KerberosConnection (Apache Calcite Avatica 1.10.0 API)

java.lang.Object
- org.apache.calcite.avatica.remote.KerberosConnection

```
public class KerberosConnection
extends Object
```
A utility to perform Kerberos logins and renewals.

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`(package private) static class`	`KerberosConnection.KeytabJaasConf` Javax Configuration for performing a keytab-based Kerberos login.
`(package private) static class`	`KerberosConnection.RenewalTask` Runnable for performing Kerberos renewals.

Field Summary

Fields
Modifier and Type	Field and Description
`private static String`	`IBM_KRB5_LOGIN_MODULE`
`private static String`	`JAAS_CONF_NAME`
`private Configuration`	`jaasConf`
`private static org.slf4j.Logger`	`LOG`
`static float`	`PERCENT_OF_LIFETIME_TO_RENEW` The percentage of the Kerberos ticket's lifetime which we should start trying to renew it
`private String`	`principal`
`static long`	`RENEWAL_PERIOD` How long should we sleep between checks to renew the Kerberos ticket
`private static String`	`RENEWAL_THREAD_NAME`
`private KerberosConnection.RenewalTask`	`renewalTask`
`private Thread`	`renewalThread`
`private Subject`	`subject`
`private static String`	`SUN_KRB5_LOGIN_MODULE`

Constructor Summary

Constructors
Constructor and Description

KerberosConnection(String principal, File keytab)
Constructs an instance.

Constructors
Constructor and Description
`KerberosConnection(String principal, File keytab)` Constructs an instance.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`(package private) LoginContext`	`createLoginContext(Configuration conf)`
`(package private) Map.Entry<KerberosConnection.RenewalTask,Thread>`	`createRenewalThread(LoginContext originalContext, Subject originalSubject, long renewalPeriod)` Launches a thread to periodically check the current ticket's lifetime and perform a relogin as necessary.
`(package private) static String`	`getKrb5LoginModuleName()` Returns the KRB5 LoginModule implementation.
`Subject`	`getSubject()`
`(package private) static boolean`	`isTGSPrincipal(KerberosPrincipal principal)` Computes if the given `principal` is the ticket-granting system's principal ("krbtgt").
`void`	`login()` Perform a Kerberos login and launch a daemon thread to periodically perfrom renewals of that Kerberos login.
`(package private) Map.Entry<LoginContext,Subject>`	`login(LoginContext prevContext, Configuration conf, Subject subject)` Performs a kerberos login, possibly logging out first.
`(package private) Map.Entry<LoginContext,Subject>`	`performKerberosLogin()` Performs a Kerberos login given the `principal` and `keytab`.
`void`	`stopRenewalThread()` Stops the Kerberos renewal thread if it is still running.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - LOG
```
private static final org.slf4j.Logger LOG
```
  - IBM_KRB5_LOGIN_MODULE
```
private static final String IBM_KRB5_LOGIN_MODULE
```
    See Also:
    
    Constant Field Values
  - SUN_KRB5_LOGIN_MODULE
```
private static final String SUN_KRB5_LOGIN_MODULE
```
    See Also:
    
    Constant Field Values
  - JAAS_CONF_NAME
```
private static final String JAAS_CONF_NAME
```
    See Also:
    
    Constant Field Values
  - RENEWAL_THREAD_NAME
```
private static final String RENEWAL_THREAD_NAME
```
    See Also:
    
    Constant Field Values
  - PERCENT_OF_LIFETIME_TO_RENEW
```
public static final float PERCENT_OF_LIFETIME_TO_RENEW
```
    The percentage of the Kerberos ticket's lifetime which we should start trying to renew it
    
    See Also:
    
    Constant Field Values
  - RENEWAL_PERIOD
```
public static final long RENEWAL_PERIOD
```
    How long should we sleep between checks to renew the Kerberos ticket
    
    See Also:
    
    Constant Field Values
  - principal
```
private final String principal
```
  - jaasConf
```
private final Configuration jaasConf
```
  - subject
```
private Subject subject
```
  - renewalTask
```
private KerberosConnection.RenewalTask renewalTask
```
  - renewalThread
```
private Thread renewalThread
```
- Constructor Detail
  - KerberosConnection
```
public KerberosConnection(String principal,
                          File keytab)
```
    Constructs an instance.
    
    Parameters:
    
    principal - The Kerberos principal
    
    keytab - The keytab containing keys for the Kerberos principal
- Method Detail
  - getSubject
```
public Subject getSubject()
```
  - login
```
public void login()
```
    Perform a Kerberos login and launch a daemon thread to periodically perfrom renewals of that Kerberos login. Exceptions are intentionally caught and rethrown as unchecked exceptions as there is nothing Avatica itself can do if the Kerberos login fails.
    
    Throws:
    
    RuntimeException - If the Kerberos login fails
  - performKerberosLogin
```
Map.Entry<LoginContext,Subject> performKerberosLogin()
```
    Performs a Kerberos login given the principal and keytab.
    
    Returns:
    
    The Subject and LoginContext from the successful login.
    
    Throws:
    
    RuntimeException - if the login failed
  - login
```
Map.Entry<LoginContext,Subject> login(LoginContext prevContext,
                                      Configuration conf,
                                      Subject subject)
                               throws LoginException
```
    Performs a kerberos login, possibly logging out first.
    
    Parameters:
    
    prevContext - The LoginContext from the previous login, or null
    
    conf - JAAS Configuration object
    
    subject - The JAAS Subject
    
    Returns:
    
    The context and subject from the login
    
    Throws:
    
    LoginException - If the login failed.
  - createLoginContext
```
LoginContext createLoginContext(Configuration conf)
                         throws LoginException
```
    Throws:
    
    LoginException
  - createRenewalThread
```
Map.Entry<KerberosConnection.RenewalTask,Thread> createRenewalThread(LoginContext originalContext,
                                                                     Subject originalSubject,
                                                                     long renewalPeriod)
```
    Launches a thread to periodically check the current ticket's lifetime and perform a relogin as necessary.
    
    Parameters:
    
    originalContext - The original login's context.
    
    originalSubject - The original login's subject.
    
    renewalPeriod - The amount of time to sleep inbetween checks to renew
  - stopRenewalThread
```
public void stopRenewalThread()
```
    Stops the Kerberos renewal thread if it is still running. If the thread was already started or never started, this method does nothing.
  - isTGSPrincipal
```
static boolean isTGSPrincipal(KerberosPrincipal principal)
```
    Computes if the given principal is the ticket-granting system's principal ("krbtgt").
    
    Parameters:
    
    principal - A KerberosPrincipal.
    
    Returns:
    
    True if principal is the TGS principal, false otherwise.
  - getKrb5LoginModuleName
```
static String getKrb5LoginModuleName()
```
    Returns the KRB5 LoginModule implementation. This is JVM-vendor dependent.
    
    Returns:
    
    The class name of the KRB5 LoginModule

Class KerberosConnection

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

LOG

IBM_KRB5_LOGIN_MODULE

SUN_KRB5_LOGIN_MODULE

JAAS_CONF_NAME

RENEWAL_THREAD_NAME

PERCENT_OF_LIFETIME_TO_RENEW

RENEWAL_PERIOD

principal

jaasConf

subject

renewalTask

renewalThread

Constructor Detail

KerberosConnection

Method Detail

getSubject

login

performKerberosLogin

login

createLoginContext

createRenewalThread

stopRenewalThread

isTGSPrincipal

getKrb5LoginModuleName