[ZooKeeper]ZooKeeper Java客户端ACL API
来源:互联网 发布:linux重启进程命令 编辑:程序博客网 时间:2024/05/21 05:08
The following constants are provided by the ZooKeeper Java library:
- ZooDefs.Perms.READ; //can read node’s value and list its children
- ZooDefs.Perms.WRITE;// can set the node’s value
- ZooDefs.Perms.CREATE; //can create children
- ZooDefs.Perms.DELETE;// can delete children
- ZooDefs.Perms.ADMIN; //can execute set_acl()
- ZooDefs.Perms.ALL;// all of the above flags OR’d together
The following are the standard ACL IDs:
- ZooDefs.Ids.ANYONE_ID_UNSAFE; //(‘world’, ‘anyone’)
- ZooDefs.Ids.AUTH_IDS;// (‘auth’, ‘’)
ZooDefs.Ids.AUTH_IDS empty identity string should be interpreted as “the identity of the creator”.
ZooKeeper client comes with three standard ACLs:
- ZooDefs.Ids.OPEN_ACL_UNSAFE; //(ZooDefs.Perms.ALL, ZooDefs.Ids.ANYONE_ID_UNSAFE)
- ZooDefs.Ids.READ_ACL_UNSAFE;// (ZooDefs.Perms.READ, ZooDefs.Ids.ANYONE_ID_UNSAFE)
- ZooDefs.Ids.CREATOR_ALL_ACL; //(ZooDefs.Perms.ALL, ZooDefs.Ids.AUTH_IDS)
The ZooDefs.Ids.OPEN_ACL_UNSAFE is completely open free for all ACL: any application can execute any operation on the node and can create, list and delete its children. The ZooDefs.Ids.READ_ACL_UNSAFE is read-only access for any application. ZooDefs.Ids.CREATOR_ALL_ACL grants all permissions to the creator of the node. The creator must have been authenticated by the server (for example, using “digest” scheme) before it can create nodes with this ACL.
The following ZooKeeper operations deal with ACLs:
- public void addAuthInfo(String scheme, byte[] auth);
The application uses the addAuthInfo function to authenticate itself to the server. The function can be called multiple times if the application wants to authenticate using different schemes and/or identities. - public String create(String path, byte[] data, List acl, CreateMode createMode);
create(…) operation creates a new node. The acl parameter is a list of ACLs associated with the node. The parent node must have the CREATE permission bit set. - public List getACL(String path, Stat stat);
This operation returns a node’s ACL info. - public Stat setACL(String path, List acl, int version);
This function replaces node’s ACL list with a new one. The node must have the ADMIN permission set.
Here is a sample code that makes use of the above APIs to authenticate itself using the “foo” scheme and create an ephemeral node “/xyz” with create-only permissions.
Note
This is a very simple example which is intended to show how to interact with ZooKeeper ACLs specifically.
package felix.zookeeper.examples.acl;import java.io.IOException;import java.util.Arrays;import java.util.List;import org.apache.zookeeper.CreateMode;import org.apache.zookeeper.KeeperException;import org.apache.zookeeper.WatchedEvent;import org.apache.zookeeper.Watcher;import org.apache.zookeeper.ZooDefs;import org.apache.zookeeper.ZooKeeper;import org.apache.zookeeper.data.ACL;import org.apache.zookeeper.data.Stat;public class ACLExample { /** * In this example this method gets the cert for your * environment -- you must provide */ public static String fooGetCertOnce(String id) { return null; } /** * Watcher function -- empty for this example, not something you should * do in real code * */ private static Watcher watcher = new Watcher() { @Override public void process(WatchedEvent event) { } }; public static void main(String[] args) throws IOException, KeeperException, InterruptedException { String appId = "example.foo_test"; String cert = fooGetCertOnce(appId); if (cert != null) { System.out.printf("Certificate for appid [%s] is [%s]\n", appId, cert); } else { System.err.printf( "Certificate for appid [%s] not found\n", appId); cert = "dummy"; } ZooKeeper client = new ZooKeeper("localhost:3181", 10000, watcher, false); try { client.addAuthInfo("foo", cert.getBytes()); List<ACL> CREATE_ONLY = Arrays.asList(new ACL[] { new ACL(ZooDefs.Perms.CREATE, ZooDefs.Ids.AUTH_IDS) }); client.create("/xyz", "value".getBytes(), CREATE_ONLY, CreateMode.EPHEMERAL); Stat stat = new Stat(); // this operation will fail with a NoAuthException client.getData("/xyz", watcher, stat); } catch (KeeperException.NoAuthException e) { System.err.printf("Error %d for %s\n", e.getMessage()); } finally { client.close(); } }}
0 0
- [ZooKeeper]ZooKeeper Java客户端ACL API
- zookeeper java 客户端ACL权限 使用
- zookeeper java客户端简单API
- zookeeper的Java客户端API
- zookeeper的java客户端api
- ZooKeeper 学习 (四) ZooKeeper Java客户端API使用
- ZooKeeper ACL
- zookeeper acl
- 【zookeeper】ACL
- Zookeeper acl
- 【zookeeper】ACL
- Zookeeper--ACL
- Zookeeper Java客户端API的使用
- Zookeeper(四)Java客户端API使用
- zookeeper Java客户端API的使用方法
- zookeeper(二) java客户端api的使用
- zookeeper的java客户端api学习笔记
- 使用Java客户端API操作Zookeeper
- ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock'
- Git的使用
- poj1001Exponentiation
- gulp 错误处理
- minimum-depth-of-binary-tree(Leetcode)
- [ZooKeeper]ZooKeeper Java客户端ACL API
- 《禅者的初心》读书笔记(3)
- 1030. 完美数列(25)
- Codeforces 150E Freezing with Style (树分治)
- 模糊查询时能查到英文字段,但是查不到中文字段原因
- Android 图片压缩之多种压缩方式结合使用
- Redis源码分析
- 生活管家app
- Tinyhttp源码分析