Cleanup: Incorporating findbugs/pmd findings
Original commit: elastic/x-pack-elasticsearch@5567fae416
This commit is contained in:
Alexander Reelsen
parent
25d2480e78
commit
c6b7be5596
|
|
@ -15,7 +15,7 @@ import org.elasticsearch.common.settings.Settings;
|
|||
import org.elasticsearch.shield.audit.AuditTrailModule;
|
||||
import org.elasticsearch.shield.authc.AuthenticationModule;
|
||||
import org.elasticsearch.shield.authz.AuthorizationModule;
|
||||
import org.elasticsearch.shield.n2n.N2NModule;
|
||||
import org.elasticsearch.shield.n2n.N2NAuthModule;
|
||||
import org.elasticsearch.shield.transport.SecuredTransportModule;
|
||||
import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
|
||||
import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
|
||||
|
|
@ -52,7 +52,7 @@ public class SecurityModule extends AbstractModule implements SpawnModules, PreP
|
|||
// spawn needed parts in client mode
|
||||
if (isClient) {
|
||||
return ImmutableList.of(
|
||||
new N2NModule(),
|
||||
new N2NAuthModule(),
|
||||
new SecuredTransportModule()
|
||||
);
|
||||
}
|
||||
|
|
@ -61,7 +61,7 @@ public class SecurityModule extends AbstractModule implements SpawnModules, PreP
|
|||
new AuthenticationModule(settings),
|
||||
new AuthorizationModule(),
|
||||
new AuditTrailModule(settings),
|
||||
new N2NModule(),
|
||||
new N2NAuthModule(),
|
||||
new NettySecuredHttpServerTransportModule(),
|
||||
new NettySecuredTransportModule(),
|
||||
new SecuredTransportModule());
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import org.elasticsearch.transport.TransportMessage;
|
|||
*/
|
||||
public interface AuditTrail {
|
||||
|
||||
public static final AuditTrail NOOP = new AuditTrail() {
|
||||
static final AuditTrail NOOP = new AuditTrail() {
|
||||
|
||||
static final String NAME = "noop";
|
||||
|
||||
|
|
|
|||
|
|
@ -147,17 +147,15 @@ public class FileUserPasswdStore extends AbstractComponent implements UserPasswd
|
|||
@Override
|
||||
public void onFileChanged(File file) {
|
||||
if (file.equals(FileUserPasswdStore.this.file.toFile())) {
|
||||
if (file.equals(FileUserPasswdStore.this.file.toFile())) {
|
||||
esUsers = ImmutableMap.copyOf(parseFile(file.toPath(), logger));
|
||||
listener.onRefresh();
|
||||
}
|
||||
esUsers = ImmutableMap.copyOf(parseFile(file.toPath(), logger));
|
||||
listener.onRefresh();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static interface Listener {
|
||||
|
||||
static final Listener NOOP = new Listener() {
|
||||
final Listener NOOP = new Listener() {
|
||||
@Override
|
||||
public void onRefresh() {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -159,10 +159,8 @@ public class FileUserRolesStore extends AbstractComponent implements UserRolesSt
|
|||
@Override
|
||||
public void onFileChanged(File file) {
|
||||
if (file.equals(FileUserRolesStore.this.file.toFile())) {
|
||||
if (file.equals(FileUserRolesStore.this.file.toFile())) {
|
||||
userRoles = ImmutableMap.copyOf(parseFile(file.toPath(), logger));
|
||||
listener.onRefresh();
|
||||
}
|
||||
userRoles = ImmutableMap.copyOf(parseFile(file.toPath(), logger));
|
||||
listener.onRefresh();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -327,7 +327,7 @@ public class ESUsersTool extends CliTool {
|
|||
private static final CliToolConfig.Cmd CMD = cmd(NAME, Useradd.class).build();
|
||||
|
||||
public static Command parse(Terminal terminal, CommandLine cli) {
|
||||
String username = (cli.getArgs().length > 0) ? cli.getArgs()[0] : null;
|
||||
String username = cli.getArgs().length > 0 ? cli.getArgs()[0] : null;
|
||||
return new ListUsersAndRoles(terminal, username);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ public class ActiveDirectoryConnectionFactory extends AbstractComponent implemen
|
|||
public LdapConnection bind(String userName, char[] password) {
|
||||
String userPrincipal = userName + "@" + this.domainName;
|
||||
|
||||
Hashtable<String, java.io.Serializable> ldapEnv = new Hashtable<>(this.sharedLdapEnv);
|
||||
Hashtable<String, Serializable> ldapEnv = new Hashtable<>(this.sharedLdapEnv);
|
||||
ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
|
||||
ldapEnv.put(Context.SECURITY_PRINCIPAL, userPrincipal);
|
||||
ldapEnv.put(Context.SECURITY_CREDENTIALS, password);
|
||||
|
|
|
|||
|
|
@ -18,12 +18,12 @@ package org.elasticsearch.shield.authc.ldap;
|
|||
*/
|
||||
public interface LdapConnectionFactory {
|
||||
|
||||
public static final String URLS_SETTING = "urls"; //comma separated
|
||||
static final String URLS_SETTING = "urls"; //comma separated
|
||||
|
||||
/**
|
||||
* Password authenticated bind
|
||||
* @param user name of the user to authenticate the connection with.
