doc/html/auth-provider_8h_source.html

 // Copyright 2012 Cloudera Inc.

 //

 // Licensed under the Apache License, Version 2.0 (the "License");

 // you may not use this file except in compliance with the License.

 // You may obtain a copy of the License at

 //

 // http://www.apache.org/licenses/LICENSE-2.0

 //

 // Unless required by applicable law or agreed to in writing, software

 // distributed under the License is distributed on an "AS IS" BASIS,

 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 // See the License for the specific language governing permissions and

 // limitations under the License.


 #ifndef IMPALA_RPC_AUTH_PROVIDER_H

 #define IMPALA_RPC_AUTH_PROVIDER_H


 #include <string>

 #include <boost/scoped_ptr.hpp>

 #include <boost/thread/mutex.hpp>

 #include <sasl/sasl.h>


 #include "common/status.h"

 #include "util/promise.h"


 namespace sasl { class TSasl; }


 namespace impala {


 class Thread;


 class AuthProvider {

  public:

   virtual Status Start() = 0;


   virtual Status GetServerTransportFactory(

       boost::shared_ptr<apache::thrift::transport::TTransportFactory>* factory) = 0;


   virtual Status WrapClientTransport(const std::string& hostname,

       boost::shared_ptr<apache::thrift::transport::TTransport> raw_transport,

       const std::string& service_name,

       boost::shared_ptr<apache::thrift::transport::TTransport>* wrapped_transport) = 0;


   virtual bool is_sasl() = 0;

 };


 class SaslAuthProvider : public AuthProvider {

  public:

   SaslAuthProvider(bool is_internal) : has_ldap_(false), is_internal_(is_internal),

       needs_kinit_(false) {}


   virtual Status Start();


   virtual Status WrapClientTransport(const std::string& hostname,

       boost::shared_ptr<apache::thrift::transport::TTransport> raw_transport,

       const std::string& service_name,

       boost::shared_ptr<apache::thrift::transport::TTransport>* wrapped_transport);


   virtual Status GetServerTransportFactory(

       boost::shared_ptr<apache::thrift::transport::TTransportFactory>* factory);


   virtual bool is_sasl() { return true; }


   Status InitKerberos(const std::string& principal, const std::string& keytab_path);


   void InitLdap() { has_ldap_ = true; }


   const std::string& principal() const { return principal_; }

   const std::string& service_name() const { return service_name_; }

   const std::string& hostname() const { return hostname_; }

   const std::string& realm() const { return realm_; }

   bool has_ldap() { return has_ldap_; }


  private:

   bool has_ldap_;


   std::string hostname_;


   bool is_internal_;


   std::string principal_;


   std::string keytab_file_;


   std::string service_name_;


   std::string realm_;


   bool needs_kinit_;


   boost::scoped_ptr<Thread> kinit_thread_;


   void RunKinit(Promise<Status>* first_kinit);


   static bool env_setup_complete_;


   Status InitKerberosEnv();

 };


 class NoAuthProvider : public AuthProvider {

  public:

   NoAuthProvider() { }


   virtual Status Start() { return Status::OK; }


   virtual Status GetServerTransportFactory(

       boost::shared_ptr<apache::thrift::transport::TTransportFactory>* factory);


   virtual Status WrapClientTransport(const std::string& hostname,

       boost::shared_ptr<apache::thrift::transport::TTransport> raw_transport,

       const std::string& service_name,

       boost::shared_ptr<apache::thrift::transport::TTransport>* wrapped_transport);


   virtual bool is_sasl() { return false; }

 };


 Status InitAuth(const std::string& appname);


 }


 #endif

impala::SaslAuthProvider::InitKerberosEnv
Status InitKerberosEnv()
One-time kerberos-specific environment variable setup. Called by InitKerberos().
Definition: authentication.cc:699

impala::SaslAuthProvider::needs_kinit_
bool needs_kinit_
Definition: auth-provider.h:135

impala::SaslAuthProvider::GetServerTransportFactory
virtual Status GetServerTransportFactory(boost::shared_ptr< apache::thrift::transport::TTransportFactory > *factory)
Definition: authentication.cc:813

impala::SaslAuthProvider::Start
virtual Status Start()
Definition: authentication.cc:769

impala::SaslAuthProvider::is_internal_
bool is_internal_
True if internal, false if external.
Definition: auth-provider.h:113

impala::SaslAuthProvider::has_ldap
bool has_ldap()
Definition: auth-provider.h:102

impala::AuthProvider::WrapClientTransport
virtual Status WrapClientTransport(const std::string &hostname, boost::shared_ptr< apache::thrift::transport::TTransport > raw_transport, const std::string &service_name, boost::shared_ptr< apache::thrift::transport::TTransport > *wrapped_transport)=0

