Three things:
- Inject the auth Invoker. - Inject the Authenticator and formalize the chaining authenticator pattern. - Simplify PeerNode creation and make the PeerAuthenticator a chainer. git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@5162 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -24,7 +24,9 @@ package com.threerings.presents.server;
|
||||
import com.samskivert.io.PersistenceException;
|
||||
|
||||
import com.samskivert.util.Invoker;
|
||||
import com.samskivert.util.ResultListener;
|
||||
|
||||
import com.threerings.presents.annotation.MainInvoker;
|
||||
import com.threerings.presents.data.AuthCodes;
|
||||
|
||||
import com.threerings.presents.net.AuthRequest;
|
||||
@@ -43,26 +45,18 @@ import static com.threerings.presents.Log.log;
|
||||
*/
|
||||
public abstract class Authenticator
|
||||
{
|
||||
/**
|
||||
* Called by the connection manager to give us a reference to it for reporting authenticated
|
||||
* connections.
|
||||
*/
|
||||
public void setConnectionManager (ConnectionManager conmgr)
|
||||
{
|
||||
_conmgr = conmgr;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by the connection management code when an authenticating connection has received its
|
||||
* authentication request from the client.
|
||||
*/
|
||||
public void authenticateConnection (final AuthingConnection conn)
|
||||
public void authenticateConnection (Invoker invoker, final AuthingConnection conn,
|
||||
final ResultListener<AuthingConnection> onComplete)
|
||||
{
|
||||
final AuthRequest req = conn.getAuthRequest();
|
||||
final AuthResponseData rdata = createResponseData();
|
||||
final AuthResponse rsp = new AuthResponse(rdata);
|
||||
|
||||
getInvoker().postUnit(new Invoker.Unit("authenticateConnection") {
|
||||
invoker.postUnit(new Invoker.Unit("authenticateConnection") {
|
||||
public boolean invoke() {
|
||||
try {
|
||||
processAuthentication(conn, rsp);
|
||||
@@ -84,21 +78,12 @@ public abstract class Authenticator
|
||||
// if the authentication request was granted, let the connection manager know that
|
||||
// we just authed
|
||||
if (AuthResponseData.SUCCESS.equals(rdata.code)) {
|
||||
_conmgr.connectionDidAuthenticate(conn);
|
||||
onComplete.requestCompleted(conn);
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the invoker on which to process the authentication. The default implementation
|
||||
* returns PresentsServer.invoker.
|
||||
*/
|
||||
protected Invoker getInvoker ()
|
||||
{
|
||||
return PresentsServer.invoker;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new AuthResponseData instance to use for authenticating a connection.
|
||||
*/
|
||||
@@ -117,7 +102,4 @@ public abstract class Authenticator
|
||||
*/
|
||||
protected abstract void processAuthentication (AuthingConnection conn, AuthResponse rsp)
|
||||
throws PersistenceException;
|
||||
|
||||
/** The connection manager with which we're working. */
|
||||
protected ConnectionManager _conmgr;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
//
|
||||
// $Id$
|
||||
//
|
||||
// Narya library - tools for developing networked games
|
||||
// Copyright (C) 2002-2008 Three Rings Design, Inc., All Rights Reserved
|
||||
// http://www.threerings.net/code/narya/
|
||||
//
|
||||
// This library is free software; you can redistribute it and/or modify it
|
||||
// under the terms of the GNU Lesser General Public License as published
|
||||
// by the Free Software Foundation; either version 2.1 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This library is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
// Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public
|
||||
// License along with this library; if not, write to the Free Software
|
||||
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
package com.threerings.presents.server;
|
||||
|
||||
import com.samskivert.util.Invoker;
|
||||
import com.samskivert.util.ResultListener;
|
||||
|
||||
import com.threerings.presents.server.net.AuthingConnection;
|
||||
|
||||
/**
|
||||
* Handles certain special kinds of authentications and passes the remainder through to the default
|
||||
* authenticator.
|
||||
*/
|
||||
public abstract class ChainedAuthenticator extends Authenticator
|
||||
{
|
||||
/**
|
||||
* Called by the {@link ConnectionManager} to initialize our delegate.
|
||||
*/
|
||||
public void setChainedAuthenticator (Authenticator author)
|
||||
{
|
||||
_delegate = author;
|
||||
}
|
||||
|
||||
@Override // from Authenticator
|
||||
public void authenticateConnection (Invoker invoker, AuthingConnection conn,
|
||||
ResultListener<AuthingConnection> onComplete)
|
||||
{
|
||||
// if we handle this sort of authentication, then do so
|
||||
if (shouldHandleConnection(conn)) {
|
||||
super.authenticateConnection(invoker, conn, onComplete);
|
||||
|
||||
} else {
|
||||
// otherwise pass the request on to our delegate
|
||||
_delegate.authenticateConnection(invoker, conn, onComplete);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Derived classes should implement this method and return true if the supplied connection is
|
||||
* one that they should authenticate.
