public class KerberosAuthenticationConfig extends AbstractClusterLoginConfig<KerberosAuthenticationConfig>
Constructor and Description |
---|
KerberosAuthenticationConfig() |
Modifier and Type | Method and Description |
---|---|
LoginModuleConfig[] |
asLoginModuleConfigs()
Converts current configuration to stack of login modules.
|
boolean |
equals(Object obj) |
String |
getKeytabFile() |
LdapAuthenticationConfig |
getLdapAuthenticationConfig() |
String |
getPrincipal() |
Boolean |
getRelaxFlagsCheck() |
String |
getSecurityRealm() |
Boolean |
getUseNameWithoutRealm() |
int |
hashCode() |
protected Properties |
initLoginModuleProperties() |
protected KerberosAuthenticationConfig |
self() |
KerberosAuthenticationConfig |
setKeytabFile(String keytabFile)
Allows (together with the
setPrincipal(String) ) simplification of security realm configuration. |
KerberosAuthenticationConfig |
setLdapAuthenticationConfig(LdapAuthenticationConfig ldapAuthenticationConfig)
Allows specifying LDAP authentication configuration which is then used after the Kerberos authentication successfully
finishes.
|
KerberosAuthenticationConfig |
setPrincipal(String principal)
Allows (together with the
setKeytabFile(String) ) simplification of security realm configuration. |
KerberosAuthenticationConfig |
setRelaxFlagsCheck(Boolean relaxFlagsCheck)
Allows disabling some of the checks on incoming token (e.g.
|
KerberosAuthenticationConfig |
setSecurityRealm(String securityRealm)
References Security realm name in Hazelcast configuration.
|
KerberosAuthenticationConfig |
setUseNameWithoutRealm(Boolean useNameWithoutRealm)
Allows cutting off the Kerberos realm part from authenticated name.
|
String |
toString() |
getSkipEndpoint, getSkipIdentity, getSkipRole, setIfConfigured, setIfConfigured, setIfConfigured, setSkipEndpoint, setSkipIdentity, setSkipRole
public Boolean getRelaxFlagsCheck()
public KerberosAuthenticationConfig setRelaxFlagsCheck(Boolean relaxFlagsCheck)
public String getSecurityRealm()
public KerberosAuthenticationConfig setUseNameWithoutRealm(Boolean useNameWithoutRealm)
true
, the '@REALM'
part
is removed from the name (e.g. jduke@ACME.COM
becomes jduke
).public Boolean getUseNameWithoutRealm()
public KerberosAuthenticationConfig setSecurityRealm(String securityRealm)
public LdapAuthenticationConfig getLdapAuthenticationConfig()
public KerberosAuthenticationConfig setLdapAuthenticationConfig(LdapAuthenticationConfig ldapAuthenticationConfig)
public String getKeytabFile()
public KerberosAuthenticationConfig setKeytabFile(String keytabFile)
setPrincipal(String)
) simplification of security realm configuration. For basic
scenarios you don't need to use setSecurityRealm(String)
, but you can instead define directly kerberos principal
name and keytab file path with credentials for given principal.
This configuration is only used when there is no securityRealm
configured.
public String getPrincipal()
public KerberosAuthenticationConfig setPrincipal(String principal)
setKeytabFile(String)
) simplification of security realm configuration. For basic
scenarios you don't need to use setSecurityRealm(String)
, but you can instead define directly kerberos principal
name and keytab file path with credentials for given principal.
This configuration is only used when there is no securityRealm
configured.
protected Properties initLoginModuleProperties()
initLoginModuleProperties
in class AbstractClusterLoginConfig<KerberosAuthenticationConfig>
public LoginModuleConfig[] asLoginModuleConfigs()
AuthenticationConfig
public int hashCode()
hashCode
in class AbstractClusterLoginConfig<KerberosAuthenticationConfig>
public boolean equals(Object obj)
equals
in class AbstractClusterLoginConfig<KerberosAuthenticationConfig>
protected KerberosAuthenticationConfig self()
self
in class AbstractClusterLoginConfig<KerberosAuthenticationConfig>
Copyright © 2022 Hazelcast, Inc.. All rights reserved.