Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
s920243400
Rocketmq
提交
aeea0215
R
Rocketmq
项目概览
s920243400
/
Rocketmq
与 Fork 源项目一致
Fork自
Apache RocketMQ / Rocketmq
通知
1
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
Rocketmq
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
aeea0215
编写于
10月 27, 2018
作者:
D
dongeforever
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Draft the rpc hook and access validator plugin mechanism
上级
76ab7bdb
变更
9
显示空白变更内容
内联
并排
Showing
9 changed file
with
133 addition
and
46 deletion
+133
-46
acl-plug/src/main/java/org/apache/rocketmq/acl/AccessResource.java
...src/main/java/org/apache/rocketmq/acl/AccessResource.java
+21
-0
acl-plug/src/main/java/org/apache/rocketmq/acl/AccessValidator.java
...rc/main/java/org/apache/rocketmq/acl/AccessValidator.java
+35
-0
acl-plug/src/main/java/org/apache/rocketmq/acl/DefaultAccessValidator.java
.../java/org/apache/rocketmq/acl/DefaultAccessValidator.java
+31
-0
broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java
...ain/java/org/apache/rocketmq/broker/BrokerController.java
+28
-33
broker/src/main/java/org/apache/rocketmq/broker/util/ServiceProvider.java
...java/org/apache/rocketmq/broker/util/ServiceProvider.java
+8
-0
common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java
...rc/main/java/org/apache/rocketmq/common/BrokerConfig.java
+6
-6
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingAbstract.java
...apache/rocketmq/remoting/netty/NettyRemotingAbstract.java
+2
-2
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingClient.java
...g/apache/rocketmq/remoting/netty/NettyRemotingClient.java
+0
-1
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingServer.java
...g/apache/rocketmq/remoting/netty/NettyRemotingServer.java
+2
-4
未找到文件。
acl-plug/src/main/java/org/apache/rocketmq/acl/AccessResource.java
0 → 100644
浏览文件 @
aeea0215
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.apache.rocketmq.acl
;
public
interface
AccessResource
{
}
acl-plug/src/main/java/org/apache/rocketmq/acl/AccessValidator.java
0 → 100644
浏览文件 @
aeea0215
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.apache.rocketmq.acl
;
import
org.apache.rocketmq.remoting.protocol.RemotingCommand
;
public
interface
AccessValidator
{
/**
* Parse to get the AccessResource(user, resource, needed permission)
* @param request
* @return
*/
AccessResource
parse
(
RemotingCommand
request
);
/**
* Validate the access resource.
* @param accessResource
*/
void
validate
(
AccessResource
accessResource
)
;
}
acl-plug/src/main/java/org/apache/rocketmq/acl/DefaultAccessValidator.java
0 → 100644
浏览文件 @
aeea0215
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.apache.rocketmq.acl
;
import
org.apache.rocketmq.remoting.protocol.RemotingCommand
;
public
class
DefaultAccessValidator
implements
AccessValidator
{
@Override
public
AccessResource
parse
(
RemotingCommand
request
)
{
return
null
;
}
@Override
public
void
validate
(
AccessResource
accessResource
)
{
}
}
broker/src/main/java/org/apache/rocketmq/broker/BrokerController.java
浏览文件 @
aeea0215
...
...
@@ -19,7 +19,6 @@ package org.apache.rocketmq.broker;
import
java.io.IOException
;
import
java.net.InetSocketAddress
;
import
java.util.ArrayList
;
import
java.util.HashMap
;
import
java.util.Iterator
;
import
java.util.List
;
import
java.util.Map
;
...
...
@@ -32,11 +31,8 @@ import java.util.concurrent.LinkedBlockingQueue;
import
java.util.concurrent.ScheduledExecutorService
;
import
java.util.concurrent.ThreadPoolExecutor
;
import
java.util.concurrent.TimeUnit
;
import
org.apache.
commons.lang3.StringUtils
;
import
org.apache.
rocketmq.acl.AccessValidator
;
import
org.apache.rocketmq.acl.plug.AclPlugController
;
import
org.apache.rocketmq.acl.plug.AclRemotingService
;
import
org.apache.rocketmq.acl.plug.entity.AccessControl
;
import
org.apache.rocketmq.acl.plug.entity.ControllerParameters
;
import
org.apache.rocketmq.broker.client.ClientHousekeepingService
;
import
org.apache.rocketmq.broker.client.ConsumerIdsChangeListener
;
import
org.apache.rocketmq.broker.client.ConsumerManager
;
...
...
