protected boolean permitClientOrInvocationRequest(ReqContext context, Map<String, Object> params, String fieldName) { Map<String, AclFunctionEntry> acl = readAclFromConfig(); String function = (String) params.get(FUNCTION_KEY); if (function != null && !function.isEmpty()) { return false; String principal = getUserFromContext(context); String user = getLocalUserFromContext(context); if (value == null) { LOG.warn("Configuration for function '" + function + "' is " +
@Override protected boolean permitClientRequest(ReqContext context, String operation, Map<String, Object> params) { return permitClientOrInvocationRequest(context, params, "clientUsers"); }
auth.prepare(conf);
@BeforeClass public static void setup() { strictHandler = new DRPCSimpleACLAuthorizer(); strictHandler.prepare(ImmutableMap .of(Config.DRPC_AUTHORIZER_ACL_STRICT, true, Config.DRPC_AUTHORIZER_ACL_FILENAME, aclFile, Config.STORM_PRINCIPAL_TO_LOCAL_PLUGIN, KerberosPrincipalToLocal.class.getName())); permissiveHandler = new DRPCSimpleACLAuthorizer(); permissiveHandler.prepare(ImmutableMap .of(Config.DRPC_AUTHORIZER_ACL_STRICT, false, Config.DRPC_AUTHORIZER_ACL_FILENAME, aclFile, Config.STORM_PRINCIPAL_TO_LOCAL_PLUGIN, KerberosPrincipalToLocal.class.getName())); }
auth.prepare(conf);
protected boolean permitClientOrInvocationRequest(ReqContext context, Map params, String fieldName) { Map<String,AclFunctionEntry> acl = readAclFromConfig(); String function = (String) params.get(FUNCTION_KEY); if (function != null && ! function.isEmpty()) { return false; String principal = getUserFromContext(context); String user = getLocalUserFromContext(context); if (value == null) { LOG.warn("Configuration for function '"+function+"' is "+
@Override protected boolean permitInvocationRequest(ReqContext context, String operation, Map<String, Object> params) { return permitClientOrInvocationRequest(context, params, "invocationUser"); }
@Override protected boolean permitClientRequest(ReqContext context, String operation, Map params) { return permitClientOrInvocationRequest(context, params, "clientUsers"); }
@Override protected boolean permitInvocationRequest(ReqContext context, String operation, Map params) { return permitClientOrInvocationRequest(context, params, "invocationUser"); } }