org.apache.zookeeper.server.auth
Class DigestAuthenticationProvider

java.lang.Object
  org.apache.zookeeper.server.auth.DigestAuthenticationProvider

All Implemented Interfaces:

AuthenticationProvider

public class DigestAuthenticationProvider
extends Object
implements AuthenticationProvider

Constructor Summary

DigestAuthenticationProvider()

Method Summary

static String	generateDigest(String idPassword)
String	getScheme() The String used to represent this provider.
KeeperException.Code	handleAuthentication(ServerCnxn cnxn, byte[] authData) This method is called when a client passes authentication data for this scheme.
boolean	isAuthenticated() This method is used to check if the authentication done by this provider should be used to identify the creator of a node.
boolean	isValid(String id) Validates the syntax of an id.
static void	main(String[] args) Call with a single argument of user:pass to generate authdata.
boolean	matches(String id, String aclExpr) This method is called to see if the given id matches the given id expression in the ACL.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DigestAuthenticationProvider

public DigestAuthenticationProvider()

Method Detail

getScheme

public String getScheme()

Description copied from interface: AuthenticationProvider

The String used to represent this provider. This will correspond to the scheme field of an Id.

Specified by:

getScheme in interface AuthenticationProvider

Returns:

the scheme of this provider.

generateDigest

public static String generateDigest(String idPassword)
                             throws NoSuchAlgorithmException

Throws:

NoSuchAlgorithmException

handleAuthentication

public KeeperException.Code handleAuthentication(ServerCnxn cnxn,
                                                 byte[] authData)

Description copied from interface: AuthenticationProvider

This method is called when a client passes authentication data for this scheme. The authData is directly from the authentication packet. The implementor may attach new ids to the authInfo field of cnxn or may use cnxn to send packets back to the client.

Specified by:

handleAuthentication in interface AuthenticationProvider

Parameters:

cnxn - the cnxn that received the authentication information.

authData - the authentication data received.

Returns:

TODO

isAuthenticated

public boolean isAuthenticated()

Description copied from interface: AuthenticationProvider

This method is used to check if the authentication done by this provider should be used to identify the creator of a node. Some ids such as hosts and ip addresses are rather transient and in general don't really identify a client even though sometimes they do.

Specified by:

isAuthenticated in interface AuthenticationProvider

Returns:

true if this provider identifies creators.

isValid

public boolean isValid(String id)

Description copied from interface: AuthenticationProvider

Validates the syntax of an id.

Specified by:

isValid in interface AuthenticationProvider

Parameters:

id - the id to validate.

Returns:

true if id is well formed.

matches

public boolean matches(String id,
                       String aclExpr)

Description copied from interface: AuthenticationProvider

This method is called to see if the given id matches the given id expression in the ACL. This allows schemes to use application specific wild cards.

Specified by:

matches in interface AuthenticationProvider

Parameters:

id - the id to check.

aclExpr - the expression to match ids against.

Returns:

true if the id can be matched by the expression.

main

public static void main(String[] args)
                 throws NoSuchAlgorithmException

Call with a single argument of user:pass to generate authdata. Authdata output can be used when setting superDigest for example.

Parameters:

args - single argument of user:pass

Throws:

NoSuchAlgorithmException