public class IgniteAuthenticator extends PasscodeAuthenticator
PasscodeAuthenticator
.
Authenticate client nodes and thin clients using native Apache Ignite authentication mechanism and then get
permissions using PasscodeAuthenticator
. Password must be removed from the clients
SecurityCredentials
in the credentials-permissions mapping configuration. The passwords are verified as
part of the native Ignite authentication.
Constructor and Description |
---|
IgniteAuthenticator() |
Modifier and Type | Method and Description |
---|---|
SecuritySubject |
authenticate(AuthenticationContext authCtx)
Authenticates a given subject (either node or remote client).
|
boolean |
isGlobalNodeAuthentication()
Flag indicating whether node authentication should be run on coordinator only or on all nodes
in current topology.
|
getPasscodesFormatted, setAclProvider, start, stop, supported, toString, validationToken
public SecuritySubject authenticate(AuthenticationContext authCtx) throws IgniteCheckedException
authenticate
in interface Authenticator
authenticate
in class PasscodeAuthenticator
authCtx
- Authentication context. Contains all necessary information required to authenticate
the subject.null
if authentication did not pass.IgniteCheckedException
- If authentication resulted in system error.
Note that bad credentials should not cause this exception.public boolean isGlobalNodeAuthentication()
isGlobalNodeAuthentication
in interface Authenticator
isGlobalNodeAuthentication
in class PasscodeAuthenticator
True
if all nodes in topology should authenticate joining node. In this case security
permissions will be validated to be the same on all nodes. In case if permissions differ, node will
not be able to join the topology. If this method returns false
, only coordinator node will
authenticate joining node.
GridGain In-Memory Computing Platform : ver. 8.9.15 Release Date : December 3 2024