public class AutoTGT extends Object implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user’s TGT, and push it, and renew it in Nimbus.
| Modifier and Type | Field and Description |
|---|---|
protected static AtomicReference<KerberosTicket> |
kerbTicket |
| Constructor and Description |
|---|
AutoTGT() |
| Modifier and Type | Method and Description |
|---|---|
static void |
clearCredentials(Subject subject,
KerberosTicket tgt) |
static KerberosTicket |
getTGT(Map<String,String> credentials) |
static void |
main(String[] args) |
void |
populateCredentials(Map<String,String> credentials)
Called to populate the credentials on the client side.
|
void |
populateSubject(Subject subject,
Map<String,String> credentials)
Called to initially populate the subject on the worker side with credentials passed in.
|
void |
prepare(Map<String,Object> conf)
Called when initializing the service.
|
void |
registerMetrics(TopologyContext topoContext,
Map<String,Object> topoConf) |
void |
renew(Map<String,String> credentials,
Map<String,Object> topologyConf,
String topologyOwnerPrincipal)
Renew any credentials that need to be renewed.
|
static void |
saveTGT(KerberosTicket tgt,
Map<String,String> credentials) |
void |
updateSubject(Subject subject,
Map<String,String> credentials)
Called to update the subject on the worker side when new credentials are recieved.
|
protected static final AtomicReference<KerberosTicket> kerbTicket
public static KerberosTicket getTGT(Map<String,String> credentials)
public static void saveTGT(KerberosTicket tgt, Map<String,String> credentials)
public static void clearCredentials(Subject subject, KerberosTicket tgt)
public void prepare(Map<String,Object> conf)
ICredentialsRenewerCalled when initializing the service.
prepare in interface IAutoCredentialsprepare in interface ICredentialsRenewerconf - the storm cluster configuration.public void populateCredentials(Map<String,String> credentials)
IAutoCredentialsCalled to populate the credentials on the client side.
populateCredentials in interface IAutoCredentialscredentials - the credentials to be populated.public void updateSubject(Subject subject, Map<String,String> credentials)
IAutoCredentialsCalled to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.
updateSubject in interface IAutoCredentialssubject - the subject to optionally put credentials in.credentials - the credentials to be used.public void populateSubject(Subject subject, Map<String,String> credentials)
IAutoCredentialsCalled to initially populate the subject on the worker side with credentials passed in.
populateSubject in interface IAutoCredentialssubject - the subject to optionally put credentials in.credentials - the credentials to be used.public void renew(Map<String,String> credentials, Map<String,Object> topologyConf, String topologyOwnerPrincipal)
ICredentialsRenewerRenew any credentials that need to be renewed. (Update the credentials if needed)
renew in interface ICredentialsRenewercredentials - the credentials that may have something to renew.topologyConf - topology configuration.topologyOwnerPrincipal - the full principal name of the owner of the topologypublic void registerMetrics(TopologyContext topoContext, Map<String,Object> topoConf)
registerMetrics in interface IMetricsRegistrantCopyright © 2020 The Apache Software Foundation. All rights reserved.