ZookeeperConfigOptions.java example

Explorer
hops-master
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.hadoop.registry.client.impl.zk;

import org.apache.zookeeper.client.ZooKeeperSaslClient;
import org.apache.zookeeper.server.ZooKeeperSaslServer;

/**
 * Configuration options which are internal to Zookeeper,
 * as well as some other ZK constants
 * <p>
 * Zookeeper options are passed via system properties prior to the ZK
 * Methods/classes being invoked. This implies that:
 * <ol>
 *   <li>There can only be one instance of a ZK client or service class
 *   in a single JVM —else their configuration options will conflict.</li>
 *   <li>It is safest to set these properties immediately before
 *   invoking ZK operations.</li>
 * </ol>
 *
 */
public interface ZookeeperConfigOptions {
  /**
   * Enable SASL secure clients: {@value}.
   * This is usually set to true, with ZK set to fall back to
   * non-SASL authentication if the SASL auth fails
   * by the property
   * {@link #PROP_ZK_SERVER_MAINTAIN_CONNECTION_DESPITE_SASL_FAILURE}.
   * <p>
   * As a result, clients will default to attempting SASL-authentication,
   * but revert to classic authentication/anonymous access on failure.
   */
  String PROP_ZK_ENABLE_SASL_CLIENT =
      "zookeeper.sasl.client";

  /**
   * Default flag for the ZK client: {@value}.
   */
  String DEFAULT_ZK_ENABLE_SASL_CLIENT = "true";

  /**
   * System property for the JAAS client context : {@value}.
   *
   * For SASL authentication to work, this must point to a
   * context within the
   *
   * <p>
   *   Default value is derived from
   *   {@link ZooKeeperSaslClient#LOGIN_CONTEXT_NAME_KEY}
   */
  String PROP_ZK_SASL_CLIENT_CONTEXT =
      ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY;

  /**
   * The SASL client username: {@value}.
   * <p>
   * Set this to the <i>short</i> name of the client, e.g, "user",
   * not {@code user/host}, or {@code user/host@REALM}
   */
  String PROP_ZK_SASL_CLIENT_USERNAME = "zookeeper.sasl.client.username";

  /**
   * The SASL Server context, referring to a context in the JVM's
   * JAAS context file: {@value}
   */
  String PROP_ZK_SERVER_SASL_CONTEXT =
      ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY;

  /**
   * Should ZK Server allow failed SASL clients to downgrade to classic
   * authentication on a SASL auth failure: {@value}.
   */
  String PROP_ZK_SERVER_MAINTAIN_CONNECTION_DESPITE_SASL_FAILURE =
      "zookeeper.maintain_connection_despite_sasl_failure";

  /**
   * should the ZK Server Allow failed SASL clients: {@value}.
   */
  String PROP_ZK_ALLOW_FAILED_SASL_CLIENTS =
      "zookeeper.allowSaslFailedClients";

  /**
   * Kerberos realm of the server: {@value}.
   */
  String PROP_ZK_SERVER_REALM = "zookeeper.server.realm";

  /**
   * Path to a kinit binary: {@value}.
   * Defaults to <code>"/usr/bin/kinit"</code>
   */
  String PROP_ZK_KINIT_PATH = "zookeeper.kinit";

  /**
   * ID scheme for SASL: {@value}.
   */
  String SCHEME_SASL = "sasl";

  /**
   * ID scheme for digest auth: {@value}.
   */
  String SCHEME_DIGEST = "digest";
}