@InterfaceAudience.Private public class SaslClientHandler extends io.netty.channel.ChannelDuplexHandler
| Modifier and Type | Class and Description |
|---|---|
static interface |
SaslClientHandler.SaslExceptionHandler
Handler for exceptions during Sasl connection
|
static interface |
SaslClientHandler.SaslSuccessfulConnectHandler
Handler for successful connects
|
| Modifier and Type | Field and Description |
|---|---|
private SaslClientHandler.SaslExceptionHandler |
exceptionHandler |
private boolean |
fallbackAllowed |
private boolean |
firstRead |
private static org.apache.commons.logging.Log |
LOG |
private Random |
random |
private int |
retryCount |
private SaslClient |
saslClient
Used for client or server's token to send or receive from each other.
|
private byte[] |
saslToken |
private SaslClientHandler.SaslSuccessfulConnectHandler |
successfulConnectHandler |
private org.apache.hadoop.security.UserGroupInformation |
ticket |
| Constructor and Description |
|---|
SaslClientHandler(org.apache.hadoop.security.UserGroupInformation ticket,
AuthMethod method,
org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier> token,
String serverPrincipal,
boolean fallbackAllowed,
String rpcProtection,
SaslClientHandler.SaslExceptionHandler exceptionHandler,
SaslClientHandler.SaslSuccessfulConnectHandler successfulConnectHandler)
Constructor
|
| Modifier and Type | Method and Description |
|---|---|
void |
channelRead(io.netty.channel.ChannelHandlerContext ctx,
Object msg) |
void |
channelUnregistered(io.netty.channel.ChannelHandlerContext ctx) |
protected SaslClient |
createDigestSaslClient(String[] mechanismNames,
String saslDefaultRealm,
CallbackHandler saslClientCallbackHandler)
Create a Digest Sasl client
|
protected SaslClient |
createKerberosSaslClient(String[] mechanismNames,
String userFirstPart,
String userSecondPart)
Create Kerberos client
|
private byte[] |
evaluateChallenge(byte[] challenge) |
void |
exceptionCaught(io.netty.channel.ChannelHandlerContext ctx,
Throwable cause) |
void |
handlerAdded(io.netty.channel.ChannelHandlerContext ctx) |
private static void |
readStatus(io.netty.buffer.ByteBuf inStream)
Get the read status
|
void |
write(io.netty.channel.ChannelHandlerContext ctx,
Object msg,
io.netty.channel.ChannelPromise promise) |
private void |
writeSaslToken(io.netty.channel.ChannelHandlerContext ctx,
byte[] saslToken)
Write SASL token
|
bind, close, connect, deregister, disconnect, flush, readchannelActive, channelInactive, channelReadComplete, channelRegistered, channelWritabilityChanged, userEventTriggeredensureNotSharable, handlerRemoved, isSharableprivate static final org.apache.commons.logging.Log LOG
private final boolean fallbackAllowed
private final org.apache.hadoop.security.UserGroupInformation ticket
private final SaslClient saslClient
private final SaslClientHandler.SaslExceptionHandler exceptionHandler
private final SaslClientHandler.SaslSuccessfulConnectHandler successfulConnectHandler
private byte[] saslToken
private boolean firstRead
private int retryCount
private Random random
public SaslClientHandler(org.apache.hadoop.security.UserGroupInformation ticket,
AuthMethod method,
org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier> token,
String serverPrincipal,
boolean fallbackAllowed,
String rpcProtection,
SaslClientHandler.SaslExceptionHandler exceptionHandler,
SaslClientHandler.SaslSuccessfulConnectHandler successfulConnectHandler)
throws IOException
ticket - the ugimethod - auth methodtoken - for SaslserverPrincipal - Server's Kerberos principal namefallbackAllowed - True if server may also fall back to less secure connectionrpcProtection - Quality of protection. Can be 'authentication', 'integrity' or
'privacy'.exceptionHandler - handler for exceptionssuccessfulConnectHandler - handler for succesful connectsIOException - if handler could not be createdprotected SaslClient createDigestSaslClient(String[] mechanismNames, String saslDefaultRealm, CallbackHandler saslClientCallbackHandler) throws IOException
mechanismNames - names of mechanismssaslDefaultRealm - default realm for saslsaslClientCallbackHandler - handler for the clientIOException - if creation went wrongprotected SaslClient createKerberosSaslClient(String[] mechanismNames, String userFirstPart, String userSecondPart) throws IOException
mechanismNames - names of mechanismsuserFirstPart - first part of usernameuserSecondPart - second part of usernameIOException - if failspublic void channelUnregistered(io.netty.channel.ChannelHandlerContext ctx)
throws Exception
channelUnregistered in interface io.netty.channel.ChannelInboundHandlerchannelUnregistered in class io.netty.channel.ChannelInboundHandlerAdapterExceptionprivate byte[] evaluateChallenge(byte[] challenge)
throws Exception
Exceptionpublic void handlerAdded(io.netty.channel.ChannelHandlerContext ctx)
throws Exception
handlerAdded in interface io.netty.channel.ChannelHandlerhandlerAdded in class io.netty.channel.ChannelHandlerAdapterExceptionpublic void channelRead(io.netty.channel.ChannelHandlerContext ctx,
Object msg)
throws Exception
channelRead in interface io.netty.channel.ChannelInboundHandlerchannelRead in class io.netty.channel.ChannelInboundHandlerAdapterExceptionprivate void writeSaslToken(io.netty.channel.ChannelHandlerContext ctx,
byte[] saslToken)
ctx - to write tosaslToken - to writeprivate static void readStatus(io.netty.buffer.ByteBuf inStream)
throws org.apache.hadoop.ipc.RemoteException
inStream - to readorg.apache.hadoop.ipc.RemoteException - if status was not successpublic void exceptionCaught(io.netty.channel.ChannelHandlerContext ctx,
Throwable cause)
throws Exception
exceptionCaught in interface io.netty.channel.ChannelHandlerexceptionCaught in interface io.netty.channel.ChannelInboundHandlerexceptionCaught in class io.netty.channel.ChannelInboundHandlerAdapterExceptionCopyright © 2007–2019 The Apache Software Foundation. All rights reserved.