Class SecurityUtils


  • public final class SecurityUtils
    extends java.lang.Object
    • Constructor Summary

      Constructors 
      Constructor Description
      SecurityUtils()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static javax.security.sasl.SaslClient createSaslClient​(javax.security.auth.Subject subject, java.lang.String servicePrincipal, java.lang.String protocol, java.lang.String serverName, org.slf4j.Logger LOG, java.lang.String entity)
      Create an instance of a SaslClient.
      static javax.security.sasl.SaslServer createSaslServer​(javax.security.auth.Subject subject, java.lang.String protocol, java.lang.String serverName, javax.security.auth.callback.CallbackHandler callbackHandler, org.slf4j.Logger LOG)
      Create an instance of a SaslServer.
      static java.lang.String getServerPrincipal​(java.lang.String principalConfig, java.lang.String hostname)
      Convert Kerberos principal name pattern to valid Kerberos principal name.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • QUORUM_HOSTNAME_PATTERN

        public static final java.lang.String QUORUM_HOSTNAME_PATTERN
        See Also:
        Constant Field Values
    • Constructor Detail

      • SecurityUtils

        public SecurityUtils()
    • Method Detail

      • createSaslClient

        public static javax.security.sasl.SaslClient createSaslClient​(javax.security.auth.Subject subject,
                                                                      java.lang.String servicePrincipal,
                                                                      java.lang.String protocol,
                                                                      java.lang.String serverName,
                                                                      org.slf4j.Logger LOG,
                                                                      java.lang.String entity)
                                                               throws javax.security.sasl.SaslException
        Create an instance of a SaslClient. It will return null if there is an exception.
        Parameters:
        subject - subject
        servicePrincipal - principal
        protocol - name of the protocol for which the authentication is being performed
        serverName - name of the server to authenticate to
        LOG - logger
        entity - can be either zookeeper client or quorum learner
        Returns:
        saslclient object
        Throws:
        javax.security.sasl.SaslException
      • createSaslServer

        public static javax.security.sasl.SaslServer createSaslServer​(javax.security.auth.Subject subject,
                                                                      java.lang.String protocol,
                                                                      java.lang.String serverName,
                                                                      javax.security.auth.callback.CallbackHandler callbackHandler,
                                                                      org.slf4j.Logger LOG)
        Create an instance of a SaslServer. It will return null if there is an exception.
        Parameters:
        subject - subject
        protocol - protocol
        serverName - server name
        callbackHandler - login callback handler
        LOG - logger
        Returns:
        sasl server object
      • getServerPrincipal

        public static java.lang.String getServerPrincipal​(java.lang.String principalConfig,
                                                          java.lang.String hostname)
        Convert Kerberos principal name pattern to valid Kerberos principal name. If the principal name contains hostname pattern "_HOST" then it replaces with the given hostname, which should be fully-qualified domain name.
        Parameters:
        principalConfig - the Kerberos principal name conf value to convert
        hostname - the fully-qualified domain name used for substitution
        Returns:
        converted Kerberos principal name