[
https://issues.apache.org/jira/browse/GEODE-2083?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
John Blum updated GEODE-2083:
-----------------------------
Description:
Though, going forward (i.e. post {{1.0.0-incubating}}), there will be multiple
ways to configure Apache Geode's {{SecurityManager}} implementation in effect,
for instance, and most notably, [GEODE-2030], in addition to the Geode
{{security-manager}} (System) property, it would be highly valuable if Apache
Geode called
[Declarable.init()|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html#init-java.util.Properties-]
on the custom, application-specific, Geode-based {{SecurityManager}}
implementation providing the custom, application-specific, Geode-based
[SecurityManager|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/security/SecurityManager.html]
implementation implemented the Geode
[Declarable|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html]
interface.
This would be especially beneficial in situations where any post-construction
initialization logic needed to be invoked after the constructor, particularly
where the custom {{SecurityManager}} **this** reference needs to be accessed by
other classes/components in the {{init()}} method outside the
{{SecurityManager}} instance, which if done from/within a constructor during
construction would allow the **this** reference to escape (not good in a
multi-threaded environment).
This is also useful in situations where the GemFire {{security-manager}}
(System) property is still being used, as I suspect will be the case in some
situations/environments.
Tracing this through, the {{IntegratedSecurityService}} [delegates
|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java#L335]
to the {{SecurityService.getObjectOfTypeFromClass(..)}} method. This
[method|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L67-L91]
(along with [similar supporting
methods|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L93-L129])
could Introspect the class type and determine whether the custom,
application-specific, Geode-based {{SecurityManager}} implementation implements
the {{Declarable}} interface, invoking the {{init()}} method before returning,
if it does.
was:
Though, going forward (i.e. post {{1.0.0-incubating}}), there will be multiple
ways to configure Apache Geode's {{SecurityManager}} implementation in effect,
for instance, and most notably, [GEODE-2030], in addition to the Geode
{{security-manager}} (System) property, it would be highly valuable if Apache
Geode called
[Declarable.init()|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html#init-java.util.Properties-]
on the custom, application-specific, Geode-based {{SecurityManager}}
implementation providing the custom, application-specific, Geode-based
[SecurityManager|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/security/SecurityManager.html]
implementation implemented the Geode
[Declarable|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html]
interface.
This would be especially beneficial in situations where any post-construction
initialization logic needed to be invoked after the constructor, particularly
where the custom {{SecurityManager}} **this** reference needs to be accessed by
other classes/components in the {{init()}} method outside the
{{SecurityManager}} instance, which if done from/within a constructor during
construction would allow the **this** reference to escape (not good in a
multi-threaded environment).
This is also useful in situations where the GemFire {{security-manager}}
(System) property is still being used, as I suspect will be the case in some
situations/environments.
Tracing this through, the {{IntegratedSecurityService}} [delegates
|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java#L335]
to the {{SecurityService.getObjectOfTypeFromClass(..)}} method. This
[method|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L67-L91]
(along with [similar supporting
methods|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L93-L129])
could Introspect the class type and determine whether the custom application
specific {{SecurityManager}} implementation implements the {{Declarable}}
interface, invoking the {{init()}} method before returning if it does.
> Geode should call Declarable.init() when the SecurityManager component
> implements Declarable.
> ---------------------------------------------------------------------------------------------
>
> Key: GEODE-2083
> URL: https://issues.apache.org/jira/browse/GEODE-2083
> Project: Geode
> Issue Type: Improvement
> Reporter: John Blum
> Assignee: Jinmei Liao
>
> Though, going forward (i.e. post {{1.0.0-incubating}}), there will be
> multiple ways to configure Apache Geode's {{SecurityManager}} implementation
> in effect, for instance, and most notably, [GEODE-2030], in addition to the
> Geode {{security-manager}} (System) property, it would be highly valuable if
> Apache Geode called
> [Declarable.init()|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html#init-java.util.Properties-]
> on the custom, application-specific, Geode-based {{SecurityManager}}
> implementation providing the custom, application-specific, Geode-based
> [SecurityManager|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/security/SecurityManager.html]
> implementation implemented the Geode
> [Declarable|http://geode.incubator.apache.org/releases/latest/javadoc/org/apache/geode/cache/Declarable.html]
> interface.
> This would be especially beneficial in situations where any post-construction
> initialization logic needed to be invoked after the constructor, particularly
> where the custom {{SecurityManager}} **this** reference needs to be accessed
> by other classes/components in the {{init()}} method outside the
> {{SecurityManager}} instance, which if done from/within a constructor during
> construction would allow the **this** reference to escape (not good in a
> multi-threaded environment).
> This is also useful in situations where the GemFire {{security-manager}}
> (System) property is still being used, as I suspect will be the case in some
> situations/environments.
> Tracing this through, the {{IntegratedSecurityService}} [delegates
> |https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java#L335]
> to the {{SecurityService.getObjectOfTypeFromClass(..)}} method. This
> [method|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L67-L91]
> (along with [similar supporting
> methods|https://github.com/apache/incubator-geode/blob/rel/v1.0.0-incubating/geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java#L93-L129])
> could Introspect the class type and determine whether the custom,
> application-specific, Geode-based {{SecurityManager}} implementation
> implements the {{Declarable}} interface, invoking the {{init()}} method
> before returning, if it does.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
