private void checkPermissions(ClientEndpoint endpoint) {
   SecurityContext securityContext = clientEngine.getSecurityContext();
   if (securityContext != null) {
     Permission permission = getRequiredPermission();
     if (permission != null) {
       securityContext.checkPermission(endpoint.getSubject(), permission);
     }
   }
 }
 private void interceptAfter(Credentials credentials) {
   final SecurityContext securityContext = clientEngine.getSecurityContext();
   final String methodName = getMethodName();
   if (securityContext != null && methodName != null) {
     final String objectType = getDistributedObjectType();
     final String objectName = getDistributedObjectName();
     securityContext.interceptAfter(credentials, objectType, objectName, methodName);
   }
 }
Пример #3
0
    public void run() {
      final Connection conn = packet.getConn();
      final ClientEndpoint endpoint = getEndpoint(conn);
      ClientRequest request = null;
      try {
        final Data data = packet.getData();
        request = (ClientRequest) serializationService.toObject(data);
        if (endpoint.isAuthenticated() || request instanceof AuthenticationRequest) {
          request.setEndpoint(endpoint);
          final String serviceName = request.getServiceName();
          if (serviceName != null) {
            final Object service = nodeEngine.getService(serviceName);
            if (service == null) {
              if (nodeEngine.isActive()) {
                throw new IllegalArgumentException(
                    "No service registered with name: " + serviceName);
              }
              throw new HazelcastInstanceNotActiveException();
            }
            request.setService(service);
          }
          request.setClientEngine(ClientEngineImpl.this);
          final SecurityContext securityContext = getSecurityContext();
          if (securityContext != null && request instanceof SecureRequest) {
            final Permission permission = ((SecureRequest) request).getRequiredPermission();
            if (permission != null) {
              securityContext.checkPermission(endpoint.getSubject(), permission);
            }
          }
          request.process();
        } else {
          Exception exception;
          if (nodeEngine.isActive()) {
            String message = "Client " + conn + " must authenticate before any operation.";
            logger.severe(message);
            exception = new AuthenticationException(message);
          } else {
            exception = new HazelcastInstanceNotActiveException();
          }
          sendResponse(endpoint, exception);

          removeEndpoint(conn);
        }
      } catch (Throwable e) {
        final Level level = nodeEngine.isActive() ? Level.SEVERE : Level.FINEST;
        String message =
            request != null
                ? "While executing request: " + request + " -> " + e.getMessage()
                : e.getMessage();
        logger.log(level, message, e);
        sendResponse(endpoint, e);
      }
    }
Пример #4
0
 private void doShutdown(boolean force) {
   long start = Clock.currentTimeMillis();
   logger.finest("** we are being asked to shutdown when active = " + String.valueOf(active));
   if (!force && isActive()) {
     final int maxWaitSeconds = groupProperties.GRACEFUL_SHUTDOWN_MAX_WAIT.getInteger();
     if (!partitionService.prepareToSafeShutdown(maxWaitSeconds, TimeUnit.SECONDS)) {
       logger.warning(
           "Graceful shutdown could not be completed in " + maxWaitSeconds + " seconds!");
     }
   }
   if (isActive()) {
     if (!force) {
       clusterService.sendShutdownMessage();
     }
     // set the joined=false first so that
     // threads do not process unnecessary
     // events, such as remove address
     joined.set(false);
     setActive(false);
     setMasterAddress(null);
     try {
       Runtime.getRuntime().removeShutdownHook(shutdownHookThread);
     } catch (Throwable ignored) {
     }
     if (managementCenterService != null) {
       managementCenterService.shutdown();
     }
     logger.finest("Shutting down client command service");
     clientEngine.shutdown();
     logger.finest("Shutting down node engine");
     nodeEngine.shutdown();
     if (multicastService != null) {
       logger.finest("Shutting down multicast service");
       multicastService.stop();
     }
     logger.finest("Shutting down connection manager");
     connectionManager.shutdown();
     textCommandService.stop();
     masterAddress = null;
     if (securityContext != null) {
       securityContext.destroy();
     }
     initializer.destroy();
     serializationService.destroy();
     int numThreads = threadGroup.activeCount();
     Thread[] threads = new Thread[numThreads * 2];
     numThreads = threadGroup.enumerate(threads, false);
     for (int i = 0; i < numThreads; i++) {
       Thread thread = threads[i];
       if (thread.isAlive()) {
         logger.finest("Shutting down thread " + thread.getName());
         thread.interrupt();
       }
     }
     failedConnections.clear();
     systemLogService.shutdown();
     logger.info(
         "Hazelcast Shutdown is completed in " + (Clock.currentTimeMillis() - start) + " ms.");
   }
 }
 private boolean authenticate(SecurityContext securityContext) {
   Connection connection = endpoint.getConnection();
   credentials.setEndpoint(connection.getInetAddress().getHostAddress());
   try {
     LoginContext lc = securityContext.createClientLoginContext(credentials);
     lc.login();
     endpoint.setLoginContext(lc);
     return true;
   } catch (LoginException e) {
     logger.warning(e);
     return false;
   }
 }
Пример #6
0
  public JoinRequest createJoinRequest(boolean withCredentials) {
    final Credentials credentials =
        (withCredentials && securityContext != null)
            ? securityContext.getCredentialsFactory().newCredentials()
            : null;

