tool
/
atlas
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ATLAS-2505: add client IP address in authorization requests 

Signed-off-by: Madhan Neethiraj <madhan@apache.org>
This commit is contained in:
nixonrodrigues 2018-03-19 16:32:59 +05:30 committed by Madhan Neethiraj
parent 729d92386e
commit 31eb3664ce
4 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
authorization/pom.xml
View File

@ -40,6 +40,11 @@
<artifactId>atlas-intg</artifactId>
</dependency>
<dependency>
<groupId>org.apache.atlas</groupId>
<artifactId>atlas-server-api</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>

8
authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java
View File

@ -33,7 +33,7 @@ import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.HashSet;
import java.util.Set;
import org.apache.atlas.RequestContextV1;
public class AtlasAuthorizationUtils {
private static final Logger LOG = LoggerFactory.getLogger(AtlasAuthorizationUtils.class);
@ -71,7 +71,7 @@ public class AtlasAuthorizationUtils {
AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
request.setUser(userName, getCurrentUserGroups());
request.setClientIPAddress(RequestContextV1.get().getClientIPAddress());
ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
@ -92,7 +92,7 @@ public class AtlasAuthorizationUtils {
AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
request.setUser(getCurrentUserName(), getCurrentUserGroups());
request.setClientIPAddress(RequestContextV1.get().getClientIPAddress());
ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
@ -113,7 +113,7 @@ public class AtlasAuthorizationUtils {
AtlasAuthorizer authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
request.setUser(getCurrentUserName(), getCurrentUserGroups());
request.setClientIPAddress(RequestContextV1.get().getClientIPAddress());
ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);

10
server-api/src/main/java/org/apache/atlas/RequestContextV1.java
View File

@ -37,6 +37,8 @@ public class RequestContextV1 {
private String user;
private Set<String> userGroups;
private String clientIPAddress;
private RequestContextV1() {
}
@ -79,6 +81,14 @@ public class RequestContextV1 {
this.userGroups = userGroups;
}
public String getClientIPAddress() {
return clientIPAddress;
}
public void setClientIPAddress(String clientIPAddress) {
this.clientIPAddress = clientIPAddress;
}
public void recordEntityUpdate(AtlasObjectId entity) {
if (entity != null && entity.getGuid() != null) {
updatedEntities.put(entity.getGuid(), entity);

2
webapp/src/main/java/org/apache/atlas/web/filters/AuditFilter.java
View File

@ -76,7 +76,7 @@ public class AuditFilter implements Filter {
RequestContextV1.clear();
RequestContextV1 requestContext = RequestContextV1.get();
requestContext.setUser(user, userGroups);
requestContext.setClientIPAddress(AtlasAuthorizationUtils.getRequestIpAddress(httpRequest));
filterChain.doFilter(request, response);
} finally {
long timeTaken = System.currentTimeMillis() - startTime;