Package org.apache.drill.exec.rpc.security
package org.apache.drill.exec.rpc.security
Communication security.
Drill uses Java's SASL library to authenticate clients (users and other bits). This is achieved using
AuthenticationOutcomeListener on the client-side, and
ServerAuthenticationHandler on the server-side.
If authentication is enabled, authenticator factory
implementations are discovered at startup from scan result using AuthenticatorProviderImpl. At connection time, after
handshake, if either side requires authentication, a series of SASL messages are exchanged. Without successful
authentication, any subsequent messages will result in failure and connection drop.
Out of the box, Drill supports KERBEROS
(through GSSAPI) and PLAIN (through
UserAuthenticator) mechanisms.
-
ClassDescriptionAuthenticationOutcomeListener<T extends com.google.protobuf.Internal.EnumLite,
C extends ClientConnection, HS extends com.google.protobuf.MessageLite, HR extends com.google.protobuf.MessageLite> Handles SASL exchange, on the client-side.An implementation of this factory will be initialized once at startup, if the authenticator is enabled (seeAuthenticatorFactory.getSimpleName()).ServerAuthenticationHandler<S extends ServerConnection<S>,T extends com.google.protobuf.Internal.EnumLite> Handles SASL exchange, on the server-side.