org.apache.calcite.avatica.server

Class HttpServer.Builder<T>

java.lang.Object

org.apache.calcite.avatica.server.HttpServer.Builder<T>

Type Parameters:

T - element type

Enclosing class:

HttpServer

public static class HttpServer.Builder<T>
extends Object

Builder class for creating instances of HttpServer.

Constructor Summary

Constructors

Constructor and Description
Builder()

Method Summary

Modifier and Type	Method and Description
HttpServer	build() Builds the HttpServer instance from this.
org.eclipse.jetty.util.ssl.SslContextFactory.Server	buildSSLContextFactory()
static <T> HttpServer.Builder<T>	newBuilder() Creates a typed Builder for Server customization.
HttpServer.Builder<T>	withAutomaticLogin(File keytab) Sets a keytab to be used to perform a Kerberos login automatically (without the use of JAAS).
HttpServer.Builder<T>	withBasicAuthentication(String properties, String[] allowedRoles) Configures the server to use HTTP Basic authentication.
HttpServer.Builder<T>	withCustomAuthentication(AvaticaServerConfiguration config) Configures the server to use CUSTOM authentication mechanism, which can allow users to combine benefits of multiple auth methods.
HttpServer.Builder<T>	withDigestAuthentication(String properties, String[] allowedRoles) Configures the server to use HTTP Digest authentication.
HttpServer.Builder<T>	withHandler(AvaticaHandler handler) Sets an AvaticaHandler directly on the builder.
HttpServer.Builder<T>	withHandler(Service service, Driver.Serialization serialization) Sets the Service and Driver.Serialization information necessary to construct the appropriate AvaticaHandler.
HttpServer.Builder<T>	withImpersonation(DoAsRemoteUserCallback remoteUserCallback) Sets a callback implementation to defer the logic on how to run an action as a given user and if the action should be permitted for that user.
HttpServer.Builder<T>	withMaxHeaderSize(int maxHeaderSize) Configures the maximum size, in bytes, of an HTTP header that the server will read.
HttpServer.Builder<T>	withMetricsConfiguration(MetricsSystemConfiguration<?> metricsConfig) Sets the given configuration to enable metrics collection in the server.
HttpServer.Builder<T>	withPort(int port)
HttpServer.Builder<T>	withRemoteUserExtractor(RemoteUserExtractor remoteUserExtractor) Sets a callback implementation to defer the logic on how to use the right remoteUserExtractor to extract remote user.
HttpServer.Builder<T>	withServerCustomizers(List<ServerCustomizer<T>> serverCustomizers, Class<T> clazz) Adds customizers to configure a Server before startup.
HttpServer.Builder<T>	withSpnego(String principal) Configures the server to use SPNEGO authentication.
HttpServer.Builder<T>	withSpnego(String principal, String realm) Configures the server to use SPNEGO authentication.
HttpServer.Builder<T>	withSpnego(String principal, String[] additionalAllowedRealms) Deprecated. Since 1.20.0, because additionalAllowedRealms is no longer considered.
HttpServer.Builder<T>	withSpnego(String principal, String realm, String[] additionalAllowedRealms) Deprecated. since 1.20.0 because additionalAllowedRealms is no longer considered.
HttpServer.Builder<T>	withTLS(File keystore, String keystorePassword, File truststore, String truststorePassword) Configures the server to use TLS for wire encryption.
HttpServer.Builder<T>	withTLS(File keystore, String keystorePassword, File truststore, String truststorePassword, String keystoreType) Configures the server to use TLS for wire encryption.
HttpServer.Builder<T>	withTLS(File keystore, String keystorePassword, File truststore, String truststorePassword, String keyStoreType, String[] includeProtocols, String[] includeCipherSuites) Configures the server to use TLS for wire encryption.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Builder

public Builder()

Method Detail

newBuilder

public static <T> HttpServer.Builder<T> newBuilder()

Creates a typed Builder for Server customization.

Type Parameters:

T - The type of HttpServer

Returns:

A typed Builder

withPort

public HttpServer.Builder<T> withPort(int port)

withHandler

public HttpServer.Builder<T> withHandler(Service service,
                                         Driver.Serialization serialization)

Sets the Service and Driver.Serialization information necessary to construct the appropriate AvaticaHandler.

Parameters:

service - The Avatica service

serialization - The serialization method

Returns:

this

withHandler

public HttpServer.Builder<T> withHandler(AvaticaHandler handler)

Sets an AvaticaHandler directly on the builder. Most users will not want to use this method and should instead use #withHandler(Service, Serialization).

Parameters:

handler - The handler

Returns:

this

withMetricsConfiguration

public HttpServer.Builder<T> withMetricsConfiguration(MetricsSystemConfiguration<?> metricsConfig)

Sets the given configuration to enable metrics collection in the server.

Parameters:

metricsConfig - Configuration object for metrics.

Returns:

this

withSpnego

public HttpServer.Builder<T> withSpnego(String principal)

Configures the server to use SPNEGO authentication. This method requires that the principal contains the Kerberos realm. Invoking this method overrides any previous call which configures authentication.

Parameters:

principal - A kerberos principal with the realm required.

Returns:

this

withSpnego

@Deprecated
public HttpServer.Builder<T> withSpnego(String principal,
                                                    String[] additionalAllowedRealms)

Deprecated. Since 1.20.0, because additionalAllowedRealms is no longer considered.

Configures the server to use SPNEGO authentication. This method requires that the principal contains the Kerberos realm. Invoking this method overrides any previous call which configures authentication. Invoking this method overrides any previous call which configures authentication. By default, only principals from the server's realm are permitted, but additional realms can be allowed using additionalAllowedRealms.

Parameters:

principal - A kerberos principal with the realm required.

additionalAllowedRealms - Any additional realms, other than the server's realm, which should be allowed to authenticate against the server. Can be null.

Returns:

this

withSpnego

public HttpServer.Builder<T> withSpnego(String principal,
                                        String realm)

Configures the server to use SPNEGO authentication. It is required that callers are logged in via Kerberos already or have provided the necessary configuration to automatically log in via JAAS (using the java.security.auth.login.config system property) before starting the HttpServer. Invoking this method overrides any previous call which configures authentication.

Parameters:

principal - The kerberos principal

realm - The kerberos realm

Returns:

this

withSpnego

@Deprecated
public HttpServer.Builder<T> withSpnego(String principal,
                                                    String realm,
                                                    String[] additionalAllowedRealms)

Deprecated. since 1.20.0 because additionalAllowedRealms is no longer considered.

Configures the server to use SPNEGO authentication. It is required that callers are logged in via Kerberos already or have provided the necessary configuration to automatically log in via JAAS (using the java.security.auth.login.config system property) before starting the HttpServer. Invoking this method overrides any previous call which configures authentication. By default, only principals from the server's realm are permitted, but additional realms can be allowed using additionalAllowedRealms.

Parameters:

principal - The kerberos principal

realm - The kerberos realm

additionalAllowedRealms - Any additional realms, other than the server's realm, which should be allowed to authenticate against the server. Can be null.

Returns:

this

withAutomaticLogin

public HttpServer.Builder<T> withAutomaticLogin(File keytab)

Sets a keytab to be used to perform a Kerberos login automatically (without the use of JAAS).

Parameters:

keytab - A KeyTab file for the server's login.

Returns:

this

withImpersonation

public HttpServer.Builder<T> withImpersonation(DoAsRemoteUserCallback remoteUserCallback)

Sets a callback implementation to defer the logic on how to run an action as a given user and if the action should be permitted for that user.

Parameters:

remoteUserCallback - User-provided implementation of the callback

Returns:

this

withRemoteUserExtractor

public HttpServer.Builder<T> withRemoteUserExtractor(RemoteUserExtractor remoteUserExtractor)

Sets a callback implementation to defer the logic on how to use the right remoteUserExtractor to extract remote user.

