org.apache.cassandra.auth.IAuthenticator Java Examples
The following examples show how to use
org.apache.cassandra.auth.IAuthenticator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AlterUserStatement.java From stratio-cassandra with Apache License 2.0 | 6 votes |
|
public void checkAccess(ClientState state) throws UnauthorizedException
{
AuthenticatedUser user = state.getUser();
boolean isSuper = user.isSuper();
if (superuser != null && user.getName().equals(username))
throw new UnauthorizedException("You aren't allowed to alter your own superuser status");
if (superuser != null && !isSuper)
throw new UnauthorizedException("Only superusers are allowed to alter superuser status");
if (!user.isSuper() && !user.getName().equals(username))
throw new UnauthorizedException("You aren't allowed to alter this user");
if (!isSuper)
{
for (IAuthenticator.Option option : opts.getOptions().keySet())
{
if (!DatabaseDescriptor.getAuthenticator().alterableOptions().contains(option))
throw new UnauthorizedException(String.format("You aren't allowed to alter %s option", option));
}
}
}
Example #2
| Source File: UserOptions.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
public void validate() throws InvalidRequestException
{
for (IAuthenticator.Option option : options.keySet())
{
if (!DatabaseDescriptor.getAuthenticator().supportedOptions().contains(option))
throw new InvalidRequestException(String.format("%s doesn't support %s option",
DatabaseDescriptor.getAuthenticator().getClass().getName(),
option));
}
}
Example #3
| Source File: AbstractColumnFamilyOutputFormat.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
public static void login(String user, String password, Cassandra.Client client) throws Exception
{
Map<String, String> creds = new HashMap<String, String>();
creds.put(IAuthenticator.USERNAME_KEY, user);
creds.put(IAuthenticator.PASSWORD_KEY, password);
AuthenticationRequest authRequest = new AuthenticationRequest(creds);
client.login(authRequest);
}
Example #4
| Source File: AbstractColumnFamilyInputFormat.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
public static Cassandra.Client createAuthenticatedClient(String location, int port, Configuration conf) throws Exception
{
logger.debug("Creating authenticated client for CF input format");
TTransport transport;
try
{
transport = ConfigHelper.getClientTransportFactory(conf).openTransport(location, port);
}
catch (Exception e)
{
throw new TTransportException("Failed to open a transport to " + location + ":" + port + ".", e);
}
TProtocol binaryProtocol = new TBinaryProtocol(transport, true, true);
Cassandra.Client client = new Cassandra.Client(binaryProtocol);
// log in
client.set_keyspace(ConfigHelper.getInputKeyspace(conf));
if ((ConfigHelper.getInputKeyspaceUserName(conf) != null) && (ConfigHelper.getInputKeyspacePassword(conf) != null))
{
Map<String, String> creds = new HashMap<String, String>();
creds.put(IAuthenticator.USERNAME_KEY, ConfigHelper.getInputKeyspaceUserName(conf));
creds.put(IAuthenticator.PASSWORD_KEY, ConfigHelper.getInputKeyspacePassword(conf));
AuthenticationRequest authRequest = new AuthenticationRequest(creds);
client.login(authRequest);
}
logger.debug("Authenticated client for CF input format created successfully");
return client;
}
Example #5
| Source File: Client.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
private byte[] encodeCredentialsForSasl(Map<String, String> credentials)
{
byte[] username = credentials.get(IAuthenticator.USERNAME_KEY).getBytes(StandardCharsets.UTF_8);
byte[] password = credentials.get(IAuthenticator.PASSWORD_KEY).getBytes(StandardCharsets.UTF_8);
byte[] initialResponse = new byte[username.length + password.length + 2];
initialResponse[0] = 0;
System.arraycopy(username, 0, initialResponse, 1, username.length);
initialResponse[username.length + 1] = 0;
System.arraycopy(password, 0, initialResponse, username.length + 2, password.length);
return initialResponse;
}
Example #6
| Source File: BulkLoader.java From stratio-cassandra with Apache License 2.0 | 5 votes |
|
private static Cassandra.Client createThriftClient(String host, int port, String user, String passwd, ITransportFactory transportFactory) throws Exception
{
TTransport trans = transportFactory.openTransport(host, port);
TProtocol protocol = new TBinaryProtocol(trans);
Cassandra.Client client = new Cassandra.Client(protocol);
if (user != null && passwd != null)
{
Map<String, String> credentials = new HashMap<>();
credentials.put(IAuthenticator.USERNAME_KEY, user);
credentials.put(IAuthenticator.PASSWORD_KEY, passwd);
AuthenticationRequest authenticationRequest = new AuthenticationRequest(credentials);
client.login(authenticationRequest);
}
return client;
}
Example #7
| Source File: UserOptions.java From stratio-cassandra with Apache License 2.0 | 4 votes |
|
public void put(String name, Object value)
{
options.put(IAuthenticator.Option.valueOf(name.toUpperCase()), value);
}
Example #8
| Source File: UserOptions.java From stratio-cassandra with Apache License 2.0 | 4 votes |
|
public Map<IAuthenticator.Option, Object> getOptions()
{
return options;
}
Example #9
| Source File: FBUtilities.java From stratio-cassandra with Apache License 2.0 | 4 votes |
|
public static IAuthenticator newAuthenticator(String className) throws ConfigurationException
{
if (!className.contains("."))
