Package org.apache.geode.cache.query.security

Interface MethodInvocationAuthorizer

All Known Implementing Classes:
ExampleAnnotationBasedMethodInvocationAuthorizer, JavaBeanAccessorMethodAuthorizer, RegExMethodAuthorizer, RestrictedMethodAuthorizer, UnrestrictedMethodAuthorizer
public interface MethodInvocationAuthorizer
The root interface that should be implemented by method invocation authorizer instances. The authorizer is responsible for determining whether a Method is allowed to be executed on a specific Object instance. Implementations of this interface should provide a no-arg constructor.

There are mainly four security risks when allowing users to execute arbitrary methods in OQL, which should be addressed by implementations of this interface:

  • Java Reflection: do anything through Object.getClass() or similar.
  • Cache Modification: execute Cache operations (close, get regions, etc.).
  • Region Modification: execute Region operations (destroy, invalidate, etc.).
  • Region Entry Modification: execute in-place modifications on the region entries.

Implementations of this interface should be thread-safe: multiple threads might be authorizing several method invocations using the same instance at the same time.

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    authorize(Method method, Object target)
    Executes the authorization logic to determine whether the method is allowed to be executed on the target object instance.
    default void
    initialize(Cache cache, Set<String> parameters)
    Initializes the MethodInvocationAuthorizer using a Cache and a Set of String parameters.

  • Method Details

    • initialize

      default void initialize(Cache cache, Set<String> parameters)
      Initializes the MethodInvocationAuthorizer using a Cache and a Set of String parameters.

      This method exists to allow user-specified method authorizers to be configured and used at runtime. If this method is not overridden in a user-specified authorizer then that authorizer will not be configurable.

      Parameters:
      cache - the Cache to which the MethodInvocationAuthorizer will belong
      parameters - a Set of String that will be used to configure the MethodInvocationAuthorizer

    • authorize

      boolean authorize(Method method, Object target)
      Executes the authorization logic to determine whether the method is allowed to be executed on the target object instance.

      Implementation Note: the query engine will remember whether the method invocation has been already authorized or not for the current query context, so this method will be called once in the lifetime of a query for every new method seen while traversing the objects. Nevertheless, the implementation should be lighting fast as it will be called by the OQL engine in runtime during the query execution.

      Parameters:
      method - the Method that should be authorized.
      target - the Object on which the Method will be executed.
      Returns:
      true if the method can be executed on on the target instance, false otherwise.