-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How do I understand and debug this code? #1
Comments
@devinbost I am glad you found this project helpful. You can find more information about this project at https://www.bugdbug.com/post/how-to-secure-apache-ignite-cluster It would be easy to debug if you open this project in two different IDE instances and run those in debug mode. This way when you will start two different instances, you would get the joining request in |
@aamargajbhiye Thank you for the help.
and then my JDBC client gives me this error:
(I'm using DBeaver as my client with a JDBC Ignite driver.) Do you have any idea what might cause this? |
I only get that error when running a SQL SELECT. I don't get it when I run CREATE TABLE or INSERT INTO. |
@aamargajbhiye I got beyond those issues. The issue I'm running into now is that it's not clear how I can handle authenticatioN... all of my clients are able to authenticate with any username/password combination, which is a major security problem. Do I need to implement my own approach in the authentication(..) method of the plugin to authenticate access? |
This project was super helpful for getting me started with creating an Ignite plugin for custom authorization.
However, it's not clear to me how to debug this code.
Here are some of my questions:
SecurityCredentials
) convertible to a string? (I'm hoping that the string equals the username of the person attempting the action.)AuthenticationProcessor.authorize(..)
the right place to put that logic? If so, then what wouldSecurityContextImpl
be used for? It looks like theAuthenticationContext
that gets passed toSecurityContextImpl
's constructor inSecurityProcessor.authenticate(..)
could be used as a property inSecurityContextImpl
for performing most of the complex auth logic.SecurityProcessor.authenticateNode(..)
does not pass anAuthenticationContext
instance to the constructor ofSecurityContextImpl
. What purpose doesSecurityContextImpl
provide in this situation? It looks like perhaps it could be used to set very broad restrictions (that would apply to all users); but, if so, then I'd think it would be better to create a second class that implementsSecurityContext
specifically for these broad restrictions, perhaps like:UserSecurityContextImpl implements SecurityContext
(forSecurityProcessor.authenticate(..)
)NodeSecurityContextImpl implements SecurityContext
(forSecurityProcessor.authenticateNode(..)
)The text was updated successfully, but these errors were encountered: