Package org.apache.geode.security

Interface AuthInitialize

All Superinterfaces:
CacheCallback, Declarable
public interface AuthInitialize extends CacheCallback
Specifies the mechanism to obtain credentials for a client or peer. It is mandatory for clients and peers when running in secure mode and a SecurityManager has been configured on the server/locator side respectively. Implementations should register name of the static creation function (that returns an object of the class) as the security-peer-auth-init system property on peers and as the security-client-auth-init system property on clients.
Since:
GemFire 5.5

  • Field Details

  • Method Details

    • init

      default void init(LogWriter systemLogger, LogWriter securityLogger) throws AuthenticationFailedException
      Initialize the callback for a client/peer. This is invoked when a new connection from a client/peer is created with the host. For future implementations, do not use these loggers, use log4j logger directly.
      Parameters:
      systemLogger - LogWriter for system logs
      securityLogger - LogWriter for security logs
      Throws:
      AuthenticationFailedException - if some exception occurs during the initialization

    • init

      @Deprecated default void init()
      Deprecated.
      in Geode 1.5. Never called by the product. Use init(LogWriter systemLogger, LogWriter securityLogger)
      Since:
      Geode 1.0.

    • getCredentials

      Properties getCredentials(Properties securityProps, DistributedMember server, boolean isPeer) throws AuthenticationFailedException
      Initialize with the given set of security properties and return the credentials for the peer/client as properties. This method can modify the given set of properties. For example it may invoke external agents or even interact with the user. Normally it is expected that implementations will filter out security-* properties that are needed for credentials and return only those.
      Parameters:
      securityProps - the security properties obtained using a call to DistributedSystem.getSecurityProperties() that will be used for obtaining the credentials
      server - the DistributedMember object of the server/group-coordinator to which connection is being attempted
      isPeer - true when this is invoked for peer initialization and false when invoked for client initialization
      Returns:
      the credentials to be used for the given server It needs to contain "security-username" and "security-password" if you use username/password combination as credentials When using Integrated security, all members, peer/client will use the same credentials. but we still need to use these params to support the old authenticator
      Throws:
      AuthenticationFailedException - in case of failure to obtain the credentials

    • getCredentials

      @Deprecated default Properties getCredentials(Properties securityProps)
      Deprecated.
      in Geode 1.3. Never called by the product. Use getCredentials(Properties securityProps, DistributedMember server, boolean isPeer)
      Parameters:
      securityProps - the security properties obtained using a call to DistributedSystem.getSecurityProperties() that will be used for obtaining the credentials
      Returns:
      the credentials to be used. It needs to contain "security-username" and "security-password"