Package org.apache.cassandra.auth
Interface ICIDRAuthorizer
-
- All Known Implementing Classes:
AbstractCIDRAuthorizer
,AllowAllCIDRAuthorizer
,CassandraCIDRAuthorizer
public interface ICIDRAuthorizer
Backend for CIDR authorization feature
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
ICIDRAuthorizer.CIDRAuthorizerMode
Supported modes by CIDR authorizer
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Modifier and Type Method Description void
dropCidrPermissionsForRole(RoleResource role)
Drop CIDR permissions of a roleCIDRAuthorizerMetrics
getCidrAuthorizerMetrics()
CIDRGroupsMappingManager
getCidrGroupsMappingManager()
boolean
hasAccessFromIp(RoleResource role, java.net.InetAddress ipAddress)
Determines does the given role has access from CIDR groups associated with given IPvoid
initCaches()
Init caches held by CIDR authorizerboolean
invalidateCidrPermissionsCache(java.lang.String roleName)
Invalidate given role from CIDR permissions cachevoid
loadCidrGroupsCache()
Load CIDR groups mapping cachejava.util.Set<java.lang.String>
lookupCidrGroupsForIp(java.net.InetAddress ip)
Lookup IP in CIDR groups mapping cachestatic ICIDRAuthorizer
newCIDRAuthorizer(ParameterizedClass cidrAuthorizer)
boolean
requireAuthorization()
void
setCidrGroupsForRole(RoleResource role, CIDRPermissions cidrPermissions)
Set CIDR permissions for a given rolevoid
setup()
void
validateConfiguration()
-
-
-
Method Detail
-
newCIDRAuthorizer
static ICIDRAuthorizer newCIDRAuthorizer(ParameterizedClass cidrAuthorizer)
-
setup
void setup()
-
initCaches
void initCaches()
Init caches held by CIDR authorizer
-
getCidrGroupsMappingManager
CIDRGroupsMappingManager getCidrGroupsMappingManager()
-
getCidrAuthorizerMetrics
CIDRAuthorizerMetrics getCidrAuthorizerMetrics()
-
requireAuthorization
boolean requireAuthorization()
-
setCidrGroupsForRole
void setCidrGroupsForRole(RoleResource role, CIDRPermissions cidrPermissions)
Set CIDR permissions for a given role- Parameters:
role
- role for which to set CIDR permissionscidrPermissions
- CIR permissions to set for the role
-
dropCidrPermissionsForRole
void dropCidrPermissionsForRole(RoleResource role)
Drop CIDR permissions of a role- Parameters:
role
- for which to drop cidr permissions
-
invalidateCidrPermissionsCache
boolean invalidateCidrPermissionsCache(java.lang.String roleName)
Invalidate given role from CIDR permissions cache- Parameters:
roleName
- role to invalidate- Returns:
- returns true if given role found in the cache and invalidated, false otherwise
-
validateConfiguration
void validateConfiguration() throws ConfigurationException
- Throws:
ConfigurationException
-
loadCidrGroupsCache
void loadCidrGroupsCache()
Load CIDR groups mapping cache
-
lookupCidrGroupsForIp
java.util.Set<java.lang.String> lookupCidrGroupsForIp(java.net.InetAddress ip)
Lookup IP in CIDR groups mapping cache- Parameters:
ip
- input IP to lookup CIDR group- Returns:
- returns best matching CIDR group for this IP
-
hasAccessFromIp
boolean hasAccessFromIp(RoleResource role, java.net.InetAddress ipAddress)
Determines does the given role has access from CIDR groups associated with given IP- Parameters:
role
- role to check accessipAddress
- IP of the client- Returns:
- returns true if role has access from given IP, false otherwise
-
-