Package org.apache.hadoop.security

Class SaslRpcClient

java.lang.Object

org.apache.hadoop.security.SaslRpcClient

@LimitedPrivate({"HDFS","MapReduce"})
@Evolving
public class SaslRpcClient
extends Object

A utility class that encapsulates SASL logic for RPC client

Field Summary

Fields

Modifier and Type	Field	Description
static final org.slf4j.Logger	LOG

Constructor Summary

Constructors

Constructor	Description
SaslRpcClient(UserGroupInformation ugi, Class<?> protocol, InetSocketAddress serverAddr, Configuration conf)	Create a SaslRpcClient that can be used by a RPC client to negotiate SASL authentication with a RPC server

Method Summary

Modifier and Type	Method	Description
void	dispose()	Release resources used by wrapped saslClient.
SaslRpcServer.AuthMethod	getAuthMethod()
InputStream	getInputStream(InputStream in)	Get SASL wrapped InputStream if SASL QoP requires unwrapping, otherwise return original stream.
Object	getNegotiatedProperty(String key)
OutputStream	getOutputStream(OutputStream out)	Get SASL wrapped OutputStream if SASL QoP requires wrapping, otherwise return original stream.
SaslRpcServer.AuthMethod	saslConnect(Client.IpcStreams ipcStreams)	Do client side SASL authentication with server via the given IpcStreams.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

public static final org.slf4j.Logger LOG

Constructor Details

SaslRpcClient

public SaslRpcClient(UserGroupInformation ugi,
 Class<?> protocol,
 InetSocketAddress serverAddr,
 Configuration conf)

Create a SaslRpcClient that can be used by a RPC client to negotiate SASL authentication with a RPC server

Parameters:

ugi - - connecting user

protocol - - RPC protocol

serverAddr - - InetSocketAddress of remote server

conf - - Configuration

Method Details

getNegotiatedProperty

@VisibleForTesting
@Private
public Object getNegotiatedProperty(String key)

getAuthMethod

@Private
public SaslRpcServer.AuthMethod getAuthMethod()

saslConnect

public SaslRpcServer.AuthMethod saslConnect(Client.IpcStreams ipcStreams)
                                     throws IOException

Do client side SASL authentication with server via the given IpcStreams.

Parameters:

ipcStreams - ipcStreams.

Returns:

AuthMethod used to negotiate the connection

Throws:

IOException - raised on errors performing I/O.

getInputStream

public InputStream getInputStream(InputStream in)
                           throws IOException

Get SASL wrapped InputStream if SASL QoP requires unwrapping, otherwise return original stream. Can be called only after saslConnect() has been called.

Parameters:

in - - InputStream used to make the connection

Returns:

InputStream that may be using SASL unwrap

Throws:

IOException - raised on errors performing I/O.

getOutputStream

public OutputStream getOutputStream(OutputStream out)
                             throws IOException

Get SASL wrapped OutputStream if SASL QoP requires wrapping, otherwise return original stream. Can be called only after saslConnect() has been called.

Parameters:

out - - OutputStream used to make the connection

Returns:

OutputStream that may be using wrapping

Throws:

IOException - raised on errors performing I/O.

dispose

public void dispose()
             throws SaslException

Release resources used by wrapped saslClient.

Throws:

SaslException - if authentication or generating response fails, or SASL protocol mixup