Package org.apache.hadoop.hbase.security.provider

Class BuiltInProviderSelector

java.lang.Object

org.apache.hadoop.hbase.security.provider.BuiltInProviderSelector

All Implemented Interfaces:

AuthenticationProviderSelector

Direct Known Subclasses:

ShadeProviderSelector

@LimitedPrivate("Authentication")
@NotThreadSafe
public class BuiltInProviderSelector
extends Object
implements AuthenticationProviderSelector

Default implementation of AuthenticationProviderSelector which can choose from the authentication implementations which HBase provides out of the box: Simple, Kerberos, and Delegation Token authentication. This implementation will ignore any SaslAuthenticationProvider's which are available on the classpath or specified in the configuration because HBase cannot correctly choose which token should be returned to a client when multiple are present. It is expected that users implement their own AuthenticationProviderSelector when writing a custom provider. This implementation is not thread-safe. configure(Configuration, Collection) and selectProvider(String, User) is not safe if they are called concurrently.

Field Summary

Fields

Modifier and Type	Field	Description
(package private) org.apache.hadoop.conf.Configuration	conf
(package private) DigestSaslClientAuthenticationProvider	digestAuth
(package private) org.apache.hadoop.io.Text	digestAuthTokenKind
(package private) GssSaslClientAuthenticationProvider	krbAuth
private static final org.slf4j.Logger	LOG
(package private) SimpleSaslClientAuthenticationProvider	simpleAuth

Constructor Summary

Constructors

Constructor	Description
BuiltInProviderSelector()

Method Summary

Modifier and Type	Method	Description
void	configure(org.apache.hadoop.conf.Configuration conf, Collection<SaslClientAuthenticationProvider> providers)	Initializes the implementation with configuration and a set of providers available.
Pair<SaslClientAuthenticationProvider,org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier>>	selectProvider(String clusterId, User user)	Chooses the authentication provider which should be used given the provided client context from the authentication providers passed in via AuthenticationProviderSelector.configure(Configuration, Collection).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

private static final org.slf4j.Logger LOG

conf

org.apache.hadoop.conf.Configuration conf

simpleAuth

SimpleSaslClientAuthenticationProvider simpleAuth

krbAuth

GssSaslClientAuthenticationProvider krbAuth

digestAuth

DigestSaslClientAuthenticationProvider digestAuth

digestAuthTokenKind

org.apache.hadoop.io.Text digestAuthTokenKind

Constructor Details

BuiltInProviderSelector

public BuiltInProviderSelector()

Method Details

configure

public void configure(org.apache.hadoop.conf.Configuration conf,
 Collection<SaslClientAuthenticationProvider> providers)

Description copied from interface: AuthenticationProviderSelector

Initializes the implementation with configuration and a set of providers available. This method should be called exactly once per implementation prior to calling AuthenticationProviderSelector.selectProvider(String, User).

Specified by:

configure in interface AuthenticationProviderSelector

selectProvider

public Pair<SaslClientAuthenticationProvider,org.apache.hadoop.security.token.Token<? extends org.apache.hadoop.security.token.TokenIdentifier>> selectProvider(String clusterId,
 User user)

Description copied from interface: AuthenticationProviderSelector

Chooses the authentication provider which should be used given the provided client context from the authentication providers passed in via AuthenticationProviderSelector.configure(Configuration, Collection).

Specified by:

selectProvider in interface AuthenticationProviderSelector