IAuthenticator (apache-cassandra API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.cassandra.auth
Interface IAuthenticator

All Known Implementing Classes:: AllowAllAuthenticator, LegacyAuthenticator, PasswordAuthenticator

public interface IAuthenticator

Nested Class Summary
`static class`	`IAuthenticator.Option` Supported CREATE USER/ALTER USER options.

Field Summary
`static java.lang.String`	`PASSWORD_KEY`
`static java.lang.String`	`USERNAME_KEY`

Method Summary
`void`	`alter(java.lang.String username, java.util.Map<IAuthenticator.Option,java.lang.Object> options)` Called during execution of ALTER USER query.
`java.util.Set<IAuthenticator.Option>`	`alterableOptions()` Subset of supportedOptions that users are allowed to alter when performing ALTER USER [themselves].
`AuthenticatedUser`	`authenticate(java.util.Map<java.lang.String,java.lang.String> credentials)` Authenticates a user given a Map of credentials.
`void`	`create(java.lang.String username, java.util.Map<IAuthenticator.Option,java.lang.Object> options)` Called during execution of CREATE USER query (also may be called on startup, see seedSuperuserOptions method).
`void`	`drop(java.lang.String username)` Called during execution of DROP USER query.
`java.util.Set<? extends IResource>`	`protectedResources()` Set of resources that should be made inaccessible to users and only accessible internally.
`boolean`	`requireAuthentication()` Whether or not the authenticator requires explicit login.
`void`	`setup()` Setup is called once upon system startup to initialize the IAuthenticator.
`java.util.Set<IAuthenticator.Option>`	`supportedOptions()` Set of options supported by CREATE USER and ALTER USER queries.
`void`	`validateConfiguration()` Validates configuration of IAuthenticator implementation (if configurable).

Field Detail

USERNAME_KEY

static final java.lang.String USERNAME_KEY

See Also:: Constant Field Values

PASSWORD_KEY

static final java.lang.String PASSWORD_KEY

See Also:: Constant Field Values

Method Detail

requireAuthentication

boolean requireAuthentication()

Whether or not the authenticator requires explicit login. If false will instantiate user with AuthenticatedUser.ANONYMOUS_USER.

supportedOptions

java.util.Set<IAuthenticator.Option> supportedOptions()

Set of options supported by CREATE USER and ALTER USER queries. Should never return null - always return an empty set instead.

alterableOptions

java.util.Set<IAuthenticator.Option> alterableOptions()

Subset of supportedOptions that users are allowed to alter when performing ALTER USER [themselves]. Should never return null - always return an empty set instead.

authenticate

AuthenticatedUser authenticate(java.util.Map<java.lang.String,java.lang.String> credentials)
                               throws AuthenticationException

Authenticates a user given a Map of credentials. Should never return null - always throw AuthenticationException instead. Returning AuthenticatedUser.ANONYMOUS_USER is an option as well if authentication is not required.

Throws:: AuthenticationException - if credentials don't match any known user.

create

void create(java.lang.String username,
            java.util.Map<IAuthenticator.Option,java.lang.Object> options)
            throws RequestValidationException,
                   RequestExecutionException

Called during execution of CREATE USER query (also may be called on startup, see seedSuperuserOptions method). If authenticator is static then the body of the method should be left blank, but don't throw an exception. options are guaranteed to be a subset of supportedOptions().

Parameters:: username - Username of the user to create.; options - Options the user will be created with.
Throws:: RequestValidationException; RequestExecutionException

alter

void alter(java.lang.String username,
           java.util.Map<IAuthenticator.Option,java.lang.Object> options)
           throws RequestValidationException,
                  RequestExecutionException

Called during execution of ALTER USER query. options are always guaranteed to be a subset of supportedOptions(). Furthermore, if the user performing the query is not a superuser and is altering himself, then options are guaranteed to be a subset of alterableOptions(). Keep the body of the method blank if your implementation doesn't support any options.

Parameters:: username - Username of the user that will be altered.; options - Options to alter.
Throws:: RequestValidationException; RequestExecutionException

drop

void drop(java.lang.String username)
          throws RequestValidationException,
                 RequestExecutionException

Called during execution of DROP USER query.

Parameters:: username - Username of the user that will be dropped.
Throws:: RequestValidationException; RequestExecutionException

protectedResources

java.util.Set<? extends IResource> protectedResources()

Set of resources that should be made inaccessible to users and only accessible internally.

Returns:: Keyspaces, column families that will be unmodifiable by users; other resources.

validateConfiguration

void validateConfiguration()
                           throws ConfigurationException

Validates configuration of IAuthenticator implementation (if configurable).

Throws:: ConfigurationException - when there is a configuration error.

setup

void setup()

Setup is called once upon system startup to initialize the IAuthenticator. For example, use this method to create any required keyspaces/column families.