Example 1 with ICredentialsRenewer
use of org.apache.storm.security.auth.ICredentialsRenewer in project storm by apache.
the class Nimbus method renewCredentials.
private void renewCredentials() throws Exception {
if (!isLeader()) {
LOG.info("not a leader, skipping credential renewal.");
return;
}
IStormClusterState state = stormClusterState;
Collection<ICredentialsRenewer> renewers = credRenewers;
Map<String, StormBase> assignedBases = state.topologyBases();
if (assignedBases != null) {
for (Entry<String, StormBase> entry : assignedBases.entrySet()) {
String id = entry.getKey();
String ownerPrincipal = entry.getValue().get_principal();
Map<String, Object> topoConf = Collections.unmodifiableMap(Utils.merge(conf, tryReadTopoConf(id, topoCache)));
synchronized (credUpdateLock) {
Credentials origCreds = state.credentials(id, null);
if (origCreds != null) {
Map<String, String> origCredsMap = origCreds.get_creds();
Map<String, String> newCredsMap = new HashMap<>(origCredsMap);
for (ICredentialsRenewer renewer : renewers) {
LOG.info("Renewing Creds For {} with {} owned by {}", id, renewer, ownerPrincipal);
renewer.renew(newCredsMap, topoConf, ownerPrincipal);
}
// Update worker tokens if needed
upsertWorkerTokensInCreds(newCredsMap, ownerPrincipal, id);
if (!newCredsMap.equals(origCredsMap)) {
state.setCredentials(id, new Credentials(newCredsMap), topoConf);
}
}
}
}
}
}
Also used :
ICredentialsRenewer(org.apache.storm.security.auth.ICredentialsRenewer)
HashMap(java.util.HashMap)
StormBase(org.apache.storm.generated.StormBase)
IStormClusterState(org.apache.storm.cluster.IStormClusterState)
Credentials(org.apache.storm.generated.Credentials)
Aggregations
HashMap (java.util.HashMap)1
IStormClusterState (org.apache.storm.cluster.IStormClusterState)1
Credentials (org.apache.storm.generated.Credentials)1
StormBase (org.apache.storm.generated.StormBase)1
ICredentialsRenewer (org.apache.storm.security.auth.ICredentialsRenewer)1
