@ThreadSafe public class DefaultAuthenticationServer extends SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase implements AuthenticationServer
AuthenticationServer
. Its functions include:
-> Authentication server against which client channels could get authenticated
-> Registry of identities for known channels during RPC calls.Modifier and Type | Field and Description |
---|---|
protected ConcurrentHashMap<UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo> |
mChannels
List of channels authenticated against this server.
|
protected long |
mCleanupIntervalMs
Interval for clean-up task to fire.
|
protected AlluxioConfiguration |
mConfiguration
Alluxio client configuration.
|
protected String |
mHostName
Address of the authentication host.
|
protected ScheduledExecutorService |
mScheduler
Scheduler for periodic cleaning of channels registry.
|
Constructor and Description |
---|
DefaultAuthenticationServer(String hostName,
AlluxioConfiguration conf)
Creates
DefaultAuthenticationServer instance. |
Modifier and Type | Method and Description |
---|---|
io.grpc.stub.StreamObserver<SaslMessage> |
authenticate(io.grpc.stub.StreamObserver<SaslMessage> responseObserver)
Used to drive Sasl negotiation with clients.
|
protected void |
checkSupported(AuthType authType)
Used to check if given authentication is supported by the server.
|
void |
close()
Closes the server, releases all authentication sessions.
|
SaslServerHandler |
createSaslHandler(ChannelAuthenticationScheme authScheme)
Creates server-side Sasl handler for given scheme.
|
protected ImpersonationAuthenticator |
getImpersonationAuthenticator() |
AuthenticatedUserInfo |
getUserInfoForChannel(UUID channelId) |
void |
registerChannel(UUID channelId,
AuthenticatedUserInfo userInfo,
AuthenticatedChannelServerDriver serverDriver)
Registers new user against given channel.
|
void |
unregisterChannel(UUID channelId)
Unregisters given channel.
|
bindService
protected final ConcurrentHashMap<UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo> mChannels
protected final ScheduledExecutorService mScheduler
protected final String mHostName
protected final long mCleanupIntervalMs
protected final AlluxioConfiguration mConfiguration
public DefaultAuthenticationServer(String hostName, AlluxioConfiguration conf)
DefaultAuthenticationServer
instance.hostName
- host name of the serverconf
- Alluxio client configurationprotected ImpersonationAuthenticator getImpersonationAuthenticator()
public io.grpc.stub.StreamObserver<SaslMessage> authenticate(io.grpc.stub.StreamObserver<SaslMessage> responseObserver)
SaslAuthenticationServiceGrpc.AsyncService
Used to drive Sasl negotiation with clients.
authenticate
in interface SaslAuthenticationServiceGrpc.AsyncService
public void registerChannel(UUID channelId, AuthenticatedUserInfo userInfo, AuthenticatedChannelServerDriver serverDriver)
AuthenticationServer
registerChannel
in interface AuthenticationServer
channelId
- channel iduserInfo
- authanticated user infoserverDriver
- sasl server driverpublic AuthenticatedUserInfo getUserInfoForChannel(UUID channelId) throws UnauthenticatedException
getUserInfoForChannel
in interface AuthenticationServer
channelId
- channel idUnauthenticatedException
- if given channel is not registeredpublic void unregisterChannel(UUID channelId)
AuthenticationServer
unregisterChannel
in interface AuthenticationServer
channelId
- channel idpublic SaslServerHandler createSaslHandler(ChannelAuthenticationScheme authScheme) throws SaslException
AuthenticationServer
createSaslHandler
in interface AuthenticationServer
authScheme
- the authentication schemeSaslServerHandler
instanceSaslException
public void close()
AuthenticationServer
close
in interface AuthenticationServer
close
in interface Closeable
close
in interface AutoCloseable
protected void checkSupported(AuthType authType)
authType
- authentication typeRuntimeException
- if not supportedCopyright © 2023. All Rights Reserved.