Package alluxio.security.authentication
Class DefaultAuthenticationServer
- java.lang.Object
-
- alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase
-
- alluxio.security.authentication.DefaultAuthenticationServer
-
- All Implemented Interfaces:
alluxio.grpc.SaslAuthenticationServiceGrpc.AsyncService
,AuthenticationServer
,io.grpc.BindableService
,java.io.Closeable
,java.lang.AutoCloseable
@ThreadSafe public class DefaultAuthenticationServer extends alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase implements AuthenticationServer
Default implementation ofAuthenticationServer
. Its functions include: -> Authentication server against which client channels could get authenticated -> Registry of identities for known channels during RPC calls.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.util.concurrent.ConcurrentHashMap<java.util.UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo>
mChannels
List of channels authenticated against this server.protected long
mCleanupIntervalMs
Interval for clean-up task to fire.protected AlluxioConfiguration
mConfiguration
Alluxio client configuration.protected java.lang.String
mHostName
Address of the authentication host.protected java.util.concurrent.ScheduledExecutorService
mScheduler
Scheduler for periodic cleaning of channels registry.
-
Constructor Summary
Constructors Constructor Description DefaultAuthenticationServer(java.lang.String hostName, AlluxioConfiguration conf)
CreatesDefaultAuthenticationServer
instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage>
authenticate(io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> responseObserver)
protected void
checkSupported(AuthType authType)
Used to check if given authentication is supported by the server.void
close()
Closes the server, releases all authentication sessions.SaslServerHandler
createSaslHandler(alluxio.grpc.ChannelAuthenticationScheme authScheme)
Creates server-side Sasl handler for given scheme.protected ImpersonationAuthenticator
getImpersonationAuthenticator()
AuthenticatedUserInfo
getUserInfoForChannel(java.util.UUID channelId)
void
registerChannel(java.util.UUID channelId, AuthenticatedUserInfo userInfo, AuthenticatedChannelServerDriver serverDriver)
Registers new user against given channel.void
unregisterChannel(java.util.UUID channelId)
Unregisters given channel.-
Methods inherited from class alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase
bindService
-
-
-
-
Field Detail
-
mChannels
protected final java.util.concurrent.ConcurrentHashMap<java.util.UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo> mChannels
List of channels authenticated against this server.
-
mScheduler
protected final java.util.concurrent.ScheduledExecutorService mScheduler
Scheduler for periodic cleaning of channels registry.
-
mHostName
protected final java.lang.String mHostName
Address of the authentication host.
-
mCleanupIntervalMs
protected final long mCleanupIntervalMs
Interval for clean-up task to fire.
-
mConfiguration
protected final AlluxioConfiguration mConfiguration
Alluxio client configuration.
-
-
Constructor Detail
-
DefaultAuthenticationServer
public DefaultAuthenticationServer(java.lang.String hostName, AlluxioConfiguration conf)
CreatesDefaultAuthenticationServer
instance.- Parameters:
hostName
- host name of the serverconf
- Alluxio client configuration
-
-
Method Detail
-
getImpersonationAuthenticator
protected ImpersonationAuthenticator getImpersonationAuthenticator()
- Returns:
- the impersonation authenticator
-
authenticate
public io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> authenticate(io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> responseObserver)
- Specified by:
authenticate
in interfacealluxio.grpc.SaslAuthenticationServiceGrpc.AsyncService
-
registerChannel
public void registerChannel(java.util.UUID channelId, AuthenticatedUserInfo userInfo, AuthenticatedChannelServerDriver serverDriver)
Description copied from interface:AuthenticationServer
Registers new user against given channel.- Specified by:
registerChannel
in interfaceAuthenticationServer
- Parameters:
channelId
- channel iduserInfo
- authanticated user infoserverDriver
- sasl server driver
-
getUserInfoForChannel
public AuthenticatedUserInfo getUserInfoForChannel(java.util.UUID channelId) throws UnauthenticatedException
- Specified by:
getUserInfoForChannel
in interfaceAuthenticationServer
- Parameters:
channelId
- channel id- Returns:
- info of user that is authenticated with the given channel
- Throws:
UnauthenticatedException
- if given channel is not registered
-
unregisterChannel
public void unregisterChannel(java.util.UUID channelId)
Description copied from interface:AuthenticationServer
Unregisters given channel.- Specified by:
unregisterChannel
in interfaceAuthenticationServer
- Parameters:
channelId
- channel id
-
createSaslHandler
public SaslServerHandler createSaslHandler(alluxio.grpc.ChannelAuthenticationScheme authScheme) throws javax.security.sasl.SaslException
Description copied from interface:AuthenticationServer
Creates server-side Sasl handler for given scheme.- Specified by:
createSaslHandler
in interfaceAuthenticationServer
- Parameters:
authScheme
- the authentication scheme- Returns:
- the created
SaslServerHandler
instance - Throws:
javax.security.sasl.SaslException
-
close
public void close()
Description copied from interface:AuthenticationServer
Closes the server, releases all authentication sessions.- Specified by:
close
in interfaceAuthenticationServer
- Specified by:
close
in interfacejava.lang.AutoCloseable
- Specified by:
close
in interfacejava.io.Closeable
-
checkSupported
protected void checkSupported(AuthType authType)
Used to check if given authentication is supported by the server.- Parameters:
authType
- authentication type- Throws:
java.lang.RuntimeException
- if not supported
-
-