public static class PasswordAuthenticator.Builder extends Object
PasswordAuthenticator
.Constructor and Description |
---|
Builder() |
Modifier and Type | Method and Description |
---|---|
PasswordAuthenticator.Builder |
allowedSaslMechanisms(Set<SaslMechanism> allowedSaslMechanisms)
Allows to set a list of allowed SASL mechanisms for the NON-TLS connections.
|
PasswordAuthenticator |
build()
Creates the
PasswordAuthenticator based on the customization in this builder. |
PasswordAuthenticator.Builder |
enablePlainSaslMechanism()
This method acts as a shortcut to
allowedSaslMechanisms(Set) which adds SaslMechanism.PLAIN
to the allowed mechanism list for NON TLS connections. |
PasswordAuthenticator.Builder |
password(String password)
Specifies a static password that will be used for all authentication purposes.
|
PasswordAuthenticator.Builder |
password(Supplier<String> password)
Specifies a dynamic password that will be used for all authentication purposes.
|
PasswordAuthenticator.Builder |
username(String username)
Specifies a static username that will be used for all authentication purposes.
|
PasswordAuthenticator.Builder |
username(Supplier<String> username)
Specifies a dynamic username that will be used for all authentication purposes.
|
public PasswordAuthenticator.Builder username(String username)
username
- the username to use.public PasswordAuthenticator.Builder username(Supplier<String> username)
Every time the SDK needs to authenticate against the server, it will re-evaluate the supplier. This means that you can pass in a supplier that dynamically loads a username from a (remote) source without taking the application down on a restart.
It is VERY IMPORTANT that this supplier must not block on IO. It is called in async contexts and blocking for a longer amount of time will stall SDK resources like async event loops.
username
- the username to use.public PasswordAuthenticator.Builder password(String password)
password
- the password to alongside for the username provided.public PasswordAuthenticator.Builder password(Supplier<String> password)
Every time the SDK needs to authenticate against the server, it will re-evaluate the supplier. This means that you can pass in a supplier that dynamically loads a password from a (remote) source without taking the application down on a restart.
It is VERY IMPORTANT that this supplier must not block on IO. It is called in async contexts and blocking for a longer amount of time will stall SDK resources like async event loops.
password
- the password to alongside for the username provided.public PasswordAuthenticator.Builder allowedSaslMechanisms(Set<SaslMechanism> allowedSaslMechanisms)
Note that if you add SaslMechanism.PLAIN
to the list, this will cause credential leakage on the network
since PLAIN sends the credentials in cleartext. It is disabled by default to prevent downgrade attacks. We
recommend using a TLS connection instead.
allowedSaslMechanisms
- the list of allowed sasl mechs for non-tls connections.public PasswordAuthenticator.Builder enablePlainSaslMechanism()
allowedSaslMechanisms(Set)
which adds SaslMechanism.PLAIN
to the allowed mechanism list for NON TLS connections.
Please note that this is INSECURE and will leak user credentials on the wire to eavesdroppers. This should only be enabled in trusted environments - we recommend connecting via TLS to the cluster instead.
public PasswordAuthenticator build()
PasswordAuthenticator
based on the customization in this builder.Copyright © 2020 Couchbase, Inc.. All rights reserved.