public class AutoTGT extends Object implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user’s TGT, and push it, and renew it in Nimbus.
Modifier and Type | Field and Description |
---|---|
protected static AtomicReference<KerberosTicket> |
kerbTicket |
Constructor and Description |
---|
AutoTGT() |
Modifier and Type | Method and Description |
---|---|
static void |
clearCredentials(Subject subject,
KerberosTicket tgt) |
static KerberosTicket |
getTGT(Map<String,String> credentials) |
static void |
main(String[] args) |
void |
populateCredentials(Map<String,String> credentials)
Called to populate the credentials on the client side.
|
void |
populateSubject(Subject subject,
Map<String,String> credentials)
Called to initially populate the subject on the worker side with credentials passed in.
|
void |
prepare(Map<String,Object> conf)
Called when initializing the service.
|
void |
registerMetrics(TopologyContext topoContext,
Map<String,Object> topoConf) |
void |
renew(Map<String,String> credentials,
Map<String,Object> topologyConf,
String topologyOwnerPrincipal)
Renew any credentials that need to be renewed.
|
static void |
saveTGT(KerberosTicket tgt,
Map<String,String> credentials) |
void |
updateSubject(Subject subject,
Map<String,String> credentials)
Called to update the subject on the worker side when new credentials are recieved.
|
protected static final AtomicReference<KerberosTicket> kerbTicket
public static KerberosTicket getTGT(Map<String,String> credentials)
public static void saveTGT(KerberosTicket tgt, Map<String,String> credentials)
public static void clearCredentials(Subject subject, KerberosTicket tgt)
public void prepare(Map<String,Object> conf)
ICredentialsRenewer
Called when initializing the service.
prepare
in interface IAutoCredentials
prepare
in interface ICredentialsRenewer
conf
- the storm cluster configuration.public void populateCredentials(Map<String,String> credentials)
IAutoCredentials
Called to populate the credentials on the client side.
populateCredentials
in interface IAutoCredentials
credentials
- the credentials to be populated.public void updateSubject(Subject subject, Map<String,String> credentials)
IAutoCredentials
Called to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.
updateSubject
in interface IAutoCredentials
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.public void populateSubject(Subject subject, Map<String,String> credentials)
IAutoCredentials
Called to initially populate the subject on the worker side with credentials passed in.
populateSubject
in interface IAutoCredentials
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.public void renew(Map<String,String> credentials, Map<String,Object> topologyConf, String topologyOwnerPrincipal)
ICredentialsRenewer
Renew any credentials that need to be renewed. (Update the credentials if needed)
renew
in interface ICredentialsRenewer
credentials
- the credentials that may have something to renew.topologyConf
- topology configuration.topologyOwnerPrincipal
- the full principal name of the owner of the topologypublic void registerMetrics(TopologyContext topoContext, Map<String,Object> topoConf)
registerMetrics
in interface IMetricsRegistrant
Copyright © 2020 The Apache Software Foundation. All rights reserved.