HKerberosSaslThriftClientFactoryImpl.java example

Explorer
hector-master
/**
 * Client Factory that provides Secure sockets using Kerberos as authentication
 * SASL mechanism.
 * 
 * It expects few system properties to be set up:
 * <ul>
 * <li><code>kerberos.service.principal.name</code> Kerberos Service principal name without the domain. Default: "cassandra".
 * 
 * <li><code>ssl.truststore</code> File path for trust store
 * <li><code>ssl.truststore.password</code> Password for trust store
 * <li><code>ssl.protocol</code> SSL protocol, default SSL
 * <li><code>ssl.store.type</code> Store type, default JKS
 * <li><code>ssl.cipher.suites</code> Cipher suites
 * </ul>
 * <p>
 * 
 * 
 * @see HSaslThriftClient
 * 
 */
package me.prettyprint.cassandra.connection.factory;

import org.apache.thrift.transport.TSSLTransportFactory.TSSLTransportParameters;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import me.prettyprint.cassandra.connection.client.HClient;
import me.prettyprint.cassandra.connection.client.HKerberosThriftClient;
import me.prettyprint.cassandra.connection.client.HSaslThriftClient;
import me.prettyprint.cassandra.connection.security.SSLHelper;
import me.prettyprint.cassandra.service.CassandraHost;

public class HKerberosSaslThriftClientFactoryImpl implements HClientFactory {


    private static final Logger log = LoggerFactory.getLogger(HKerberosSaslThriftClientFactoryImpl.class);

    public static final String JAAS_CONFIG = "jaas.conf";
    public static final String KRB5_CONFIG = "krb5.conf";

    private String krbServicePrincipalName;
    private TSSLTransportParameters params;

    public HKerberosSaslThriftClientFactoryImpl() {

      params = SSLHelper.getTSSLTransportParameters();
      if (params != null) {
        log.debug("SSL properties:");
        log.debug("  ssl.truststore = {}", System.getProperty("ssl.truststore"));
        log.debug("  ssl.protocol = {}", System.getProperty("ssl.protocol"));
        log.debug("  ssl.store.type = {}", System.getProperty("ssl.store.type"));
        log.debug("  ssl.cipher.suites = {}", System.getProperty("ssl.cipher.suites")); 
      }

      krbServicePrincipalName = System.getProperty("kerberos.service.principal.name");
      if (krbServicePrincipalName != null) {
        log.debug("Kerberos service principal name = {}", krbServicePrincipalName);
      }
    }

    /**
     * {@inheritDoc}
     */
    public HClient createClient(CassandraHost ch) {
      if (log.isDebugEnabled()) {
        log.debug("Creation of new client");
      }

      if (params == null)
        return new HSaslThriftClient(ch, krbServicePrincipalName);
      else
        return new HSaslThriftClient(ch, krbServicePrincipalName, params);
    }
}