Package org.odpi.openmetadata.metadatasecurity.connectors

Class OpenMetadataPlatformSecurityConnector

java.lang.Object
org.odpi.openmetadata.frameworks.connectors.Connector
org.odpi.openmetadata.frameworks.connectors.ConnectorBase
org.odpi.openmetadata.metadatasecurity.connectors.OpenMetadataPlatformSecurityConnector
All Implemented Interfaces:
org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
public class OpenMetadataPlatformSecurityConnector extends org.odpi.openmetadata.frameworks.connectors.ConnectorBase implements org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
OpenMetadataPlatformSecurityConnector provides the base class for a connector that validates access to the platform services that are not specific to an OMAG Server. This optional connector can be set up once the OMAGServerPlatform is running. The default implementation does not allow any access. It generates well-defined exceptions and console log messages. It is over-ridden to define the required access for the deployment environment. The methods in this base class can be called if access is to be denied as a way of reusing the message logging and exceptions.

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

    org.odpi.openmetadata.frameworks.connectors.ConnectorBase.ProtectedConnection

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected String
    connectorName
     
    protected org.odpi.openmetadata.frameworks.auditlog.MessageFormatter
    messageFormatter
     
    protected String
    serverRootURL
     

    Fields inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

    connectedAssetProperties, connectionBean, connectionProperties, connectorInstanceId, securedProperties

  • Constructor Summary

    Constructors
    Constructor
    Description
    OpenMetadataPlatformSecurityConnector()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    disconnect()
    Free up any resources held since the connector is no longer needed.
    protected void
    logConnectorDisconnecting()
    Write an audit log message to say that the connector is stopping.
    protected void
    logConnectorStarting()
    Write an audit log message to say that the connector is initializing.
    protected void
    logRecord(String logMessageId, org.odpi.openmetadata.frameworks.auditlog.messagesets.AuditLogRecordSeverity severity, String logMessage)
    Log an audit log record for an event, decision, error, or exception detected by the OMRS.
    void
    setServerPlatformURL(String serverURLRoot)
    Set up the URL Root for the platform where this is running.
    void
    start()
    Indicates that the connector is completely configured and can begin processing.
    protected void
    throwUnauthorizedPlatformAccess(String userId, String methodName)
    Write an audit log message and throw exception to record an unauthorized access.
    void
    validateUserAsInvestigatorForPlatform(String userId)
    Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
    void
    validateUserAsOperatorForPlatform(String userId)
    Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
    void
    validateUserForNewServer(String userId)
    Check that the calling user is authorized to create new servers.

    Methods inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase

    equals, getConnectedAssetProperties, getConnection, getConnectorInstanceId, hashCode, initialize, initializeConnectedAssetProperties, isActive, toString

    Methods inherited from class org.odpi.openmetadata.frameworks.connectors.Connector

    clearStatisticProperty, clearStatisticTimestamp, getConnectorStatistics, getStatisticCounter, getStatisticProperty, getStatisticTimestamp, incrementStatisticCounter, initializeStatisticCounter, setStatisticProperty, setStatisticTimestamp

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Field Details

    • messageFormatter

      protected org.odpi.openmetadata.frameworks.auditlog.MessageFormatter messageFormatter

    • connectorName

      protected String connectorName

    • serverRootURL

      protected String serverRootURL

  • Constructor Details

    • OpenMetadataPlatformSecurityConnector

      public OpenMetadataPlatformSecurityConnector()

  • Method Details

    • logRecord

      protected void logRecord(String logMessageId, org.odpi.openmetadata.frameworks.auditlog.messagesets.AuditLogRecordSeverity severity, String logMessage)
      Log an audit log record for an event, decision, error, or exception detected by the OMRS.
      Parameters:
      logMessageId - id for the audit log record
      severity - is this an event, decision, error or exception?
      logMessage - description of the audit log record including specific resources involved

    • logConnectorStarting

      protected void logConnectorStarting()
      Write an audit log message to say that the connector is initializing.

    • logConnectorDisconnecting

      protected void logConnectorDisconnecting()
      Write an audit log message to say that the connector is stopping.

    • setServerPlatformURL

      public void setServerPlatformURL(String serverURLRoot)
      Set up the URL Root for the platform where this is running.
      Parameters:
      serverURLRoot - url root

    • throwUnauthorizedPlatformAccess

      protected void throwUnauthorizedPlatformAccess(String userId, String methodName) throws org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException
      Write an audit log message and throw exception to record an unauthorized access.
      Parameters:
      userId - calling user
      methodName - calling method
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException - the authorization check failed

    • start

      public void start() throws org.odpi.openmetadata.frameworks.connectors.ffdc.ConnectorCheckedException
      Indicates that the connector is completely configured and can begin processing.
      Overrides:
      start in class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.ConnectorCheckedException - there is a problem within the connector.

    • validateUserForNewServer

      public void validateUserForNewServer(String userId) throws org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException
      Check that the calling user is authorized to create new servers.
      Specified by:
      validateUserForNewServer in interface org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
      Parameters:
      userId - calling user
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException - the user is not authorized to access this platform

    • validateUserAsOperatorForPlatform

      public void validateUserAsOperatorForPlatform(String userId) throws org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException
      Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
      Specified by:
      validateUserAsOperatorForPlatform in interface org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
      Parameters:
      userId - calling user
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException - the user is not authorized to issue operator commands to this platform

    • validateUserAsInvestigatorForPlatform

      public void validateUserAsInvestigatorForPlatform(String userId) throws org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException
      Check that the calling user is authorized to issue operator requests to the OMAG Server Platform.
      Specified by:
      validateUserAsInvestigatorForPlatform in interface org.odpi.openmetadata.metadatasecurity.OpenMetadataPlatformSecurity
      Parameters:
      userId - calling user
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.UserNotAuthorizedException - the user is not authorized to issue diagnostic commands to this platform

    • disconnect

      public void disconnect() throws org.odpi.openmetadata.frameworks.connectors.ffdc.ConnectorCheckedException
      Free up any resources held since the connector is no longer needed.
      Overrides:
      disconnect in class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
      Throws:
      org.odpi.openmetadata.frameworks.connectors.ffdc.ConnectorCheckedException - there is a problem within the connector.