|
||||
*/
|
||||
protected abstract boolean shouldHandleConnection (AuthingConnection conn);
|
||||
|
||||
protected Authenticator _delegate;
|
||||
}
|
||||
@@ -98,8 +98,10 @@ public class ClientManager
|
||||
@Inject public ClientManager (ConnectionManager conmgr, ReportManager repmgr,
|
||||
ShutdownManager shutmgr)
|
||||
{
|
||||
// register ourselves as a connection observer
|
||||
// register as a connection observer, a "state of server" reporter and a shutdowner
|
||||
conmgr.addConnectionObserver(this);
|
||||
repmgr.registerReporter(this);
|
||||
shutmgr.registerShutdowner(this);
|
||||
|
||||
// start up an interval that will check for expired clients and flush them from the bowels
|
||||
// of the server
|
||||
@@ -108,10 +110,6 @@ public class ClientManager
|
||||
flushClients();
|
||||
}
|
||||
}.schedule(CLIENT_FLUSH_INTERVAL, true);
|
||||
|
||||
// register as a "state of server" reporter and a shutdowner
|
||||
repmgr.registerReporter(this);
|
||||
shutmgr.registerShutdowner(this);
|
||||
}
|
||||
|
||||
// from interface ShutdownManager.Shutdowner
|
||||
|
||||
@@ -31,6 +31,7 @@ import com.samskivert.util.Invoker;
|
||||
import com.samskivert.util.RunQueue;
|
||||
import com.samskivert.util.SystemInfo;
|
||||
|
||||
import com.threerings.presents.annotation.AuthInvoker;
|
||||
import com.threerings.presents.annotation.EventQueue;
|
||||
import com.threerings.presents.annotation.MainInvoker;
|
||||
import com.threerings.presents.client.Client;
|
||||
@@ -57,9 +58,11 @@ public class PresentsServer
|
||||
{
|
||||
@Override protected void configure () {
|
||||
bind(Invoker.class).annotatedWith(MainInvoker.class).to(PresentsInvoker.class);
|
||||
bind(Invoker.class).annotatedWith(AuthInvoker.class).to(PresentsInvoker.class);
|
||||
bind(RunQueue.class).annotatedWith(EventQueue.class).to(PresentsDObjectMgr.class);
|
||||
bind(DObjectManager.class).to(PresentsDObjectMgr.class);
|
||||
bind(RootDObjectManager.class).to(PresentsDObjectMgr.class);
|
||||
bind(Authenticator.class).to(DummyAuthenticator.class);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -149,36 +152,11 @@ public class PresentsServer
|
||||
|
||||
// configure our connection manager
|
||||
_conmgr.init(getListenPorts(), getDatagramPorts());
|
||||
_conmgr.setAuthenticator(createAuthenticator());
|
||||
|
||||
// initialize the time base services
|
||||
TimeBaseProvider.init(invmgr, omgr);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates the client Authenticator to be used on this server.
|
||||
*/
|
||||
protected Authenticator createAuthenticator ()
|
||||
{
|
||||
return new DummyAuthenticator();
|
||||
}
|
||||
|
||||
// /**
|
||||
// * Creates the client manager to be used on this server.
|
||||
// */
|
||||
// protected ClientManager createClientManager (ConnectionManager conmgr)
|
||||
// {
|
||||
// return new ClientManager(conmgr);
|
||||
// }
|
||||
|
||||
// /**
|
||||
// * Creates the distributed object manager to be used on this server.
|
||||
// */
|
||||
// protected PresentsDObjectMgr createDObjectManager ()
|
||||
// {
|
||||
// return new PresentsDObjectMgr();
|
||||
// }
|
||||
|
||||
/**
|
||||
* Defines the default object access policy for all {@link DObject} instances. The default
|
||||
* default policy is to allow all subscribers but reject all modifications by the client.
|
||||
|
||||
@@ -42,12 +42,13 @@ import static com.threerings.presents.Log.log;
|
||||
*/
|
||||
public class Rejector extends PresentsServer
|
||||
{
|
||||
@Override // from PresentsServer
|
||||
public void init (Injector injector)
|
||||
throws Exception
|
||||
/** Configures dependencies needed by the Rejector. */
|
||||
public static class Module extends PresentsServer.Module
|
||||
{
|
||||
super.init(injector);
|
||||
_conmgr.setAuthenticator(new RejectingAuthenticator());
|
||||
@Override protected void configure () {
|
||||
super.configure();
|
||||
bind(Authenticator.class).to(RejectingAuthenticator.class);
|
||||
}
|
||||
}
|
||||
|
||||
// documentation inherited
|
||||
|
||||
@@ -64,7 +64,7 @@ public class AuthingConnection extends Connection
|
||||
_authreq = (AuthRequest)msg;
|
||||
|
||||
// post ourselves for processing by the authmgr
|
||||
_cmgr.getAuthenticator().authenticateConnection(this);
|
||||
_cmgr.authenticateConnection(this);
|
||||
|
||||
} catch (ClassCastException cce) {
|
||||
log.warning("Received non-authreq message during " +
|
||||
|
||||
@@ -48,6 +48,7 @@ import com.google.inject.Singleton;
|
||||
|
||||
import com.samskivert.util.IntMap;
|
||||
import com.samskivert.util.IntMaps;
|
||||
import com.samskivert.util.Invoker;
|
||||
import com.samskivert.util.LoopingThread;
|
||||
import com.samskivert.util.Queue;
|
||||
import com.samskivert.util.ResultListener;
|
||||
@@ -57,6 +58,7 @@ import com.samskivert.util.Tuple;
|
||||
import com.threerings.io.FramingOutputStream;
|
||||
import com.threerings.io.ObjectOutputStream;
|
||||
|
||||
import com.threerings.presents.annotation.AuthInvoker;
|
||||
import com.threerings.presents.client.Client;
|
||||
import com.threerings.presents.data.ConMgrStats;
|
||||
import com.threerings.presents.net.AuthRequest;
|
||||
@@ -65,6 +67,7 @@ import com.threerings.presents.net.DownstreamMessage;
|
||||
import com.threerings.presents.util.DatagramSequencer;
|
||||
|
||||
import com.threerings.presents.server.Authenticator;
|
||||
import com.threerings.presents.server.ChainedAuthenticator;
|
||||
import com.threerings.presents.server.PresentsDObjectMgr;
|
||||
import com.threerings.presents.server.ReportManager;
|
||||
import com.threerings.presents.server.ShutdownManager;
|
||||
@@ -129,22 +132,13 @@ public class ConnectionManager extends LoopingThread
|
||||
}
|
||||
|
||||
/**
|
||||
* Specifies the authenticator that should be used by the connection manager to authenticate
|
||||
* logon requests.
|
||||
* Adds an authenticator to the authentication chain. This authenticator will be offered a
|
||||
* chance to authenticate incoming connections in lieu of the main autuenticator.
|
||||
*/
|
||||
public void setAuthenticator (Authenticator author)
|
||||
public void addChainedAuthenticator (ChainedAuthenticator author)
|
||||
{
|
||||
// say hello to our new authenticator
|
||||
author.setChainedAuthenticator(_author);
|
||||
_author = author;
|
||||
_author.setConnectionManager(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the entity that is being used to authenticate connections.
|
||||
*/
|
||||
public Authenticator getAuthenticator ()
|
||||
{
|
||||
return _author;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -209,12 +203,19 @@ public class ConnectionManager extends LoopingThread
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by the authenticator to indicate that a connection was successfully authenticated.
|
||||
* Performs the authentication process on the specified connection. This is called by {@link
|
||||
* AuthingConnection} itself once it receives its auth request.
|
||||
*/
|
||||
public void connectionDidAuthenticate (AuthingConnection conn)
|
||||
public void authenticateConnection (AuthingConnection conn)
|
||||
{
|
||||
// slap this sucker onto the authenticated connections queue
|
||||
_authq.append(conn);
|
||||
_author.authenticateConnection(_authInvoker, conn, new ResultListener<AuthingConnection>() {
|
||||
public void requestCompleted (AuthingConnection conn) {
|
||||
_authq.append(conn);
|
||||
}
|
||||
public void requestFailed (Exception cause) {
|
||||
// this never happens
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// documentation inherited from interface ReportManager.Reporter
|
||||
@@ -1048,8 +1049,12 @@ public class ConnectionManager extends LoopingThread
|
||||
}
|
||||
};
|
||||
|
||||
/** Handles client authentication. The base authenticator is injected but optional services
|
||||
* like the PeerManager may replace this authenticator with one that intercepts certain types
|
||||
* of authentication and then passes normal authentications through. */
|
||||
@Inject protected Authenticator _author;
|
||||
|
||||
protected int[] _ports, _datagramPorts;
|
||||
protected Authenticator _author;
|
||||
protected Selector _selector;
|
||||
protected ServerSocketChannel _ssocket;
|
||||
protected DatagramChannel _datagramChannel;
|
||||
@@ -1093,7 +1098,10 @@ public class ConnectionManager extends LoopingThread
|
||||
/** A runnable to execute when the connection manager thread exits. */
|
||||
protected volatile Runnable _onExit;
|
||||
|
||||
// injected dependencies
|
||||
/** The invoker on which we do our authenticating. */
|
||||
@Inject @AuthInvoker protected Invoker _authInvoker;
|
||||
|
||||
/** The distributed object manager with which we operate. */
|
||||
@Inject protected PresentsDObjectMgr _omgr;
|
||||
|
||||
/** How long we wait for network events before checking our running flag to see if we should
|
||||
|
||||
Reference in New Issue
Block a user