Package org.apache.zookeeper.server.auth
Interface AuthenticationProvider
-
- All Known Implementing Classes:
DigestAuthenticationProvider,EnsembleAuthenticationProvider,IPAuthenticationProvider,KeyAuthenticationProvider,SASLAuthenticationProvider,ServerAuthenticationProvider,X509AuthenticationProvider
public interface AuthenticationProviderThis interface is implemented by authentication providers to add new kinds of authentication schemes to ZooKeeper.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description StringgetScheme()The String used to represent this provider.default StringgetUserName(String id)id represents the authentication info which is set in server connection.default List<Id>handleAuthentication(javax.servlet.http.HttpServletRequest request, byte[] authData)This method is called when admin server command passes authentication data for this scheme.KeeperException.CodehandleAuthentication(ServerCnxn cnxn, byte[] authData)This method is called when a client passes authentication data for this scheme.booleanisAuthenticated()This method is used to check if the authentication done by this provider should be used to identify the creator of a node.booleanisValid(String id)Validates the syntax of an id.booleanmatches(String id, String aclExpr)This method is called to see if the given id matches the given id expression in the ACL.
-
-
-
Method Detail
-
getScheme
String getScheme()
The String used to represent this provider. This will correspond to the scheme field of an Id.- Returns:
- the scheme of this provider.
-
handleAuthentication
KeeperException.Code handleAuthentication(ServerCnxn cnxn, byte[] authData)
This method is called when a client passes authentication data for this scheme. The authData is directly from the authentication packet. The implementor may attach new ids to the authInfo field of cnxn or may use cnxn to send packets back to the client.- Parameters:
cnxn- the cnxn that received the authentication information.authData- the authentication data received.- Returns:
- TODO
-
handleAuthentication
default List<Id> handleAuthentication(javax.servlet.http.HttpServletRequest request, byte[] authData)
This method is called when admin server command passes authentication data for this scheme.- Parameters:
request- the request that contains the authentication information.authData- the authentication data received.- Returns:
- Ids the list of Id. Empty list means not authenticated
-
matches
boolean matches(String id, String aclExpr)
This method is called to see if the given id matches the given id expression in the ACL. This allows schemes to use application specific wild cards.- Parameters:
id- the id to check.aclExpr- the expression to match ids against.- Returns:
- true if the id can be matched by the expression.
-
isAuthenticated
boolean isAuthenticated()
This method is used to check if the authentication done by this provider should be used to identify the creator of a node. Some ids such as hosts and ip addresses are rather transient and in general don't really identify a client even though sometimes they do.- Returns:
- true if this provider identifies creators.
-
isValid
boolean isValid(String id)
Validates the syntax of an id.- Parameters:
id- the id to validate.- Returns:
- true if id is well formed.
-
getUserName
default String getUserName(String id)
id represents the authentication info which is set in server connection. id may contain both user name as well as password. This method should be implemented to extract the user name.- Parameters:
id- authentication info set by client.- Returns:
- String user name
-
-