authentication.addUser(req0.user(), req0.password()); break; authentication.removeUser(req0.user()); break; authentication.updateUser(req0.user(), req0.password()); break;
/** * @param createNode Node to execute create operation. * @param authNode Node to execute authentication. * @throws Exception On error. */ private void checkAddUpdateRemoveUser(IgniteEx createNode, IgniteEx authNode) throws Exception { createNode.context().authentication().addUser("test", "test"); AuthorizationContext newActx = authNode.context().authentication().authenticate("test", "test"); assertNotNull(newActx); assertEquals("test", newActx.userName()); createNode.context().authentication().updateUser("test", "newpasswd"); newActx = authNode.context().authentication().authenticate("test", "newpasswd"); assertNotNull(newActx); assertEquals("test", newActx.userName()); createNode.context().authentication().removeUser("test"); }
if (coordinator() == null) return; if (F.eq(coordinator().id(), ctx.localNodeId())) { if (!isEnabled) return; addDefaultUser(); Boolean rmtEnabled = coordinator().attribute(IgniteNodeAttributes.ATTR_AUTHENTICATION_ENABLED); stop(false); submitOperation(op);
/** * @param op The operation with users. * @throws IgniteCheckedException On error. */ private void processOperationLocal(UserManagementOperation op) throws IgniteCheckedException { assert op != null && op.user() != null : "Invalid operation: " + op; switch (op.type()) { case ADD: addUserLocal(op); break; case REMOVE: removeUserLocal(op); break; case UPDATE: updateUserLocal(op); break; } }
@Override public void run() { AuthorizationContext.context(actxDflt); String user = "test" + usrCnt.getAndIncrement(); try { for (int i = 0; i < ITERATIONS; ++i) { grid(CLI_NODE).context().authentication().addUser(user, "passwd_" + user); grid(CLI_NODE).context().authentication().removeUser(user); } } catch (Exception e) { e.printStackTrace(); fail("Unexpected exception"); } } }, 10, "user-op");
grid(0).context().authentication().addUser(user, "init"); grid(0).context().authentication().updateUser(user, "passwd_" + user); startGrid(0); AuthorizationContext actx = grid(0).context().authentication().authenticate("ignite", "ignite");
/** * @throws Exception If failed. */ @Test public void testUpdateUser() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test", "test"); AuthorizationContext actx = grid(0).context().authentication().authenticate("test", "test"); for (int i = 0; i < NODES_COUNT; ++i) { for (int j = 0; j < NODES_COUNT; ++j) checkUpdateUser(actx, grid(i), grid(j)); } } finally { AuthorizationContext.context(null); } }
@Override public Object call() throws Exception { grid(0).context().authentication().authenticate("test", "test"); return null; } }, IgniteException.class,
@Override public Object call() throws Exception { grid(0).context().authentication().addUser("test", "test"); return null; } }, IgniteException.class,
/** * Perform authentication. * * @return Auth context. * @throws IgniteCheckedException If failed. */ protected AuthorizationContext authenticate(String user, String pwd) throws IgniteCheckedException { if (ctx.security().enabled()) authCtx = authenticateExternal(user, pwd).authorizationContext(); else if (ctx.authentication().enabled()) { if (F.isEmpty(user)) throw new IgniteAccessControlException("Unauthenticated sessions are prohibited."); authCtx = ctx.authentication().authenticate(user, pwd); if (authCtx == null) throw new IgniteAccessControlException("Unknown authentication error."); } else authCtx = null; return authCtx; }
/** * @param actx Authorization context. * @param updNode Node to execute update operation. * @param authNode Node to execute authentication. * @throws Exception On error. */ private void checkUpdateUser(AuthorizationContext actx, IgniteEx updNode, IgniteEx authNode) throws Exception { String newPasswd = randomString(16); updNode.context().authentication().updateUser("test", newPasswd); AuthorizationContext actxNew = authNode.context().authentication().authenticate("test", newPasswd); assertNotNull(actxNew); assertEquals("test", actxNew.userName()); } }
@Override public Object call() throws Exception { grid(nodeIdx).context().authentication().removeUser("test"); return null; } }, IgniteAccessControlException.class, "User management operations are not allowed for user");
@Override public Object call() throws Exception { grid(0).context().authentication().updateUser("test", "test"); return null; } }, IgniteException.class,
checkEnabled(); return new AuthorizationContext(authenticateOnServer(login, passwd));
/** * @param nodeId Node ID. * @param msg Message. */ private void onAuthenticateRequestMessage(UUID nodeId, UserAuthenticateRequestMessage msg) { UserAuthenticateResponseMessage respMsg; try { User u = authenticateOnServer(msg.name(), msg.password()); respMsg = new UserAuthenticateResponseMessage(msg.id(), null); } catch (IgniteCheckedException e) { respMsg = new UserAuthenticateResponseMessage(msg.id(), e.toString()); e.printStackTrace(); } try { ctx.io().sendToGridTopic(nodeId, GridTopic.TOPIC_AUTH, respMsg, GridIoPolicy.SYSTEM_POOL); } catch (IgniteCheckedException e) { U.error(log, "Unexpected exception on send UserAuthenticateResponseMessage.", e); } }
AuthorizationContext actxDflt = authenticationProcessor.authenticate(User.DFAULT_USER_NAME, "ignite"); authenticationProcessor.addUser("test" + i, "init"); authenticationProcessor.updateUser("test" + i, "passwd_" + i); authenticationProcessor.authenticate("ignite", "ignite");
/** * @throws Exception If failed. */ @Test public void testProceedUsersOnJoinNode() throws Exception { AuthorizationContext.context(actxDflt); try { grid(0).context().authentication().addUser("test0", "test"); grid(0).context().authentication().addUser("test1", "test"); int nodeIdx = NODES_COUNT; startGrid(nodeIdx); AuthorizationContext actx0 = grid(nodeIdx).context().authentication().authenticate("test0", "test"); AuthorizationContext actx1 = grid(nodeIdx).context().authentication().authenticate("test1", "test"); assertNotNull(actx0); assertEquals("test0", actx0.userName()); assertNotNull(actx1); assertEquals("test1", actx1.userName()); } finally { AuthorizationContext.context(null); } }
@Override public Object call() throws Exception { grid(0).context().authentication().authenticate("user1", "password1"); return null; } }, IgniteAccessControlException.class, "The user name or password is incorrect");
@Override public Object call() throws Exception { grid(nodeIdx).context().authentication().addUser("test", "new_passwd"); return null; } }, UserManagementException.class, "User already exists");
log.debug("Received request from client: " + req); boolean authenticationEnabled = ctx.authentication().enabled(); boolean securityEnabled = ctx.security().enabled(); throw new IgniteAuthenticationException("The user name or password is incorrect"); ses.authCtx = ctx.authentication().authenticate(login, pwd);