| Interface | Description |
|---|---|
| AuthenticatorFactory |
An implementation of this factory will be initialized once at startup, if the authenticator is enabled
(see
AuthenticatorFactory.getSimpleName()). |
| AuthenticatorProvider |
| Class | Description |
|---|---|
| AuthenticationOutcomeListener<T extends com.google.protobuf.Internal.EnumLite,C extends ClientConnection,HS extends com.google.protobuf.MessageLite,HR extends com.google.protobuf.MessageLite> |
Handles SASL exchange, on the client-side.
|
| AuthenticatorProviderImpl | |
| AuthStringUtil | |
| ClientAuthenticatorProvider | |
| FastSaslClientFactory | |
| FastSaslServerFactory | |
| SaslProperties | |
| SecurityConfiguration | |
| ServerAuthenticationHandler<S extends ServerConnection<S>,T extends com.google.protobuf.Internal.EnumLite> |
Handles SASL exchange, on the server-side.
|
Drill uses Java's SASL library to authenticate clients (users and other bits). This is achieved using
AuthenticationOutcomeListener on the client-side, and
ServerAuthenticationHandler on the server-side.
If authentication is enabled, authenticator factory
implementations are discovered at startup from scan result using AuthenticatorProviderImpl. At connection time, after
handshake, if either side requires authentication, a series of SASL messages are exchanged. Without successful
authentication, any subsequent messages will result in failure and connection drop.
Out of the box, Drill supports KERBEROS
(through GSSAPI) and PLAIN (through
UserAuthenticator) mechanisms.
Copyright © 1970 The Apache Software Foundation. All rights reserved.