My Corda application is working well except for the permissions management. Currently every node can start every flow, however this should not be possible. I tried to restrict the permissions of certain nodes in the build.gradle
file. Here is one node as an example:
node {
name "O=PartyA,L=Paris,C=FR"
p2pPort 10008
rpcSettings {
address("localhost:10009")
adminAddress("localhost:10049")
}
rpcUsers = [
[
user: "user2",
password: "test",
permissions: ["StartFlow.FlowInitiatorOne","StartFlow.FlowInitiatorTwo"]
]
]
}
I deploy my network using the deployNodes
command. My flows are written in Java. Regardless of the permissions, PartyA
is able to start all flows. The log file of PartyA
shows that all flows are registered, before the permissions are added to the node.
[INFO ] 2019-12-13T09:35:25,796Z [main] internal.NodeFlowManager.registerInitiatedFlow - Registered com.template.flows.FlowInitiatorOne to initiate com.template.flows.FlowResponderOne (version 1)
[INFO ] 2019-12-13T09:35:25,797Z [main] internal.NodeFlowManager.registerInitiatedFlow - Registered com.template.flows.FlowInitiatorTwo to initiate com.template.flows.FlowResponderTwo (version 1)
[INFO ] 2019-12-13T09:35:25,798Z [main] internal.NodeFlowManager.registerInitiatedFlow - Registered com.template.flows.FlowInitiatorThree to initiate com.template.flows.FlowResponderThree (version 1)
[INFO ] 2019-12-13T09:35:25,800Z [main] internal.NodeFlowManager.registerInitiatedFlow - Registered com.template.flows.FlowInitiatorFour to initiate com.template.flows.FlowResponderFour (version 1)
[INFO ] 2019-12-13T09:35:25,793Z [main] internal.NodeFlowManager.registerInitiatedFlow - Registered com.template.flows.FlowInitiatorFive to initiate com.template.flows.FlowResponderFive (version 1)
Below the flow registrations, the log file shows the user with the right permissions
[INFO ] 2019-12-13T09:35:55,434Z [main] security.RPCSecurityManagerImpl.buildImpl - Constructing realm from list of users in config [User(user2, permissions=[StartFlow.FlowInitiatorOne, StartFlow.FlowInitiatorTwo])]
If I enter flow list
in the terminal, PartyA
will tell me that it can start all five flows. How do I fix this problem?
Your setup is correct and what you see in the log makes sense as well.
1. When the node starts, it scans the cordapps
folder and registers all the flows that it sees.
2. Since you are connecting to the node directly (not through ssh
or using the standalone
shell) and your node is in dev
mode; then Corda connects you to the node as user shell
with password shell
and you can run all flows.
3. To test your RPC user, you would have to write a client that connects to your node using the test
user; that client will be restricted to calling only the 2 flows that you specified.
Read about different the types of accessing the node: https://docs.corda.net/shell.html
You can see a sample client in R3's cordapp-example (it's in Kotlin):
1. In the controller class, you call the flows using the proxy
: https://github.com/corda/samples/blob/release-V4/cordapp-example/clients/src/main/kotlin/com/example/server/MainController.k
2. Notice how the Gradle task to run that webserver uses the defined RPC user: https://github.com/corda/samples/blob/69ff8d4a668c520b6695be67864f4f96ab7ec809/cordapp-example/clients/build.gradle#L64
3. The Java template comes with a predefined clients
module as well: https://github.com/corda/cordapp-template-java/tree/release-V4/clients/src/main/java/com/template/webserver