Package org.odpi.openmetadata.metadatasecurity.connectors

Class OpenMetadataPlatformSecurityConnector

java.lang.Object

org.odpi.openmetadata.frameworks.connectors.Connector

org.odpi.openmetadata.frameworks.connectors.ConnectorBase

org.odpi.openmetadata.metadatasecurity.connectors.OpenMetadataPlatformSecurityConnector

All Implemented Interfaces:

SecureConnectorExtension, VirtualConnectorExtension, OpenMetadataPlatformSecurity

Direct Known Subclasses:

CocoPharmaPlatformSecurityConnector, CocoPharmaPlatformSecurityConnectorTokenBased

public class OpenMetadataPlatformSecurityConnector
extends ConnectorBase
implements OpenMetadataPlatformSecurity

OpenMetadataPlatformSecurityConnector provides the base class for a connector that validates access to the platform services that are not specific to an OMAG Server. This optional connector can be set up once the OMAGServerPlatform is running. The default implementation does not allow any access. It generates well-defined exceptions and console log messages. It is over-ridden to define the required access for the deployment environment. The methods in this base class can be called if access is to be denied as a way of reusing the message logging and exceptions.

Nested Class Summary

Nested classes/interfaces inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

ConnectorBase.ProtectedConnection

Field Summary

Fields

Modifier and Type	Field	Description
protected String	connectorName
protected MessageFormatter	messageFormatter
protected String	serverRootURL

Fields inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

auditLog, connectedAssetProperties, connectionBean, connectionProperties, connectorInstanceId, embeddedConnectors, secretsStoreConnectorMap

Constructor Summary

Constructors

Constructor	Description
OpenMetadataPlatformSecurityConnector()

Method Summary

Modifier and Type	Method	Description
void	disconnect()	Free up any resources held since the connector is no longer needed.
protected void	logConnectorDisconnecting()	Write an audit log message to say that the connector is stopping.
protected void	logConnectorStarting()	Write an audit log message to say that the connector is initializing.
protected void	logRecord(AuditLogRecordSeverity severity, String logMessage)	Log an audit log record for an event, decision, error, or exception detected by the OMRS.
void	setServerPlatformURL(String serverURLRoot)	Set up the URL Root for the platform where this is running.
void	start()	Indicates that the connector is completely configured and can begin processing.
protected void	throwUnauthorizedPlatformAccess(String userId, String methodName)	Write an audit log message and throw exception to record an unauthorized access.
void	validateUserAsInvestigatorForPlatform(String userId)	Check that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.
void	validateUserAsOperatorForPlatform(String userId)	Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
void	validateUserForNewServer(String userId)	Check that the calling user is authorized to create new servers.

Methods inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

combineConfigurationProperties, disconnectConnectors, equals, getArrayConfigurationProperty, getAssetTypeName, getBooleanConfigurationProperty, getConnectedAssetProperties, getConnection, getConnectorInstanceId, getDateConfigurationProperty, getIntConfigurationProperty, getLongConfigurationProperty, getNetworkAddresses, getStringConfigurationProperty, getSuppliedPlaceholderProperties, hashCode, initialize, initializeConnectedAssetProperties, initializeEmbeddedConnectors, initializeSecretsStoreConnector, isActive, logExceptionRecord, logRecord, logRecord, throwMissingConfigurationProperty, throwMissingResource, throwNoAsset, throwWrongTypeOfAsset, throwWrongTypeOfResource, throwWrongTypeOfRootSchema, toString

Methods inherited from class org.odpi.openmetadata.frameworks.connectors.Connector

clearStatisticProperty, clearStatisticTimestamp, getConnectorStatistics, getStatisticCounter, getStatisticProperty, getStatisticTimestamp, incrementStatisticCounter, initializeStatisticCounter, setStatisticProperty, setStatisticTimestamp

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Details

messageFormatter

protected MessageFormatter messageFormatter

connectorName

protected String connectorName

serverRootURL

protected String serverRootURL

Constructor Details

OpenMetadataPlatformSecurityConnector

public OpenMetadataPlatformSecurityConnector()

Method Details

logRecord

protected void logRecord(AuditLogRecordSeverity severity,
 String logMessage)

Log an audit log record for an event, decision, error, or exception detected by the OMRS.

Parameters:

severity - is this an event, decision, error or exception?

logMessage - description of the audit log record including specific resources involved

logConnectorStarting

protected void logConnectorStarting()

Write an audit log message to say that the connector is initializing.

logConnectorDisconnecting

protected void logConnectorDisconnecting()

Write an audit log message to say that the connector is stopping.

setServerPlatformURL

public void setServerPlatformURL(String serverURLRoot)

Set up the URL Root for the platform where this is running.

Specified by:

setServerPlatformURL in interface OpenMetadataPlatformSecurity

Parameters:

serverURLRoot - url root

throwUnauthorizedPlatformAccess

protected void throwUnauthorizedPlatformAccess(String userId,
 String methodName)
                                        throws UserNotAuthorizedException

Write an audit log message and throw exception to record an unauthorized access.

Parameters:

userId - calling user

methodName - calling method

Throws:

UserNotAuthorizedException - the authorization check failed

start

public void start()
           throws ConnectorCheckedException

Indicates that the connector is completely configured and can begin processing.

Overrides:

start in class ConnectorBase

Throws:

ConnectorCheckedException - there is a problem within the connector.

validateUserForNewServer

public void validateUserForNewServer(String userId)
                              throws UserNotAuthorizedException

Check that the calling user is authorized to create new servers.

Specified by:

validateUserForNewServer in interface OpenMetadataPlatformSecurity

Parameters:

userId - calling user

Throws:

UserNotAuthorizedException - the user is not authorized to access this platform

validateUserAsOperatorForPlatform

public void validateUserAsOperatorForPlatform(String userId)
                                       throws UserNotAuthorizedException

Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.

Specified by:

validateUserAsOperatorForPlatform in interface OpenMetadataPlatformSecurity

Parameters:

userId - calling user

Throws:

UserNotAuthorizedException - the user is not authorized to issue operator commands to this platform

validateUserAsInvestigatorForPlatform

public void validateUserAsInvestigatorForPlatform(String userId)
                                           throws UserNotAuthorizedException

Check that the calling user is authorized to issue diagnostic requests to the OMAG Server Platform.

Specified by:

validateUserAsInvestigatorForPlatform in interface OpenMetadataPlatformSecurity

Parameters:

userId - calling user

Throws:

UserNotAuthorizedException - the user is not authorized to issue diagnostic commands to this platform

disconnect

public void disconnect()
                throws ConnectorCheckedException

Free up any resources held since the connector is no longer needed.

Overrides:

disconnect in class ConnectorBase

Throws:

ConnectorCheckedException - there is a problem within the connector.