Class AutoTGT
java.lang.Object
org.apache.storm.security.auth.kerberos.AutoTGT
- All Implemented Interfaces:
IMetricsRegistrant,IAutoCredentials,ICredentialsRenewer
public class AutoTGT
extends Object
implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user's TGT, and push it, and renew it in Nimbus.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic voidclearCredentials(Subject subject, KerberosTicket tgt) static KerberosTicketstatic voidvoidpopulateCredentials(Map<String, String> credentials) Called to populate the credentials on the client side.voidpopulateSubject(Subject subject, Map<String, String> credentials) Called to initially populate the subject on the worker side with credentials passed in.voidCalled when initializing the service.voidregisterMetrics(TopologyContext topoContext, Map<String, Object> topoConf) voidrenew(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Renew any credentials that need to be renewed.static voidsaveTGT(KerberosTicket tgt, Map<String, String> credentials) voidupdateSubject(Subject subject, Map<String, String> credentials) Called to update the subject on the worker side when new credentials are recieved.
-
Field Details
-
kerbTicket
-
-
Constructor Details
-
AutoTGT
public AutoTGT()
-
-
Method Details
-
getTGT
-
saveTGT
-
clearCredentials
-
main
- Throws:
Exception
-
prepare
Description copied from interface:ICredentialsRenewerCalled when initializing the service.- Specified by:
preparein interfaceIAutoCredentials- Specified by:
preparein interfaceICredentialsRenewer- Parameters:
conf- the storm cluster configuration.
-
populateCredentials
Description copied from interface:IAutoCredentialsCalled to populate the credentials on the client side.- Specified by:
populateCredentialsin interfaceIAutoCredentials- Parameters:
credentials- the credentials to be populated.
-
updateSubject
Description copied from interface:IAutoCredentialsCalled to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.- Specified by:
updateSubjectin interfaceIAutoCredentials- Parameters:
subject- the subject to optionally put credentials in.credentials- the credentials to be used.
-
populateSubject
Description copied from interface:IAutoCredentialsCalled to initially populate the subject on the worker side with credentials passed in.- Specified by:
populateSubjectin interfaceIAutoCredentials- Parameters:
subject- the subject to optionally put credentials in.credentials- the credentials to be used.
-
renew
public void renew(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Description copied from interface:ICredentialsRenewerRenew any credentials that need to be renewed. (Update the credentials if needed)- Specified by:
renewin interfaceICredentialsRenewer- Parameters:
credentials- the credentials that may have something to renew.topologyConf- topology configuration.topologyOwnerPrincipal- the full principal name of the owner of the topology
-
registerMetrics
- Specified by:
registerMetricsin interfaceIMetricsRegistrant
-