Class SimpleACLAuthorizer
- java.lang.Object
-
- org.apache.storm.security.auth.authorizer.SimpleACLAuthorizer
-
- All Implemented Interfaces:
IAuthorizer
public class SimpleACLAuthorizer extends Object implements IAuthorizer
An authorization implementation that simply checks if a user is allowed to perform specific operations.
-
-
Field Summary
Fields Modifier and Type Field Description protected Set<String>adminsprotected Set<String>adminsGroupsprotected IGroupMappingServiceProvidergroupMappingServiceProviderprotected Set<String>nimbusGroupsprotected Set<String>nimbusUsersprotected IPrincipalToLocalptolprotected Set<String>supervisorCommandsprotected Set<String>supervisorsprotected Set<String>topoCommandsprotected Set<String>topoReadOnlyCommandsprotected Set<String>userCommands
-
Constructor Summary
Constructors Constructor Description SimpleACLAuthorizer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanpermit(ReqContext context, String operation, Map<String,Object> topoConf)permit() method is invoked for each incoming Thrift request.voidprepare(Map<String,Object> conf)Invoked once immediately after construction.
-
-
-
Field Detail
-
ptol
protected IPrincipalToLocal ptol
-
groupMappingServiceProvider
protected IGroupMappingServiceProvider groupMappingServiceProvider
-
-
Method Detail
-
prepare
public void prepare(Map<String,Object> conf)
Invoked once immediately after construction.- Specified by:
preparein interfaceIAuthorizer- Parameters:
conf- Storm configuration
-
permit
public boolean permit(ReqContext context, String operation, Map<String,Object> topoConf)
permit() method is invoked for each incoming Thrift request.- Specified by:
permitin interfaceIAuthorizer- Parameters:
context- request context includes info aboutoperation- operation nametopoConf- configuration of targeted topology- Returns:
- true if the request is authorized, false if reject
-
-