public class KerberosIdentityConfig extends Object implements IdentityConfig
Constructor and Description |
---|
KerberosIdentityConfig() |
Modifier and Type | Method and Description |
---|---|
ICredentialsFactory |
asCredentialsFactory(ClassLoader cl)
Converts current configuration to a
ICredentialsFactory instance. |
IdentityConfig |
copy()
Makes a copy (or clone) of the config object.
|
boolean |
equals(Object obj) |
String |
getKeytabFile() |
String |
getPrincipal() |
String |
getRealm() |
String |
getSecurityRealm() |
String |
getServiceNamePrefix() |
String |
getSpn() |
Boolean |
getUseCanonicalHostname() |
int |
hashCode() |
KerberosIdentityConfig |
setKeytabFile(String keytabFile)
Allows (together with the
setPrincipal(String) ) simplification of security realm configuration. |
KerberosIdentityConfig |
setPrincipal(String principal)
Allows (together with the
setKeytabFile(String) ) simplification of security realm configuration. |
KerberosIdentityConfig |
setRealm(String realm)
Defines Kerberos realm name (e.g.
|
KerberosIdentityConfig |
setSecurityRealm(String securityRealm)
Configures a reference to Security realm name in Hazelcast configuration.
|
KerberosIdentityConfig |
setServiceNamePrefix(String serviceNamePrefix)
Defines prefix of the Service Principal name.
|
KerberosIdentityConfig |
setSpn(String spn)
Allows to configure static service principal name (SPN).
|
KerberosIdentityConfig |
setUseCanonicalHostname(Boolean useCanonicalHostname)
Allows using fully qualified domain name instead of IP address when the SPN is constructed from a prefix and realm name.
|
String |
toString() |
public String getSpn()
public KerberosIdentityConfig setSpn(String spn)
public String getServiceNamePrefix()
public KerberosIdentityConfig setServiceNamePrefix(String serviceNamePrefix)
"hz/"
. By default the member's principal name
(for which this credentials factory asks the service ticket) is in form "[servicePrefix][memberIpAddress]@[REALM]" (e.g.
"hz/192.168.1.1@ACME.COM").public String getRealm()
public KerberosIdentityConfig setRealm(String realm)
public String getKeytabFile()
public KerberosIdentityConfig setKeytabFile(String keytabFile)
setPrincipal(String)
) simplification of security realm configuration. For basic
scenarios you don't need to use setSecurityRealm(String)
, but you can instead define directly kerberos principal
name and keytab file path with credentials for given principal.
This configuration is only used when there is no securityRealm
configured.
public String getPrincipal()
public KerberosIdentityConfig setPrincipal(String principal)
setKeytabFile(String)
) simplification of security realm configuration. For basic
scenarios you don't need to use setSecurityRealm(String)
, but you can instead define directly kerberos principal
name and keytab file path with credentials for given principal.
This configuration is only used when there is no securityRealm
configured.
public String getSecurityRealm()
public KerberosIdentityConfig setSecurityRealm(String securityRealm)
public Boolean getUseCanonicalHostname()
public KerberosIdentityConfig setUseCanonicalHostname(Boolean useCanonicalHostname)
true
, the SPN "hz/192.168.1.1@ACME.COM"
could become
"hz/member1.acme.com@ACME.COM"
(given the reverse DNS lookup for 192.168.1.1 returns the "member1.acme.com"
hostname).public ICredentialsFactory asCredentialsFactory(ClassLoader cl)
IdentityConfig
ICredentialsFactory
instance.asCredentialsFactory
in interface IdentityConfig
cl
- class loader to be used if the credentials factory class has to be constructed.ICredentialsFactory
instancepublic IdentityConfig copy()
IdentityConfig
copy
in interface IdentityConfig
Copyright © 2024 Hazelcast, Inc.. All rights reserved.