diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-05-20 16:09:54 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-05-23 17:05:03 +0200 |
commit | 8709f286708ea52b57d30eb7ccc88054991e6f53 (patch) | |
tree | 1a80cc197be9b92cb1093bd2cab50882a36bde3c /configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java | |
parent | 9d880c961f513966e76297e74d8494a86c5df16d (diff) |
Wire in RpcAuthorizer to RpcServer
- Add noop implementation of RpcAuthorizer
- Add default provider that selects implementation based on configserver config.
Diffstat (limited to 'configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java')
-rw-r--r-- | configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java new file mode 100644 index 00000000000..2e8b8182c3f --- /dev/null +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java @@ -0,0 +1,36 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.config.server.rpc.security; + +import com.google.inject.Inject; +import com.google.inject.Provider; +import com.yahoo.cloud.config.ConfigserverConfig; +import com.yahoo.config.provision.security.NodeIdentifier; +import com.yahoo.security.tls.TransportSecurityUtils; +import com.yahoo.vespa.config.server.host.HostRegistries; +import com.yahoo.vespa.config.server.tenant.TenantRepository; + +/** + * A provider for {@link RpcAuthorizer}. The instance provided is dependent on the configuration of the configserver. + * + * @author bjorncs + */ +public class DefaultRpcAuthorizerProvider implements Provider<RpcAuthorizer> { + + private final RpcAuthorizer rpcAuthorizer; + + @Inject + public DefaultRpcAuthorizerProvider(ConfigserverConfig config, + NodeIdentifier nodeIdentifier, + HostRegistries hostRegistries, + TenantRepository tenantRepository) { + this.rpcAuthorizer = + TransportSecurityUtils.isTransportSecurityEnabled() && config.multitenant() + ? new MultiTenantRpcAuthorizer(nodeIdentifier, hostRegistries, tenantRepository) + : new NoopRpcAuthorizer(); + } + + @Override + public RpcAuthorizer get() { + return rpcAuthorizer; + } +} |