This repository has been archived by the owner on May 10, 2022. It is now read-only.
feat(security): add ReplicaSession interceptor #135
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
levy5307
commented
Sep 21, 2020
•
levy5307
commented
- add ReplicaSession hook to deal with some situations, such as session connected、sending a message.
- add some configurations
src/main/java/com/xiaomi/infra/pegasus/client/ClientOptions.java
Outdated
Show resolved
Hide resolved
src/main/java/com/xiaomi/infra/pegasus/client/ClientOptions.java
Outdated
Show resolved
Hide resolved
src/main/java/com/xiaomi/infra/pegasus/client/ClientOptions.java
Outdated
Show resolved
Hide resolved
src/main/java/com/xiaomi/infra/pegasus/rpc/async/SecurityReplicaSessionHook.java
Outdated
Show resolved
Hide resolved
neverchanje
reviewed
Sep 22, 2020
configuration/pegasus_jaas.conf
Outdated
| @@ -0,0 +1,10 @@ | |||
| client { | |||
| com.sun.security.auth.module.Krb5LoginModule required | |||
There was a problem hiding this comment.
Does this config format support comment? Can you write a comment of description on top of each config item?
Furthermore, does it mean that every of our users should have this file in their project?
There was a problem hiding this comment.
I removed the pegasus_jaas.conf. So we can add it in later pull request. And I will refactor it in a better way at that time.
src/main/java/com/xiaomi/infra/pegasus/rpc/async/ReplicaSessionHookManager.java
Outdated
Show resolved
Hide resolved
foreverneverer
previously approved these changes
Sep 22, 2020
levy5307
changed the title
src/main/java/com/xiaomi/infra/pegasus/rpc/async/ClusterManager.java
Outdated
Show resolved
Hide resolved
neverchanje
reviewed
Sep 24, 2020
| public ReplicaSession( | ||
| rpc_address address, EventLoopGroup rpcGroup, int socketTimeout, boolean enableAuth) { |
There was a problem hiding this comment.
You can pass ClientOptions here. Each ReplicaSession creates its ReplicaSessionInterceptorManager separately.
public ReplicaSession(rpc_address address, EventLoopGroup rpcGroup, int socketTimeout, ClientOptions opts) {
interceptors = new ReplicaSessionInterceptorManager(opts);
enableAuth = opts.enableAuth();
}
There was a problem hiding this comment.
I don't think we should create a ReplicaSessionInterceptorManager for each ReplicationSession. Each ClusterManager has a ReplicaSessionInterceptorManager is enough
src/main/java/com/xiaomi/infra/pegasus/client/ClientOptions.java
Outdated
Show resolved
Hide resolved
neverchanje
approved these changes
Sep 24, 2020
foreverneverer
approved these changes
Sep 24, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.