Package org.jgroups.protocols

Class AUTH

  • All Implemented Interfaces:
    Lifecycle
    public class AUTH
extends Protocol
    The AUTH protocol adds a layer of authentication to JGroups. It intercepts join and merge requests and rejects them if the joiner or merger is not permitted to join a or merge into a cluster. AUTH should be placed right below GMS in the configuration.
    Note that some of the AuthTokens (such as MD5Token, SimpleToken etc) cannot prevent rogue members from joining a cluster, and are thus deprecated. Read the manual for a detailed description of why.
    Author:
    Chris Mills, Bela Ban

    • Field Detail

      • GMS_ID

        protected static final short GMS_ID

      • auth_token

        protected AuthToken auth_token
        Used on the coordinator to authentication joining member requests against

      • authenticate_coord

        protected volatile boolean authenticate_coord

    • Constructor Detail

      • AUTH

        public AUTH()

    • Method Detail

      • setAuthCoord

        public AUTH setAuthCoord​(boolean authenticateCoord)

      • setAuthClass

        public void setAuthClass​(java.lang.String class_name)
                  throws java.lang.Exception
        Throws:
        java.lang.Exception

      • getAuthClass

        public java.lang.String getAuthClass()

      • getAuthToken

        public AuthToken getAuthToken()

      • init

        public void init()
          throws java.lang.Exception
        Description copied from class: Protocol
        Called after a protocol has been created and before the protocol is started. Attributes are already set. Other protocols are not yet connected and events cannot yet be sent.
        Specified by:
        init in interface Lifecycle
        Overrides:
        init in class Protocol
        Throws:
        java.lang.Exception - Thrown if protocol cannot be initialized successfully. This will cause the ProtocolStack to fail, so the the channel constructor will throw an exception

      • start

        public void start()
           throws java.lang.Exception
        Description copied from class: Protocol
        This method is called on a JChannel.connect(String); starts work. Protocols are connected ready to receive events. Will be called from bottom to top.
        Specified by:
        start in interface Lifecycle
        Overrides:
        start in class Protocol
        Throws:
        java.lang.Exception - Thrown if protocol cannot be started successfully. This will cause the ProtocolStack to fail, so JChannel.connect(String) will throw an exception

      • up

        public java.lang.Object up​(Message msg)
        An event was received from the layer below. Usually the current layer will want to examine the event type and - depending on its type - perform some computation (e.g. removing headers from a MSG event type, or updating the internal membership list when receiving a VIEW_CHANGE event). Finally the event is either a) discarded, or b) an event is sent down the stack using down_prot.down() or c) the event (or another event) is sent up the stack using up_prot.up().
        Overrides:
        up in class Protocol

      • up

        public void up​(MessageBatch batch)
        Description copied from class: Protocol
        Sends up a multiple messages in a MessageBatch. The sender of the batch is always the same, and so is the destination (null == multicast messages). Messages in a batch can be OOB messages, regular messages, or mixed messages, although the transport itself will create initial MessageBatches that contain only either OOB or regular messages.

        The default processing below sends messages up the stack individually, based on a matching criteria (calling Protocol.accept(Message)), and - if true - calls Protocol.up(org.jgroups.Event) for that message and removes the message. If the batch is not empty, it is passed up, or else it is dropped.

        Subclasses should check if there are any messages destined for them (e.g. using MessageBatch.iterator(Predicate)), then possibly remove and process them and finally pass the batch up to the next protocol. Protocols can also modify messages in place, e.g. ENCRYPT could decrypt all encrypted messages in the batch, not remove them, and pass the batch up when done.

        Overrides:
        up in class Protocol
        Parameters:
        batch - The message batch

      • down

        public java.lang.Object down​(Message msg)
        Description copied from class: Protocol
        A message is sent down the stack. Protocols may examine the message and do something (e.g. add a header) with it, before passing it down.
        Overrides:
        down in class Protocol

      • handleAuthHeader

        protected boolean handleAuthHeader​(GMS.GmsHeader gms_hdr,
                                   AuthHeader auth_hdr,
                                   Message msg)
        Handles a GMS header
        Returns:
        true if the message should be processed (= passed up), or else false

      • sendRejectionMessage

        protected void sendRejectionMessage​(byte type,
                                    Address dest,
                                    java.lang.String error_msg)

      • sendJoinRejectionMessage

        protected void sendJoinRejectionMessage​(Address dest,
                                        java.lang.String error_msg)

      • sendMergeRejectionMessage

        protected void sendMergeRejectionMessage​(Address dest)

      • getJoinResponse

        protected static JoinRsp getJoinResponse​(Message msg)