|
||||
*/
|
||||
public LdapConnection bind(String user, char[] password) ;
|
||||
LdapConnection bind(String user, char[] password) ;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -140,9 +140,9 @@ public class LdapGroupToRoleMapper extends AbstractComponent {
|
|||
}
|
||||
}
|
||||
|
||||
public static interface Listener {
|
||||
static interface Listener {
|
||||
|
||||
static final Listener NOOP = new Listener() {
|
||||
final Listener NOOP = new Listener() {
|
||||
@Override
|
||||
public void onRefresh() {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ public class StandardLdapConnectionFactory extends AbstractComponent implements
|
|||
@Override
|
||||
public LdapConnection bind(String username, char[] password) {
|
||||
//SASL, MD5, etc. all options here stink, we really need to go over ssl + simple authentication
|
||||
Hashtable<String, java.io.Serializable> ldapEnv = new Hashtable<>(this.sharedLdapEnv);
|
||||
Hashtable<String, Serializable> ldapEnv = new Hashtable<>(this.sharedLdapEnv);
|
||||
ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
|
||||
ldapEnv.put(Context.SECURITY_CREDENTIALS, password);
|
||||
|
||||
|
|
|
|||
|
|
@ -746,6 +746,6 @@ public class BCrypt {
|
|||
* @return true if the passwords match, false otherwise
|
||||
*/
|
||||
public static boolean checkpw(String plaintext, String hashed) {
|
||||
return (hashed.compareTo(hashpw(plaintext, hashed)) == 0);
|
||||
return hashed.compareTo(hashpw(plaintext, hashed)) == 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -111,7 +111,7 @@ public abstract class CachingUserPasswdStore extends AbstractComponent implement
|
|||
/**
|
||||
* Represents a hash of a password.
|
||||
*/
|
||||
protected static interface PasswordHash {
|
||||
static interface PasswordHash {
|
||||
|
||||
boolean verify(char[] password);
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ public interface UserPasswdStore {
|
|||
|
||||
boolean verifyPassword(String username, char[] password);
|
||||
|
||||
public static interface Writable extends UserPasswdStore {
|
||||
static interface Writable extends UserPasswdStore {
|
||||
|
||||
void store(String username, char[] password);
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ public interface UserRolesStore {
|
|||
|
||||
String[] roles(String username);
|
||||
|
||||
public static interface Writable extends UserRolesStore {
|
||||
static interface Writable extends UserRolesStore {
|
||||
|
||||
void setRoles(String username, String... roles);
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ public interface Permission {
|
|||
|
||||
boolean check(String action, TransportRequest request, MetaData metaData);
|
||||
|
||||
public static class Global implements Permission {
|
||||
static class Global implements Permission {
|
||||
|
||||
private final Cluster cluster;
|
||||
private final Indices indices;
|
||||
|
|
@ -102,7 +102,7 @@ public interface Permission {
|
|||
}
|
||||
}
|
||||
|
||||
public static class Cluster implements Permission {
|
||||
static class Cluster implements Permission {
|
||||
|
||||
public static final Cluster NONE = new Cluster(Privilege.Cluster.NONE) {
|
||||
@Override
|
||||
|
|
@ -129,7 +129,7 @@ public interface Permission {
|
|||
}
|
||||
}
|
||||
|
||||
public static class Indices implements Permission {
|
||||
static class Indices implements Permission {
|
||||
|
||||
public static final Indices NONE = new Indices() {
|
||||
@Override
|
||||
|
|
@ -138,7 +138,7 @@ public interface Permission {
|
|||
}
|
||||
};
|
||||
|
||||
public static IndicesResolver[] indicesResolvers = new IndicesResolver[] {
|
||||
static final IndicesResolver[] indicesResolvers = new IndicesResolver[] {
|
||||
// add special resolvers here
|
||||
new DefaultIndicesResolver()
|
||||
};
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@ import org.elasticsearch.common.collect.ImmutableSet;
|
|||
import org.elasticsearch.common.component.AbstractComponent;
|
||||
import org.elasticsearch.common.inject.Inject;
|
||||
import org.elasticsearch.common.jackson.dataformat.yaml.snakeyaml.error.YAMLException;
|
||||
