private Message handleSecurityMessage(CommandMessage message) { GraniteConfig config = GraniteContext.getCurrentInstance().getGraniteConfig(); Message response = null; if (!config.hasSecurityService()) log.warn( "Ignored security operation (no security settings in granite-config.xml): %s", message); else if (!config.getSecurityService().acceptsContext()) log.info( "Ignored security operation (security service does not handle this kind of granite context)", message); else { SecurityService securityService = config.getSecurityService(); try { if (message.isLoginOperation()) securityService.login( message.getBody(), (String) message.getHeader(Message.CREDENTIALS_CHARSET_HEADER)); else securityService.logout(); } catch (Exception e) { if (e instanceof SecurityServiceException) log.debug(e, "Could not process security operation: %s", message); else log.error(e, "Could not process security operation: %s", message); response = new ErrorMessage(message, e, true); } } if (response == null) { response = new AcknowledgeMessage(message, true); // For SDK 2.0.1_Hotfix2. if (message.isSecurityOperation()) response.setBody("success"); } return response; }
private Message handlePublishMessage( final ChannelFactory<?> channelFactory, final AsyncMessage message, final Channel channel) { GraniteContext context = GraniteContext.getCurrentInstance(); // Get and check destination. Destination destination = context .getServicesConfig() .findDestinationById(message.getClass().getName(), message.getDestination()); if (destination == null) return getInvalidDestinationError(message); if (message.getMessageId() == null) message.setMessageId(UUIDUtil.randomUUID()); message.setTimestamp(System.currentTimeMillis()); if (channel != null) message.setClientId(channel.getId()); GravityInvocationContext invocationContext = new GravityInvocationContext(message, destination) { @Override public Object invoke() throws Exception { // Publish... Channel fromChannel = channel; if (fromChannel == null) fromChannel = getChannel(channelFactory, (String) message.getClientId()); if (fromChannel == null) return handleUnknownClientMessage(message); ServiceAdapter adapter = adapterFactory.getServiceAdapter(message); AsyncMessage reply = (AsyncMessage) adapter.invoke(fromChannel, message); reply.setDestination(message.getDestination()); reply.setClientId(fromChannel.getId()); return reply; } }; // Check security 1 (destination). if (destination.getSecurizer() instanceof GravityDestinationSecurizer) { try { ((GravityDestinationSecurizer) destination.getSecurizer()).canPublish(invocationContext); } catch (Exception e) { return new ErrorMessage(message, e, true); } } // Check security 2 (security service). GraniteConfig config = context.getGraniteConfig(); try { if (config.hasSecurityService() && config.getSecurityService().acceptsContext()) return (Message) config.getSecurityService().authorize(invocationContext); return (Message) invocationContext.invoke(); } catch (Exception e) { return new ErrorMessage(message, e, true); } }
private Message handleSubscribeMessage( final ChannelFactory<?> channelFactory, final CommandMessage message, final boolean saveMessageInSession) { final GraniteContext context = GraniteContext.getCurrentInstance(); // Get and check destination. final Destination destination = context .getServicesConfig() .findDestinationById(message.getMessageRefType(), message.getDestination()); if (destination == null) return getInvalidDestinationError(message); GravityInvocationContext invocationContext = new GravityInvocationContext(message, destination) { @Override public Object invoke() throws Exception { // Subscribe... Channel channel = getChannel(channelFactory, (String) message.getClientId()); if (channel == null) return handleUnknownClientMessage(message); String subscriptionId = (String) message.getHeader(AsyncMessage.DESTINATION_CLIENT_ID_HEADER); if (subscriptionId == null) { subscriptionId = UUIDUtil.randomUUID(); message.setHeader(AsyncMessage.DESTINATION_CLIENT_ID_HEADER, subscriptionId); } DistributedData gdd = graniteConfig.getDistributedDataFactory().getInstance(); if (gdd != null) { if (!gdd.hasChannelId(channel.getId())) { gdd.addChannelId( channel.getId(), channel.getFactory().getClass().getName(), context.getClientType()); log.debug("Stored channel %s in distributed data", channel.getId()); } if (Boolean.TRUE .toString() .equals(destination.getProperties().get("session-selector"))) { String selector = gdd.getDestinationSelector(destination.getId()); log.debug("Session selector found: %s", selector); if (selector != null) message.setHeader(CommandMessage.SELECTOR_HEADER, selector); } } ServiceAdapter adapter = adapterFactory.getServiceAdapter(message); AsyncMessage reply = (AsyncMessage) adapter.manage(channel, message); postManage(channel); if (saveMessageInSession && !(reply instanceof ErrorMessage)) { // Save subscription message in distributed data (clustering). try { if (gdd != null) { log.debug( "Saving new subscription message for channel: %s - %s", channel.getId(), message); gdd.addSubcription(channel.getId(), message); } } catch (Exception e) { log.error( e, "Could not add subscription in distributed data: %s - %s", channel.getId(), subscriptionId); } } reply.setDestination(message.getDestination()); reply.setClientId(channel.getId()); reply.getHeaders().putAll(message.getHeaders()); if (gdd != null && message.getDestination() != null) { gdd.setDestinationClientId(message.getDestination(), channel.getId()); gdd.setDestinationSubscriptionId(message.getDestination(), subscriptionId); } return reply; } }; // Check security 1 (destination). if (destination.getSecurizer() instanceof GravityDestinationSecurizer) { try { ((GravityDestinationSecurizer) destination.getSecurizer()).canSubscribe(invocationContext); } catch (Exception e) { return new ErrorMessage(message, e); } } // Check security 2 (security service). GraniteConfig config = context.getGraniteConfig(); try { if (config.hasSecurityService() && config.getSecurityService().acceptsContext()) return (Message) config.getSecurityService().authorize(invocationContext); return (Message) invocationContext.invoke(); } catch (Exception e) { return new ErrorMessage(message, e, true); } }