-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37209/
-----------------------------------------------------------
(Updated Aug. 14, 2015, 11:01 a.m.)
Review request for geode, Amogh Shetkar, Jens Deppe, and Nilkanth Patel.
Repository: geode
Description (updated)
-------
GEODE-77 : Integrated Security Code Merge
This is manual merge of code from int_security branch.
Testing done : JMX RMI-connector testing done from JConsole, Gfsh interactive
testing with different roles. DUnits are not yet integrated into open.
Adding description about changes done
JMX - Key Changes
ManagementAgent.java
Hooks managementInterceptor when security plugins are configured
ManagementInterceptor.java
Central interceptor for JMX RMI connector.
Each JMX call go through interceptor via MBeanServerWrapper in
following fashion
jmx(mxbean.op()) -> mbeanServerWrapper -> interceptor ->
security plugin -> back to wrapper -> mxbean.op()
ResourceOperationContext
OperationContext for all m&m resource operations.
This returns operation code as RESOURCE (except for data
commands) and has additional code called resourceOperationCode which return
exact operation requested
ResourceOperation
This annotation is used to mark mxbean interfaces and commands
to corresponding m&m action
JMXOperationContext
describes mbean operation(getAttr,SetAttr,Op) in terms of
ResourceOperationContext.
Parses all MXBean annotation and build map used for mapping jmx
calls to resource codes
CLIOperationContext
describes gfsh command(name, params) in terms of
ResourceOperationContext
Parses all Command annotation and build map used for mapping
gfsh command calls to resource codes
*MXBean and *Commands Changes
Added ResourceOperation annotation
REST ADMIN - Key Changes
AuthManager
gateway to authorize and authenticate REST ADMIN
internal/web/controllers/AbstractCommandsController.java
Changes for ADMIN REST to add authentication and authorization
callbacks
Pulse - Key Changes from gemfire side
AccessControlMXBean/AccessControlContext
This is hidden mbean which opens up authorization end-point for
Pulse
Pulse will access this mbean to know its authorization levels
after connecting with given credentials
Any JMX Client can use this mbean to know its (currrent jmx
connection) authorization levels
REST - Key changes
gemfire-web-api - AbstractBaseController.java and other controller
classes
REST API changes for At & Az
DistributionConfig (its impl)
New system properties token-service for REST
TokenService
New interface for REST endpoint which is supposed to give
secured token when given Princial
RestAPIsOperationContext
OperationContext for REST API
Diffs
-----
gemfire-core/src/main/java/com/gemstone/gemfire/cache/operations/OperationContext.java
d25063c
gemfire-core/src/main/java/com/gemstone/gemfire/distributed/DistributedSystem.java
b7b2cd8
gemfire-core/src/main/java/com/gemstone/gemfire/distributed/internal/AbstractDistributionConfig.java
472959d
gemfire-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfig.java
10094a9
gemfire-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java
b8dfeb3
gemfire-core/src/main/java/com/gemstone/gemfire/internal/i18n/LocalizedStrings.java
f5ae3e5
gemfire-core/src/main/java/com/gemstone/gemfire/internal/security/AuthorizeRequest.java
8ba07a2
gemfire-core/src/main/java/com/gemstone/gemfire/management/CacheServerMXBean.java
59f6537
gemfire-core/src/main/java/com/gemstone/gemfire/management/DiskStoreMXBean.java
f14d16c
gemfire-core/src/main/java/com/gemstone/gemfire/management/DistributedSystemMXBean.java
f0a0a79
gemfire-core/src/main/java/com/gemstone/gemfire/management/GatewayReceiverMXBean.java
3e5ba1a
gemfire-core/src/main/java/com/gemstone/gemfire/management/GatewaySenderMXBean.java
b6c5219
gemfire-core/src/main/java/com/gemstone/gemfire/management/LockServiceMXBean.java
e53d50a
gemfire-core/src/main/java/com/gemstone/gemfire/management/ManagerMXBean.java
04fda7e
gemfire-core/src/main/java/com/gemstone/gemfire/management/MemberMXBean.java
e935fcd
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
43bfe73
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/RestAgent.java
74695ee
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
d8f6983
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ClientCommands.java
2eb1318
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ConfigCommands.java
279fb45
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/CreateAlterDestroyRegionCommands.java
919d6fe
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
9e60839
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DeployCommands.java
4591b53
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DiskStoreCommands.java
4614ce7
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DurableClientCommands.java
01910d6
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ExportImportSharedConfigurationCommands.java
d4134ad
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/FunctionCommands.java
0d8c54a
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/GfshHelpCommands.java
d9d4bea
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/IndexCommands.java
c978381
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/LauncherLifecycleCommands.java
302d7bb
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MemberCommands.java
797f654
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/MiscellaneousCommands.java
da8f11d
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/PDXCommands.java
d236d81
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/QueueCommands.java
7b298d6
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/RegionCommands.java
80ba89e
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/ShellCommands.java
4bdab90
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/StatusCommands.java
5abd08a
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/WanCommands.java
a6d9abf
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/cli/shell/JmxOperationInvoker.java
864907b
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControl.java
58040cd
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlContext.java
1926db5
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMXBean.java
e217045
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/CLIOperationContext.java
b0198e4
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JMXOperationContext.java
375cc27
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
d85ce65
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
50942c1
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ManagementInterceptor.java
1851977
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/Resource.java
4dc27e1
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceConstants.java
3f4d7cb
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperation.java
f149479
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/security/ResourceOperationContext.java
aa1c38c
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
73ce926
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/ConfigCommandsController.java
517d942
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/DataCommandsController.java
6767ec1
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/DiskStoreCommandsController.java
2df3432
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/FunctionCommandsController.java
de81543
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/MiscellaneousCommandsController.java
66d344f
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/WanCommandsController.java
1e22bd9
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/EnvironmentVariablesHandlerInterceptor.java
8ebed02
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/http/support/SimpleHttpRequester.java
8bd9d37
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/AbstractHttpOperationInvoker.java
dac1271
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/RestHttpOperationInvoker.java
0dfbdbd
gemfire-core/src/main/java/com/gemstone/gemfire/management/internal/web/shell/SimpleHttpOperationInvoker.java
a122339
gemfire-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
89644f0
gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
ab9333d
gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
44aef44
gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthCodeTest.java
384493b
gemfire-core/src/test/java/com/gemstone/gemfire/management/internal/security/ResourceOperationJUnit.java
f061240
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/AbstractBaseController.java
feed8c7
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/BaseControllerAdvice.java
5ae88bc
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/CommonCrudController.java
ef52347
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/FunctionAccessController.java
45d6f66
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/PdxBasedCrudController.java
96551c6
gemfire-web-api/src/main/java/com/gemstone/gemfire/rest/internal/web/controllers/QueryAccessController.java
b20c849
gemfire-web-api/src/main/webapp/WEB-INF/web.xml 554ef4b
Diff: https://reviews.apache.org/r/37209/diff/
Testing
-------
Thanks,
Tushar Khairnar
