Class ImpersonationAuthorizer
- java.lang.Object
- 
- org.apache.storm.security.auth.authorizer.ImpersonationAuthorizer
 
- 
- All Implemented Interfaces:
- IAuthorizer
 
 public class ImpersonationAuthorizer extends Object implements IAuthorizer 
- 
- 
Nested Class SummaryNested Classes Modifier and Type Class Description protected static classImpersonationAuthorizer.ImpersonationACL
 - 
Field SummaryFields Modifier and Type Field Description protected IGroupMappingServiceProvidergroupMappingProviderprotected IPrincipalToLocalptolprotected Map<String,ImpersonationAuthorizer.ImpersonationACL>userImpersonationACLprotected static StringWILD_CARD
 - 
Constructor SummaryConstructors Constructor Description ImpersonationAuthorizer()
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanpermit(ReqContext context, String operation, Map<String,Object> topoConf)permit() method is invoked for each incoming Thrift request.voidprepare(Map<String,Object> conf)Invoked once immediately after construction.
 
- 
- 
- 
Field Detail- 
WILD_CARDprotected static final String WILD_CARD - See Also:
- Constant Field Values
 
 - 
userImpersonationACLprotected Map<String,ImpersonationAuthorizer.ImpersonationACL> userImpersonationACL 
 - 
ptolprotected IPrincipalToLocal ptol 
 - 
groupMappingProviderprotected IGroupMappingServiceProvider groupMappingProvider 
 
- 
 - 
Method Detail- 
preparepublic void prepare(Map<String,Object> conf) Description copied from interface:IAuthorizerInvoked once immediately after construction.- Specified by:
- preparein interface- IAuthorizer
- Parameters:
- conf- Storm cluster configuration
 
 - 
permitpublic boolean permit(ReqContext context, String operation, Map<String,Object> topoConf) Description copied from interface:IAuthorizerpermit() method is invoked for each incoming Thrift request.- Specified by:
- permitin interface- IAuthorizer
- Parameters:
- context- request context includes info about
- operation- operation name
- topoConf- configuration of targeted topology
- Returns:
- true if the request is authorized, false if reject
 
 
- 
 
-