org.apache.hadoop.hbase.ipc
Class SecureServer

java.lang.Object
  extended by org.apache.hadoop.hbase.ipc.HBaseServer
      extended by org.apache.hadoop.hbase.ipc.SecureServer
All Implemented Interfaces:
RpcServer
Direct Known Subclasses:
SecureRpcEngine.Server

public abstract class SecureServer
extends HBaseServer

An abstract IPC service, supporting SASL authentication of connections, using GSSAPI for Kerberos authentication or DIGEST-MD5 for authentication via signed tokens.

This is part of the SecureRpcEngine implementation.

See Also:
SecureClient

Nested Class Summary
protected  class SecureServer.SecureCall
           
 class SecureServer.SecureConnection
          Reads calls from a connection and queues them for handling.
 
Nested classes/interfaces inherited from class org.apache.hadoop.hbase.ipc.HBaseServer
HBaseServer.Call, HBaseServer.Connection, HBaseServer.Responder
 
Field Summary
protected  org.apache.hadoop.security.authorize.ServiceAuthorizationManager authManager
           
static byte CURRENT_VERSION
           
static ByteBuffer HEADER
          The first four bytes of secure RPC connections
static Set<Integer> INSECURE_VERSIONS
           
static org.apache.commons.logging.Log LOG
           
protected  org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.security.token.TokenIdentifier> secretManager
           
 
Fields inherited from class org.apache.hadoop.hbase.ipc.HBaseServer
bindAddress, callQueue, callQueueSize, conf, connectionList, CurCall, errorHandler, highPriorityLevel, maxIdleTime, maxQueueSize, numConnections, paramClass, port, priorityCallQueue, purgeTimeout, replicationQueue, responder, rpcMetrics, running, SERVER, socketSendBufferSize, tcpKeepAlive, tcpNoDelay, thresholdIdleConnections, TRACELOG
 
Constructor Summary
protected SecureServer(String bindAddress, int port, Class<? extends org.apache.hadoop.io.Writable> paramClass, int handlerCount, int priorityHandlerCount, org.apache.hadoop.conf.Configuration conf, String serverName, int highPriorityLevel)
          Constructs a server listening on the named port and address.
 
Method Summary
 void authorize(User user, org.apache.hadoop.hbase.ipc.ConnectionHeader connection, InetAddress addr)
          Authorize the incoming client connection.
protected  HBaseServer.Connection getConnection(SocketChannel channel, long time)
          Subclasses of HBaseServer can override this to provide their own Connection implementations.
 org.apache.hadoop.security.token.SecretManager<? extends org.apache.hadoop.security.token.TokenIdentifier> getSecretManager()
           
 void setSecretManager(org.apache.hadoop.security.token.SecretManager<? extends org.apache.hadoop.security.token.TokenIdentifier> secretManager)
           
 void stop()
          Stops the service.
 
Methods inherited from class org.apache.hadoop.hbase.ipc.HBaseServer
bind, channelRead, channelWrite, closeConnection, get, getCurrentCall, getListenerAddress, getQosLevel, getRemoteAddress, getRemoteIp, getResponseQueueSize, getRpcMetrics, join, openServer, setErrorHandler, setQosFunction, setSocketSendBufSize, setupResponse, start, startThreads, updateCallQueueLenMetrics
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.hadoop.hbase.ipc.RpcServer
call
 

Field Detail

HEADER

public static final ByteBuffer HEADER
The first four bytes of secure RPC connections


CURRENT_VERSION

public static final byte CURRENT_VERSION
See Also:
Constant Field Values

INSECURE_VERSIONS

public static final Set<Integer> INSECURE_VERSIONS

LOG

public static final org.apache.commons.logging.Log LOG

secretManager

protected org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.security.token.TokenIdentifier> secretManager

authManager

protected org.apache.hadoop.security.authorize.ServiceAuthorizationManager authManager
Constructor Detail

SecureServer

protected SecureServer(String bindAddress,
                       int port,
                       Class<? extends org.apache.hadoop.io.Writable> paramClass,
                       int handlerCount,
                       int priorityHandlerCount,
                       org.apache.hadoop.conf.Configuration conf,
                       String serverName,
                       int highPriorityLevel)
                throws IOException
Constructs a server listening on the named port and address. Parameters passed must be of the named class. The handlerCount determines the number of handler threads that will be used to process calls.

Throws:
IOException
Method Detail

getConnection

protected HBaseServer.Connection getConnection(SocketChannel channel,
                                               long time)
Description copied from class: HBaseServer
Subclasses of HBaseServer can override this to provide their own Connection implementations.

Overrides:
getConnection in class HBaseServer

stop

public void stop()
Stops the service. No new calls will be handled after this is called.

Specified by:
stop in interface RpcServer
Overrides:
stop in class HBaseServer

getSecretManager

public org.apache.hadoop.security.token.SecretManager<? extends org.apache.hadoop.security.token.TokenIdentifier> getSecretManager()

setSecretManager

public void setSecretManager(org.apache.hadoop.security.token.SecretManager<? extends org.apache.hadoop.security.token.TokenIdentifier> secretManager)

authorize

public void authorize(User user,
                      org.apache.hadoop.hbase.ipc.ConnectionHeader connection,
                      InetAddress addr)
               throws org.apache.hadoop.security.authorize.AuthorizationException
Authorize the incoming client connection.

Parameters:
user - client user
connection - incoming connection
addr - InetAddress of incoming connection
Throws:
org.apache.hadoop.security.authorize.AuthorizationException - when the client isn't authorized to talk the protocol


Copyright © 2015 The Apache Software Foundation. All Rights Reserved.