SGF-559 - Add support for security-client-authenticator and security-peer-authenticator Geode (System) Properties to the @EnableSecurity annotation.
Polish the EnableAuth Annotation and AuthConfiguration class.
This commit is contained in:
@@ -52,13 +52,17 @@ public class AuthConfiguration extends EmbeddedServiceConfigurationSupport {
|
||||
protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator";
|
||||
protected static final String SECURITY_PEER_VERIFY_MEMBER_TIMEOUT = "security-peer-verifymember-timeout";
|
||||
|
||||
/* (non-Javadoc) */
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
@Override
|
||||
protected Class getAnnotationType() {
|
||||
return EnableAuth.class;
|
||||
}
|
||||
|
||||
/* (non-Javadoc) */
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
@Override
|
||||
protected Properties toGemFireProperties(Map<String, Object> annotationAttributes) {
|
||||
PropertiesBuilder gemfireProperties = PropertiesBuilder.create();
|
||||
|
||||
@@ -34,10 +34,11 @@ import org.springframework.context.annotation.Import;
|
||||
* annotated class to configure and enable GemFire/Geode's Authentication and Authorization framework services.
|
||||
*
|
||||
* @author John Blum
|
||||
* @see org.springframework.data.gemfire.config.annotation.AuthConfiguration
|
||||
* @see org.apache.geode.security.AccessControl
|
||||
* @see org.apache.geode.security.AuthInitialize
|
||||
* @see org.apache.geode.security.Authenticator
|
||||
* @see org.springframework.context.annotation.Import
|
||||
* @see org.springframework.data.gemfire.config.annotation.AuthConfiguration
|
||||
* @see <a href="http://gemfire.docs.pivotal.io/docs-gemfire/latest/managing/security/authentication_overview.html">Authentication</a>
|
||||
* @see <a href="http://gemfire.docs.pivotal.io/docs-gemfire/latest/managing/security/authorization_overview.html">Authorization</a>
|
||||
* @since 1.9.0
|
||||
|
||||
@@ -25,6 +25,7 @@ import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import org.apache.geode.security.AuthInitialize;
|
||||
import org.apache.geode.security.Authenticator;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
||||
/**
|
||||
@@ -35,7 +36,12 @@ import org.springframework.context.annotation.Import;
|
||||
* @author John Blum
|
||||
* @see GeodeIntegratedSecurityConfiguration
|
||||
* @see org.apache.geode.security.AuthInitialize
|
||||
* @see org.apache.geode.security.Authenticator
|
||||
* @see org.apache.geode.security.SecurityManager
|
||||
* @see org.apache.geode.security.PostProcessor
|
||||
* @see org.springframework.context.annotation.Import
|
||||
* @see org.springframework.data.gemfire.config.annotation.ApacheShiroSecurityConfiguration
|
||||
* @see org.springframework.data.gemfire.config.annotation.GeodeIntegratedSecurityConfiguration
|
||||
* @since 1.0.0
|
||||
*/
|
||||
@Target(ElementType.TYPE)
|
||||
@@ -43,7 +49,7 @@ import org.springframework.context.annotation.Import;
|
||||
@Inherited
|
||||
@Documented
|
||||
@Import({ ApacheShiroSecurityConfiguration.class, GeodeIntegratedSecurityConfiguration.class })
|
||||
@SuppressWarnings("unused")
|
||||
@SuppressWarnings({ "deprecation", "unused" })
|
||||
public @interface EnableSecurity {
|
||||
|
||||
/**
|
||||
@@ -54,6 +60,14 @@ public @interface EnableSecurity {
|
||||
*/
|
||||
String clientAuthenticationInitializer() default "";
|
||||
|
||||
/**
|
||||
* Used for authentication. Static creation method returning an {@link Authenticator} object,
|
||||
* which is used by a server to verify the credentials of the connecting client.
|
||||
*
|
||||
* Defaults to unset.
|
||||
*/
|
||||
String clientAuthenticator() default "";
|
||||
|
||||
/**
|
||||
* Used with authentication. Static creation method returning an {@link AuthInitialize} object, which obtains
|
||||
* credentials for peers in a distributed system.
|
||||
@@ -62,6 +76,14 @@ public @interface EnableSecurity {
|
||||
*/
|
||||
String peerAuthenticationInitializer() default "";
|
||||
|
||||
/**
|
||||
* Used with authentication. Static creation method returning an {@link Authenticator} object, which is used
|
||||
* by a peer to verify the credentials of the connecting peer.
|
||||
*
|
||||
* Defaults to unset.
|
||||
*/
|
||||
String peerAuthenticator() default "";
|
||||
|
||||
/**
|
||||
* Specifies the application {@link Class} type implementing the Apache Geode
|
||||
* {@link org.apache.geode.security.SecurityManager} interface to enable security in Apache Geode.
|
||||
|
||||
@@ -20,7 +20,6 @@ package org.springframework.data.gemfire.config.annotation;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
import org.springframework.beans.factory.BeanFactoryAware;
|
||||
import org.springframework.data.gemfire.config.annotation.support.EmbeddedServiceConfigurationSupport;
|
||||
import org.springframework.data.gemfire.util.PropertiesBuilder;
|
||||
|
||||
@@ -33,12 +32,13 @@ import org.springframework.data.gemfire.util.PropertiesBuilder;
|
||||
* @since 1.0.0
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport
|
||||
implements BeanFactoryAware {
|
||||
public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport {
|
||||
|
||||
protected static final String SECURITY_CLIENT_AUTH_INIT = "security-client-auth-init";
|
||||
protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init";
|
||||
protected static final String SECURITY_CLIENT_AUTHENTICATOR = "security-client-authenticator";
|
||||
protected static final String SECURITY_MANAGER = "security-manager";
|
||||
protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init";
|
||||
protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator";
|
||||
protected static final String SECURITY_POST_PROCESSOR = "security-post-processor";
|
||||
protected static final String SECURITY_SHIRO_INIT = "security-shiro-init";
|
||||
|
||||
@@ -77,8 +77,7 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu
|
||||
gemfireProperties.setProperty(SECURITY_CLIENT_AUTH_INIT,
|
||||
annotationAttributes.get("clientAuthenticationInitializer"));
|
||||
|
||||
gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT,
|
||||
annotationAttributes.get("peerAuthenticationInitializer"));
|
||||
gemfireProperties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, annotationAttributes.get("clientAuthenticator"));
|
||||
|
||||
if (isShiroSecurityNotConfigured()) {
|
||||
gemfireProperties.setPropertyIfNotDefault(SECURITY_MANAGER,
|
||||
@@ -89,6 +88,11 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu
|
||||
gemfireProperties.setProperty(SECURITY_SHIRO_INIT, annotationAttributes.get("shiroIniResourcePath"));
|
||||
}
|
||||
|
||||
gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT,
|
||||
annotationAttributes.get("peerAuthenticationInitializer"));
|
||||
|
||||
gemfireProperties.setProperty(SECURITY_PEER_AUTHENTICATOR, annotationAttributes.get("peerAuthenticator"));
|
||||
|
||||
gemfireProperties.setPropertyIfNotDefault(SECURITY_POST_PROCESSOR,
|
||||
annotationAttributes.get("securityPostProcessorClass"), Void.class);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user