Module org.elasticsearch.security
Class CrossClusterApiKeySigningConfigReloader
java.lang.Object
org.elasticsearch.xpack.security.transport.CrossClusterApiKeySigningConfigReloader
- All Implemented Interfaces:
ReloadableSecurityComponent
public final class CrossClusterApiKeySigningConfigReloader
extends Object
implements ReloadableSecurityComponent
Responsible for reloading a provided
CrossClusterApiKeySignatureManager when updates are received from the following
sources:
- Dynamic cluster settings
- Reloadable secure settings
- File changes in any of the files pointed to by the cluster settings-
Constructor Summary
ConstructorsConstructorDescriptionCrossClusterApiKeySigningConfigReloader(Environment environment, ResourceWatcherService resourceWatcherService, ClusterSettings clusterSettings) -
Method Summary
Modifier and TypeMethodDescriptionvoidCalled when a reload security settings action is executed.voidsetSigningConfigLoader(CrossClusterApiKeySignatureManager apiKeySignatureManager)
-
Constructor Details
-
CrossClusterApiKeySigningConfigReloader
public CrossClusterApiKeySigningConfigReloader(Environment environment, ResourceWatcherService resourceWatcherService, ClusterSettings clusterSettings)
-
-
Method Details
-
setSigningConfigLoader
-
reload
Description copied from interface:ReloadableSecurityComponentCalled when a reload security settings action is executed. The reload operation must be completed when this method returns. Strictly speaking, thesettingsargument should not be accessed outside of this method's call stack, as any values stored in the node's keystore (seeSecureSetting) will not otherwise be retrievable.There is no guarantee that the secure setting's values have actually changed. Hence, it's up to implementor to detect if the actual internal reloading is necessary.
Any failure during the reloading should be signaled by raising an exception.
For additional info, see also:
ReloadablePlugin.reload(Settings).- Specified by:
reloadin interfaceReloadableSecurityComponent- Parameters:
settings- Settings include the initial node's settings and all decrypted secure settings from the keystore. Absence of a particular secure setting may mean that the setting was either never configured or that it was simply removed.
-