private void checkPermissions(ClientEndpoint endpoint) {
SecurityContext securityContext = clientEngine.getSecurityContext();
if (securityContext != null) {
Permission permission = getRequiredPermission();
if (permission != null) {
securityContext.checkPermission(endpoint.getSubject(), permission);
}
}
}
private void interceptAfter(Credentials credentials) {
final SecurityContext securityContext = clientEngine.getSecurityContext();
final String methodName = getMethodName();
if (securityContext != null && methodName != null) {
final String objectType = getDistributedObjectType();
final String objectName = getDistributedObjectName();
securityContext.interceptAfter(credentials, objectType, objectName, methodName);
}
}
public void run() {
final Connection conn = packet.getConn();
final ClientEndpoint endpoint = getEndpoint(conn);
ClientRequest request = null;
try {
final Data data = packet.getData();
request = (ClientRequest) serializationService.toObject(data);
if (endpoint.isAuthenticated() || request instanceof AuthenticationRequest) {
request.setEndpoint(endpoint);
final String serviceName = request.getServiceName();
if (serviceName != null) {
final Object service = nodeEngine.getService(serviceName);
if (service == null) {
if (nodeEngine.isActive()) {
throw new IllegalArgumentException(
"No service registered with name: " + serviceName);
}
throw new HazelcastInstanceNotActiveException();
}
request.setService(service);
}
request.setClientEngine(ClientEngineImpl.this);
final SecurityContext securityContext = getSecurityContext();
if (securityContext != null && request instanceof SecureRequest) {
final Permission permission = ((SecureRequest) request).getRequiredPermission();
if (permission != null) {
securityContext.checkPermission(endpoint.getSubject(), permission);
}
}
request.process();
} else {
Exception exception;
if (nodeEngine.isActive()) {
String message = "Client " + conn + " must authenticate before any operation.";
logger.severe(message);
exception = new AuthenticationException(message);
} else {
exception = new HazelcastInstanceNotActiveException();
}
sendResponse(endpoint, exception);
removeEndpoint(conn);
}
} catch (Throwable e) {
final Level level = nodeEngine.isActive() ? Level.SEVERE : Level.FINEST;
String message =
request != null
? "While executing request: " + request + " -> " + e.getMessage()
: e.getMessage();
logger.log(level, message, e);
sendResponse(endpoint, e);
}
}
private void doShutdown(boolean force) {
long start = Clock.currentTimeMillis();
logger.finest("** we are being asked to shutdown when active = " + String.valueOf(active));
if (!force && isActive()) {
final int maxWaitSeconds = groupProperties.GRACEFUL_SHUTDOWN_MAX_WAIT.getInteger();
if (!partitionService.prepareToSafeShutdown(maxWaitSeconds, TimeUnit.SECONDS)) {
logger.warning(
"Graceful shutdown could not be completed in " + maxWaitSeconds + " seconds!");
}
}
if (isActive()) {
if (!force) {
clusterService.sendShutdownMessage();
}
// set the joined=false first so that
// threads do not process unnecessary
// events, such as remove address
joined.set(false);
setActive(false);
setMasterAddress(null);
try {
Runtime.getRuntime().removeShutdownHook(shutdownHookThread);
} catch (Throwable ignored) {
}
if (managementCenterService != null) {
managementCenterService.shutdown();
}
logger.finest("Shutting down client command service");
clientEngine.shutdown();
logger.finest("Shutting down node engine");
nodeEngine.shutdown();
if (multicastService != null) {
logger.finest("Shutting down multicast service");
multicastService.stop();
}
logger.finest("Shutting down connection manager");
connectionManager.shutdown();
textCommandService.stop();
masterAddress = null;
if (securityContext != null) {
securityContext.destroy();
}
initializer.destroy();
serializationService.destroy();
int numThreads = threadGroup.activeCount();
Thread[] threads = new Thread[numThreads * 2];
numThreads = threadGroup.enumerate(threads, false);
for (int i = 0; i < numThreads; i++) {
Thread thread = threads[i];
if (thread.isAlive()) {
logger.finest("Shutting down thread " + thread.getName());
thread.interrupt();
}
}
failedConnections.clear();
systemLogService.shutdown();
logger.info(
"Hazelcast Shutdown is completed in " + (Clock.currentTimeMillis() - start) + " ms.");
}
}
private boolean authenticate(SecurityContext securityContext) {
Connection connection = endpoint.getConnection();
credentials.setEndpoint(connection.getInetAddress().getHostAddress());
try {
LoginContext lc = securityContext.createClientLoginContext(credentials);
lc.login();
endpoint.setLoginContext(lc);
return true;
} catch (LoginException e) {
logger.warning(e);
return false;
}
}
public JoinRequest createJoinRequest(boolean withCredentials) {
final Credentials credentials =
(withCredentials && securityContext != null)
? securityContext.getCredentialsFactory().newCredentials()
: null;
return new JoinRequest(
Packet.VERSION,
buildInfo.getBuildNumber(),
address,
localMember.getUuid(),
createConfigCheck(),
credentials,
config.getMemberAttributeConfig().getAttributes());
}
public JoinRequest createJoinRequest(boolean withCredentials) {
final Credentials credentials =
(withCredentials && securityContext != null)
? securityContext.getCredentialsFactory().newCredentials()
: null;
return new JoinRequest(
Packet.VERSION,
buildNumber,
address,
localMember.getUuid(),
createConfigCheck(),
credentials,
clusterService.getSize(),
0);
}
public void shutdown(final boolean terminate) {
long start = Clock.currentTimeMillis();
if (logger.isFinestEnabled()) {
logger.finest("We are being asked to shutdown when state = " + state);
}
if (!STATE.compareAndSet(this, NodeState.ACTIVE, NodeState.SHUTTING_DOWN)) {
waitIfAlreadyShuttingDown();
return;
}
if (!terminate) {
final int maxWaitSeconds =
groupProperties.getSeconds(GroupProperty.GRACEFUL_SHUTDOWN_MAX_WAIT);
if (!partitionService.prepareToSafeShutdown(maxWaitSeconds, TimeUnit.SECONDS)) {
logger.warning(
"Graceful shutdown could not be completed in " + maxWaitSeconds + " seconds!");
}
clusterService.sendShutdownMessage();
} else {
logger.warning("Terminating forcefully...");
}
// set the joined=false first so that
// threads do not process unnecessary
// events, such as remove address
joined.set(false);
setMasterAddress(null);
try {
if (groupProperties.getBoolean(GroupProperty.SHUTDOWNHOOK_ENABLED)) {
Runtime.getRuntime().removeShutdownHook(shutdownHookThread);
}
discoveryService.destroy();
logger.info("Shutting down connection manager...");
connectionManager.shutdown();
} catch (Throwable ignored) {
}
versionCheck.shutdown();
if (managementCenterService != null) {
managementCenterService.shutdown();
}
textCommandService.stop();
if (multicastService != null) {
logger.info("Shutting down multicast service...");
multicastService.stop();
}
logger.info("Shutting down connection manager...");
connectionManager.shutdown();
logger.info("Shutting down node engine...");
nodeEngine.shutdown(terminate);
if (securityContext != null) {
securityContext.destroy();
}
nodeExtension.destroy();
logger.finest("Destroying serialization service...");
serializationService.destroy();
hazelcastThreadGroup.destroy();
logger.info(
"Hazelcast Shutdown is completed in " + (Clock.currentTimeMillis() - start) + " ms.");
state = NodeState.SHUT_DOWN;
}