import org.elasticsearch.common.jackson.dataformat.yaml.snakeyaml.scanner.ScannerException;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.common.xcontent.XContentFactory;
|
||||
|
|
@ -194,9 +193,9 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
|
|||
}
|
||||
}
|
||||
|
||||
public static interface Listener {
|
||||
static interface Listener {
|
||||
|
||||
public static final Listener NOOP = new Listener() {
|
||||
static final Listener NOOP = new Listener() {
|
||||
@Override
|
||||
public void onRefresh() {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ public interface RolesStore {
|
|||
|
||||
Permission.Global permission(String role);
|
||||
|
||||
public static interface Writable extends RolesStore {
|
||||
static interface Writable extends RolesStore {
|
||||
|
||||
void set(String role, Privilege.Index privilege, String... indices);
|
||||
|
||||
|
|
|
|||
|
|
@ -13,14 +13,9 @@ import org.elasticsearch.common.settings.Settings;
|
|||
*/
|
||||
public class N2NAuthModule extends AbstractModule {
|
||||
|
||||
private final Settings settings;
|
||||
|
||||
public N2NAuthModule(Settings settings) {
|
||||
this.settings = settings;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(IPFilteringN2NAuthenticator.class).asEagerSingleton();
|
||||
bind(N2NNettyUpstreamHandler.class).asEagerSingleton();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,19 +0,0 @@
|
|||
/*
|
||||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||
* or more contributor license agreements. Licensed under the Elastic License;
|
||||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
package org.elasticsearch.shield.n2n;
|
||||
|
||||
import org.elasticsearch.common.inject.AbstractModule;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public class N2NModule extends AbstractModule {
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(IPFilteringN2NAuthenticator.class).asEagerSingleton();
|
||||
}
|
||||
}
|
||||
|
|
@ -7,12 +7,8 @@ package org.elasticsearch.shield.plugin;
|
|||
|
||||
import org.elasticsearch.common.collect.ImmutableList;
|
||||
import org.elasticsearch.common.inject.Module;
|
||||
import org.elasticsearch.http.HttpServerModule;
|
||||
import org.elasticsearch.plugins.AbstractPlugin;
|
||||
import org.elasticsearch.shield.SecurityModule;
|
||||
import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransport;
|
||||
import org.elasticsearch.shield.transport.netty.NettySecuredTransport;
|
||||
import org.elasticsearch.transport.TransportModule;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ public interface TransportFilter {
|
|||
*/
|
||||
void inboundResponse(TransportResponse response);
|
||||
|
||||
public static class Base implements TransportFilter {
|
||||
static class Base implements TransportFilter {
|
||||
|
||||
@Override
|
||||
public void outboundRequest(String action, TransportRequest request) {
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ public class SSLConfig {
|
|||
|
||||
private static final ESLogger logger = Loggers.getLogger(SSLConfig.class);
|
||||
// TODO removing the second one results in fails, need to verify the differences, maybe per JVM?
|
||||
public static final String[] DEFAULT_CIPHERS = new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA" };
|
||||
static final String[] DEFAULT_CIPHERS = new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA" };
|
||||
private final boolean clientAuth;
|
||||
|
||||
private SSLContext sslContext;
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ package org.elasticsearch.shield.n2n;
|
|||
import com.google.common.collect.ImmutableSet;
|
||||
import org.elasticsearch.common.inject.Module;
|
||||
import org.elasticsearch.plugins.AbstractPlugin;
|
||||
import org.elasticsearch.shield.n2n.N2NModule;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
|
|
@ -28,6 +27,6 @@ public class N2NPlugin extends AbstractPlugin {
|
|||
|
||||
@Override
|
||||
public Collection<Class<? extends Module>> modules() {
|
||||
return ImmutableSet.<Class<? extends Module>>of(N2NModule.class);
|
||||
return ImmutableSet.<Class<? extends Module>>of(N2NAuthModule.class);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue