Package org.jgroups.protocols

Class AUTH

  • public class AUTH
extends Protocol
    The AUTH protocol adds a layer of authentication to JGroups. It intercepts join and merge requests and rejects them if the joiner or merger is not permitted to join a or merge into a cluster. AUTH should be placed right below GMS in the configuration.
    Note that some of the AuthTokens (such as MD5Token, SimpleToken etc) cannot prevent rogue members from joining a cluster, and are thus deprecated. Read the manual for a detailed description of why.
    Author:
    Chris Mills, Bela Ban

    • Field Detail

      • auth_token

        protected AuthToken auth_token
        Used on the coordinator to authentication joining member requests against

      • GMS_ID

        protected static final short GMS_ID

      • up_handlers

        protected final java.util.List<UpHandler> up_handlers
        List of UpHandler which are called when an up event has been received. Usually used by AuthToken impls

      • local_addr

        protected Address local_addr

      • authenticate_coord

        protected volatile boolean authenticate_coord

    • Constructor Detail

      • AUTH

        public AUTH()

    • Method Detail

      • setAuthCoord

        public AUTH setAuthCoord​(boolean authenticateCoord)

      • setAuthClass

        public void setAuthClass​(java.lang.String class_name)
                  throws java.lang.Exception
        Throws:
        java.lang.Exception

      • getAuthClass

        public java.lang.String getAuthClass()

      • getAuthToken

        public AuthToken getAuthToken()

      • register

        @Deprecated
public AUTH register​(UpHandler handler)
        Deprecated.

      • unregister

        @Deprecated
public AUTH unregister​(UpHandler handler)
        Deprecated.

      • getAddress

        public Address getAddress()

      • getConfigurableObjects

        public java.util.List<java.lang.Object> getConfigurableObjects()
        Description copied from class: Protocol
        After configuring the protocol itself from the properties defined in the XML config, a protocol might have additional objects which need to be configured. This callback allows a protocol developer to configure those other objects. This call is guaranteed to be invoked after the protocol itself has been configured. See AUTH for an example.
        Overrides:
        getConfigurableObjects in class Protocol

      • init

        public void init()
          throws java.lang.Exception
        Description copied from class: Protocol
        Called after instance has been created (null constructor) and before protocol is started. Properties are already set. Other protocols are not yet connected and events cannot yet be sent.
        Overrides:
        init in class Protocol
        Throws:
        java.lang.Exception - Thrown if protocol cannot be initialized successfully. This will cause the ProtocolStack to fail, so the channel constructor will throw an exception

      • start

        public void start()
           throws java.lang.Exception
        Description copied from class: Protocol
        This method is called on a JChannel.connect(String). Starts work. Protocols are connected and queues are ready to receive events. Will be called from bottom to top. This call will replace the START and START_OK events.
        Overrides:
        start in class Protocol
        Throws:
        java.lang.Exception - Thrown if protocol cannot be started successfully. This will cause the ProtocolStack to fail, so JChannel.connect(String) will throw an exception

      • stop

        public void stop()
        Description copied from class: Protocol
        This method is called on a JChannel.disconnect(). Stops work (e.g. by closing multicast socket). Will be called from top to bottom. This means that at the time of the method invocation the neighbor protocol below is still working. This method will replace the STOP, STOP_OK, CLEANUP and CLEANUP_OK events. The ProtocolStack guarantees that when this method is called all messages in the down queue will have been flushed
        Overrides:
        stop in class Protocol

      • destroy

        public void destroy()
        Description copied from class: Protocol
        This method is called on a JChannel.close(). Does some cleanup; after the call the VM will terminate
        Overrides:
        destroy in class Protocol

      • up

        public java.lang.Object up​(Message msg)
        An event was received from the layer below. Usually the current layer will want to examine the event type and - depending on its type - perform some computation (e.g. removing headers from a MSG event type, or updating the internal membership list when receiving a VIEW_CHANGE event). Finally the event is either a) discarded, or b) an event is sent down the stack using down_prot.down() or c) the event (or another event) is sent up the stack using up_prot.up().
        Overrides:
        up in class Protocol

      • up

        public void up​(MessageBatch batch)
        Description copied from class: Protocol
        Sends up a multiple messages in a MessageBatch. The sender of the batch is always the same, and so is the destination (null == multicast messages). Messages in a batch can be OOB messages, regular messages, or mixed messages, although the transport itself will create initial MessageBatches that contain only either OOB or regular messages.

        The default processing below sends messages up the stack individually, based on a matching criteria (calling Protocol.accept(org.jgroups.Message)), and - if true - calls Protocol.up(org.jgroups.Event) for that message and removes the message. If the batch is not empty, it is passed up, or else it is dropped.

        Subclasses should check if there are any messages destined for them (e.g. using MessageBatch.getMatchingMessages(short,boolean)), then possibly remove and process them and finally pass the batch up to the next protocol. Protocols can also modify messages in place, e.g. ENCRYPT could decrypt all encrypted messages in the batch, not remove them, and pass the batch up when done.

        Overrides:
        up in class Protocol
        Parameters:
        batch - The message batch

      • down

        public java.lang.Object down​(Event evt)
        An event is to be sent down the stack. The layer may want to examine its type and perform some action on it, depending on the event's type. If the event is a message MSG, then the layer may need to add a header to it (or do nothing at all) before sending it down the stack using down_prot.down(). In case of a GET_ADDRESS event (which tries to retrieve the stack's address from one of the bottom layers), the layer may need to send a new response event back up the stack using up_prot.up().
        Overrides:
        down in class Protocol

      • down

        public java.lang.Object down​(Message msg)
        Description copied from class: Protocol
        A message is sent down the stack. Protocols may examine the message and do something (e.g. add a header) with it before passing it down.
        Overrides:
        down in class Protocol

      • handleAuthHeader

        protected boolean handleAuthHeader​(GMS.GmsHeader gms_hdr,
                                   AuthHeader auth_hdr,
                                   Message msg)
        Handles a GMS header
        Returns:
        true if the message should be processed (= passed up), or else false

      • sendRejectionMessage

        protected void sendRejectionMessage​(byte type,
                                    Address dest,
                                    java.lang.String error_msg)

      • sendJoinRejectionMessage

        protected void sendJoinRejectionMessage​(Address dest,
                                        java.lang.String error_msg)

      • sendMergeRejectionMessage

        protected void sendMergeRejectionMessage​(Address dest)

      • getJoinResponse

        protected static JoinRsp getJoinResponse​(Message msg)