Class AutoTGT
- java.lang.Object
-
- org.apache.storm.security.auth.kerberos.AutoTGT
-
- All Implemented Interfaces:
IMetricsRegistrant,IAutoCredentials,ICredentialsRenewer
public class AutoTGT extends Object implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user's TGT, and push it, and renew it in Nimbus.
-
-
Field Summary
Fields Modifier and Type Field Description protected static AtomicReference<KerberosTicket>kerbTicket
-
Constructor Summary
Constructors Constructor Description AutoTGT()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static voidclearCredentials(Subject subject, KerberosTicket tgt)static KerberosTicketgetTGT(Map<String,String> credentials)static voidmain(String[] args)voidpopulateCredentials(Map<String,String> credentials)Called to populate the credentials on the client side.voidpopulateSubject(Subject subject, Map<String,String> credentials)Called to initially populate the subject on the worker side with credentials passed in.voidprepare(Map<String,Object> conf)Called when initializing the service.voidregisterMetrics(TopologyContext topoContext, Map<String,Object> topoConf)voidrenew(Map<String,String> credentials, Map<String,Object> topologyConf, String topologyOwnerPrincipal)Renew any credentials that need to be renewed.static voidsaveTGT(KerberosTicket tgt, Map<String,String> credentials)voidupdateSubject(Subject subject, Map<String,String> credentials)Called to update the subject on the worker side when new credentials are recieved.
-
-
-
Field Detail
-
kerbTicket
protected static final AtomicReference<KerberosTicket> kerbTicket
-
-
Method Detail
-
getTGT
public static KerberosTicket getTGT(Map<String,String> credentials)
-
saveTGT
public static void saveTGT(KerberosTicket tgt, Map<String,String> credentials)
-
clearCredentials
public static void clearCredentials(Subject subject, KerberosTicket tgt)
-
prepare
public void prepare(Map<String,Object> conf)
Description copied from interface:ICredentialsRenewerCalled when initializing the service.- Specified by:
preparein interfaceIAutoCredentials- Specified by:
preparein interfaceICredentialsRenewer- Parameters:
conf- the storm cluster configuration.
-
populateCredentials
public void populateCredentials(Map<String,String> credentials)
Description copied from interface:IAutoCredentialsCalled to populate the credentials on the client side.- Specified by:
populateCredentialsin interfaceIAutoCredentials- Parameters:
credentials- the credentials to be populated.
-
updateSubject
public void updateSubject(Subject subject, Map<String,String> credentials)
Description copied from interface:IAutoCredentialsCalled to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.- Specified by:
updateSubjectin interfaceIAutoCredentials- Parameters:
subject- the subject to optionally put credentials in.credentials- the credentials to be used.
-
populateSubject
public void populateSubject(Subject subject, Map<String,String> credentials)
Description copied from interface:IAutoCredentialsCalled to initially populate the subject on the worker side with credentials passed in.- Specified by:
populateSubjectin interfaceIAutoCredentials- Parameters:
subject- the subject to optionally put credentials in.credentials- the credentials to be used.
-
renew
public void renew(Map<String,String> credentials, Map<String,Object> topologyConf, String topologyOwnerPrincipal)
Description copied from interface:ICredentialsRenewerRenew any credentials that need to be renewed. (Update the credentials if needed)- Specified by:
renewin interfaceICredentialsRenewer- Parameters:
credentials- the credentials that may have something to renew.topologyConf- topology configuration.topologyOwnerPrincipal- the full principal name of the owner of the topology
-
registerMetrics
public void registerMetrics(TopologyContext topoContext, Map<String,Object> topoConf)
- Specified by:
registerMetricsin interfaceIMetricsRegistrant
-
-