/// <summary>
/// This method creates the connection context using exactly the same logic
/// as the old connection context as was done for writable where
/// the effective and real users are set based on the auth method.
/// </summary>
public static IpcConnectionContextProtos.IpcConnectionContextProto MakeIpcConnectionContext
(string protocol, UserGroupInformation ugi, SaslRpcServer.AuthMethod authMethod)
{
IpcConnectionContextProtos.IpcConnectionContextProto.Builder result = IpcConnectionContextProtos.IpcConnectionContextProto
.NewBuilder();
if (protocol != null)
{
result.SetProtocol(protocol);
}
IpcConnectionContextProtos.UserInformationProto.Builder ugiProto = IpcConnectionContextProtos.UserInformationProto
.NewBuilder();
if (ugi != null)
{
/*
* In the connection context we send only additional user info that
* is not derived from the authentication done during connection setup.
*/
if (authMethod == SaslRpcServer.AuthMethod.Kerberos)
{
// Real user was established as part of the connection.
// Send effective user only.
ugiProto.SetEffectiveUser(ugi.GetUserName());
}
else
{
if (authMethod == SaslRpcServer.AuthMethod.Token)
{
}
else
{
// With token, the connection itself establishes
// both real and effective user. Hence send none in header.
// Simple authentication
// No user info is established as part of the connection.
// Send both effective user and real user
ugiProto.SetEffectiveUser(ugi.GetUserName());
if (ugi.GetRealUser() != null)
{
ugiProto.SetRealUser(ugi.GetRealUser().GetUserName());
}
}
}
}
result.SetUserInfo(ugiProto);
return((IpcConnectionContextProtos.IpcConnectionContextProto)result.Build());
}
protected internal virtual void SetHandlerAuthMethod(SaslRpcServer.AuthMethod authMethod
)
{
this.handlerAuthMethod = authMethod;
}
