Package org.apache.hadoop.security
Class RuleBasedLdapGroupsMapping
java.lang.Object
org.apache.hadoop.security.LdapGroupsMapping
org.apache.hadoop.security.RuleBasedLdapGroupsMapping
- All Implemented Interfaces:
Configurable,GroupMappingServiceProvider
This class uses
LdapGroupsMapping for group lookup and applies the
rule configured on the group names.-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.hadoop.security.LdapGroupsMapping
LdapGroupsMapping.LdapSslSocketFactory -
Field Summary
FieldsFields inherited from class org.apache.hadoop.security.LdapGroupsMapping
BASE_DN_DEFAULT, BASE_DN_KEY, BIND_PASSWORD_ALIAS_DEFAULT, BIND_PASSWORD_ALIAS_KEY, BIND_PASSWORD_ALIAS_SUFFIX, BIND_PASSWORD_DEFAULT, BIND_PASSWORD_FILE_DEFAULT, BIND_PASSWORD_FILE_KEY, BIND_PASSWORD_FILE_SUFFIX, BIND_PASSWORD_KEY, BIND_PASSWORD_SUFFIX, BIND_USER_DEFAULT, BIND_USER_KEY, BIND_USER_SUFFIX, BIND_USERS_KEY, CONNECTION_TIMEOUT, CONNECTION_TIMEOUT_DEFAULT, DIRECTORY_SEARCH_TIMEOUT, DIRECTORY_SEARCH_TIMEOUT_DEFAULT, GROUP_BASE_DN_KEY, GROUP_HIERARCHY_LEVELS_DEFAULT, GROUP_HIERARCHY_LEVELS_KEY, GROUP_MEMBERSHIP_ATTR_DEFAULT, GROUP_MEMBERSHIP_ATTR_KEY, GROUP_NAME_ATTR_DEFAULT, GROUP_NAME_ATTR_KEY, GROUP_SEARCH_FILTER_DEFAULT, GROUP_SEARCH_FILTER_KEY, GROUP_SEARCH_FILTER_PATTERN, GROUP_SEARCH_FILTER_PATTERN_DEFAULT, LDAP_CONFIG_PREFIX, LDAP_CTX_FACTORY_CLASS_DEFAULT, LDAP_CTX_FACTORY_CLASS_KEY, LDAP_KEYSTORE_DEFAULT, LDAP_KEYSTORE_KEY, LDAP_KEYSTORE_PASSWORD_DEFAULT, LDAP_KEYSTORE_PASSWORD_FILE_DEFAULT, LDAP_KEYSTORE_PASSWORD_FILE_KEY, LDAP_KEYSTORE_PASSWORD_KEY, LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_DEFAULT, LDAP_NUM_ATTEMPTS_BEFORE_FAILOVER_KEY, LDAP_NUM_ATTEMPTS_DEFAULT, LDAP_NUM_ATTEMPTS_KEY, LDAP_TRUSTSTORE_KEY, LDAP_TRUSTSTORE_PASSWORD_FILE_KEY, LDAP_TRUSTSTORE_PASSWORD_KEY, LDAP_URL_DEFAULT, LDAP_URL_KEY, LDAP_USE_SSL_DEFAULT, LDAP_USE_SSL_KEY, MEMBEROF_ATTR_DEFAULT, MEMBEROF_ATTR_KEY, POSIX_ACCOUNT, POSIX_GID_ATTR_DEFAULT, POSIX_GID_ATTR_KEY, POSIX_GROUP, POSIX_UID_ATTR_DEFAULT, POSIX_UID_ATTR_KEY, READ_TIMEOUT, READ_TIMEOUT_DEFAULT, USER_BASE_DN_KEY, USER_SEARCH_FILTER_DEFAULT, USER_SEARCH_FILTER_KEYFields inherited from interface org.apache.hadoop.security.GroupMappingServiceProvider
GROUP_MAPPING_CONFIG_PREFIX -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionReturns list of groups for a user.getGroupsSet(String user) Get all various group memberships of a given user.voidsetConf(Configuration conf) Set the configuration to be used by this object.Methods inherited from class org.apache.hadoop.security.LdapGroupsMapping
cacheGroupsAdd, cacheGroupsRefresh, failover, getConf, getLdapUrls, switchBindUser
-
Field Details
-
CONVERSION_RULE_KEY
- See Also:
-
-
Constructor Details
-
RuleBasedLdapGroupsMapping
public RuleBasedLdapGroupsMapping()
-
-
Method Details
-
setConf
Description copied from interface:ConfigurableSet the configuration to be used by this object.- Specified by:
setConfin interfaceConfigurable- Overrides:
setConfin classLdapGroupsMapping- Parameters:
conf- configuration to be used
-
getGroups
Returns list of groups for a user. This callsLdapGroupsMapping's getGroups and applies the configured rules on group names before returning.- Specified by:
getGroupsin interfaceGroupMappingServiceProvider- Overrides:
getGroupsin classLdapGroupsMapping- Parameters:
user- get groups for this user- Returns:
- list of groups for a given user
-
getGroupsSet
Description copied from interface:GroupMappingServiceProviderGet all various group memberships of a given user. Returns EMPTY set in case of non-existing user- Specified by:
getGroupsSetin interfaceGroupMappingServiceProvider- Overrides:
getGroupsSetin classLdapGroupsMapping- Parameters:
user- User's name- Returns:
- set of group memberships of user
-