListPtr>(executeFunctionResult->operator[](item));
for (int pos=0; pos < arrayList->size(); pos++)
{
resultList->push_back(arrayList->operator[](pos));
}
}
sprintf(buf, "get: result count = %d", resultList->size());
LOGINFO(buf);
for(int i=0; i < resultList->size(); i++)
{
sprintf(buf, "get result[%d]=%s", i, dynCast<CacheableStringPtr>(resultList->operator[](i))->asChar());
LOGINFO(buf);
}
}
//test for Query
// Execute a Query which returns a ResultSet.
QueryServicePtr qrySvcPtr = userCache1->getQueryService();
QueryPtr qryPtr = qrySvcPtr->newQuery("SELECT DISTINCT * FROM /partition_region");
SelectResultsPtr resultsPtr = qryPtr->execute();
LOGINFO("ResultSet Query returned %d rows", resultsPtr->size());
//close the user cache
userCache1->close();
LOGINFO("User root done put/get ops successfully");
}
void runWithUserWriter(CachePtr cachePtr)
{
//user writer2's credentials who is authorixed to do only put operation
PropertiesPtr credentials = Properties::create();
credentials->insert("security-username", "writer2");
credentials->insert("security-password", "writer2");
// Create user cache by passing credentials
RegionServicePtr userCache2 = cachePtr->createAuthenticatedView( credentials );
// Create region using usercache
RegionPtr regionPtr2 = userCache2->getRegion("partition_region");
LOGINFO("Entry created in the Region");
bool gotException = false;
try {
// Get Entries back out of the Region.
CacheablePtr result1Ptr = regionPtr2->get("Key1");
//collect NotAuthorized exception
} catch (const gemfire::NotAuthorizedException& expected) {
gotException = true;
LOGINFO("Got expected authorization failure while obtaining the Entry: %s", expected.getMessage());
}
//close the user cache
userCache2->close();
if (gotException)
{
LOGINFO("Got expected authorization exception while user writer2 was doing get operation.");
}
else
{
LOGINFO("Failed: Didn't get expected authorization exception while user writer2 was doing get operation.");
}
}
// The MultiuserSecurityExample QuickStart example.
int main(int argc, char ** argv)
{
try
{
PropertiesPtr secProp = Properties::create();
//By setting this property client will send credential in encrypted form.
//to do this one need to setup OpenSSL.
//secProp->insert("security-client-dhalgo", "Blowfish:128");
// Connect to the GemFire Distributed System using the settings from the gfcpp.properties file by default, programatically
// overriding secProp properties.
// Create a GemFire Cache.
CacheFactoryPtr cacheFactory = CacheFactory::createCacheFactory(secProp);
CachePtr cachePtr = cacheFactory->setMultiuserAuthentication(true)->create();
LOGINFO("Created the Gemfire Cache with multiuser enable.");
RegionFactoryPtr regionFactory = cachePtr->createRegionFactory(PROXY);
LOGINFO("Created the RegionFactory");
// Create the example Region Programmatically.
RegionPtr regionPtr = regionFactory->create("partition_region");
runWithUserRoot(cachePtr);
runWithUserWriter(cachePtr);
// Close the GemFire Cache.
cachePtr->close();
LOGINFO("Closed the GemFire Cache");
}
// An exception should not occur
catch(const Exception & gemfireExcp)
{
LOGERROR("FAILED:MultiuserSecurityExample GemFire Exception: %s", gemfireExcp.getMessage());
}
}