aboutsummaryrefslogtreecommitdiffstats
path: root/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
diff options
context:
space:
mode:
authorBjørn Christian Seime <bjorncs@verizonmedia.com>2019-05-20 16:09:54 +0200
committerBjørn Christian Seime <bjorncs@verizonmedia.com>2019-05-23 17:05:03 +0200
commit8709f286708ea52b57d30eb7ccc88054991e6f53 (patch)
tree1a80cc197be9b92cb1093bd2cab50882a36bde3c /configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
parent9d880c961f513966e76297e74d8494a86c5df16d (diff)
Wire in RpcAuthorizer to RpcServer
- Add noop implementation of RpcAuthorizer - Add default provider that selects implementation based on configserver config.
Diffstat (limited to 'configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java')
-rw-r--r--configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java36
1 files changed, 36 insertions, 0 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
new file mode 100644
index 00000000000..2e8b8182c3f
--- /dev/null
+++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
@@ -0,0 +1,36 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.config.server.rpc.security;
+
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import com.yahoo.cloud.config.ConfigserverConfig;
+import com.yahoo.config.provision.security.NodeIdentifier;
+import com.yahoo.security.tls.TransportSecurityUtils;
+import com.yahoo.vespa.config.server.host.HostRegistries;
+import com.yahoo.vespa.config.server.tenant.TenantRepository;
+
+/**
+ * A provider for {@link RpcAuthorizer}. The instance provided is dependent on the configuration of the configserver.
+ *
+ * @author bjorncs
+ */
+public class DefaultRpcAuthorizerProvider implements Provider<RpcAuthorizer> {
+
+ private final RpcAuthorizer rpcAuthorizer;
+
+ @Inject
+ public DefaultRpcAuthorizerProvider(ConfigserverConfig config,
+ NodeIdentifier nodeIdentifier,
+ HostRegistries hostRegistries,
+ TenantRepository tenantRepository) {
+ this.rpcAuthorizer =
+ TransportSecurityUtils.isTransportSecurityEnabled() && config.multitenant()
+ ? new MultiTenantRpcAuthorizer(nodeIdentifier, hostRegistries, tenantRepository)
+ : new NoopRpcAuthorizer();
+ }
+
+ @Override
+ public RpcAuthorizer get() {
+ return rpcAuthorizer;
+ }
+}