Class AutoTGT
java.lang.Object
org.apache.storm.security.auth.kerberos.AutoTGT
- All Implemented Interfaces:
- IMetricsRegistrant,- IAutoCredentials,- ICredentialsRenewer
public class AutoTGT
extends Object
implements IAutoCredentials, ICredentialsRenewer, IMetricsRegistrant
Automatically take a user's TGT, and push it, and renew it in Nimbus.
- 
Field SummaryFields
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionstatic voidclearCredentials(Subject subject, KerberosTicket tgt) static KerberosTicketstatic voidvoidpopulateCredentials(Map<String, String> credentials) Called to populate the credentials on the client side.voidpopulateSubject(Subject subject, Map<String, String> credentials) Called to initially populate the subject on the worker side with credentials passed in.voidCalled when initializing the service.voidregisterMetrics(TopologyContext topoContext, Map<String, Object> topoConf) voidrenew(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Renew any credentials that need to be renewed.static voidsaveTGT(KerberosTicket tgt, Map<String, String> credentials) voidupdateSubject(Subject subject, Map<String, String> credentials) Called to update the subject on the worker side when new credentials are recieved.
- 
Field Details- 
kerbTicket
 
- 
- 
Constructor Details- 
AutoTGTpublic AutoTGT()
 
- 
- 
Method Details- 
getTGT
- 
saveTGT
- 
clearCredentials
- 
main- Throws:
- Exception
 
- 
prepareDescription copied from interface:ICredentialsRenewerCalled when initializing the service.- Specified by:
- preparein interface- IAutoCredentials
- Specified by:
- preparein interface- ICredentialsRenewer
- Parameters:
- conf- the storm cluster configuration.
 
- 
populateCredentialsDescription copied from interface:IAutoCredentialsCalled to populate the credentials on the client side.- Specified by:
- populateCredentialsin interface- IAutoCredentials
- Parameters:
- credentials- the credentials to be populated.
 
- 
updateSubjectDescription copied from interface:IAutoCredentialsCalled to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.- Specified by:
- updateSubjectin interface- IAutoCredentials
- Parameters:
- subject- the subject to optionally put credentials in.
- credentials- the credentials to be used.
 
- 
populateSubjectDescription copied from interface:IAutoCredentialsCalled to initially populate the subject on the worker side with credentials passed in.- Specified by:
- populateSubjectin interface- IAutoCredentials
- Parameters:
- subject- the subject to optionally put credentials in.
- credentials- the credentials to be used.
 
- 
renewpublic void renew(Map<String, String> credentials, Map<String, Object> topologyConf, String topologyOwnerPrincipal) Description copied from interface:ICredentialsRenewerRenew any credentials that need to be renewed. (Update the credentials if needed)- Specified by:
- renewin interface- ICredentialsRenewer
- Parameters:
- credentials- the credentials that may have something to renew.
- topologyConf- topology configuration.
- topologyOwnerPrincipal- the full principal name of the owner of the topology
 
- 
registerMetrics- Specified by:
- registerMetricsin interface- IMetricsRegistrant
 
 
-