    return new JoinRequest(
        Packet.VERSION,
        buildInfo.getBuildNumber(),
        address,
        localMember.getUuid(),
        createConfigCheck(),
        credentials,
        config.getMemberAttributeConfig().getAttributes());
  }
Пример #7
0
  public JoinRequest createJoinRequest(boolean withCredentials) {
    final Credentials credentials =
        (withCredentials && securityContext != null)
            ? securityContext.getCredentialsFactory().newCredentials()
            : null;

    return new JoinRequest(
        Packet.VERSION,
        buildNumber,
        address,
        localMember.getUuid(),
        createConfigCheck(),
        credentials,
        clusterService.getSize(),
        0);
  }
Пример #8
0
  public void shutdown(final boolean terminate) {
    long start = Clock.currentTimeMillis();
    if (logger.isFinestEnabled()) {
      logger.finest("We are being asked to shutdown when state = " + state);
    }

    if (!STATE.compareAndSet(this, NodeState.ACTIVE, NodeState.SHUTTING_DOWN)) {
      waitIfAlreadyShuttingDown();
      return;
    }

    if (!terminate) {
      final int maxWaitSeconds =
          groupProperties.getSeconds(GroupProperty.GRACEFUL_SHUTDOWN_MAX_WAIT);
      if (!partitionService.prepareToSafeShutdown(maxWaitSeconds, TimeUnit.SECONDS)) {
        logger.warning(
            "Graceful shutdown could not be completed in " + maxWaitSeconds + " seconds!");
      }
      clusterService.sendShutdownMessage();
    } else {
      logger.warning("Terminating forcefully...");
    }

    // set the joined=false first so that
    // threads do not process unnecessary
    // events, such as remove address
    joined.set(false);
    setMasterAddress(null);
    try {
      if (groupProperties.getBoolean(GroupProperty.SHUTDOWNHOOK_ENABLED)) {
        Runtime.getRuntime().removeShutdownHook(shutdownHookThread);
      }
      discoveryService.destroy();
      logger.info("Shutting down connection manager...");
      connectionManager.shutdown();
    } catch (Throwable ignored) {
    }
    versionCheck.shutdown();
    if (managementCenterService != null) {
      managementCenterService.shutdown();
    }

    textCommandService.stop();
    if (multicastService != null) {
      logger.info("Shutting down multicast service...");
      multicastService.stop();
    }
    logger.info("Shutting down connection manager...");
    connectionManager.shutdown();

    logger.info("Shutting down node engine...");
    nodeEngine.shutdown(terminate);

    if (securityContext != null) {
      securityContext.destroy();
    }
    nodeExtension.destroy();
    logger.finest("Destroying serialization service...");
    serializationService.destroy();

    hazelcastThreadGroup.destroy();
    logger.info(
        "Hazelcast Shutdown is completed in " + (Clock.currentTimeMillis() - start) + " ms.");
    state = NodeState.SHUT_DOWN;
  }