/** * Populate the Storm RequestContext from an servlet request. This should be called in each handler * @param request the request to populate */ public void populateContext(HttpServletRequest request) { if (httpCredsHandler != null) { httpCredsHandler.populateContext(ReqContext.context(), request); } }
/** * Check if worker tokens should be enabled on the server side or not (for a given server). * * @param connectionType the type of server this is for. * @param conf the daemon configuration to be sure the tokens are secure. * @return true if we can enable them, else false. */ public static boolean areWorkerTokensEnabledServer(ThriftConnectionType connectionType, Map<String, Object> conf) { return connectionType.getWtType() != null && willWorkerTokensBeStoredSecurely(conf); }
/** * Check if worker tokens should be enabled on the server side or not. * * @param server a Thrift server to know if the transport support tokens or not. No need to create a token if the transport does not * support it. * @param conf the daemon configuration to be sure the tokens are secure. * @return true if we can enable them, else false. */ public static boolean areWorkerTokensEnabledServer(ThriftServer server, Map<String, Object> conf) { return server.supportsWorkerTokens() && willWorkerTokensBeStoredSecurely(conf); }
public static ReqContext mkImpersonatingReqContext(String impersonatingUser, String userBeingIUmpersonated, InetAddress remoteAddress) { ReqContext ret = new ReqContext(mkSubject(userBeingIUmpersonated)); ret.setRemoteAddress(remoteAddress); ret.setRealPrincipal(mkPrincipal(impersonatingUser)); return ret; }
private static ReqContext makeMockContext(String user) { ReqContext mockContext = Mockito.mock(ReqContext.class); Mockito.when(mockContext.principal()).thenReturn(new SingleUserPrincipal(user)); return mockContext; }
/** * Constuctor. * * @param stormConf storm configuration */ public ResourceAuthorizer(Map<String, Object> stormConf) { this.stormConf = stormConf; this.groupMappingServiceProvider = ClientAuthUtils.getGroupMappingServiceProviderPlugin(stormConf); this.principalToLocal = ClientAuthUtils.getPrincipalToLocalPlugin(stormConf); }
public TTransport doConnectWithRetry(ITransportPlugin transportPlugin, TTransport underlyingTransport, String host, String asUser) throws IOException { boolean connected = false; TTransport transportResult = null; while (!connected) { try { transportResult = transportPlugin.connect(underlyingTransport, host, asUser); connected = true; } catch (TTransportException ex) { retryNext(ex); } } return transportResult; }
/** * The port the DRPC invoke server is listening on. * @return The port the DRPC invoke server is listening on. */ public int getDrpcInvokePort() { return invokeServer.getPort(); }
/** * Construct a transport plugin per storm configuration */ public static ITransportPlugin getTransportPlugin(ThriftConnectionType type, Map<String, Object> topoConf, Configuration login_conf) { try { String transport_plugin_klassName = type.getTransportPlugin(topoConf); ITransportPlugin transportPlugin = ReflectionUtils.newInstance(transport_plugin_klassName); transportPlugin.prepare(type, topoConf, login_conf); return transportPlugin; } catch (Exception e) { throw new RuntimeException(e); } }
@Override public String toString() { return this.getName(); }
private static ThriftServer mkHandlerServer(final DistributedRPC.Iface service, Integer port, Map<String, Object> conf) { ThriftServer ret = null; if (port != null && port >= 0) { ret = new ThriftServer(conf, new DistributedRPC.Processor<>(service), ThriftConnectionType.DRPC); } return ret; }
@Override public void updateSubject(Subject subject, Map<String, String> credentials) { populateSubject(subject, credentials); }
/** * Constructor. * * @param conf the daemon config for the server. * @param connectionType the type of connection we are authorizing. */ public WorkerTokenAuthorizer(Map<String, Object> conf, ThriftConnectionType connectionType) { this(connectionType.getWtType(), buildStateIfNeeded(conf, connectionType)); }
/** * Construct an HttpServletRequest credential plugin specified by the UI storm configuration * * @param conf storm configuration * @return the plugin */ public static IHttpCredentialsPlugin getUiHttpCredentialsPlugin(Map<String, Object> conf) { String klassName = (String) conf.get(DaemonConfig.UI_HTTP_CREDS_PLUGIN); return getHttpCredentialsPlugin(conf, klassName); }
public void prepare(Map<String, Object> conf) { this.conf = conf; writeDir = getSSLWriteDirFromConf(this.conf); }
public static void withServer(String loginCfg, Class<? extends ITransportPlugin> transportPluginClass, Nimbus.Iface impl, MyBiConsumer<ThriftServer, Map<String, Object>> body) throws Exception { withServer(loginCfg, transportPluginClass, impl, null, null, body); }
/** * The port the DRPC handler server is listening on. * @return The port the DRPC handler server is listening on. */ public int getDrpcPort() { return handlerServer.getPort(); }
public int getThriftServerPort() { return thriftServer.getPort(); }