private void checkPermissions(ClientEndpoint endpoint) {
SecurityContext securityContext = clientEngine.getSecurityContext();
if (securityContext != null) {
Permission permission = getRequiredPermission();
if (permission != null) {
securityContext.checkPermission(endpoint.getSubject(), permission);
}
}
}
public void run() {
final Connection conn = packet.getConn();
final ClientEndpoint endpoint = getEndpoint(conn);
ClientRequest request = null;
try {
final Data data = packet.getData();
request = (ClientRequest) serializationService.toObject(data);
if (endpoint.isAuthenticated() || request instanceof AuthenticationRequest) {
request.setEndpoint(endpoint);
final String serviceName = request.getServiceName();
if (serviceName != null) {
final Object service = nodeEngine.getService(serviceName);
if (service == null) {
if (nodeEngine.isActive()) {
throw new IllegalArgumentException(
"No service registered with name: " + serviceName);
}
throw new HazelcastInstanceNotActiveException();
}
request.setService(service);
}
request.setClientEngine(ClientEngineImpl.this);
final SecurityContext securityContext = getSecurityContext();
if (securityContext != null && request instanceof SecureRequest) {
final Permission permission = ((SecureRequest) request).getRequiredPermission();
if (permission != null) {
securityContext.checkPermission(endpoint.getSubject(), permission);
}
}
request.process();
} else {
Exception exception;
if (nodeEngine.isActive()) {
String message = "Client " + conn + " must authenticate before any operation.";
logger.severe(message);
exception = new AuthenticationException(message);
} else {
exception = new HazelcastInstanceNotActiveException();
}
sendResponse(endpoint, exception);
removeEndpoint(conn);
}
} catch (Throwable e) {
final Level level = nodeEngine.isActive() ? Level.SEVERE : Level.FINEST;
String message =
request != null
? "While executing request: " + request + " -> " + e.getMessage()
: e.getMessage();
logger.log(level, message, e);
sendResponse(endpoint, e);
}
}