private boolean authenticate() { ClientEngineImpl clientEngine = getService(ClientEngineImpl.SERVICE_NAME); Connection connection = endpoint.getConnection(); ILogger logger = clientEngine.getLogger(getClass()); boolean authenticated; if (credentials == null) { authenticated = false; logger.severe("Could not retrieve Credentials object!"); } else if (clientEngine.getSecurityContext() != null) { authenticated = authenticate(clientEngine.getSecurityContext()); } else if (credentials instanceof UsernamePasswordCredentials) { UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials; authenticated = authenticate(usernamePasswordCredentials); } else { authenticated = false; logger.severe( "Hazelcast security is disabled.\nUsernamePasswordCredentials or cluster " + "group-name and group-password should be used for authentication!\n" + "Current credentials type is: " + credentials.getClass().getName()); } logger.log( (authenticated ? Level.INFO : Level.WARNING), "Received auth from " + connection + ", " + (authenticated ? "successfully authenticated" : "authentication failed")); return authenticated; }
private void checkPermissions(ClientEndpoint endpoint) { SecurityContext securityContext = clientEngine.getSecurityContext(); if (securityContext != null) { Permission permission = getRequiredPermission(); if (permission != null) { securityContext.checkPermission(endpoint.getSubject(), permission); } } }
private void interceptAfter(Credentials credentials) { final SecurityContext securityContext = clientEngine.getSecurityContext(); final String methodName = getMethodName(); if (securityContext != null && methodName != null) { final String objectType = getDistributedObjectType(); final String objectName = getDistributedObjectName(); securityContext.interceptAfter(credentials, objectType, objectName, methodName); } }