All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.datastax.driver.auth.DseAuthProvider Maven / Gradle / Ivy

There is a newer version: 3.0.0-rc1
Show newest version
/*
 *      Copyright (C) 2012-2015 DataStax Inc.
 *
 *   Licensed under the Apache License, Version 2.0 (the "License");
 *   you may not use this file except in compliance with the License.
 *   You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *   Unless required by applicable law or agreed to in writing, software
 *   distributed under the License is distributed on an "AS IS" BASIS,
 *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *   See the License for the specific language governing permissions and
 *   limitations under the License.
 */
package com.datastax.driver.auth;

import com.datastax.driver.core.AuthProvider;
import com.datastax.driver.core.Authenticator;
import com.datastax.driver.core.exceptions.AuthenticationException;

import java.net.InetSocketAddress;

/**
 * AuthProvider which supplies authenticator instances for clients to connect t 
 * DSE clusters secured with Kerberos 
 *
 * The SASL protocol name defaults to "dse"; should you need to change that
 * it can be overridden using the dse.sasl.protocol system property.
 * 

* Keytab and ticket cache settings are specified using a standard JAAS * configuration file. The location of the file can be set using the * java.security.auth.login.config system property or by adding a * login.config.url.n entry in the java.security properties * file. *

* * See the following documents for further details on the * JAAS Login Configuration File and the * JAAS Authentication Tutorial * for more on JAAS in general. * *

Authentication using ticket cache

* Run kinit to obtain a ticket and populate the cache before * connecting. JAAS config: *
 * DseClient {
 *   com.sun.security.auth.module.Krb5LoginModule required
 *     useTicketCache=true
 *     renewTGT=true;
 * };
 * 
* * *

Authentication using a keytab file

* To enable authentication using a keytab file, specify its location on disk. * If your keytab contains more than one principal key, you should also specify * which one to select. * *
 * DseClient {
 *     com.sun.security.auth.module.Krb5LoginModule required
 *       useKeyTab=true
 *       keyTab="/path/to/file.keytab"
 *       principal="[email protected]";
 * };
 * 
* * To connect to clusters using internal authentication, use the standard method for * setting credentials. eg: * *
 * Cluster cluster = Cluster.builder()
 *                          .addContactPoint(hostname)
 *                          .withCredentials("username", "password")
 *                          .build();
 * 
* */ public class DseAuthProvider implements AuthProvider { @Override public Authenticator newAuthenticator(InetSocketAddress host) throws AuthenticationException { return new KerberosAuthenticator(host); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy