src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV6.java [267:377]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - if (httpEnabled || transportEnabled) { try { AuthenticationBackend authenticationBackend; final String authBackendClazz = ad.getValue().authentication_backend.type; if(authBackendClazz.equals(InternalAuthenticationBackend.class.getName()) //NOSONAR || authBackendClazz.equals("internal") || authBackendClazz.equals("intern")) { authenticationBackend = iab; ReflectionHelper.addLoadedModule(InternalAuthenticationBackend.class); } else { authenticationBackend = newInstance( authBackendClazz,"c", Settings.builder() .put(opensearchSettings) //.putProperties(ads.getAsStringMap(DotPath.of("authentication_backend.config")), DynamicConfiguration.checkKeyFunction()).build() .put(Settings.builder().loadFromSource(ad.getValue().authentication_backend.configAsJson(), XContentType.JSON).build()).build() , configPath); } String httpAuthenticatorType = ad.getValue().http_authenticator.type; //no default HTTPAuthenticator httpAuthenticator = httpAuthenticatorType==null?null: (HTTPAuthenticator) newInstance(httpAuthenticatorType,"h", Settings.builder().put(opensearchSettings) //.putProperties(ads.getAsStringMap(DotPath.of("http_authenticator.config")), DynamicConfiguration.checkKeyFunction()).build(), .put(Settings.builder().loadFromSource(ad.getValue().http_authenticator.configAsJson(), XContentType.JSON).build()).build() , configPath); final AuthDomain _ad = new AuthDomain(authenticationBackend, httpAuthenticator, ad.getValue().http_authenticator.challenge, ad.getValue().order); if (httpEnabled && _ad.getHttpAuthenticator() != null) { restAuthDomains0.add(_ad); } if (transportEnabled) { transportAuthDomains0.add(_ad); } if (httpAuthenticator instanceof Destroyable) { destroyableComponents0.add((Destroyable) httpAuthenticator); } if (authenticationBackend instanceof Destroyable) { destroyableComponents0.add((Destroyable) authenticationBackend); } } catch (final Exception e) { log.error("Unable to initialize auth domain {} due to {}", ad, e.toString(), e); } } } List originalDestroyableComponents = destroyableComponents; restAuthDomains = Collections.unmodifiableSortedSet(restAuthDomains0); transportAuthDomains = Collections.unmodifiableSortedSet(transportAuthDomains0); restAuthorizers = Collections.unmodifiableSet(restAuthorizers0); transportAuthorizers = Collections.unmodifiableSet(transportAuthorizers0); destroyableComponents = Collections.unmodifiableList(destroyableComponents0); if(originalDestroyableComponents != null) { destroyDestroyables(originalDestroyableComponents); } originalDestroyableComponents = null; createAuthFailureListeners(ipAuthFailureListeners0, authBackendFailureListeners0, ipClientBlockRegistries0, authBackendClientBlockRegistries0, destroyableComponents0); ipAuthFailureListeners = Collections.unmodifiableList(ipAuthFailureListeners0); ipClientBlockRegistries = Collections.unmodifiableList(ipClientBlockRegistries0); authBackendClientBlockRegistries = Multimaps.unmodifiableMultimap(authBackendClientBlockRegistries0); authBackendFailureListeners = Multimaps.unmodifiableMultimap(authBackendFailureListeners0); } private void destroyDestroyables(List destroyableComponents) { for (Destroyable destroyable : destroyableComponents) { try { destroyable.destroy(); } catch (Exception e) { log.error("Error while destroying " + destroyable, e); } } } private T newInstance(final String clazzOrShortcut, String type, final Settings settings, final Path configPath) { String clazz = clazzOrShortcut; if(authImplMap.containsKey(clazz+"_"+type)) { clazz = authImplMap.get(clazz+"_"+type); } return ReflectionHelper.instantiateAAA(clazz, settings, configPath); } private String translateShortcutToClassName(final String clazzOrShortcut, final String type) { if (authImplMap.containsKey(clazzOrShortcut + "_" + type)) { return authImplMap.get(clazzOrShortcut + "_" + type); } else { return clazzOrShortcut; } } private void createAuthFailureListeners(List ipAuthFailureListeners, Multimap authBackendFailureListeners, List> ipClientBlockRegistries, Multimap> authBackendUserClientBlockRegistries, List destroyableComponents0) { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java [266:376]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - if (httpEnabled || transportEnabled) { try { AuthenticationBackend authenticationBackend; final String authBackendClazz = ad.getValue().authentication_backend.type; if(authBackendClazz.equals(InternalAuthenticationBackend.class.getName()) //NOSONAR || authBackendClazz.equals("internal") || authBackendClazz.equals("intern")) { authenticationBackend = iab; ReflectionHelper.addLoadedModule(InternalAuthenticationBackend.class); } else { authenticationBackend = newInstance( authBackendClazz,"c", Settings.builder() .put(opensearchSettings) //.putProperties(ads.getAsStringMap(DotPath.of("authentication_backend.config")), DynamicConfiguration.checkKeyFunction()).build() .put(Settings.builder().loadFromSource(ad.getValue().authentication_backend.configAsJson(), XContentType.JSON).build()).build() , configPath); } String httpAuthenticatorType = ad.getValue().http_authenticator.type; //no default HTTPAuthenticator httpAuthenticator = httpAuthenticatorType==null?null: (HTTPAuthenticator) newInstance(httpAuthenticatorType,"h", Settings.builder().put(opensearchSettings) //.putProperties(ads.getAsStringMap(DotPath.of("http_authenticator.config")), DynamicConfiguration.checkKeyFunction()).build(), .put(Settings.builder().loadFromSource(ad.getValue().http_authenticator.configAsJson(), XContentType.JSON).build()).build() , configPath); final AuthDomain _ad = new AuthDomain(authenticationBackend, httpAuthenticator, ad.getValue().http_authenticator.challenge, ad.getValue().order); if (httpEnabled && _ad.getHttpAuthenticator() != null) { restAuthDomains0.add(_ad); } if (transportEnabled) { transportAuthDomains0.add(_ad); } if (httpAuthenticator instanceof Destroyable) { destroyableComponents0.add((Destroyable) httpAuthenticator); } if (authenticationBackend instanceof Destroyable) { destroyableComponents0.add((Destroyable) authenticationBackend); } } catch (final Exception e) { log.error("Unable to initialize auth domain {} due to {}", ad, e.toString(), e); } } } List originalDestroyableComponents = destroyableComponents; restAuthDomains = Collections.unmodifiableSortedSet(restAuthDomains0); transportAuthDomains = Collections.unmodifiableSortedSet(transportAuthDomains0); restAuthorizers = Collections.unmodifiableSet(restAuthorizers0); transportAuthorizers = Collections.unmodifiableSet(transportAuthorizers0); destroyableComponents = Collections.unmodifiableList(destroyableComponents0); if(originalDestroyableComponents != null) { destroyDestroyables(originalDestroyableComponents); } originalDestroyableComponents = null; createAuthFailureListeners(ipAuthFailureListeners0, authBackendFailureListeners0, ipClientBlockRegistries0, authBackendClientBlockRegistries0, destroyableComponents0); ipAuthFailureListeners = Collections.unmodifiableList(ipAuthFailureListeners0); ipClientBlockRegistries = Collections.unmodifiableList(ipClientBlockRegistries0); authBackendClientBlockRegistries = Multimaps.unmodifiableMultimap(authBackendClientBlockRegistries0); authBackendFailureListeners = Multimaps.unmodifiableMultimap(authBackendFailureListeners0); } private void destroyDestroyables(List destroyableComponents) { for (Destroyable destroyable : destroyableComponents) { try { destroyable.destroy(); } catch (Exception e) { log.error("Error while destroying " + destroyable, e); } } } private T newInstance(final String clazzOrShortcut, String type, final Settings settings, final Path configPath) { String clazz = clazzOrShortcut; if(authImplMap.containsKey(clazz+"_"+type)) { clazz = authImplMap.get(clazz+"_"+type); } return ReflectionHelper.instantiateAAA(clazz, settings, configPath); } private String translateShortcutToClassName(final String clazzOrShortcut, final String type) { if (authImplMap.containsKey(clazzOrShortcut + "_" + type)) { return authImplMap.get(clazzOrShortcut + "_" + type); } else { return clazzOrShortcut; } } private void createAuthFailureListeners(List ipAuthFailureListeners, Multimap authBackendFailureListeners, List> ipClientBlockRegistries, Multimap> authBackendUserClientBlockRegistries, List destroyableComponents0) { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -