Package org.apache.storm.security.auth

Class AutoSSL

java.lang.Object

org.apache.storm.security.auth.AutoSSL

All Implemented Interfaces:

IAutoCredentials

public class AutoSSL
extends Object
implements IAutoCredentials

This plugin is intended to be used for user topologies to send SSL keystore/truststore files to the remote workers. On the client side, this takes the files specified in ssl.credential.files, reads the file contents, base64's it, converts it to a String, and adds it to the credentials map. The key in the credentials map is the name of the file. On the worker side it uses the filenames from the ssl.credential.files config to lookup the keys in the credentials map and decodes it and writes it back out as a file.

User is responsible for referencing them from the topology code as filename.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	SSL_FILES_CONF

Constructor Summary

Constructors

Constructor	Description
AutoSSL()

Method Summary

Modifier and Type	Method	Description
static void	deserializeSSLFile(String credsKey, String directory, Map<String,String> credentials)
protected String	getSSLWriteDirFromConf(Map<String,Object> conf)
void	populateCredentials(Map<String,String> credentials)	Called to populate the credentials on the client side.
void	populateSubject(Subject subject, Map<String,String> credentials)	Called to initially populate the subject on the worker side with credentials passed in.
void	prepare(Map<String,Object> conf)
static void	serializeSSLFile(String readFile, Map<String,String> credentials)
void	updateSubject(Subject subject, Map<String,String> credentials)	Called to update the subject on the worker side when new credentials are recieved.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

SSL_FILES_CONF

public static final String SSL_FILES_CONF

See Also:

• Constant Field Values

Constructor Details

AutoSSL

public AutoSSL()

Method Details

serializeSSLFile

public static void serializeSSLFile(String readFile,
 Map<String,String> credentials)

deserializeSSLFile

public static void deserializeSSLFile(String credsKey,
 String directory,
 Map<String,String> credentials)

prepare

public void prepare(Map<String,Object> conf)

Specified by:

prepare in interface IAutoCredentials

getSSLWriteDirFromConf

protected String getSSLWriteDirFromConf(Map<String,Object> conf)

populateCredentials

public void populateCredentials(Map<String,String> credentials)

Description copied from interface: IAutoCredentials

Called to populate the credentials on the client side.

Specified by:

populateCredentials in interface IAutoCredentials

Parameters:

credentials - the credentials to be populated.

updateSubject

public void updateSubject(Subject subject,
 Map<String,String> credentials)

Description copied from interface: IAutoCredentials

Called to update the subject on the worker side when new credentials are recieved. This means that populateSubject has already been called on this subject.

Specified by:

updateSubject in interface IAutoCredentials

Parameters:

subject - the subject to optionally put credentials in.

credentials - the credentials to be used.

populateSubject

public void populateSubject(Subject subject,
 Map<String,String> credentials)

Description copied from interface: IAutoCredentials

Called to initially populate the subject on the worker side with credentials passed in.

Specified by:

populateSubject in interface IAutoCredentials

Parameters:

subject - the subject to optionally put credentials in.

credentials - the credentials to be used.