Class AutoTGT
java.lang.Object
org.apache.storm.security.auth.kerberos.AutoTGT
- All Implemented Interfaces:
IMetricsRegistrant
,IAutoCredentials
,ICredentialsRenewer
public class AutoTGT
extends Object
implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user's TGT, and push it, and renew it in Nimbus.
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic void
clearCredentials
(Subject subject, KerberosTicket tgt) static KerberosTicket
static void
void
populateCredentials
(Map<String, String> credentials) Called to populate the credentials on the client side.void
populateSubject
(Subject subject, Map<String, String> credentials) Called to initially populate the subject on the worker side with credentials passed in.void
Called when initializing the service.void
registerMetrics
(TopologyContext topoContext, Map<String, Object> topoConf) void
renew
(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Renew any credentials that need to be renewed.static void
saveTGT
(KerberosTicket tgt, Map<String, String> credentials) void
updateSubject
(Subject subject, Map<String, String> credentials) Called to update the subject on the worker side when new credentials are recieved.
-
Field Details
-
kerbTicket
-
-
Constructor Details
-
AutoTGT
public AutoTGT()
-
-
Method Details
-
getTGT
-
saveTGT
-
clearCredentials
-
main
- Throws:
Exception
-
prepare
Description copied from interface:ICredentialsRenewer
Called when initializing the service.- Specified by:
prepare
in interfaceIAutoCredentials
- Specified by:
prepare
in interfaceICredentialsRenewer
- Parameters:
conf
- the storm cluster configuration.
-
populateCredentials
Description copied from interface:IAutoCredentials
Called to populate the credentials on the client side.- Specified by:
populateCredentials
in interfaceIAutoCredentials
- Parameters:
credentials
- the credentials to be populated.
-
updateSubject
Description copied from interface:IAutoCredentials
Called to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.- Specified by:
updateSubject
in interfaceIAutoCredentials
- Parameters:
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.
-
populateSubject
Description copied from interface:IAutoCredentials
Called to initially populate the subject on the worker side with credentials passed in.- Specified by:
populateSubject
in interfaceIAutoCredentials
- Parameters:
subject
- the subject to optionally put credentials in.credentials
- the credentials to be used.
-
renew
public void renew(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Description copied from interface:ICredentialsRenewer
Renew any credentials that need to be renewed. (Update the credentials if needed)- Specified by:
renew
in interfaceICredentialsRenewer
- Parameters:
credentials
- the credentials that may have something to renew.topologyConf
- topology configuration.topologyOwnerPrincipal
- the full principal name of the owner of the topology
-
registerMetrics
- Specified by:
registerMetrics
in interfaceIMetricsRegistrant
-