impala::SaslAuthProvider::hostname_
std::string hostname_
Definition: auth-provider.h:110

impala::SaslAuthProvider::principal
const std::string & principal() const
Used for testing.
Definition: auth-provider.h:98

impala::Promise
Definition: promise.h:32

impala::AuthProvider::GetServerTransportFactory
virtual Status GetServerTransportFactory(boost::shared_ptr< apache::thrift::transport::TTransportFactory > *factory)=0

impala::SaslAuthProvider::has_ldap_
bool has_ldap_
Do we (the server side only) support ldap for this connnection?
Definition: auth-provider.h:106

impala::SaslAuthProvider::hostname
const std::string & hostname() const
Definition: auth-provider.h:100

impala::SaslAuthProvider::InitKerberos
Status InitKerberos(const std::string &principal, const std::string &keytab_path)
Definition: authentication.cc:628

impala::SaslAuthProvider::InitLdap
void InitLdap()
Definition: auth-provider.h:95

impala::SaslAuthProvider::principal_
std::string principal_
All the rest of these private items are Kerberos-specific.
Definition: auth-provider.h:119

impala::SaslAuthProvider
Definition: auth-provider.h:61

impala::SaslAuthProvider::env_setup_complete_
static bool env_setup_complete_
We use this to ensure that we only set up environment variables one time.
Definition: auth-provider.h:149

impala::SaslAuthProvider::is_sasl
virtual bool is_sasl()
Returns true if this provider uses Sasl at the transport layer.
Definition: auth-provider.h:86

impala::SaslAuthProvider::service_name_
std::string service_name_
Definition: auth-provider.h:127

impala::NoAuthProvider::is_sasl
virtual bool is_sasl()
Returns true if this provider uses Sasl at the transport layer.
Definition: auth-provider.h:171

impala::SaslAuthProvider::keytab_file_
std::string keytab_file_
The full path to the keytab where the above principal can be found.
Definition: auth-provider.h:122

impala::SaslAuthProvider::RunKinit
void RunKinit(Promise< Status > *first_kinit)
Definition: authentication.cc:440

impala::Status
Definition: status.h:81

impala::SaslAuthProvider::SaslAuthProvider
SaslAuthProvider(bool is_internal)
Definition: auth-provider.h:63

impala::NoAuthProvider
Definition: auth-provider.h:157

impala::NoAuthProvider::Start
virtual Status Start()
Initialises any state required to perform authentication using this provider.
Definition: auth-provider.h:161

Thread

promise.h

impala::AuthProvider::Start
virtual Status Start()=0
Initialises any state required to perform authentication using this provider.

impala::SaslAuthProvider::kinit_thread_
boost::scoped_ptr< Thread > kinit_thread_
Runs "RunKinit" below if needs_kinit_ is true.
Definition: auth-provider.h:138

impala::NoAuthProvider::WrapClientTransport
virtual Status WrapClientTransport(const std::string &hostname, boost::shared_ptr< apache::thrift::transport::TTransport > raw_transport, const std::string &service_name, boost::shared_ptr< apache::thrift::transport::TTransport > *wrapped_transport)
Definition: authentication.cc:888

impala::SaslAuthProvider::service_name
const std::string & service_name() const
Definition: auth-provider.h:99

status.h

impala::SaslAuthProvider::realm
const std::string & realm() const
Definition: auth-provider.h:101

impala::Status::OK
static const Status OK
Definition: status.h:87

impala::NoAuthProvider::NoAuthProvider
NoAuthProvider()
Definition: auth-provider.h:159

impala::SaslAuthProvider::realm_
std::string realm_
Principal's realm, again derived from principal.
Definition: auth-provider.h:130

sasl::TSasl
Definition: TSasl.h:55

impala::AuthProvider
Definition: auth-provider.h:36

impala::SaslAuthProvider::WrapClientTransport
virtual Status WrapClientTransport(const std::string &hostname, boost::shared_ptr< apache::thrift::transport::TTransport > raw_transport, const std::string &service_name, boost::shared_ptr< apache::thrift::transport::TTransport > *wrapped_transport)
Definition: authentication.cc:851

impala::NoAuthProvider::GetServerTransportFactory
virtual Status GetServerTransportFactory(boost::shared_ptr< apache::thrift::transport::TTransportFactory > *factory)
Definition: authentication.cc:882

impala::AuthProvider::is_sasl
virtual bool is_sasl()=0
Returns true if this provider uses Sasl at the transport layer.

impala::InitAuth
Status InitAuth(const std::string &appname)