• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

Java TSaslServerTransport类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.apache.thrift.transport.TSaslServerTransport的典型用法代码示例。如果您正苦于以下问题:Java TSaslServerTransport类的具体用法?Java TSaslServerTransport怎么用?Java TSaslServerTransport使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



TSaslServerTransport类属于org.apache.thrift.transport包,在下文中一共展示了TSaslServerTransport类的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: getSASLTransportFactory

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
private TTransportFactory getSASLTransportFactory() {
  String[] names;
  try {
    names = FlumeAuthenticationUtil.splitKerberosName(principal);
  } catch (IOException e) {
    throw new FlumeException(
            "Error while trying to resolve Principal name - " + principal, e);
  }
  Map<String, String> saslProperties = new HashMap<String, String>();
  saslProperties.put(Sasl.QOP, "auth");
  TSaslServerTransport.Factory saslTransportFactory =
          new TSaslServerTransport.Factory();
  saslTransportFactory.addServerDefinition(
          "GSSAPI", names[0], names[1], saslProperties,
          FlumeAuthenticationUtil.getSaslGssCallbackHandler());
  return saslTransportFactory;
}
 
开发者ID:moueimei,项目名称:flume-release-1.7.0,代码行数:18,代码来源:ThriftSource.java


示例2: process

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
public boolean process(final TProtocol inProt, final TProtocol outProt) throws TException {
    // populating request context
    ReqContext req_context = ReqContext.context();

    TTransport trans = inProt.getTransport();
    // Sasl transport
    TSaslServerTransport saslTrans = (TSaslServerTransport) trans;
    // remote address
    TSocket tsocket = (TSocket) saslTrans.getUnderlyingTransport();
    Socket socket = tsocket.getSocket();
    req_context.setRemoteAddress(socket.getInetAddress());

    // remote subject
    SaslServer saslServer = saslTrans.getSaslServer();
    String authId = saslServer.getAuthorizationID();
    Subject remoteUser = new Subject();
    remoteUser.getPrincipals().add(new User(authId));
    req_context.setSubject(remoteUser);

    // invoke service handler
    return wrapped.process(inProt, outProt);
}
 
开发者ID:kkllwww007,项目名称:jstrom,代码行数:23,代码来源:SaslTransportPlugin.java


示例3: process

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
public boolean process(final TProtocol inProt, final TProtocol outProt) throws TException {
    //populating request context 
    ReqContext req_context = ReqContext.context();

    TTransport trans = inProt.getTransport();
    //Sasl transport
    TSaslServerTransport saslTrans = (TSaslServerTransport)trans;

    //remote address
    TSocket tsocket = (TSocket)saslTrans.getUnderlyingTransport();
    Socket socket = tsocket.getSocket();
    req_context.setRemoteAddress(socket.getInetAddress());

    //remote subject 
    SaslServer saslServer = saslTrans.getSaslServer();
    String authId = saslServer.getAuthorizationID();
    Subject remoteUser = new Subject();
    remoteUser.getPrincipals().add(new User(authId));
    req_context.setSubject(remoteUser);
    
    //invoke service handler
    return wrapped.process(inProt, outProt);
}
 
开发者ID:metamx,项目名称:incubator-storm,代码行数:24,代码来源:SaslTransportPlugin.java


示例4: getServerTransportFactory

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
protected TTransportFactory getServerTransportFactory() throws IOException {
    // create an authentication callback handler
    CallbackHandler serer_callback_handler = new ServerCallbackHandler(login_conf);

    // create a transport factory that will invoke our auth callback for digest
    TSaslServerTransport.Factory factory = new TSaslServerTransport.Factory();
    factory.addServerDefinition(DIGEST, AuthUtils.SERVICE, "localhost", null, serer_callback_handler);

    LOG.info("SASL DIGEST-MD5 transport factory will be used");
    return factory;
}
 
开发者ID:kkllwww007,项目名称:jstrom,代码行数:12,代码来源:DigestSaslTransportPlugin.java


示例5: getServerTransportFactory

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
protected TTransportFactory getServerTransportFactory() throws IOException {        
    //create an authentication callback handler
    CallbackHandler serer_callback_handler = new ServerCallbackHandler(login_conf);

