GssSaslClientAuthenticationProvider (Apache HBase 2.5.0 API)

java.lang.Object
- org.apache.hadoop.hbase.security.provider.BuiltInSaslAuthenticationProvider
- - org.apache.hadoop.hbase.security.provider.GssSaslAuthenticationProvider
  - - org.apache.hadoop.hbase.security.provider.GssSaslClientAuthenticationProvider

All Implemented Interfaces:: SaslAuthenticationProvider, SaslClientAuthenticationProvider

@InterfaceAudience.Private
public class GssSaslClientAuthenticationProvider
extends GssSaslAuthenticationProvider
implements SaslClientAuthenticationProvider

Field Summary

Fields
Modifier and Type Field and Description

private static org.slf4j.Logger LOG
- Fields inherited from class org.apache.hadoop.hbase.security.provider.GssSaslAuthenticationProvider
  SASL_AUTH_METHOD
- Fields inherited from class org.apache.hadoop.hbase.security.provider.BuiltInSaslAuthenticationProvider
  AUTH_TOKEN_TYPE

Fields
Modifier and Type	Field and Description
`private static org.slf4j.Logger`	`LOG`

Constructor Summary

Constructors
Constructor and Description

GssSaslClientAuthenticationProvider()

Constructors
Constructor and Description
`GssSaslClientAuthenticationProvider()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`canRetry()` Returns true if the implementation is capable of performing some action which may allow a failed authentication to become a successful authentication.
`SaslClient`	`createClient(org.apache.hadoop.conf.Configuration conf, InetAddress serverAddr, SecurityInfo securityInfo, org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier> token, boolean fallbackAllowed, Map<String,String> saslProps)` Creates the SASL client instance for this auth'n method.
`static String`	`getHostnameForServerPrincipal(org.apache.hadoop.conf.Configuration conf, InetAddress addr)`
`org.apache.hadoop.security.UserGroupInformation`	`getRealUser(User user)` Returns the "real" user, the user who has the credentials being authenticated by the remote service, in the form of an `UserGroupInformation` object.
`(package private) String`	`getServerPrincipal(org.apache.hadoop.conf.Configuration conf, SecurityInfo securityInfo, InetAddress server)`
`org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos.UserInformation`	`getUserInfo(User user)` Constructs a `RPCProtos.UserInformation` from the given `UserGroupInformation`
`void`	`relogin()` Executes any necessary logic to re-login the client.
`private static boolean`	`useCanonicalHostname(org.apache.hadoop.conf.Configuration conf)`

Methods inherited from class org.apache.hadoop.hbase.security.provider.GssSaslAuthenticationProvider
getSaslAuthMethod

Methods inherited from class org.apache.hadoop.hbase.security.provider.BuiltInSaslAuthenticationProvider
getTokenKind

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.hadoop.hbase.security.provider.SaslAuthenticationProvider
getSaslAuthMethod, getTokenKind

- Field Detail
  - LOG
```
private static final org.slf4j.Logger LOG
```
- Constructor Detail
  - GssSaslClientAuthenticationProvider
```
public GssSaslClientAuthenticationProvider()
```
- Method Detail
  - useCanonicalHostname
```
private static boolean useCanonicalHostname(org.apache.hadoop.conf.Configuration conf)
```
  - getHostnameForServerPrincipal
```
public static String getHostnameForServerPrincipal(org.apache.hadoop.conf.Configuration conf,
                                                   InetAddress addr)
```
  - getServerPrincipal
```
String getServerPrincipal(org.apache.hadoop.conf.Configuration conf,
                          SecurityInfo securityInfo,
                          InetAddress server)
                   throws IOException
```
    Throws:
    
    IOException
  - createClient
```
public SaslClient createClient(org.apache.hadoop.conf.Configuration conf,
                               InetAddress serverAddr,
                               SecurityInfo securityInfo,
                               org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier> token,
                               boolean fallbackAllowed,
                               Map<String,String> saslProps)
                        throws IOException
```
    Description copied from interface: SaslClientAuthenticationProvider
    
    Creates the SASL client instance for this auth'n method.
    
    Specified by:
    
    createClient in interface SaslClientAuthenticationProvider
    
    Throws:
    
    IOException
  - getUserInfo
```
public org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos.UserInformation getUserInfo(User user)
```
    Description copied from interface: SaslClientAuthenticationProvider
    
    Constructs a RPCProtos.UserInformation from the given UserGroupInformation
    
    Specified by:
    
    getUserInfo in interface SaslClientAuthenticationProvider
  - canRetry
```
public boolean canRetry()
```
    Description copied from interface: SaslClientAuthenticationProvider
    
    Returns true if the implementation is capable of performing some action which may allow a failed authentication to become a successful authentication. Otherwise, returns false
    
    Specified by:
    
    canRetry in interface SaslClientAuthenticationProvider
  - relogin
```
public void relogin()
             throws IOException
```
    Description copied from interface: SaslClientAuthenticationProvider
    
    Executes any necessary logic to re-login the client. Not all implementations will have any logic that needs to be executed.
    
    Specified by:
    
    relogin in interface SaslClientAuthenticationProvider
    
    Throws:
    
    IOException
  - getRealUser
```
public org.apache.hadoop.security.UserGroupInformation getRealUser(User user)
```
    Description copied from interface: SaslClientAuthenticationProvider
    
    Returns the "real" user, the user who has the credentials being authenticated by the remote service, in the form of an UserGroupInformation object. It is common in the Hadoop "world" to have distinct notions of a "real" user and a "proxy" user. A "real" user is the user which actually has the credentials (often, a Kerberos ticket), but some code may be running as some other user who has no credentials. This method gives the authentication provider a chance to acknowledge this is happening and ensure that any RPCs are executed with the real user's credentials, because executing them as the proxy user would result in failure because no credentials exist to authenticate the RPC. Not all implementations will need to implement this method. By default, the provided User's UGI is returned directly.
    
    Specified by:
    
    getRealUser in interface SaslClientAuthenticationProvider

Class GssSaslClientAuthenticationProvider

Field Summary

Fields inherited from class org.apache.hadoop.hbase.security.provider.GssSaslAuthenticationProvider

Fields inherited from class org.apache.hadoop.hbase.security.provider.BuiltInSaslAuthenticationProvider

Constructor Summary

Method Summary

Methods inherited from class org.apache.hadoop.hbase.security.provider.GssSaslAuthenticationProvider

Methods inherited from class org.apache.hadoop.hbase.security.provider.BuiltInSaslAuthenticationProvider

Methods inherited from class java.lang.Object

Methods inherited from interface org.apache.hadoop.hbase.security.provider.SaslAuthenticationProvider

Field Detail

LOG

Constructor Detail

GssSaslClientAuthenticationProvider

Method Detail

useCanonicalHostname

getHostnameForServerPrincipal

getServerPrincipal

createClient

getUserInfo

canRetry

relogin

getRealUser