className = "org.apache.cassandra.auth." + className;
return FBUtilities.construct(className, "authenticator");
}
Example #10
| Source File: Server.java From stratio-cassandra with Apache License 2.0 | 4 votes |
|
private void run()
{
// Check that a SaslAuthenticator can be provided by the configured
// IAuthenticator. If not, don't start the server.
IAuthenticator authenticator = DatabaseDescriptor.getAuthenticator();
if (authenticator.requireAuthentication() && !(authenticator instanceof ISaslAwareAuthenticator))
{
logger.error("Not starting native transport as the configured IAuthenticator is not capable of SASL authentication");
isRunning.compareAndSet(true, false);
return;
}
// Configure the server.
eventExecutorGroup = new RequestThreadPoolExecutor();
boolean hasEpoll = enableEpoll ? Epoll.isAvailable() : false;
if (hasEpoll)
{
workerGroup = new EpollEventLoopGroup();
logger.info("Netty using native Epoll event loop");
}
else
{
workerGroup = new NioEventLoopGroup();
logger.info("Netty using Java NIO event loop");
}
ServerBootstrap bootstrap = new ServerBootstrap()
.group(workerGroup)
.channel(hasEpoll ? EpollServerSocketChannel.class : NioServerSocketChannel.class)
.childOption(ChannelOption.TCP_NODELAY, true)
.childOption(ChannelOption.SO_LINGER, 0)
.childOption(ChannelOption.SO_KEEPALIVE, DatabaseDescriptor.getRpcKeepAlive())
.childOption(ChannelOption.ALLOCATOR, CBUtil.allocator)
.childOption(ChannelOption.WRITE_BUFFER_HIGH_WATER_MARK, 32 * 1024)
.childOption(ChannelOption.WRITE_BUFFER_LOW_WATER_MARK, 8 * 1024);
final EncryptionOptions.ClientEncryptionOptions clientEnc = DatabaseDescriptor.getClientEncryptionOptions();
if (clientEnc.enabled)
{
logger.info("Enabling encrypted CQL connections between client and server");
bootstrap.childHandler(new SecureInitializer(this, clientEnc));
}
else
{
bootstrap.childHandler(new Initializer(this));
}
// Bind and start to accept incoming connections.
logger.info("Using Netty Version: {}", Version.identify().entrySet());
logger.info("Starting listening for CQL clients on {}...", socket);
ChannelFuture bindFuture = bootstrap.bind(socket);
if (!bindFuture.awaitUninterruptibly().isSuccess())
throw new IllegalStateException(String.format("Failed to bind port %d on %s.", socket.getPort(), socket.getAddress().getHostAddress()));
connectionTracker.allChannels.add(bindFuture.channel());
isRunning.set(true);
}
Example #11
| Source File: DatabaseDescriptor.java From stratio-cassandra with Apache License 2.0 | 4 votes |
|
public static IAuthenticator getAuthenticator()
{
return authenticator;
}
