public class PKCSAuthInit extends java.lang.Object implements AuthInitialize
AuthInitialize implementation that obtains the digital signature for use with PKCS
scheme on server from the given set of properties.
To use this class the security-client-auth-init property should be set to the fully
qualified name the static create function viz.
org.apache.geode.security.templates.PKCSAuthInit.create| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
KEYSTORE_ALIAS |
static java.lang.String |
KEYSTORE_FILE_PATH |
static java.lang.String |
KEYSTORE_PASSWORD |
protected LogWriter |
securityLogWriter |
static java.lang.String |
SIGNATURE_DATA |
protected LogWriter |
systemLogWriter |
SECURITY_PASSWORD, SECURITY_USERNAME| Constructor and Description |
|---|
PKCSAuthInit() |
| Modifier and Type | Method and Description |
|---|---|
void |
close()
Called when the region containing this callback is closed or destroyed, when the cache is
closed, or when a callback is removed from a region using an
AttributesMutator. |
static AuthInitialize |
create() |
java.util.Properties |
getCredentials(java.util.Properties securityProperties,
DistributedMember server,
boolean isPeer)
Initialize with the given set of security properties and return the credentials for the
peer/client as properties.
|
void |
init(LogWriter systemLogWriter,
LogWriter securityLogWriter)
Initialize the callback for a client/peer.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetCredentials, initinit, initializepublic static final java.lang.String KEYSTORE_FILE_PATH
public static final java.lang.String KEYSTORE_ALIAS
public static final java.lang.String KEYSTORE_PASSWORD
public static final java.lang.String SIGNATURE_DATA
protected LogWriter systemLogWriter
protected LogWriter securityLogWriter
public static AuthInitialize create()
public void init(LogWriter systemLogWriter, LogWriter securityLogWriter) throws AuthenticationFailedException
AuthInitializeinit in interface AuthInitializesystemLogWriter - LogWriter for system logssecurityLogWriter - LogWriter for security logsAuthenticationFailedException - if some exception occurs during the initializationpublic java.util.Properties getCredentials(java.util.Properties securityProperties,
DistributedMember server,
boolean isPeer)
throws AuthenticationFailedException
AuthInitializegetCredentials in interface AuthInitializesecurityProperties - the security properties obtained using a call to
DistributedSystem.getSecurityProperties() that will be used for obtaining the
credentialsserver - the DistributedMember object of the server/group-coordinator to which
connection is being attemptedisPeer - true when this is invoked for peer initialization and false when invoked for
client initializationserver
It needs to contain "security-username" and "security-password"
When using Integrated security, all members, peer/client will use the same credentials.
but we still need to use these params to support the old authenticatorAuthenticationFailedException - in case of failure to obtain the credentialspublic void close()
CacheCallbackAttributesMutator.
Implementations should cleanup any external resources such as database connections. Any runtime exceptions this method throws will be logged.
It is possible for this method to be called multiple times on a single callback instance, so implementations must be tolerant of this.
close in interface CacheCallbackRegionService.close(),
Region.close(),
Region.localDestroyRegion(),
Region.destroyRegion(),
AttributesMutator