modules/core/src/main/java/org/apache/ignite/internal/processors/security/NoOpIgniteSecurityProcessor.java - ignite - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.ignite.internal.processors.security;

 import java.util.Collection;
 import java.util.UUID;
 import org.apache.ignite.cluster.ClusterNode;
 import org.apache.ignite.internal.GridKernalContext;
 import org.apache.ignite.internal.processors.GridProcessorAdapter;
 import org.apache.ignite.internal.processors.security.sandbox.IgniteSandbox;
 import org.apache.ignite.internal.processors.security.sandbox.NoOpSandbox;
 import org.apache.ignite.plugin.security.AuthenticationContext;
 import org.apache.ignite.plugin.security.SecurityCredentials;
 import org.apache.ignite.plugin.security.SecurityException;
 import org.apache.ignite.plugin.security.SecurityPermission;
 import org.apache.ignite.plugin.security.SecuritySubject;
 import org.apache.ignite.spi.IgniteNodeValidationResult;
 import org.apache.ignite.spi.discovery.DiscoveryDataBag;
 import org.jetbrains.annotations.Nullable;

 import static org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.ATTR_GRID_SEC_PROC_CLASS;
 import static org.apache.ignite.internal.processors.security.SecurityUtils.MSG_SEC_PROC_CLS_IS_INVALID;

 /**
  * No operation IgniteSecurity.
  */
 public class NoOpIgniteSecurityProcessor extends GridProcessorAdapter implements IgniteSecurity {
     /** No operation security context. */
     private final OperationSecurityContext opSecCtx = new OperationSecurityContext(this, null);

     /** Instance of IgniteSandbox. */
     private final IgniteSandbox sandbox = new NoOpSandbox();

     /**
      * @param ctx Grid kernal context.
      */
     public NoOpIgniteSecurityProcessor(GridKernalContext ctx) {
         super(ctx);
     }

     /** {@inheritDoc} */
     @Override public OperationSecurityContext withContext(SecurityContext secCtx) {
         return opSecCtx;
     }

     /** {@inheritDoc} */
     @Override public OperationSecurityContext withContext(UUID nodeId) {
         return opSecCtx;
     }

     /** {@inheritDoc} */
     @Override public SecurityContext securityContext() {
         return null;
     }

     /** {@inheritDoc} */
     @Override public SecurityContext authenticateNode(ClusterNode node, SecurityCredentials cred) {
         return null;
     }

     /** {@inheritDoc} */
     @Override public boolean isGlobalNodeAuthentication() {
         return false;
     }

     /** {@inheritDoc} */
     @Override public SecurityContext authenticate(AuthenticationContext ctx) {
         return null;
     }

     /** {@inheritDoc} */
     @Override public Collection<SecuritySubject> authenticatedSubjects() {
         return null;
     }

     /** {@inheritDoc} */
     @Override public SecuritySubject authenticatedSubject(UUID subjId) {
         return null;
     }

     /** {@inheritDoc} */
     @Override public void onSessionExpired(UUID subjId) {
         // No-op.
     }

     /** {@inheritDoc} */
     @Override public void authorize(String name, SecurityPermission perm) throws SecurityException {
         // No-op.
     }

     /** {@inheritDoc} */
     @Override public IgniteSandbox sandbox() {
         return sandbox;
     }

     /** {@inheritDoc} */
     @Override public boolean enabled() {
         return false;
     }

     /** {@inheritDoc} */
     @Override public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node) {
         return validateSecProcClass(node);
     }

     /** {@inheritDoc} */
     @Override public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node,
         DiscoveryDataBag.JoiningNodeDiscoveryData discoData) {
         return validateSecProcClass(node);
     }

     /**
      * Validates that remote the node's grid security processor class is undefined.
      *
      * @param node Joining node.
      * @return Validation result or {@code null} in case of success.
      */
     private IgniteNodeValidationResult validateSecProcClass(ClusterNode node) {
         String rmtCls = node.attribute(ATTR_GRID_SEC_PROC_CLASS);

         if (rmtCls != null) {
             ClusterNode locNode = ctx.discovery().localNode();

             return new IgniteNodeValidationResult(
                 node.id(),
                 String.format(MSG_SEC_PROC_CLS_IS_INVALID, locNode.id(), node.id(), "undefined", rmtCls),
                 String.format(MSG_SEC_PROC_CLS_IS_INVALID, node.id(), locNode.id(), rmtCls, "undefined")
             );
         }

