|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.hadoop.security.token.SecretManager<TokenIdent> org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<TokenIdent>
public abstract class AbstractDelegationTokenSecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
Nested Class Summary | |
---|---|
static class |
AbstractDelegationTokenSecretManager.DelegationTokenInformation
Class to encapsulate a token's renew date and password. |
Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager |
---|
SecretManager.InvalidToken |
Field Summary | |
---|---|
protected Map<Integer,DelegationKey> |
allKeys
Access to allKeys is protected by this object lock |
protected int |
currentId
Access to currentId is protected by this object lock. |
protected Map<TokenIdent,AbstractDelegationTokenSecretManager.DelegationTokenInformation> |
currentTokens
Cache of currently valid tokens, mapping from DelegationTokenIdentifier to DelegationTokenInformation. |
protected int |
delegationTokenSequenceNumber
Sequence number to create DelegationTokenIdentifier. |
protected boolean |
running
|
Constructor Summary | |
---|---|
AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval,
long delegationTokenMaxLifetime,
long delegationTokenRenewInterval,
long delegationTokenRemoverScanInterval)
|
Method Summary | |
---|---|
void |
addKey(DelegationKey key)
Add a previously used master key to cache (when NN restarts), should be called before activate(). |
TokenIdent |
cancelToken(Token<TokenIdent> token,
String canceller)
Cancel a token by removing it from cache. |
protected byte[] |
createPassword(TokenIdent identifier)
Create the password for the given identifier. |
static SecretKey |
createSecretKey(byte[] key)
Convert the byte[] to a secret key |
DelegationKey[] |
getAllKeys()
|
boolean |
isRunning()
is secretMgr running |
protected void |
logUpdateMasterKey(DelegationKey key)
|
long |
renewToken(Token<TokenIdent> token,
String renewer)
Renew a delegation token. |
byte[] |
retrievePassword(TokenIdent identifier)
Retrieve the password for the given token identifier. |
void |
startThreads()
should be called before this object is used |
void |
stopThreads()
|
void |
verifyToken(TokenIdent identifier,
byte[] password)
Verifies that the given identifier and password are valid and match. |
Methods inherited from class org.apache.hadoop.security.token.SecretManager |
---|
createIdentifier, createPassword, generateSecret |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected final Map<TokenIdent extends AbstractDelegationTokenIdentifier,AbstractDelegationTokenSecretManager.DelegationTokenInformation> currentTokens
protected int delegationTokenSequenceNumber
protected final Map<Integer,DelegationKey> allKeys
protected int currentId
protected volatile boolean running
Constructor Detail |
---|
public AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval, long delegationTokenMaxLifetime, long delegationTokenRenewInterval, long delegationTokenRemoverScanInterval)
Method Detail |
---|
public void startThreads() throws IOException
IOException
public boolean isRunning()
public void addKey(DelegationKey key) throws IOException
IOException
public DelegationKey[] getAllKeys()
protected void logUpdateMasterKey(DelegationKey key) throws IOException
IOException
protected byte[] createPassword(TokenIdent identifier)
SecretManager
createPassword
in class SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
identifier
- the identifier to use
public byte[] retrievePassword(TokenIdent identifier) throws SecretManager.InvalidToken
SecretManager
retrievePassword
in class SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
identifier
- the identifier to validate
SecretManager.InvalidToken
- the token was invalidpublic void verifyToken(TokenIdent identifier, byte[] password) throws SecretManager.InvalidToken
identifier
- Token identifier.password
- Password in the token.
InvalidToken
SecretManager.InvalidToken
public long renewToken(Token<TokenIdent> token, String renewer) throws SecretManager.InvalidToken, IOException
token
- the token to renewrenewer
- the full principal name of the user doing the renewal
InvalidToken
- if the token is invalid
AccessControlException
- if the user can't renew token
SecretManager.InvalidToken
IOException
public TokenIdent cancelToken(Token<TokenIdent> token, String canceller) throws IOException
InvalidToken
- for invalid token
AccessControlException
- if the user isn't allowed to cancel
IOException
public static SecretKey createSecretKey(byte[] key)
key
- the byte[] to create the secret key from
public void stopThreads()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |