SGF-559 - Add support for security-client-authenticator and security-peer-authenticator Geode (System) Properties to the @EnableSecurity annotation.

Polish the EnableAuth Annotation and AuthConfiguration class.
This commit is contained in:
John Blum
2016-11-01 12:30:33 -07:00
parent 0796268452
commit 54f3c297b9
4 changed files with 41 additions and 10 deletions

View File

@@ -52,13 +52,17 @@ public class AuthConfiguration extends EmbeddedServiceConfigurationSupport {
protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator";
protected static final String SECURITY_PEER_VERIFY_MEMBER_TIMEOUT = "security-peer-verifymember-timeout";
/* (non-Javadoc) */
/**
* @inheritDoc
*/
@Override
protected Class getAnnotationType() {
return EnableAuth.class;
}
/* (non-Javadoc) */
/**
* @inheritDoc
*/
@Override
protected Properties toGemFireProperties(Map<String, Object> annotationAttributes) {
PropertiesBuilder gemfireProperties = PropertiesBuilder.create();

View File

@@ -34,10 +34,11 @@ import org.springframework.context.annotation.Import;
* annotated class to configure and enable GemFire/Geode's Authentication and Authorization framework services.
*
* @author John Blum
* @see org.springframework.data.gemfire.config.annotation.AuthConfiguration
* @see org.apache.geode.security.AccessControl
* @see org.apache.geode.security.AuthInitialize
* @see org.apache.geode.security.Authenticator
* @see org.springframework.context.annotation.Import
* @see org.springframework.data.gemfire.config.annotation.AuthConfiguration
* @see <a href="http://gemfire.docs.pivotal.io/docs-gemfire/latest/managing/security/authentication_overview.html">Authentication</a>
* @see <a href="http://gemfire.docs.pivotal.io/docs-gemfire/latest/managing/security/authorization_overview.html">Authorization</a>
* @since 1.9.0

View File

@@ -25,6 +25,7 @@ import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import org.apache.geode.security.AuthInitialize;
import org.apache.geode.security.Authenticator;
import org.springframework.context.annotation.Import;
/**
@@ -35,7 +36,12 @@ import org.springframework.context.annotation.Import;
* @author John Blum
* @see GeodeIntegratedSecurityConfiguration
* @see org.apache.geode.security.AuthInitialize
* @see org.apache.geode.security.Authenticator
* @see org.apache.geode.security.SecurityManager
* @see org.apache.geode.security.PostProcessor
* @see org.springframework.context.annotation.Import
* @see org.springframework.data.gemfire.config.annotation.ApacheShiroSecurityConfiguration
* @see org.springframework.data.gemfire.config.annotation.GeodeIntegratedSecurityConfiguration
* @since 1.0.0
*/
@Target(ElementType.TYPE)
@@ -43,7 +49,7 @@ import org.springframework.context.annotation.Import;
@Inherited
@Documented
@Import({ ApacheShiroSecurityConfiguration.class, GeodeIntegratedSecurityConfiguration.class })
@SuppressWarnings("unused")
@SuppressWarnings({ "deprecation", "unused" })
public @interface EnableSecurity {
/**
@@ -54,6 +60,14 @@ public @interface EnableSecurity {
*/
String clientAuthenticationInitializer() default "";
/**
* Used for authentication. Static creation method returning an {@link Authenticator} object,
* which is used by a server to verify the credentials of the connecting client.
*
* Defaults to unset.
*/
String clientAuthenticator() default "";
/**
* Used with authentication. Static creation method returning an {@link AuthInitialize} object, which obtains
* credentials for peers in a distributed system.
@@ -62,6 +76,14 @@ public @interface EnableSecurity {
*/
String peerAuthenticationInitializer() default "";
/**
* Used with authentication. Static creation method returning an {@link Authenticator} object, which is used
* by a peer to verify the credentials of the connecting peer.
*
* Defaults to unset.
*/
String peerAuthenticator() default "";
/**
* Specifies the application {@link Class} type implementing the Apache Geode
* {@link org.apache.geode.security.SecurityManager} interface to enable security in Apache Geode.

View File

@@ -20,7 +20,6 @@ package org.springframework.data.gemfire.config.annotation;
import java.util.Map;
import java.util.Properties;
import org.springframework.beans.factory.BeanFactoryAware;
import org.springframework.data.gemfire.config.annotation.support.EmbeddedServiceConfigurationSupport;
import org.springframework.data.gemfire.util.PropertiesBuilder;
@@ -33,12 +32,13 @@ import org.springframework.data.gemfire.util.PropertiesBuilder;
* @since 1.0.0
*/
@SuppressWarnings("unused")
public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport
implements BeanFactoryAware {
public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport {
protected static final String SECURITY_CLIENT_AUTH_INIT = "security-client-auth-init";
protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init";
protected static final String SECURITY_CLIENT_AUTHENTICATOR = "security-client-authenticator";
protected static final String SECURITY_MANAGER = "security-manager";
protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init";
protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator";
protected static final String SECURITY_POST_PROCESSOR = "security-post-processor";
protected static final String SECURITY_SHIRO_INIT = "security-shiro-init";
@@ -77,8 +77,7 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu
gemfireProperties.setProperty(SECURITY_CLIENT_AUTH_INIT,
annotationAttributes.get("clientAuthenticationInitializer"));
gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT,
annotationAttributes.get("peerAuthenticationInitializer"));
gemfireProperties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, annotationAttributes.get("clientAuthenticator"));
if (isShiroSecurityNotConfigured()) {
gemfireProperties.setPropertyIfNotDefault(SECURITY_MANAGER,
@@ -89,6 +88,11 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu
gemfireProperties.setProperty(SECURITY_SHIRO_INIT, annotationAttributes.get("shiroIniResourcePath"));
}
gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT,
annotationAttributes.get("peerAuthenticationInitializer"));
gemfireProperties.setProperty(SECURITY_PEER_AUTHENTICATOR, annotationAttributes.get("peerAuthenticator"));
gemfireProperties.setPropertyIfNotDefault(SECURITY_POST_PROCESSOR,
annotationAttributes.get("securityPostProcessorClass"), Void.class);