Module org.elasticsearch.security
Class CachingUsernamePasswordRealm
java.lang.Object
org.elasticsearch.xpack.core.security.authc.Realm
org.elasticsearch.xpack.security.authc.support.CachingUsernamePasswordRealm
- All Implemented Interfaces:
Comparable<Realm>,CachingRealm
- Direct Known Subclasses:
FileRealm,LdapRealm,NativeRealm,ReservedRealm
-
Nested Class Summary
Nested classes/interfaces inherited from class org.elasticsearch.xpack.core.security.authc.Realm
Realm.Factory -
Field Summary
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedCachingUsernamePasswordRealm(RealmConfig config, ThreadPool threadPool) -
Method Summary
Modifier and TypeMethodDescriptionfinal voidauthenticate(AuthenticationToken authToken, ActionListener<AuthenticationResult<User>> listener) If the user exists in the cache (keyed by the principle name), then the password is validated against a hash also stored in the cache.protected abstract voiddoAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult<User>> listener) protected abstract voiddoLookupUser(String username, ActionListener<User> listener) final voidfinal voidprotected intprotected voidhandleCachedAuthentication(User user, ActionListener<AuthenticationResult<User>> listener) handleCachedAuthenticationis called when aUseris retrieved from the cache.final voidlookupUser(String username, ActionListener<User> listener) booleansupports(AuthenticationToken token) token(ThreadContext threadContext) voidusageStats(ActionListener<Map<String, Object>> listener) Methods inherited from class org.elasticsearch.xpack.core.security.authc.Realm
compareTo, getAuthenticationFailureHeaders, initialize, name, order, realmRef, setRealmRef, toString, typeMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.elasticsearch.xpack.core.security.authc.support.CachingRealm
name
-
Constructor Details
-
CachingUsernamePasswordRealm
-
-
Method Details
-
expire
- Specified by:
expirein interfaceCachingRealm
-
expireAll
public final void expireAll()- Specified by:
expireAllin interfaceCachingRealm
-
token
-
supports
-
authenticate
public final void authenticate(AuthenticationToken authToken, ActionListener<AuthenticationResult<User>> listener) If the user exists in the cache (keyed by the principle name), then the password is validated against a hash also stored in the cache. Otherwise the subclass authenticates the user via doAuthenticate. This method will respond withAuthenticationResult.notHandled()ifauthentication is not enabled.- Specified by:
authenticatein classRealm- Parameters:
authToken- The authentication tokenlistener- to be called at completion
-
handleCachedAuthentication
protected void handleCachedAuthentication(User user, ActionListener<AuthenticationResult<User>> listener) handleCachedAuthenticationis called when aUseris retrieved from the cache. The firstuserparameter is the user object that was found in the cache. The default implementation returns asuccess resultwith the provided user, but sub-classes can return a differentUserobject, or an unsuccessful result. -
usageStats
- Overrides:
usageStatsin classRealm
-
getCacheSize
protected int getCacheSize() -
doAuthenticate
protected abstract void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult<User>> listener) -
lookupUser
- Specified by:
lookupUserin classRealm
-
doLookupUser
-