Package org.jgroups.protocols

Class AUTH

java.lang.Object
org.jgroups.stack.Protocol
org.jgroups.protocols.AUTH
All Implemented Interfaces:
Lifecycle
public class AUTH extends Protocol
The AUTH protocol adds a layer of authentication to JGroups. It intercepts join and merge requests and rejects them if the joiner or merger is not permitted to join a or merge into a cluster. AUTH should be placed right below GMS in the configuration.

Note that some of the AuthTokens (such as MD5Token, SimpleToken etc) cannot prevent rogue members from joining a cluster, and are thus deprecated. Read the manual for a detailed description of why.

  • Field Details

    • GMS_ID

      protected static final short GMS_ID

    • auth_token

      protected AuthToken auth_token
      Used on the coordinator to authentication joining member requests against

    • authenticate_coord

      protected volatile boolean authenticate_coord

  • Constructor Details

    • AUTH

      public AUTH()

  • Method Details

    • setAuthCoord

      public AUTH setAuthCoord(boolean authenticateCoord)

    • setAuthClass

      public void setAuthClass(String class_name) throws Exception
      Throws:
      Exception

    • getAuthClass

      public String getAuthClass()

    • getAuthToken

      public AuthToken getAuthToken()

    • setAuthToken

      public AUTH setAuthToken(AuthToken token)

    • getPhysicalAddress

      public PhysicalAddress getPhysicalAddress()

    • init

      public void init() throws Exception
      Description copied from class: Protocol
      Called after a protocol has been created and before the protocol is started. Attributes are already set. Other protocols are not yet connected and events cannot yet be sent.
      Specified by:
      init in interface Lifecycle
      Overrides:
      init in class Protocol
      Throws:
      Exception - Thrown if protocol cannot be initialized successfully. This will cause the ProtocolStack to fail, so the the channel constructor will throw an exception

    • start

      public void start() throws Exception
      Description copied from class: Protocol
      This method is called on a JChannel.connect(String); starts work. Protocols are connected ready to receive events. Will be called from bottom to top.
      Specified by:
      start in interface Lifecycle
      Overrides:
      start in class Protocol
      Throws:
      Exception - Thrown if protocol cannot be started successfully. This will cause the ProtocolStack to fail, so JChannel.connect(String) will throw an exception

    • stop

      public void stop()
      Description copied from class: Protocol
      Called on a JChannel.disconnect(); stops work (e.g. by closing multicast socket). Will be called from top to bottom.
      Specified by:
      stop in interface Lifecycle
      Overrides:
      stop in class Protocol

    • destroy

      public void destroy()
      Description copied from class: Protocol
      This method is called on a JChannel.close(). Does some cleanup; after the call, the VM will terminate
      Specified by:
      destroy in interface Lifecycle
      Overrides:
      destroy in class Protocol

    • up

      public Object up(Message msg)
      An event was received from the layer below. Usually the current layer will want to examine the event type and - depending on its type - perform some computation (e.g. removing headers from a MSG event type, or updating the internal membership list when receiving a VIEW_CHANGE event). Finally the event is either a) discarded, or b) an event is sent down the stack using down_prot.down() or c) the event (or another event) is sent up the stack using up_prot.up().
      Overrides:
      up in class Protocol

    • up

      public void up(MessageBatch batch)
      Description copied from class: Protocol
      Sends up a multiple messages in a MessageBatch. The sender of the batch is always the same, and so is the destination (null == multicast messages). Messages in a batch can be OOB messages, regular messages, or mixed messages, although the transport itself will create initial MessageBatches that contain only either OOB or regular messages.

      The default processing below sends messages up the stack individually, based on a matching criteria (calling Protocol.accept(Message)), and - if true - calls Protocol.up(org.jgroups.Event) for that message and removes the message. If the batch is not empty, it is passed up, or else it is dropped.

      Subclasses should check if there are any messages destined for them (e.g. using MessageBatch.iterator(Predicate)), then possibly remove and process them and finally pass the batch up to the next protocol. Protocols can also modify messages in place, e.g. ENCRYPT could decrypt all encrypted messages in the batch, not remove them, and pass the batch up when done.

      Overrides:
      up in class Protocol
      Parameters:
      batch - The message batch

    • down

      public Object down(Message msg)
      Description copied from class: Protocol
      A message is sent down the stack. Protocols may examine the message and do something (e.g. add a header) with it, before passing it down.
      Overrides:
      down in class Protocol

    • needsAuthentication

      protected boolean needsAuthentication(Message msg, GMS.GmsHeader hdr)

    • handleAuthHeader

      protected boolean handleAuthHeader(GMS.GmsHeader gms_hdr, AuthHeader auth_hdr, Message msg)
      Handles a GMS header
      Returns:
      true if the message should be processed (= passed up), or else false

    • sendRejectionMessage

      protected void sendRejectionMessage(byte type, Address dest, String error_msg)

    • sendJoinRejectionMessage

      protected void sendJoinRejectionMessage(Address dest, String error_msg)

    • sendMergeRejectionMessage

      protected void sendMergeRejectionMessage(Address dest)

    • getGMSHeader

      protected static GMS.GmsHeader getGMSHeader(Message msg)

    • getJoinResponse

      protected static JoinRsp getJoinResponse(Message msg)