Class Krb5Authenticator
- java.lang.Object
-
- org.apache.tinkerpop.gremlin.server.auth.Krb5Authenticator
-
- All Implemented Interfaces:
Authenticator
public class Krb5Authenticator extends Object implements Authenticator
A Kerberos (GSSAPI) implementation of anAuthenticator
This authenticator authenticates and autorizes all clients with a valid service ticket.- Author:
- Marc de Lignie
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.tinkerpop.gremlin.server.auth.Authenticator
Authenticator.SaslNegotiator
-
-
Constructor Summary
Constructors Constructor Description Krb5Authenticator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthenticatedUser
authenticate(Map<String,String> credentials)
A "standard" authentication implementation that can be used more generically without SASL support.Authenticator.SaslNegotiator
newSaslNegotiator(InetAddress remoteAddress)
Provide a SASL handler to perform authentication for an single connection.boolean
requireAuthentication()
Whether or not the authenticator requires explicit login.void
setup(Map<String,Object> config)
Called once on server startup with the authentication.config from the *.yaml file
-
-
-
Method Detail
-
requireAuthentication
public boolean requireAuthentication()
Description copied from interface:Authenticator
Whether or not the authenticator requires explicit login. If false will instantiate user with AuthenticatedUser.ANONYMOUS_USER.- Specified by:
requireAuthentication
in interfaceAuthenticator
-
setup
public void setup(Map<String,Object> config)
Called once on server startup with the authentication.config from the *.yaml file- Specified by:
setup
in interfaceAuthenticator
-
newSaslNegotiator
public Authenticator.SaslNegotiator newSaslNegotiator(InetAddress remoteAddress)
Description copied from interface:Authenticator
Provide a SASL handler to perform authentication for an single connection. SASL is a stateful protocol, so a new instance must be used for each authentication attempt.- Specified by:
newSaslNegotiator
in interfaceAuthenticator
- Parameters:
remoteAddress
- the IP address of the client to authenticate to authenticate or null if an internal client (one not connected over the remote transport).
-
authenticate
public AuthenticatedUser authenticate(Map<String,String> credentials) throws AuthenticationException
Description copied from interface:Authenticator
A "standard" authentication implementation that can be used more generically without SASL support. This implementation is used when a particularChannelizer
doesn't support SASL directly (like basic HTTP authentication).- Specified by:
authenticate
in interfaceAuthenticator
- Throws:
AuthenticationException
-
-