Package org.apache.zookeeper.util

Class SecurityUtils

java.lang.Object

org.apache.zookeeper.util.SecurityUtils

public final class SecurityUtils
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static String	QUORUM_HOSTNAME_PATTERN

Constructor Summary

Constructors

Constructor	Description
SecurityUtils()

Method Summary

Modifier and Type	Method	Description
static SaslClient	createSaslClient(ZKConfig config, Subject subject, String servicePrincipal, String protocol, String serverName, org.slf4j.Logger LOG, String entity)	Create an instance of a SaslClient.
static SaslServer	createSaslServer(Subject subject, String protocol, String serverName, CallbackHandler callbackHandler, org.slf4j.Logger LOG)	Create an instance of a SaslServer.
static String	getServerPrincipal(String principalConfig, String hostname)	Convert Kerberos principal name pattern to valid Kerberos principal name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

QUORUM_HOSTNAME_PATTERN

public static final String QUORUM_HOSTNAME_PATTERN

See Also:

Constant Field Values

Constructor Detail

SecurityUtils

public SecurityUtils()

Method Detail

createSaslClient

public static SaslClient createSaslClient(ZKConfig config,
                                          Subject subject,
                                          String servicePrincipal,
                                          String protocol,
                                          String serverName,
                                          org.slf4j.Logger LOG,
                                          String entity)
                                   throws SaslException

Create an instance of a SaslClient. It will return null if there is an exception.

Parameters:

subject - subject

servicePrincipal - principal

protocol - name of the protocol for which the authentication is being performed

serverName - name of the server to authenticate to

LOG - logger

entity - can be either zookeeper client or quorum learner

Returns:

saslclient object

Throws:

SaslException

createSaslServer

public static SaslServer createSaslServer(Subject subject,
                                          String protocol,
                                          String serverName,
                                          CallbackHandler callbackHandler,
                                          org.slf4j.Logger LOG)

Create an instance of a SaslServer. It will return null if there is an exception.

Parameters:

subject - subject

protocol - protocol

serverName - server name

callbackHandler - login callback handler

LOG - logger

Returns:

sasl server object

getServerPrincipal

public static String getServerPrincipal(String principalConfig,
                                        String hostname)

Convert Kerberos principal name pattern to valid Kerberos principal name. If the principal name contains hostname pattern "_HOST" then it replaces with the given hostname, which should be fully-qualified domain name.

Parameters:

principalConfig - the Kerberos principal name conf value to convert

hostname - the fully-qualified domain name used for substitution

Returns:

converted Kerberos principal name