    //create a transport factory that will invoke our auth callback for digest
    TSaslServerTransport.Factory factory = new TSaslServerTransport.Factory();
    factory.addServerDefinition(DIGEST, AuthUtils.SERVICE, "localhost", null, serer_callback_handler);

    LOG.info("SASL DIGEST-MD5 transport factory will be used");
    return factory;
}
 
开发者ID:metamx,项目名称:incubator-storm,代码行数:12,代码来源:DigestSaslTransportPlugin.java


示例6: setImpersonator

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
public static void setImpersonator(final TProtocol in) {
  try {
    TTransport transport = in.getTransport();
    if (transport instanceof TSaslServerTransport) {
      String impersonator = ((TSaslServerTransport) transport).getSaslServer()
          .getAuthorizationID();
      setImpersonator(impersonator);
    }
  } catch (Exception e) {
    // If there has exception when get impersonator info, log the error information.
    LOGGER.warn("There is an error when get the impersonator:" + e.getMessage());
  }
}
 
开发者ID:apache,项目名称:incubator-sentry,代码行数:14,代码来源:ThriftUtil.java


示例7: getUnderlyingSocketFromTransport

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
/**
 * Returns the underlying TSocket from the transport, or null of the transport type is unknown.
 */
private static TSocket getUnderlyingSocketFromTransport(TTransport transport) {
  Preconditions.checkNotNull(transport);
  if (transport instanceof TSaslServerTransport) {
    return (TSocket) ((TSaslServerTransport) transport).getUnderlyingTransport();
  } else if (transport instanceof TSaslClientTransport) {
    return (TSocket) ((TSaslClientTransport) transport).getUnderlyingTransport();
  } else if (transport instanceof TSocket) {
    return (TSocket) transport;
  }
  return null;
}
 
开发者ID:apache,项目名称:incubator-sentry,代码行数:15,代码来源:ThriftUtil.java


示例8: getServerTransportFactory

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
public TTransportFactory getServerTransportFactory() throws IOException {
    // create an authentication callback handler
    CallbackHandler server_callback_handler = new ServerCallbackHandler(login_conf, storm_conf);

    // login our principal
    Subject subject = null;
    try {
        // specify a configuration object to be used
        Configuration.setConfiguration(login_conf);
        // now login
        Login login = new Login(AuthUtils.LOGIN_CONTEXT_SERVER, server_callback_handler);
        subject = login.getSubject();
    } catch (LoginException ex) {
        LOG.error("Server failed to login in principal:" + ex, ex);
        throw new RuntimeException(ex);
    }

    // check the credential of our principal
    if (subject.getPrivateCredentials(KerberosTicket.class).isEmpty()) {
        throw new RuntimeException("Fail to verify user principal with section \"" + AuthUtils.LOGIN_CONTEXT_SERVER + "\" in login configuration file "
                + login_conf);
    }

    String principal = AuthUtils.get(login_conf, AuthUtils.LOGIN_CONTEXT_SERVER, "principal");
    LOG.debug("principal:" + principal);
    KerberosName serviceKerberosName = new KerberosName(principal);
    String serviceName = serviceKerberosName.getServiceName();
    String hostName = serviceKerberosName.getHostName();
    Map<String, String> props = new TreeMap<String, String>();
    props.put(Sasl.QOP, "auth");
    props.put(Sasl.SERVER_AUTH, "false");

    // create a transport factory that will invoke our auth callback for digest
    TSaslServerTransport.Factory factory = new TSaslServerTransport.Factory();
    factory.addServerDefinition(KERBEROS, serviceName, hostName, props, server_callback_handler);

    // create a wrap transport factory so that we could apply user credential during connections
    TUGIAssumingTransportFactory wrapFactory = new TUGIAssumingTransportFactory(factory, subject);

    LOG.info("SASL GSSAPI transport factory will be used");
    return wrapFactory;
}
 
开发者ID:kkllwww007,项目名称:jstrom,代码行数:43,代码来源:KerberosSaslTransportPlugin.java


示例9: main

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
public static void main(String[] args) throws Exception {
  Opts opts = new Opts();
  
  opts.parseArgs(Server.class, args);
  
  Configuration conf = new Configuration();
  FileSystem fs = FileSystem.get(conf);
  
  // Parse out the primary/[email protected] from the principal
  String principal = SecurityUtil.getServerPrincipal(opts.principal, InetAddress.getLocalHost().getCanonicalHostName());
  HadoopKerberosName name = new HadoopKerberosName(principal);
  String primary = name.getServiceName();
  String instance = name.getHostName();
  
