CODEWITHSUNDEEP
gridgainignite
Александр Меньшиков
Александр Меньшиков

Reputation: 627

Can't enable password authentication in GridGain

I try to follow this instructions: https://gridgain.readme.io/docs/securing-visor for enable login/password authentication in gridgain. My default-config.xml look this:

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
   xsi:schemaLocation="http://www.springframework.org/schema/beans
   http://www.springframework.org/schema/beans/spring-beans.xsd
   http://www.springframework.org/schema/util
   http://www.springframework.org/schema/util/spring-util.xsd">



<bean class="org.gridgain.grid.configuration.GridGainConfiguration" scope="singleton">
    <property name="authenticator">
     <bean class="org.gridgain.grid.security.passcode.PasscodeAuthenticator">
        <property name="aclProvider">
           <bean class="org.gridgain.grid.security.passcode.AuthenticationAclBasicProvider">
              <constructor-arg>
                 <map>
                    <entry key-ref="visor.creds"
                       value="
                          {
                             {
                                system:[ADMIN_VIEW, ADMIN_QUERY]
                             },
                             defaultAllow:false
                          }
                       "/>
                        </map>
                    </constructor-arg>
                </bean>
            </property>
        </bean>
    </property>
</bean>

<bean id="visor.creds" class="org.apache.ignite.plugin.security.SecurityCredentials">
    <property name="login" value="visor-user"/>
    <property name="password" value="P@ssw0rd"/>
</bean>


<!--
    Configuration of Ignite node.
-->
<bean id="grid.cfg" class="org.apache.ignite.configuration.IgniteConfiguration">
    <!--
        Apache Hadoop Accelerator configuration.
    -->
    <property name="hadoopConfiguration">
        <bean class="org.apache.ignite.configuration.HadoopConfiguration">
            <!-- Information about finished jobs will be kept for 30 seconds. -->
            <property name="finishedJobInfoTtl" value="30000"/>
        </bean>
    </property>


    <!--
        This port will be used by Apache Hadoop client to connect to Ignite node as if it was a job tracker.
    -->
    <property name="connectorConfiguration">
        <bean class="org.apache.ignite.configuration.ConnectorConfiguration">
            <property name="port" value="11211"/>
        </bean>
    </property>


    <property name="discoverySpi">
        <bean class="org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi">
            <property name="ipFinder">
                <bean class="org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder">
                    <property name="addresses">
                        <list>
                        <value>10.116.6.195:47500</value>
                        </list>
                    </property>
                </bean>
            </property>
        </bean>
    </property>
</bean>

But when i try to connect to node Visor successfully connect to node without login and password. What am I doing wrong?

Upvotes: 1

Views: 710

Answers (1)

Pavel Konstantinov
Pavel Konstantinov

Reputation: 46

You need to define pluginConfigurations property ("org.apache.ignite.plugin", "https://gridgain.readme.io/#configuration") inside IgniteConfiguration bean with GridGainConfiguration which should contain property authenticator. In my configuration I'm doing this way:

<bean id="visor" class="org.apache.ignite.plugin.security.SecurityCredentials">
    <constructor-arg value="visor"/>
    <constructor-arg value="P@ssw@rd"/>
</bean>

<bean id="authenticator" class="org.gridgain.grid.security.passcode.PasscodeAuthenticator">
    <property name="aclProvider">
        <bean class="org.gridgain.grid.security.passcode.AuthenticationAclBasicProvider">
            <constructor-arg>
                <map>
                    <entry key-ref="visor"
                        value="{defaultAllow:false,{system:[ADMIN_VIEW, ADMIN_OPS, ADMIN_QUERY, ADMIN_CACHE]}}"
                    />
                </map>
            </constructor-arg>
        </bean>
    </property>
</bean>

<bean id="grid.cfg" class="org.apache.ignite.configuration.IgniteConfiguration">
    ...
    <property name="pluginConfigurations">
        <list>
            <bean class="org.gridgain.grid.configuration.GridGainConfiguration">
                <property name="authenticator">
                    <ref bean="authenticator"/>
                </property>

                <property name="securityCredentialsProvider">
                    <bean class="org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider">
                        <constructor-arg ref="visor"/>
                    </bean>
                </property>
            </bean>
        </list>
    </property>
    ...
</bean>

Upvotes: 3

Related Questions