Parameters:

remoteUserExtractor - User-provided remoteUserExtractor

Returns:

this

withBasicAuthentication

public HttpServer.Builder<T> withBasicAuthentication(String properties,
                                                     String[] allowedRoles)

Configures the server to use HTTP Basic authentication. The properties must be in a form consumable by Jetty. Invoking this method overrides any previous call which configures authentication. This authentication is supplementary to the JDBC-provided user authentication interfaces and should only be used when those interfaces are not used.

Parameters:

properties - Location of a properties file parseable by Jetty which contains users and passwords.

allowedRoles - An array of allowed roles in the properties file

Returns:

this

withDigestAuthentication

public HttpServer.Builder<T> withDigestAuthentication(String properties,
                                                      String[] allowedRoles)

Configures the server to use HTTP Digest authentication. The properties must be in a form consumable by Jetty. Invoking this method overrides any previous call which configures authentication. This authentication is supplementary to the JDBC-provided user authentication interfaces and should only be used when those interfaces are not used.

Parameters:

properties - Location of a properties file parseable by Jetty which contains users and passwords.

allowedRoles - An array of allowed roles in the properties file

Returns:

this

withCustomAuthentication

public HttpServer.Builder<T> withCustomAuthentication(AvaticaServerConfiguration config)

Configures the server to use CUSTOM authentication mechanism, which can allow users to combine benefits of multiple auth methods. See CustomAuthHttpServerTest for examples on how to use it. Note: Default ServerConnectors and Handlers will NOT be used. Customize them directly using instances ServerCustomizer

Parameters:

config - AvaticaServerConfiguration implementation that configures various details about the authentication mechanism for HttpServer

Returns:

this

withTLS

public HttpServer.Builder<T> withTLS(File keystore,
                                     String keystorePassword,
                                     File truststore,
                                     String truststorePassword)

Configures the server to use TLS for wire encryption.

Parameters:

keystore - The server's keystore

keystorePassword - The keystore's password

truststore - The truststore containing the key used to generate the server's key

truststorePassword - The truststore's password

Returns:

this

withTLS

public HttpServer.Builder<T> withTLS(File keystore,
                                     String keystorePassword,
                                     File truststore,
                                     String truststorePassword,
                                     String keystoreType)

Configures the server to use TLS for wire encryption.

Parameters:

keystore - The server's keystore

keystorePassword - The keystore's password

truststore - The truststore containing the key used to generate the server's key

truststorePassword - The truststore's password

keystoreType - The keystore's type

Returns:

this

withTLS

public HttpServer.Builder<T> withTLS(File keystore,
                                     String keystorePassword,
                                     File truststore,
                                     String truststorePassword,
                                     String keyStoreType,
                                     String[] includeProtocols,
                                     String[] includeCipherSuites)

Configures the server to use TLS for wire encryption.

Parameters:

keystore - The server's keystore

keystorePassword - The keystore's password

truststore - The truststore containing the key used to generate the server's key

truststorePassword - The truststore's password

keyStoreType - The keystore's type

includeProtocols - Included TLS protocols, as expected by Jetty

includeCipherSuites - Included cypher suites, as expected by Jetty

Returns:

this

withServerCustomizers

public HttpServer.Builder<T> withServerCustomizers(List<ServerCustomizer<T>> serverCustomizers,
                                                   Class<T> clazz)

Adds customizers to configure a Server before startup.

Parameters:

serverCustomizers - The customizers to use

clazz - The type of server to customize

Returns:

this

withMaxHeaderSize

public HttpServer.Builder<T> withMaxHeaderSize(int maxHeaderSize)

Configures the maximum size, in bytes, of an HTTP header that the server will read.

Parameters:

maxHeaderSize - Maximums HTTP header size in bytes

Returns:

this

build

public HttpServer build()

Builds the HttpServer instance from this.

Returns:

An HttpServer.

buildSSLContextFactory

public org.eclipse.jetty.util.ssl.SslContextFactory.Server buildSSLContextFactory()