Package org.apache.storm.security.auth
Class AutoSSL
java.lang.Object
org.apache.storm.security.auth.AutoSSL
- All Implemented Interfaces:
- IAutoCredentials
This plugin is intended to be used for user topologies to send SSL keystore/truststore files to the remote workers. On the client side,
 this takes the files specified in ssl.credential.files, reads the file contents, base64's it, converts it to a String, and adds it to the
 credentials map. The key in the credentials map is the name of the file. On the worker side it uses the filenames from the
 ssl.credential.files config to lookup the keys in the credentials map and decodes it and writes it back out as a file.
 
User is responsible for referencing them from the topology code as filename.
- 
Field SummaryFields
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionstatic voidprotected StringgetSSLWriteDirFromConf(Map<String, Object> conf) voidpopulateCredentials(Map<String, String> credentials) Called to populate the credentials on the client side.voidpopulateSubject(Subject subject, Map<String, String> credentials) Called to initially populate the subject on the worker side with credentials passed in.voidstatic voidserializeSSLFile(String readFile, Map<String, String> credentials) voidupdateSubject(Subject subject, Map<String, String> credentials) Called to update the subject on the worker side when new credentials are recieved.
- 
Field Details- 
SSL_FILES_CONF- See Also:
 
 
- 
- 
Constructor Details- 
AutoSSLpublic AutoSSL()
 
- 
- 
Method Details- 
serializeSSLFile
- 
deserializeSSLFile
- 
prepare- Specified by:
- preparein interface- IAutoCredentials
 
- 
getSSLWriteDirFromConf
- 
populateCredentialsDescription copied from interface:IAutoCredentialsCalled to populate the credentials on the client side.- Specified by:
- populateCredentialsin interface- IAutoCredentials
- Parameters:
- credentials- the credentials to be populated.
 
- 
updateSubjectDescription copied from interface:IAutoCredentialsCalled to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.- Specified by:
- updateSubjectin interface- IAutoCredentials
- Parameters:
- subject- the subject to optionally put credentials in.
- credentials- the credentials to be used.
 
- 
populateSubjectDescription copied from interface:IAutoCredentialsCalled to initially populate the subject on the worker side with credentials passed in.- Specified by:
- populateSubjectin interface- IAutoCredentials
- Parameters:
- subject- the subject to optionally put credentials in.
- credentials- the credentials to be used.
 
 
-