         return null;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.ignite.internal.processors.security;

	import java.util.Collection;
	import java.util.UUID;
	import org.apache.ignite.cluster.ClusterNode;
	import org.apache.ignite.internal.GridKernalContext;
	import org.apache.ignite.internal.processors.GridProcessorAdapter;
	import org.apache.ignite.internal.processors.security.sandbox.IgniteSandbox;
	import org.apache.ignite.internal.processors.security.sandbox.NoOpSandbox;
	import org.apache.ignite.plugin.security.AuthenticationContext;
	import org.apache.ignite.plugin.security.SecurityCredentials;
	import org.apache.ignite.plugin.security.SecurityException;
	import org.apache.ignite.plugin.security.SecurityPermission;
	import org.apache.ignite.plugin.security.SecuritySubject;
	import org.apache.ignite.spi.IgniteNodeValidationResult;
	import org.apache.ignite.spi.discovery.DiscoveryDataBag;
	import org.jetbrains.annotations.Nullable;

	import static org.apache.ignite.internal.processors.security.IgniteSecurityProcessor.ATTR_GRID_SEC_PROC_CLASS;
	import static org.apache.ignite.internal.processors.security.SecurityUtils.MSG_SEC_PROC_CLS_IS_INVALID;

	/**
	* No operation IgniteSecurity.
	*/
	public class NoOpIgniteSecurityProcessor extends GridProcessorAdapter implements IgniteSecurity {
	/** No operation security context. */
	private final OperationSecurityContext opSecCtx = new OperationSecurityContext(this, null);

	/** Instance of IgniteSandbox. */
	private final IgniteSandbox sandbox = new NoOpSandbox();

	/**
	* @param ctx Grid kernal context.
	*/
	public NoOpIgniteSecurityProcessor(GridKernalContext ctx) {
	super(ctx);
	}

	/** {@inheritDoc} */
	@Override public OperationSecurityContext withContext(SecurityContext secCtx) {
	return opSecCtx;
	}

	/** {@inheritDoc} */
	@Override public OperationSecurityContext withContext(UUID nodeId) {
	return opSecCtx;
	}

	/** {@inheritDoc} */
	@Override public SecurityContext securityContext() {
	return null;
	}

	/** {@inheritDoc} */
	@Override public SecurityContext authenticateNode(ClusterNode node, SecurityCredentials cred) {
	return null;
	}

	/** {@inheritDoc} */
	@Override public boolean isGlobalNodeAuthentication() {
	return false;
	}

	/** {@inheritDoc} */
	@Override public SecurityContext authenticate(AuthenticationContext ctx) {
	return null;
	}

	/** {@inheritDoc} */
	@Override public Collection<SecuritySubject> authenticatedSubjects() {
	return null;
	}

	/** {@inheritDoc} */
	@Override public SecuritySubject authenticatedSubject(UUID subjId) {
	return null;
	}

	/** {@inheritDoc} */
	@Override public void onSessionExpired(UUID subjId) {
	// No-op.
	}

	/** {@inheritDoc} */
	@Override public void authorize(String name, SecurityPermission perm) throws SecurityException {
	// No-op.
	}

	/** {@inheritDoc} */
	@Override public IgniteSandbox sandbox() {
	return sandbox;
	}

	/** {@inheritDoc} */
	@Override public boolean enabled() {
	return false;
	}

	/** {@inheritDoc} */
	@Override public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node) {
	return validateSecProcClass(node);
	}

	/** {@inheritDoc} */
	@Override public @Nullable IgniteNodeValidationResult validateNode(ClusterNode node,
	DiscoveryDataBag.JoiningNodeDiscoveryData discoData) {
	return validateSecProcClass(node);
	}

	/**
	* Validates that remote the node's grid security processor class is undefined.
	*
	* @param node Joining node.
	* @return Validation result or {@code null} in case of success.
	*/
	private IgniteNodeValidationResult validateSecProcClass(ClusterNode node) {
	String rmtCls = node.attribute(ATTR_GRID_SEC_PROC_CLASS);

	if (rmtCls != null) {
	ClusterNode locNode = ctx.discovery().localNode();

	return new IgniteNodeValidationResult(
	node.id(),
	String.format(MSG_SEC_PROC_CLS_IS_INVALID, locNode.id(), node.id(), "undefined", rmtCls),
	String.format(MSG_SEC_PROC_CLS_IS_INVALID, node.id(), locNode.id(), rmtCls, "undefined")
	);
	}

	return null;
	}
	}