  // Log in using the keytab
  UserGroupInformation.loginUserFromKeytab(principal, opts.keytab);
  
  // Get the info from our login
  UserGroupInformation serverUser = UserGroupInformation.getLoginUser();
  log.info("Current user: {}", serverUser);
  
  // Open the server using the provide dport
  TServerSocket serverTransport = new TServerSocket(opts.port);
  
  // Wrap our implementation with the interface's processor
  HdfsService.Processor<Iface> processor = new HdfsService.Processor<Iface>(new HdfsServiceImpl(fs));
  
  // Use authorization and confidentiality
  Map<String,String> saslProperties = new HashMap<String,String>();
  saslProperties.put(Sasl.QOP, "auth-conf");
  
  // Creating the server definition
  TSaslServerTransport.Factory saslTransportFactory = new TSaslServerTransport.Factory();
      saslTransportFactory.addServerDefinition("GSSAPI", // tell SASL to use GSSAPI, which supports Kerberos
      primary, // kerberos primary for server - "myprincipal" in myprincipal/[email protected]
      instance, // kerberos instance for server - "my.server.com" in myprincipal/[email protected]
      saslProperties, // Properties set, above
      new SaslRpcServer.SaslGssCallbackHandler()); // Ensures that authenticated user is the same as the authorized user
  
  // Make sure the TTransportFactory is performing a UGI.doAs
  TTransportFactory ugiTransportFactory = new TUGIAssumingTransportFactory(saslTransportFactory, serverUser);
  
  // Processor which takes the UGI for the RPC call, proxy that user on the server login, and then run as the proxied user
  TUGIAssumingProcessor ugiProcessor = new TUGIAssumingProcessor(processor);
  
  // Make a simple TTheadPoolServer with the processor and transport factory
  TServer server = new TThreadPoolServer(new TThreadPoolServer.Args(serverTransport).transportFactory(ugiTransportFactory).processor(ugiProcessor));
  
  // Start the thrift server
  server.serve();
}
 
开发者ID:joshelser,项目名称:krb-thrift,代码行数:52,代码来源:Server.java


示例10: process

import org.apache.thrift.transport.TSaslServerTransport; //导入依赖的package包/类
@Override
public boolean process(final TProtocol inProt, final TProtocol outProt) throws TException {
  TTransport trans = inProt.getTransport();
  if (!(trans instanceof TSaslServerTransport)) {
    throw new TException("Unexpected non-SASL transport " + trans.getClass());
  }
  TSaslServerTransport saslTrans = (TSaslServerTransport) trans;
  SaslServer saslServer = saslTrans.getSaslServer();
  String authId = saslServer.getAuthorizationID();
  String endUser = authId;

  UserGroupInformation clientUgi = null;
  try {
    clientUgi = UserGroupInformation.createProxyUser(endUser, UserGroupInformation.getLoginUser());
    final String remoteUser = clientUgi.getShortUserName();
    log.debug("Executing action as {}", remoteUser);
    return clientUgi.doAs(new PrivilegedExceptionAction<Boolean>() {
      @Override
      public Boolean run() {
        try {
          return wrapped.process(inProt, outProt);
        } catch (TException te) {
          throw new RuntimeException(te);
        }
      }
    });
  } catch (RuntimeException rte) {
    if (rte.getCause() instanceof TException) {
      log.error("Failed to invoke wrapped processor", rte.getCause());
      throw (TException) rte.getCause();
    }
    throw rte;
  } catch (InterruptedException | IOException e) {
    log.error("Failed to invoke wrapped processor", e);
    throw new RuntimeException(e);
  } finally {
    if (clientUgi != null) {
      try {
        FileSystem.closeAllForUGI(clientUgi);
      } catch (IOException exception) {
        log.error("Could not clean up file-system handles for UGI: {}", clientUgi, exception);
      }
    }
  }
}
 
开发者ID:joshelser,项目名称:krb-thrift,代码行数:46,代码来源:TUGIAssumingProcessor.java



注:本文中的org.apache.thrift.transport.TSaslServerTransport类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java IMediaReader类代码示例发布时间:2022-05-22
下一篇:
Java RedisNode类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap