/** * This is implementation of {@link GridSecurityProcessor} which handles cl

1. /**
2. * This is implementation of {@link GridSecurityProcessor} which handles cluster security
3. */
4. public class SecurityProcessor extends GridProcessorAdapter implements GridSecurityProcessor {
5.  
6. private IgniteConfiguration config;
7. private SecurityPluginConfiguration securityPluginConfiguration;
8.  
9. /**
10. * @param ctx Kernal context.
11. */
12. protected SecurityProcessor(GridKernalContext ctx) {
13. super(ctx);
14. config = ctx.config();
15. PluginConfiguration[] pluginConfigurations = this.config.getPluginConfigurations();
16. if (pluginConfigurations != null) {
17. for (PluginConfiguration pluginConfiguration : pluginConfigurations) {
18. if (pluginConfiguration instanceof SecurityPluginConfiguration) {
19. securityPluginConfiguration = (SecurityPluginConfiguration) pluginConfiguration;
20. }
21. }
22. }
23. }
24.  
25. /**
26. * @param node
27. * @param cred
28. * @return
29. * @throws IgniteCheckedException
30. */
31. public SecurityContext authenticateNode(ClusterNode node, SecurityCredentials cred) throws IgniteCheckedException {
32.  
33. SecurityCredentials userSecurityCredentials;
34.  
35. if (securityPluginConfiguration != null) {
36. if ((userSecurityCredentials = securityPluginConfiguration.getSecurityCredentials()) != null) {
37. return userSecurityCredentials.equals(cred) ? new SecurityContextImpl() : null;
38. }
39. if (cred == null && userSecurityCredentials == null) {
40. return new SecurityContextImpl();
41. }
42. }
43.  
44. if (cred == null)
45. return new SecurityContextImpl();
46.  
47. return null;
48.  
49. }
50.  
51. public boolean isGlobalNodeAuthentication() {
52. return false;
53. }
54.  
55. public SecurityContext authenticate(AuthenticationContext ctx) throws IgniteCheckedException {
56.  
57. return new SecurityContextImpl(ctx);
58. }
59.  
60. public Collection<SecuritySubject> authenticatedSubjects() throws IgniteCheckedException {
61.  
62. return Arrays.asList(new SecuritySubjectImpl());
63. }
64.  
65. public SecuritySubject authenticatedSubject(UUID subjId) throws IgniteCheckedException {
66.  
67. return new SecuritySubjectImpl();
68. }
69.  
70. public void authorize(String name, SecurityPermission perm, @Nullable SecurityContext securityCtx) throws SecurityException {
71. //TODO - Here we can check permissions for given cache operation
72. }
73.  
74. public void onSessionExpired(UUID subjId) {
75.  
76. }
77.  
78. public boolean enabled() {
79. return true;
80. }
81.  
82. }