public class WorkerTokenAuthorizer extends Object implements PasswordProvider
Allow for SASL authentication using worker tokens.
Constructor and Description |
---|
WorkerTokenAuthorizer(Map<String,Object> conf,
ThriftConnectionType connectionType)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
Optional<char[]> |
getPasswordFor(String userName)
Get an optional password for a user.
|
String |
userName(String userName)
Convert the supplied user name to the actual user name that should be used in the system.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
isImpersonationAllowed
public WorkerTokenAuthorizer(Map<String,Object> conf, ThriftConnectionType connectionType)
Constructor.
conf
- the daemon config for the server.connectionType
- the type of connection we are authorizing.public Optional<char[]> getPasswordFor(String userName)
PasswordProvider
Get an optional password for a user. If no password for the user is found the option will be empty and another PasswordProvider would be tried.
getPasswordFor
in interface PasswordProvider
userName
- the user this is for.public String userName(String userName)
PasswordProvider
Convert the supplied user name to the actual user name that should be used in the system. This may be called on any name. If it cannot be translated then a null may be returned or an exception thrown. If getPassword returns successfully this should not return null, nor throw an exception for the same user.
userName
in interface PasswordProvider
userName
- the SASL negotiated user name.Copyright © 2019 The Apache Software Foundation. All rights reserved.