diff --git a/src/main/java/org/springframework/data/gemfire/config/annotation/AuthConfiguration.java b/src/main/java/org/springframework/data/gemfire/config/annotation/AuthConfiguration.java index 09e2626f..8984b717 100644 --- a/src/main/java/org/springframework/data/gemfire/config/annotation/AuthConfiguration.java +++ b/src/main/java/org/springframework/data/gemfire/config/annotation/AuthConfiguration.java @@ -52,13 +52,17 @@ public class AuthConfiguration extends EmbeddedServiceConfigurationSupport { protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator"; protected static final String SECURITY_PEER_VERIFY_MEMBER_TIMEOUT = "security-peer-verifymember-timeout"; - /* (non-Javadoc) */ + /** + * @inheritDoc + */ @Override protected Class getAnnotationType() { return EnableAuth.class; } - /* (non-Javadoc) */ + /** + * @inheritDoc + */ @Override protected Properties toGemFireProperties(Map annotationAttributes) { PropertiesBuilder gemfireProperties = PropertiesBuilder.create(); diff --git a/src/main/java/org/springframework/data/gemfire/config/annotation/EnableAuth.java b/src/main/java/org/springframework/data/gemfire/config/annotation/EnableAuth.java index 2c7335bf..3e127222 100644 --- a/src/main/java/org/springframework/data/gemfire/config/annotation/EnableAuth.java +++ b/src/main/java/org/springframework/data/gemfire/config/annotation/EnableAuth.java @@ -34,10 +34,11 @@ import org.springframework.context.annotation.Import; * annotated class to configure and enable GemFire/Geode's Authentication and Authorization framework services. * * @author John Blum - * @see org.springframework.data.gemfire.config.annotation.AuthConfiguration * @see org.apache.geode.security.AccessControl * @see org.apache.geode.security.AuthInitialize * @see org.apache.geode.security.Authenticator + * @see org.springframework.context.annotation.Import + * @see org.springframework.data.gemfire.config.annotation.AuthConfiguration * @see Authentication * @see Authorization * @since 1.9.0 diff --git a/src/main/java/org/springframework/data/gemfire/config/annotation/EnableSecurity.java b/src/main/java/org/springframework/data/gemfire/config/annotation/EnableSecurity.java index 37da4957..7dc2641e 100644 --- a/src/main/java/org/springframework/data/gemfire/config/annotation/EnableSecurity.java +++ b/src/main/java/org/springframework/data/gemfire/config/annotation/EnableSecurity.java @@ -25,6 +25,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; import org.apache.geode.security.AuthInitialize; +import org.apache.geode.security.Authenticator; import org.springframework.context.annotation.Import; /** @@ -35,7 +36,12 @@ import org.springframework.context.annotation.Import; * @author John Blum * @see GeodeIntegratedSecurityConfiguration * @see org.apache.geode.security.AuthInitialize + * @see org.apache.geode.security.Authenticator * @see org.apache.geode.security.SecurityManager + * @see org.apache.geode.security.PostProcessor + * @see org.springframework.context.annotation.Import + * @see org.springframework.data.gemfire.config.annotation.ApacheShiroSecurityConfiguration + * @see org.springframework.data.gemfire.config.annotation.GeodeIntegratedSecurityConfiguration * @since 1.0.0 */ @Target(ElementType.TYPE) @@ -43,7 +49,7 @@ import org.springframework.context.annotation.Import; @Inherited @Documented @Import({ ApacheShiroSecurityConfiguration.class, GeodeIntegratedSecurityConfiguration.class }) -@SuppressWarnings("unused") +@SuppressWarnings({ "deprecation", "unused" }) public @interface EnableSecurity { /** @@ -54,6 +60,14 @@ public @interface EnableSecurity { */ String clientAuthenticationInitializer() default ""; + /** + * Used for authentication. Static creation method returning an {@link Authenticator} object, + * which is used by a server to verify the credentials of the connecting client. + * + * Defaults to unset. + */ + String clientAuthenticator() default ""; + /** * Used with authentication. Static creation method returning an {@link AuthInitialize} object, which obtains * credentials for peers in a distributed system. @@ -62,6 +76,14 @@ public @interface EnableSecurity { */ String peerAuthenticationInitializer() default ""; + /** + * Used with authentication. Static creation method returning an {@link Authenticator} object, which is used + * by a peer to verify the credentials of the connecting peer. + * + * Defaults to unset. + */ + String peerAuthenticator() default ""; + /** * Specifies the application {@link Class} type implementing the Apache Geode * {@link org.apache.geode.security.SecurityManager} interface to enable security in Apache Geode. diff --git a/src/main/java/org/springframework/data/gemfire/config/annotation/GeodeIntegratedSecurityConfiguration.java b/src/main/java/org/springframework/data/gemfire/config/annotation/GeodeIntegratedSecurityConfiguration.java index b7b3ff5b..17f3be33 100644 --- a/src/main/java/org/springframework/data/gemfire/config/annotation/GeodeIntegratedSecurityConfiguration.java +++ b/src/main/java/org/springframework/data/gemfire/config/annotation/GeodeIntegratedSecurityConfiguration.java @@ -20,7 +20,6 @@ package org.springframework.data.gemfire.config.annotation; import java.util.Map; import java.util.Properties; -import org.springframework.beans.factory.BeanFactoryAware; import org.springframework.data.gemfire.config.annotation.support.EmbeddedServiceConfigurationSupport; import org.springframework.data.gemfire.util.PropertiesBuilder; @@ -33,12 +32,13 @@ import org.springframework.data.gemfire.util.PropertiesBuilder; * @since 1.0.0 */ @SuppressWarnings("unused") -public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport - implements BeanFactoryAware { +public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigurationSupport { protected static final String SECURITY_CLIENT_AUTH_INIT = "security-client-auth-init"; - protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init"; + protected static final String SECURITY_CLIENT_AUTHENTICATOR = "security-client-authenticator"; protected static final String SECURITY_MANAGER = "security-manager"; + protected static final String SECURITY_PEER_AUTH_INIT = "security-peer-auth-init"; + protected static final String SECURITY_PEER_AUTHENTICATOR = "security-peer-authenticator"; protected static final String SECURITY_POST_PROCESSOR = "security-post-processor"; protected static final String SECURITY_SHIRO_INIT = "security-shiro-init"; @@ -77,8 +77,7 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu gemfireProperties.setProperty(SECURITY_CLIENT_AUTH_INIT, annotationAttributes.get("clientAuthenticationInitializer")); - gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT, - annotationAttributes.get("peerAuthenticationInitializer")); + gemfireProperties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, annotationAttributes.get("clientAuthenticator")); if (isShiroSecurityNotConfigured()) { gemfireProperties.setPropertyIfNotDefault(SECURITY_MANAGER, @@ -89,6 +88,11 @@ public class GeodeIntegratedSecurityConfiguration extends EmbeddedServiceConfigu gemfireProperties.setProperty(SECURITY_SHIRO_INIT, annotationAttributes.get("shiroIniResourcePath")); } + gemfireProperties.setProperty(SECURITY_PEER_AUTH_INIT, + annotationAttributes.get("peerAuthenticationInitializer")); + + gemfireProperties.setProperty(SECURITY_PEER_AUTHENTICATOR, annotationAttributes.get("peerAuthenticator")); + gemfireProperties.setPropertyIfNotDefault(SECURITY_POST_PROCESSOR, annotationAttributes.get("securityPostProcessorClass"), Void.class);