/** * @param login User name. * @throws IgniteCheckedException On error. */ public void removeUser(String login) throws IgniteCheckedException { UserManagementOperation op = new UserManagementOperation(User.create(login), UserManagementOperation.OperationType.REMOVE); execUserOperation(op).get(); }
/** * Create new user. * * @return Created user. */ public static User defaultUser() { return create(DFAULT_USER_NAME, DFLT_USER_PASSWORD); }
/** * @param createNode Node to execute create operation. * @param authNode Node to execute authentication. * @throws Exception On error. */ private void checkAddUpdateRemoveUser(IgniteEx createNode, IgniteEx authNode) throws Exception { createNode.context().authentication().addUser("test", "test"); AuthorizationContext newActx = authNode.context().authentication().authenticate("test", "test"); assertNotNull(newActx); assertEquals("test", newActx.userName()); createNode.context().authentication().updateUser("test", "newpasswd"); newActx = authNode.context().authentication().authenticate("test", "newpasswd"); assertNotNull(newActx); assertEquals("test", newActx.userName()); createNode.context().authentication().removeUser("test"); }
/** * @param actx Authorization context. * @param updNode Node to execute update operation. * @param authNode Node to execute authentication. * @throws Exception On error. */ private void checkUpdateUser(AuthorizationContext actx, IgniteEx updNode, IgniteEx authNode) throws Exception { String newPasswd = randomString(16); updNode.context().authentication().updateUser("test", newPasswd); AuthorizationContext actxNew = authNode.context().authentication().authenticate("test", newPasswd); assertNotNull(actxNew); assertEquals("test", actxNew.userName()); } }
/** * @param client Is joining node client. * @throws Exception If failed. */ private void checkNodeJoinDisabled(boolean client) throws Exception { startGrid(configuration(0, true, false)); startGrid(configuration(1, false, client)); grid(0).cluster().active(true); AuthorizationContext actx = grid(1).context().authentication().authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); }
/** * @throws Exception If failed. */ @Test public void testDefaultUser() throws Exception { startGrids(NODES_COUNT); for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); } }
/** * @throws Exception If failed. */ @Test public void testDefaultUser() throws Exception { for (int i = 0; i < NODES_COUNT; ++i) { AuthorizationContext actx = grid(i).context().authentication().authenticate("ignite", "ignite"); assertNotNull(actx); assertEquals("ignite", actx.userName()); } }
/** * @throws Exception If failed. */ @Test public void testAddUpdateRemoveUser() throws Exception { AuthorizationContext.context(actxDflt); try { for (int i = 0; i < NODES_COUNT; ++i) { for (int j = 0; j < NODES_COUNT; ++j) checkAddUpdateRemoveUser(grid(i), grid(j)); } } finally { AuthorizationContext.context(null); } }
/** * @param op The operation with users. * @throws IgniteCheckedException On error. */ private void processOperationLocal(UserManagementOperation op) throws IgniteCheckedException { assert op != null && op.user() != null : "Invalid operation: " + op; switch (op.type()) { case ADD: addUserLocal(op); break; case REMOVE: removeUserLocal(op); break; case UPDATE: updateUserLocal(op); break; } }
/** * @param op User operation to check. * @throws IgniteAccessControlException If operation check fails: user hasn't permissions for user management * or try to remove default user. */ public void checkUserOperation(UserManagementOperation op) throws IgniteAccessControlException { assert op != null; if (user == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); if (!User.DFAULT_USER_NAME.equals(user.name()) && !(UserManagementOperation.OperationType.UPDATE == op.type() && user.name().equals(op.user().name()))) throw new IgniteAccessControlException("User management operations are not allowed for user. " + "[curUser=" + user.name() + ']'); if (op.type() == UserManagementOperation.OperationType.REMOVE && User.DFAULT_USER_NAME.equals(op.user().name())) throw new IgniteAccessControlException("Default user cannot be removed."); }
/** * @param msg Message. */ private void onAuthenticateResponseMessage(UserAuthenticateResponseMessage msg) { GridFutureAdapter<Void> fut = authFuts.get(msg.id()); fut.onDone(null, !msg.success() ? new IgniteAccessControlException(msg.errorMessage()) : null); authFuts.remove(msg.id()); }
/** {@inheritDoc} */ @Override protected void afterTest() throws Exception { AuthorizationContext.clear(); stopAllGrids(); super.afterTest(); }
/** {@inheritDoc} */ @Override public void onDisconnected(IgniteFuture reconnectFut) { if (!isEnabled) return; synchronized (mux) { assert !disconnected; disconnected = true; cancelFutures("Client node was disconnected from topology (operation result is unknown)."); } }
/** * @return Authorized user. */ public String userName() { return user.name(); }
/** * Create empty user by login name. * @param name User name. * @return User. */ public static User create(String name) { return new User(name, null); }
/** * @param nodeId Node ID. */ synchronized void onSuccessOnNode(UUID nodeId) { assert receivedFinish != null : "Process operation state on client"; receivedFinish.add(nodeId); checkOperationFinished(); }
/** * @param login User name. * @param passwd User password. * @throws IgniteCheckedException On error. */ public void updateUser(String login, String passwd) throws IgniteCheckedException { UserManagementOperation op = new UserManagementOperation(User.create(login, passwd), UserManagementOperation.OperationType.UPDATE); execUserOperation(op).get(); }
/** {@inheritDoc} */ @Override public void onKernalStop(boolean cancel) { if (!isEnabled) return; synchronized (mux) { cancelFutures("Kernal stopped."); } }
/** * Adds new user. * * @param login User's login. * @param passwd Plain text password. * @throws IgniteCheckedException On error. */ public void addUser(String login, String passwd) throws IgniteCheckedException { validate(login, passwd); UserManagementOperation op = new UserManagementOperation(User.create(login, passwd), UserManagementOperation.OperationType.ADD); execUserOperation(op).get(); }