Skip to content

Remove support for unused custom User serialization #5339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
DarshitChanpura merged 4 commits into from
May 15, 2025
Merged

Remove support for unused custom User serialization #5339

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d8d92a2
Removed custom serialization support
nibix May 14, 2025
48a8ba3
Removed Writeable implementations
nibix May 15, 2025
2cca890
Fixes
nibix May 15, 2025
7723f55
Removed SecurityManager related code
nibix May 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

### Removed

- Removed unused support for custom User object serialization ([#5339](https://github.com/opensearch-project/security/pull/5339))

### Fixed
- Corrections in DlsFlsFilterLeafReader regarding PointVales and object valued attributes ([#5303](https://github.com/opensearch-project/security/pull/5303))
- Fix issue computing diffs in compliance audit log when writing to security index ([#5279](https://github.com/opensearch-project/security/pull/5279))
Expand Down
15 changes: 0 additions & 15 deletions src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,10 @@

package com.amazon.dlic.auth.ldap;

import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
import org.opensearch.security.auth.ldap.util.Utils;
import org.opensearch.security.support.WildcardMatcher;
import org.opensearch.security.user.AuthCredentials;
Expand Down Expand Up @@ -58,12 +55,6 @@ public LdapUser(
attributes.putAll(extractLdapAttributes(originalUsername, userEntry, customAttrMaxValueLen, allowlistedCustomLdapAttrMatcher));
}

public LdapUser(StreamInput in) throws IOException {
super(in);
userEntry = null;
originalUsername = in.readString();
}

/**
* May return null because ldapEntry is transient
*
Expand Down Expand Up @@ -107,10 +98,4 @@ public static Map<String, String> extractLdapAttributes(
}
return Collections.unmodifiableMap(attributes);
}

@Override
public void writeTo(StreamOutput out) throws IOException {
super.writeTo(out);
out.writeString(originalUsername);
}
}
6 changes: 2 additions & 4 deletions src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -775,8 +775,7 @@ private TransportAddress getRemoteAddress() {
if (address == null && threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER) != null) {
address = new TransportAddress(
(InetSocketAddress) Base64Helper.deserializeObject(
threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER),
threadPool.getThreadContext().getTransient(ConfigConstants.USE_JDK_SERIALIZATION)
threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER)
)
);
}
Expand All @@ -787,8 +786,7 @@ private String getUser() {
User user = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
if (user == null && threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER) != null) {
user = (User) Base64Helper.deserializeObject(
threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER),
threadPool.getThreadContext().getTransient(ConfigConstants.USE_JDK_SERIALIZATION)
threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER)
);
}
return user == null ? null : user.getName();
Expand Down
13 changes: 0 additions & 13 deletions src/main/java/org/opensearch/security/auth/UserInjector.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@

package org.opensearch.security.auth;

import java.io.IOException;
import java.io.ObjectStreamException;
import java.net.InetAddress;
import java.net.UnknownHostException;
Expand All @@ -39,8 +38,6 @@
import org.apache.logging.log4j.Logger;

import org.opensearch.common.settings.Settings;
import org.opensearch.core.common.io.stream.StreamInput;
import org.opensearch.core.common.io.stream.StreamOutput;
import org.opensearch.core.common.transport.TransportAddress;
import org.opensearch.security.auditlog.AuditLog;
import org.opensearch.security.filter.SecurityRequestChannel;
Expand Down Expand Up @@ -73,11 +70,6 @@ public InjectedUser(String name) {
super(name);
}

public InjectedUser(StreamInput in) throws IOException {
super(in);
this.setInjected(true);
}

private Object writeReplace() throws ObjectStreamException {
User user = new User(getName());
user.addRoles(getRoles());
Expand Down Expand Up @@ -106,11 +98,6 @@ public void setTransportAddress(String addr) throws UnknownHostException, Illega

this.transportAddress = new TransportAddress(iAdress, port);
}

@Override
public void writeTo(StreamOutput out) throws IOException {
super.writeTo(out);
}
}

public InjectedUser getInjectedUser() {
Expand Down
4 changes: 0 additions & 4 deletions src/main/java/org/opensearch/security/filter/SecurityFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,10 +184,6 @@ private <Request extends ActionRequest, Response extends ActionResponse> void ap
threadContext.putTransient(ConfigConstants.OPENDISTRO_SECURITY_ORIGIN, Origin.LOCAL.toString());
}

if (threadContext.getTransient(ConfigConstants.USE_JDK_SERIALIZATION) == null) {
threadContext.putTransient(ConfigConstants.USE_JDK_SERIALIZATION, true);
}

final ComplianceConfig complianceConfig = auditLog.getComplianceConfig();
if (complianceConfig != null && complianceConfig.isEnabled()) {
attachSourceFieldContext(request);
Expand Down
6 changes: 0 additions & 6 deletions src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@
import org.opensearch.security.ssl.util.ExceptionUtils;
import org.opensearch.security.ssl.util.SSLRequestHelper;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.support.SerializationFormat;
import org.opensearch.tasks.Task;
import org.opensearch.threadpool.ThreadPool;
import org.opensearch.transport.TransportChannel;
Expand Down Expand Up @@ -91,11 +90,6 @@ public final void messageReceived(T request, TransportChannel channel, Task task
channel = getInnerChannel(channel);
}

threadContext.putTransient(
ConfigConstants.USE_JDK_SERIALIZATION,
SerializationFormat.determineFormat(channel.getVersion()) == SerializationFormat.JDK
);

if (SSLRequestHelper.containsBadHeader(threadContext, "_opendistro_security_ssl_")) {
final Exception exception = ExceptionUtils.createBadHeaderException();
channel.sendResponse(exception);
Expand Down
227 changes: 0 additions & 227 deletions src/main/java/org/opensearch/security/support/Base64CustomHelper.java
View file
Open in desktop

This file was deleted.

Loading
Loading