@@ -476,7 +472,8 @@ public class BrokerController {
}
}
initialTransaction
();
initialAclPlug
();
initialAcl
();
initialRpcHooks
();
}
return
result
;
}
...
...
@@ -496,44 +493,42 @@ public class BrokerController {
this
.
transactionalMessageCheckService
=
new
TransactionalMessageCheckService
(
this
);
}
private
void
initialAclPlug
()
{
try
{
if
(!
this
.
brokerConfig
.
isAclPlug
())
{
log
.
info
(
"Default does not start acl plug"
);
private
void
initialAcl
()
{
if
(!
this
.
brokerConfig
.
isEnableAcl
())
{
log
.
info
(
"The broker dose not enable acl"
);
return
;
}
ControllerParameters
controllerParameters
=
new
ControllerParameters
();
controllerParameters
.
setFileHome
(
brokerConfig
.
getRocketmqHome
());
aclPlugController
=
new
AclPlugController
(
controllerParameters
);
if
(!
aclPlugController
.
isStartSucceed
())
{
log
.
error
(
"start acl plug failure"
);
List
<
AccessValidator
>
accessValidators
=
ServiceProvider
.
load
(
ServiceProvider
.
ACL_VALIDATOR_ID
,
AccessValidator
.
class
);
if
(
accessValidators
==
null
||
accessValidators
.
isEmpty
())
{
return
;
}
final
AclRemotingService
aclRemotingService
=
aclPlugController
.
getAclRemotingService
();
for
(
AccessValidator
accessValidator:
accessValidators
)
{
final
AccessValidator
validator
=
accessValidator
;
this
.
registerServerRPCHook
(
new
RPCHook
()
{
@Override
public
void
doBeforeRequest
(
String
remoteAddr
,
RemotingCommand
request
)
{
HashMap
<
String
,
String
>
extFields
=
request
.
getExtFields
();
AccessControl
accessControl
=
new
AccessControl
();
accessControl
.
setCode
(
request
.
getCode
());
accessControl
.
setRecognition
(
remoteAddr
);
if
(
extFields
!=
null
)
{
accessControl
.
setAccount
(
extFields
.
get
(
"account"
));
accessControl
.
setPassword
(
extFields
.
get
(
"password"
));
accessControl
.
setNetaddress
(
StringUtils
.
split
(
remoteAddr
,
":"
)[
0
]);
accessControl
.
setTopic
(
extFields
.
get
(
"topic"
));
}
aclRemotingService
.
check
(
accessControl
);
validator
.
validate
(
validator
.
parse
(
request
));
}
@Override
public
void
doAfterResponse
(
String
remoteAddr
,
RemotingCommand
request
,
RemotingCommand
response
)
{
}
});
}
}
}
catch
(
Exception
e
)
{
log
.
error
(
e
.
getMessage
(),
e
);
private
void
initialRpcHooks
()
{
List
<
RPCHook
>
rpcHooks
=
ServiceProvider
.
load
(
ServiceProvider
.
RPC_HOOK_ID
,
RPCHook
.
class
);
if
(
rpcHooks
==
null
||
rpcHooks
.
isEmpty
())
{
return
;
}
for
(
RPCHook
rpcHook:
rpcHooks
)
{
this
.
registerServerRPCHook
(
rpcHook
);
}
}
...
...
broker/src/main/java/org/apache/rocketmq/broker/util/ServiceProvider.java
浏览文件 @
aeea0215
...
...
@@ -34,6 +34,14 @@ public class ServiceProvider {
public
static
final
String
TRANSACTION_LISTENER_ID
=
"META-INF/service/org.apache.rocketmq.broker.transaction.AbstractTransactionalMessageCheckListener"
;
public
static
final
String
RPC_HOOK_ID
=
"META-INF/service/org.apache.rocketmq.remoting.RPCHook"
;
public
static
final
String
ACL_VALIDATOR_ID
=
"META-INF/service/org.apache.rocketmq.acl.AccessValidator"
;
static
{
thisClassLoader
=
getClassLoader
(
ServiceProvider
.
class
);
}
...
...
common/src/main/java/org/apache/rocketmq/common/BrokerConfig.java
浏览文件 @
aeea0215
...
...
@@ -171,7 +171,8 @@ public class BrokerConfig {
@ImportantField
private
long
transactionCheckInterval
=
60
*
1000
;
private
boolean
isAclPlug
;
private
boolean
enableAcl
;
public
static
String
localHostName
()
{
try
{
...
...
@@ -711,12 +712,12 @@ public class BrokerConfig {
this
.
transactionCheckInterval
=
transactionCheckInterval
;
}
public
boolean
is
AclPlug
()
{
return
isAclPlug
;
public
boolean
is
EnableAcl
()
{
return
enableAcl
;
}
public
void
set
AclPlug
(
boolean
isAclPlug
)
{
this
.
isAclPlug
=
isAclPlug
;
public
void
set
EnableAcl
(
boolean
isAclPlug
)
{
this
.
enableAcl
=
isAclPlug
;
}
public
int
getEndTransactionThreadPoolNums
()
{
...
...
@@ -742,5 +743,4 @@ public class BrokerConfig {
public
void
setWaitTimeMillsInTransactionQueue
(
long
waitTimeMillsInTransactionQueue
)
{
this
.
waitTimeMillsInTransactionQueue
=
waitTimeMillsInTransactionQueue
;
}
}
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingAbstract.java
浏览文件 @
aeea0215
...
...
@@ -36,6 +36,8 @@ import java.util.concurrent.LinkedBlockingQueue;
import
java.util.concurrent.RejectedExecutionException
;
import
java.util.concurrent.Semaphore
;
import
java.util.concurrent.TimeUnit
;
import
org.apache.rocketmq.logging.InternalLogger
;
import
org.apache.rocketmq.logging.InternalLoggerFactory
;
import
org.apache.rocketmq.remoting.ChannelEventListener
;
import
org.apache.rocketmq.remoting.InvokeCallback
;
import
org.apache.rocketmq.remoting.RPCHook
;
...
...
@@ -46,8 +48,6 @@ import org.apache.rocketmq.remoting.common.ServiceThread;
import
org.apache.rocketmq.remoting.exception.RemotingSendRequestException
;
import
org.apache.rocketmq.remoting.exception.RemotingTimeoutException
;
import
org.apache.rocketmq.remoting.exception.RemotingTooMuchRequestException
;
import
org.apache.rocketmq.logging.InternalLogger
;
import
org.apache.rocketmq.logging.InternalLoggerFactory
;
import
org.apache.rocketmq.remoting.protocol.RemotingCommand
;
import
org.apache.rocketmq.remoting.protocol.RemotingSysResponseCode
;
...
...
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingClient.java
浏览文件 @
aeea0215
...
...
@@ -34,7 +34,6 @@ import io.netty.handler.timeout.IdleState;
import
io.netty.handler.timeout.IdleStateEvent
;
import
io.netty.handler.timeout.IdleStateHandler
;
import
io.netty.util.concurrent.DefaultEventExecutorGroup
;
import
io.netty.util.concurrent.EventExecutorGroup
;
import
java.io.IOException
;
import
java.net.SocketAddress
;
import
java.security.cert.CertificateException
;
...
...
remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettyRemotingServer.java
浏览文件 @
aeea0215
...
...
@@ -40,8 +40,6 @@ import io.netty.util.concurrent.DefaultEventExecutorGroup;
import
java.io.IOException
;
import
java.net.InetSocketAddress
;
import
java.security.cert.CertificateException
;
import
java.util.ArrayList
;
import
java.util.List
;
import
java.util.NoSuchElementException
;
import
java.util.Timer
;
import
java.util.TimerTask
;
...
...
@@ -49,6 +47,8 @@ import java.util.concurrent.ExecutorService;
import
java.util.concurrent.Executors
;
import
java.util.concurrent.ThreadFactory
;
import
java.util.concurrent.atomic.AtomicInteger
;
import
org.apache.rocketmq.logging.InternalLogger
;
import
org.apache.rocketmq.logging.InternalLoggerFactory
;
import
org.apache.rocketmq.remoting.ChannelEventListener
;
import
org.apache.rocketmq.remoting.InvokeCallback
;
import
org.apache.rocketmq.remoting.RPCHook
;
...
...
@@ -60,8 +60,6 @@ import org.apache.rocketmq.remoting.common.TlsMode;
import
org.apache.rocketmq.remoting.exception.RemotingSendRequestException
;
import
org.apache.rocketmq.remoting.exception.RemotingTimeoutException
;
import
org.apache.rocketmq.remoting.exception.RemotingTooMuchRequestException
;
import
org.apache.rocketmq.logging.InternalLogger
;
import
org.apache.rocketmq.logging.InternalLoggerFactory
;
import
org.apache.rocketmq.remoting.protocol.RemotingCommand
;
public
class
NettyRemotingServer
extends
NettyRemotingAbstract
implements
RemotingServer
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录