org.apache.storm.security.auth.sasl

Interface PasswordProvider

All Known Implementing Classes:

JassPasswordProvider, WorkerTokenAuthorizer

public interface PasswordProvider

A very basic API that will provide a password for a given user name. This is intended to be used with the SimpleSaslServerCallbackHandler to verify a user that is attempting to log in.

Method Summary

Modifier and Type	Method and Description
Optional<char[]>	getPasswordFor(String user) Get an optional password for a user.
default boolean	isImpersonationAllowed() Should impersonation be allowed by this password provider.
default String	userName(String user) Convert the supplied user name to the actual user name that should be used in the system.

Method Detail

getPasswordFor

Optional<char[]> getPasswordFor(String user)

Get an optional password for a user. If no password for the user is found the option will be empty and another PasswordProvider would be tried.

Parameters:

user - the user this is for.

Returns:

the password if it is found.

isImpersonationAllowed

default boolean isImpersonationAllowed()

Should impersonation be allowed by this password provider. The default is false.

Returns:

true if it should else false.

userName

default String userName(String user)

Convert the supplied user name to the actual user name that should be used in the system. This may be called on any name. If it cannot be translated then a null may be returned or an exception thrown. If getPassword returns successfully this should not return null, nor throw an exception for the same user.

Parameters:

user - the SASL negotiated user name.

Returns:

the user name that storm should use.