Package org.apache.solr.security
Class KerberosPlugin
- java.lang.Object
-
- org.apache.solr.security.AuthenticationPlugin
-
- org.apache.solr.security.KerberosPlugin
-
- All Implemented Interfaces:
Closeable,AutoCloseable,HttpClientBuilderPlugin
public class KerberosPlugin extends AuthenticationPlugin implements HttpClientBuilderPlugin
-
-
Field Summary
Fields Modifier and Type Field Description static StringCOOKIE_DOMAIN_PARAMstatic StringCOOKIE_PATH_PARAMstatic StringCOOKIE_PORT_AWARE_PARAMstatic StringDELEGATION_TOKEN_ENABLEDstatic StringDELEGATION_TOKEN_KINDstatic StringDELEGATION_TOKEN_SECRET_MANAGER_ZNODE_WORKING_PATHstatic StringDELEGATION_TOKEN_SECRET_PROVIDERstatic StringDELEGATION_TOKEN_SECRET_PROVIDER_ZK_PATHstatic StringDELEGATION_TOKEN_TYPE_DEFAULTstatic StringDELEGATION_TOKEN_VALIDITYstatic StringIMPERSONATOR_DO_AS_HTTP_PARAMstatic StringIMPERSONATOR_PREFIXstatic StringIMPERSONATOR_USER_NAMEstatic StringKEYTAB_PARAMstatic StringNAME_RULES_PARAMstatic StringPRINCIPAL_PARAMstatic StringTOKEN_VALID_PARAM-
Fields inherited from class org.apache.solr.security.AuthenticationPlugin
AUTHENTICATION_PLUGIN_PROP
-
-
Constructor Summary
Constructors Constructor Description KerberosPlugin(CoreContainer coreContainer)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidclose()booleandoAuthenticate(javax.servlet.ServletRequest req, javax.servlet.ServletResponse rsp, javax.servlet.FilterChain chain)This method attempts to authenticate the request.SolrHttpClientBuildergetHttpClientBuilder(SolrHttpClientBuilder builder)protected javax.servlet.FilterConfiggetInitFilterConfig(Map<String,Object> pluginConfig, boolean skipKerberosChecking)protected javax.servlet.FiltergetKerberosFilter()voidinit(Map<String,Object> pluginConfig)This is called upon loading up of a plugin, used for setting it up.protected voidsetKerberosFilter(javax.servlet.Filter kerberosFilter)-
Methods inherited from class org.apache.solr.security.AuthenticationPlugin
closeRequest
-
-
-
-
Field Detail
-
NAME_RULES_PARAM
public static final String NAME_RULES_PARAM
- See Also:
- Constant Field Values
-
COOKIE_DOMAIN_PARAM
public static final String COOKIE_DOMAIN_PARAM
- See Also:
- Constant Field Values
-
COOKIE_PATH_PARAM
public static final String COOKIE_PATH_PARAM
- See Also:
- Constant Field Values
-
PRINCIPAL_PARAM
public static final String PRINCIPAL_PARAM
- See Also:
- Constant Field Values
-
KEYTAB_PARAM
public static final String KEYTAB_PARAM
- See Also:
- Constant Field Values
-
TOKEN_VALID_PARAM
public static final String TOKEN_VALID_PARAM
- See Also:
- Constant Field Values
-
COOKIE_PORT_AWARE_PARAM
public static final String COOKIE_PORT_AWARE_PARAM
- See Also:
- Constant Field Values
-
IMPERSONATOR_PREFIX
public static final String IMPERSONATOR_PREFIX
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_ENABLED
public static final String DELEGATION_TOKEN_ENABLED
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_KIND
public static final String DELEGATION_TOKEN_KIND
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_VALIDITY
public static final String DELEGATION_TOKEN_VALIDITY
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_SECRET_PROVIDER
public static final String DELEGATION_TOKEN_SECRET_PROVIDER
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_SECRET_PROVIDER_ZK_PATH
public static final String DELEGATION_TOKEN_SECRET_PROVIDER_ZK_PATH
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_SECRET_MANAGER_ZNODE_WORKING_PATH
public static final String DELEGATION_TOKEN_SECRET_MANAGER_ZNODE_WORKING_PATH
- See Also:
- Constant Field Values
-
DELEGATION_TOKEN_TYPE_DEFAULT
public static final String DELEGATION_TOKEN_TYPE_DEFAULT
- See Also:
- Constant Field Values
-
IMPERSONATOR_DO_AS_HTTP_PARAM
public static final String IMPERSONATOR_DO_AS_HTTP_PARAM
- See Also:
- Constant Field Values
-
IMPERSONATOR_USER_NAME
public static final String IMPERSONATOR_USER_NAME
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
KerberosPlugin
public KerberosPlugin(CoreContainer coreContainer)
-
-
Method Detail
-
init
public void init(Map<String,Object> pluginConfig)
Description copied from class:AuthenticationPluginThis is called upon loading up of a plugin, used for setting it up.- Specified by:
initin classAuthenticationPlugin- Parameters:
pluginConfig- Config parameters, possibly from a ZK source
-
getInitFilterConfig
protected javax.servlet.FilterConfig getInitFilterConfig(Map<String,Object> pluginConfig, boolean skipKerberosChecking)
-
doAuthenticate
public boolean doAuthenticate(javax.servlet.ServletRequest req, javax.servlet.ServletResponse rsp, javax.servlet.FilterChain chain) throws ExceptionDescription copied from class:AuthenticationPluginThis method attempts to authenticate the request. Upon a successful authentication, this must call the next filter in the filter chain and set the user principal of the request, or else, upon an error or an authentication failure, throw an exception.- Specified by:
doAuthenticatein classAuthenticationPlugin- Parameters:
req- the http requestrsp- the http responsechain- the servlet filter chain- Returns:
- false if the request not be processed by Solr (not continue), i.e. the response and status code have already been sent.
- Throws:
Exception- any exception thrown during the authentication, e.g. PrivilegedActionException
-
getHttpClientBuilder
public SolrHttpClientBuilder getHttpClientBuilder(SolrHttpClientBuilder builder)
- Specified by:
getHttpClientBuilderin interfaceHttpClientBuilderPlugin- Returns:
- Returns an instance of a SolrHttpClientBuilder to be used for configuring the HttpClients for use with SolrJ clients.
-
close
public void close()
- Specified by:
closein interfaceAutoCloseable- Specified by:
closein interfaceCloseable
-
getKerberosFilter
protected javax.servlet.Filter getKerberosFilter()
-
setKerberosFilter
protected void setKerberosFilter(javax.servlet.Filter kerberosFilter)
-
-