|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.apache.hadoop.security.token.SecretManager<TokenIdent>
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<TokenIdent>
public abstract class AbstractDelegationTokenSecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
| Nested Class Summary | |
|---|---|
static class |
AbstractDelegationTokenSecretManager.DelegationTokenInformation
Class to encapsulate a token's renew date and password. |
| Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager |
|---|
SecretManager.InvalidToken |
| Field Summary | |
|---|---|
protected Map<Integer,DelegationKey> |
allKeys
Access to allKeys is protected by this object lock |
protected int |
currentId
Access to currentId is protected by this object lock. |
protected Map<TokenIdent,AbstractDelegationTokenSecretManager.DelegationTokenInformation> |
currentTokens
Cache of currently valid tokens, mapping from DelegationTokenIdentifier to DelegationTokenInformation. |
protected int |
delegationTokenSequenceNumber
Sequence number to create DelegationTokenIdentifier. |
protected Object |
noInterruptsLock
If the delegation token update thread holds this lock, it will not get interrupted. |
protected boolean |
running
|
| Constructor Summary | |
|---|---|
AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval,
long delegationTokenMaxLifetime,
long delegationTokenRenewInterval,
long delegationTokenRemoverScanInterval)
|
|
| Method Summary | |
|---|---|
void |
addKey(DelegationKey key)
Add a previously used master key to cache (when NN restarts), should be called before activate(). |
TokenIdent |
cancelToken(Token<TokenIdent> token,
String canceller)
Cancel a token by removing it from cache. |
protected byte[] |
createPassword(TokenIdent identifier)
Create the password for the given identifier. |
static SecretKey |
createSecretKey(byte[] key)
Convert the byte[] to a secret key |
DelegationKey[] |
getAllKeys()
|
boolean |
isRunning()
is secretMgr running |
protected void |
logUpdateMasterKey(DelegationKey key)
|
long |
renewToken(Token<TokenIdent> token,
String renewer)
Renew a delegation token. |
byte[] |
retrievePassword(TokenIdent identifier)
Retrieve the password for the given token identifier. |
void |
startThreads()
should be called before this object is used |
void |
stopThreads()
|
void |
verifyToken(TokenIdent identifier,
byte[] password)
Verifies that the given identifier and password are valid and match. |
| Methods inherited from class org.apache.hadoop.security.token.SecretManager |
|---|
createIdentifier, createPassword, generateSecret |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
protected final Map<TokenIdent extends AbstractDelegationTokenIdentifier,AbstractDelegationTokenSecretManager.DelegationTokenInformation> currentTokens
protected int delegationTokenSequenceNumber
protected final Map<Integer,DelegationKey> allKeys
protected int currentId
protected volatile boolean running
protected Object noInterruptsLock
| Constructor Detail |
|---|
public AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval,
long delegationTokenMaxLifetime,
long delegationTokenRenewInterval,
long delegationTokenRemoverScanInterval)
| Method Detail |
|---|
public void startThreads()
throws IOException
IOExceptionpublic boolean isRunning()
public void addKey(DelegationKey key)
throws IOException
IOExceptionpublic DelegationKey[] getAllKeys()
protected void logUpdateMasterKey(DelegationKey key)
throws IOException
IOExceptionprotected byte[] createPassword(TokenIdent identifier)
SecretManager
createPassword in class SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>identifier - the identifier to use
public byte[] retrievePassword(TokenIdent identifier)
throws SecretManager.InvalidToken
SecretManager
retrievePassword in class SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>identifier - the identifier to validate
SecretManager.InvalidToken - the token was invalid
public void verifyToken(TokenIdent identifier,
byte[] password)
throws SecretManager.InvalidToken
identifier - Token identifier.password - Password in the token.
InvalidToken
SecretManager.InvalidToken
public long renewToken(Token<TokenIdent> token,
String renewer)
throws SecretManager.InvalidToken,
IOException
token - the token to renewrenewer - the full principal name of the user doing the renewal
InvalidToken - if the token is invalid
AccessControlException - if the user can't renew token
SecretManager.InvalidToken
IOException
public TokenIdent cancelToken(Token<TokenIdent> token,
String canceller)
throws IOException
InvalidToken - for invalid token
AccessControlException - if the user isn't allowed to cancel
IOExceptionpublic static SecretKey createSecretKey(byte[] key)
key - the byte[] to create the secret key from
public void stopThreads()
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||