corda / net.corda.node.services.messaging / NodeLoginModule

NodeLoginModule

class NodeLoginModule : LoginModule

Clients must connect to us with a username and password and must use TLS. If a someone connects with ArtemisMessagingComponent.NODE_USER then we confirm it's just us as the node by checking their TLS certificate is the same as our one in our key store. Then they're given full access to all valid queues. If they connect with ArtemisMessagingComponent.PEER_USER then we confirm they belong on our P2P network by checking their root CA is the same as our root CA. If that's the case the only access they're given is the ablility send to our P2P address. In both cases the messages these authenticated nodes send to us are tagged with their subject DN and we assume the CN within that is their legal name. Otherwise if the username is neither of the above we assume it's an RPC user and authenticate against our list of valid RPC users. RPC clients are given permission to perform RPC and nothing else.

Constructors

<init> NodeLoginModule()

Clients must connect to us with a username and password and must use TLS. If a someone connects with ArtemisMessagingComponent.NODE_USER then we confirm it's just us as the node by checking their TLS certificate is the same as our one in our key store. Then they're given full access to all valid queues. If they connect with ArtemisMessagingComponent.PEER_USER then we confirm they belong on our P2P network by checking their root CA is the same as our root CA. If that's the case the only access they're given is the ablility send to our P2P address. In both cases the messages these authenticated nodes send to us are tagged with their subject DN and we assume the CN within that is their legal name. Otherwise if the username is neither of the above we assume it's an RPC user and authenticate against our list of valid RPC users. RPC clients are given permission to perform RPC and nothing else.

Functions

abort fun abort(): Boolean
commit fun commit(): Boolean
initialize fun initialize(subject: Subject, callbackHandler: CallbackHandler, sharedState: Map<String, *>, options: Map<String, *>): Unit
login fun login(): Boolean
logout fun logout(): Boolean

Companion Object Properties

NODE_ROLE const val NODE_ROLE: String
PEER_ROLE const val PEER_ROLE: String
RPC_ROLE const val RPC_ROLE: String
log val log: Logger