org.apache.geode.security.Authenticator Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of geode-core Show documentation
Show all versions of geode-core Show documentation
Apache Geode provides a database-like consistency model, reliable transaction processing and a shared-nothing architecture to maintain very low latency performance with high concurrency processing
/*
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package org.apache.geode.security;
import java.security.Principal;
import java.util.Properties;
import org.apache.geode.LogWriter;
import org.apache.geode.cache.CacheCallback;
import org.apache.geode.distributed.DistributedMember;
import org.apache.geode.distributed.DistributedSystem;
/**
* Specifies the mechanism to verify credentials for a client or peer. Implementations should
* register name of the static creation function as the security-peer-authenticator
* system property with all the locators in the distributed system for peer authentication, and as
* security-client-authenticator for client authentication. For P2P an object is
* initialized on the group coordinator for each member during the
* {@link DistributedSystem#connect(Properties)} call of a new member. For client-server, an object
* of this class is created for each connection during the client-server handshake.
*
* The static creation function should have the following signature:
* public static Authenticator [method-name](); i.e. it should be a zero argument
* function.
*
* @since GemFire 5.5
*
* @deprecated since Geode 1.0, use {@link SecurityManager} instead
*/
public interface Authenticator extends CacheCallback {
/**
* Initialize the callback for a client/peer. This is invoked when a new connection from a
* client/peer is created with the host.
*
* @param securityProps the security properties obtained using a call to
* {@link DistributedSystem#getSecurityProperties}
* @param systemLogger {@link LogWriter} for system logs
* @param securityLogger {@link LogWriter} for security logs
*
* @throws AuthenticationFailedException if some exception occurs during the initialization
*/
void init(Properties securityProps, LogWriter systemLogger, LogWriter securityLogger)
throws AuthenticationFailedException;
@Override
default void init(Properties securityProps) throws AuthenticationFailedException {
init(securityProps, null, null);
}
/**
* Verify the credentials provided in the properties for the client/peer as specified in member ID
* and returns the principal associated with the client/peer.
*
* @param props the credentials of the client/peer as a set of property key/values
* @param member the {@link DistributedMember} object of the connecting client/peer member. NULL
* when invoked locally on the member initiating the authentication request.
*
* @return the principal for the client/peer when authentication succeeded
*
* @throws AuthenticationFailedException If the authentication of the client/peer fails.
*/
Principal authenticate(Properties props, DistributedMember member)
throws AuthenticationFailedException;
default Principal authenticate(Properties props) throws AuthenticationFailedException {
return authenticate(props, null);
}
}