Java Code Examples for org.apache.hadoop.security.SaslRpcServer.AuthMethod#getMechanismName()

The following examples show how to use org.apache.hadoop.security.SaslRpcServer.AuthMethod#getMechanismName() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SaslRpcClient.java    From hadoop with Apache License 2.0 4 votes vote down vote up
/**
 * Try to create a SaslClient for an authentication type.  May return
 * null if the type isn't supported or the client lacks the required
 * credentials.
 * 
 * @param authType - the requested authentication method
 * @return SaslClient for the authType or null
 * @throws SaslException - error instantiating client
 * @throws IOException - misc errors
 */
private SaslClient createSaslClient(SaslAuth authType)
    throws SaslException, IOException {
  String saslUser = null;
  // SASL requires the client and server to use the same proto and serverId
  // if necessary, auth types below will verify they are valid
  final String saslProtocol = authType.getProtocol();
  final String saslServerName = authType.getServerId();
  Map<String, String> saslProperties =
    saslPropsResolver.getClientProperties(serverAddr.getAddress());  
  CallbackHandler saslCallback = null;
  
  final AuthMethod method = AuthMethod.valueOf(authType.getMethod());
  switch (method) {
    case TOKEN: {
      Token<?> token = getServerToken(authType);
      if (token == null) {
        return null; // tokens aren't supported or user doesn't have one
      }
      saslCallback = new SaslClientCallbackHandler(token);
      break;
    }
    case KERBEROS: {
      if (ugi.getRealAuthenticationMethod().getAuthMethod() !=
          AuthMethod.KERBEROS) {
        return null; // client isn't using kerberos
      }
      String serverPrincipal = getServerPrincipal(authType);
      if (serverPrincipal == null) {
        return null; // protocol doesn't use kerberos
      }
      if (LOG.isDebugEnabled()) {
        LOG.debug("RPC Server's Kerberos principal name for protocol="
            + protocol.getCanonicalName() + " is " + serverPrincipal);
      }
      break;
    }
    default:
      throw new IOException("Unknown authentication method " + method);
  }
  
  String mechanism = method.getMechanismName();
  if (LOG.isDebugEnabled()) {
    LOG.debug("Creating SASL " + mechanism + "(" + method + ") "
        + " client to authenticate to service at " + saslServerName);
  }
  return Sasl.createSaslClient(
      new String[] { mechanism }, saslUser, saslProtocol, saslServerName,
      saslProperties, saslCallback);
}
 
Example 2
Source File: SaslRpcClient.java    From big-c with Apache License 2.0 4 votes vote down vote up
/**
 * Try to create a SaslClient for an authentication type.  May return
 * null if the type isn't supported or the client lacks the required
 * credentials.
 * 
 * @param authType - the requested authentication method
 * @return SaslClient for the authType or null
 * @throws SaslException - error instantiating client
 * @throws IOException - misc errors
 */
private SaslClient createSaslClient(SaslAuth authType)
    throws SaslException, IOException {
  String saslUser = null;
  // SASL requires the client and server to use the same proto and serverId
  // if necessary, auth types below will verify they are valid
  final String saslProtocol = authType.getProtocol();
  final String saslServerName = authType.getServerId();
  Map<String, String> saslProperties =
    saslPropsResolver.getClientProperties(serverAddr.getAddress());  
  CallbackHandler saslCallback = null;
  
  final AuthMethod method = AuthMethod.valueOf(authType.getMethod());
  switch (method) {
    case TOKEN: {
      Token<?> token = getServerToken(authType);
      if (token == null) {
        return null; // tokens aren't supported or user doesn't have one
      }
      saslCallback = new SaslClientCallbackHandler(token);
      break;
    }
    case KERBEROS: {
      if (ugi.getRealAuthenticationMethod().getAuthMethod() !=
          AuthMethod.KERBEROS) {
        return null; // client isn't using kerberos
      }
      String serverPrincipal = getServerPrincipal(authType);
      if (serverPrincipal == null) {
        return null; // protocol doesn't use kerberos
      }
      if (LOG.isDebugEnabled()) {
        LOG.debug("RPC Server's Kerberos principal name for protocol="
            + protocol.getCanonicalName() + " is " + serverPrincipal);
      }
      break;
    }
    default:
      throw new IOException("Unknown authentication method " + method);
  }
  
  String mechanism = method.getMechanismName();
  if (LOG.isDebugEnabled()) {
    LOG.debug("Creating SASL " + mechanism + "(" + method + ") "
        + " client to authenticate to service at " + saslServerName);
  }
  return Sasl.createSaslClient(
      new String[] { mechanism }, saslUser, saslProtocol, saslServerName,
      saslProperties, saslCallback);
}