Package alluxio.security.authentication
Class DefaultAuthenticationServer
- java.lang.Object
-
- alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase
-
- alluxio.security.authentication.DefaultAuthenticationServer
-
- All Implemented Interfaces:
alluxio.grpc.SaslAuthenticationServiceGrpc.AsyncService,AuthenticationServer,io.grpc.BindableService,java.io.Closeable,java.lang.AutoCloseable
@ThreadSafe public class DefaultAuthenticationServer extends alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase implements AuthenticationServer
Default implementation ofAuthenticationServer. Its functions include: -> Authentication server against which client channels could get authenticated -> Registry of identities for known channels during RPC calls.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.util.concurrent.ConcurrentHashMap<java.util.UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo>mChannelsList of channels authenticated against this server.protected longmCleanupIntervalMsInterval for clean-up task to fire.protected AlluxioConfigurationmConfigurationAlluxio client configuration.protected java.lang.StringmHostNameAddress of the authentication host.protected java.util.concurrent.ScheduledExecutorServicemSchedulerScheduler for periodic cleaning of channels registry.
-
Constructor Summary
Constructors Constructor Description DefaultAuthenticationServer(java.lang.String hostName, AlluxioConfiguration conf)CreatesDefaultAuthenticationServerinstance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage>authenticate(io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> responseObserver)protected voidcheckSupported(AuthType authType)Used to check if given authentication is supported by the server.voidclose()Closes the server, releases all authentication sessions.SaslServerHandlercreateSaslHandler(alluxio.grpc.ChannelAuthenticationScheme authScheme)Creates server-side Sasl handler for given scheme.protected ImpersonationAuthenticatorgetImpersonationAuthenticator()AuthenticatedUserInfogetUserInfoForChannel(java.util.UUID channelId)voidregisterChannel(java.util.UUID channelId, AuthenticatedUserInfo userInfo, AuthenticatedChannelServerDriver serverDriver)Registers new user against given channel.voidunregisterChannel(java.util.UUID channelId)Unregisters given channel.-
Methods inherited from class alluxio.grpc.SaslAuthenticationServiceGrpc.SaslAuthenticationServiceImplBase
bindService
-
-
-
-
Field Detail
-
mChannels
protected final java.util.concurrent.ConcurrentHashMap<java.util.UUID,alluxio.security.authentication.DefaultAuthenticationServer.AuthenticatedChannelInfo> mChannels
List of channels authenticated against this server.
-
mScheduler
protected final java.util.concurrent.ScheduledExecutorService mScheduler
Scheduler for periodic cleaning of channels registry.
-
mHostName
protected final java.lang.String mHostName
Address of the authentication host.
-
mCleanupIntervalMs
protected final long mCleanupIntervalMs
Interval for clean-up task to fire.
-
mConfiguration
protected final AlluxioConfiguration mConfiguration
Alluxio client configuration.
-
-
Constructor Detail
-
DefaultAuthenticationServer
public DefaultAuthenticationServer(java.lang.String hostName, AlluxioConfiguration conf)CreatesDefaultAuthenticationServerinstance.- Parameters:
hostName- host name of the serverconf- Alluxio client configuration
-
-
Method Detail
-
getImpersonationAuthenticator
protected ImpersonationAuthenticator getImpersonationAuthenticator()
- Returns:
- the impersonation authenticator
-
authenticate
public io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> authenticate(io.grpc.stub.StreamObserver<alluxio.grpc.SaslMessage> responseObserver)
- Specified by:
authenticatein interfacealluxio.grpc.SaslAuthenticationServiceGrpc.AsyncService
-
registerChannel
public void registerChannel(java.util.UUID channelId, AuthenticatedUserInfo userInfo, AuthenticatedChannelServerDriver serverDriver)Description copied from interface:AuthenticationServerRegisters new user against given channel.- Specified by:
registerChannelin interfaceAuthenticationServer- Parameters:
channelId- channel iduserInfo- authanticated user infoserverDriver- sasl server driver
-
getUserInfoForChannel
public AuthenticatedUserInfo getUserInfoForChannel(java.util.UUID channelId) throws UnauthenticatedException
- Specified by:
getUserInfoForChannelin interfaceAuthenticationServer- Parameters:
channelId- channel id- Returns:
- info of user that is authenticated with the given channel
- Throws:
UnauthenticatedException- if given channel is not registered
-
unregisterChannel
public void unregisterChannel(java.util.UUID channelId)
Description copied from interface:AuthenticationServerUnregisters given channel.- Specified by:
unregisterChannelin interfaceAuthenticationServer- Parameters:
channelId- channel id
-
createSaslHandler
public SaslServerHandler createSaslHandler(alluxio.grpc.ChannelAuthenticationScheme authScheme) throws javax.security.sasl.SaslException
Description copied from interface:AuthenticationServerCreates server-side Sasl handler for given scheme.- Specified by:
createSaslHandlerin interfaceAuthenticationServer- Parameters:
authScheme- the authentication scheme- Returns:
- the created
SaslServerHandlerinstance - Throws:
javax.security.sasl.SaslException
-
close
public void close()
Description copied from interface:AuthenticationServerCloses the server, releases all authentication sessions.- Specified by:
closein interfaceAuthenticationServer- Specified by:
closein interfacejava.lang.AutoCloseable- Specified by:
closein interfacejava.io.Closeable
-
checkSupported
protected void checkSupported(AuthType authType)
Used to check if given authentication is supported by the server.- Parameters:
authType- authentication type- Throws:
java.lang.RuntimeException- if not supported
-
-