public abstract class AbstractAutoCreds extends Object implements IAutoCredentials, ICredentialsRenewer, INimbusCredentialPlugin
The base class that for auto credential plugins that abstracts out some of the common functionality.
Modifier and Type | Field and Description |
---|---|
static String |
CONFIG_KEY_RESOURCES |
Constructor and Description |
---|
AbstractAutoCreds() |
Modifier and Type | Method and Description |
---|---|
protected abstract void |
doPrepare(Map conf)
Prepare the plugin
|
protected abstract void |
doRenew(Map<String,String> credentials,
Map<String,Object> topologyConf,
String ownerPrincipal) |
protected void |
fillHadoopConfiguration(Map topoConf,
String configKey,
org.apache.hadoop.conf.Configuration configuration) |
protected abstract String |
getConfigKeyString()
The lookup key for the config key string
|
protected abstract String |
getCredentialKey(String configKey)
The key with which the credentials are stored in the credentials map
|
protected Set<org.apache.commons.math3.util.Pair<String,org.apache.hadoop.security.Credentials>> |
getCredentials(Map<String,String> credentials) |
protected abstract byte[] |
getHadoopCredentials(Map<String,Object> conf,
String topologyOwnerPrincipal) |
protected abstract byte[] |
getHadoopCredentials(Map<String,Object> conf,
String configKey,
String topologyOwnerPrincipal) |
void |
populateCredentials(Map<String,String> credentials)
Called to populate the credentials on the client side.
|
void |
populateCredentials(Map<String,String> credentials,
Map<String,Object> topoConf,
String topologyOwnerPrincipal)
Method that will be called on nimbus as part of submit topology.
|
void |
populateSubject(Subject subject,
Map<String,String> credentials)
Called to initially populate the subject on the worker side with credentials passed in.
|
void |
prepare(Map conf)
Called when initializing the service.
|
void |
renew(Map<String,String> credentials,
Map<String,Object> topologyConf,
String ownerPrincipal)
Renew any credentials that need to be renewed.
|
void |
updateSubject(Subject subject,
Map<String,String> credentials)
Called to update the subject on the worker side when new credentials are recieved.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
renew
populateCredentials
shutdown
public static final String CONFIG_KEY_RESOURCES
public void prepare(Map conf)
ICredentialsRenewer
Called when initializing the service.
prepare
in interface IAutoCredentials
prepare
in interface ICredentialsRenewer
prepare
in interface INimbusCredentialPlugin
conf
- the storm cluster configuration.public void populateCredentials(Map<String,String> credentials, Map<String,Object> topoConf, String topologyOwnerPrincipal)
INimbusCredentialPlugin
Method that will be called on nimbus as part of submit topology. This plugin will be called at least once during the submit Topology action. It will be not be called during activate instead the credentials return by this method will be merged with the other credentials in the topology and stored in zookeeper.
populateCredentials
in interface INimbusCredentialPlugin
credentials
- credentials map where more credentials will be added.topoConf
- topology configurationtopologyOwnerPrincipal
- the full principal name of the owner of the topologypublic void renew(Map<String,String> credentials, Map<String,Object> topologyConf, String ownerPrincipal)
ICredentialsRenewer
Renew any credentials that need to be renewed. (Update the credentials if needed)
renew
in interface ICredentialsRenewer
credentials
- the credentials that may have something to renew.topologyConf
- topology configuration.ownerPrincipal
- the full principal name of the owner of the topologypublic void populateCredentials(Map<String,String> credentials)
IAutoCredentials
Called to populate the credentials on the client side.
populateCredentials
in interface IAutoCredentials
credentials
- the credentials to be populated.public void populateSubject(Subject subject, Map<String,String> credentials)
Called to initially populate the subject on the worker side with credentials passed in.
populateSubject
in interface IAutoCredentials
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.public void updateSubject(Subject subject, Map<String,String> credentials)
Called to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.
updateSubject
in interface IAutoCredentials
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.protected Set<org.apache.commons.math3.util.Pair<String,org.apache.hadoop.security.Credentials>> getCredentials(Map<String,String> credentials)
protected void fillHadoopConfiguration(Map topoConf, String configKey, org.apache.hadoop.conf.Configuration configuration)
protected abstract void doPrepare(Map conf)
Prepare the plugin
conf
- the storm cluster conf set via storm.yamlprotected abstract String getConfigKeyString()
The lookup key for the config key string
protected abstract String getCredentialKey(String configKey)
The key with which the credentials are stored in the credentials map
protected abstract byte[] getHadoopCredentials(Map<String,Object> conf, String configKey, String topologyOwnerPrincipal)
protected abstract byte[] getHadoopCredentials(Map<String,Object> conf, String topologyOwnerPrincipal)
Copyright © 2022 The Apache Software Foundation. All Rights Reserved.