public class SimpleACLAuthorizer extends Object implements IAuthorizer
An authorization implementation that simply checks if a user is allowed to perform specific operations.
Modifier and Type | Field and Description |
---|---|
protected Set<String> |
admins |
protected Set<String> |
adminsGroups |
protected IGroupMappingServiceProvider |
groupMappingServiceProvider |
protected Set<String> |
nimbusGroups |
protected Set<String> |
nimbusUsers |
protected IPrincipalToLocal |
ptol |
protected Set<String> |
supervisorCommands |
protected Set<String> |
supervisors |
protected Set<String> |
topoCommands |
protected Set<String> |
topoReadOnlyCommands |
protected Set<String> |
userCommands |
Constructor and Description |
---|
SimpleACLAuthorizer() |
Modifier and Type | Method and Description |
---|---|
boolean |
permit(ReqContext context,
String operation,
Map<String,Object> topoConf)
permit() method is invoked for each incoming Thrift request.
|
void |
prepare(Map<String,Object> conf)
Invoked once immediately after construction.
|
protected IPrincipalToLocal ptol
protected IGroupMappingServiceProvider groupMappingServiceProvider
public void prepare(Map<String,Object> conf)
Invoked once immediately after construction.
prepare
in interface IAuthorizer
conf
- Storm configurationpublic boolean permit(ReqContext context, String operation, Map<String,Object> topoConf)
permit() method is invoked for each incoming Thrift request.
permit
in interface IAuthorizer
context
- request context includes info aboutoperation
- operation nametopoConf
- configuration of targeted topologyCopyright © 2022 The Apache Software Foundation. All rights reserved.