001/** 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.security.token.delegation.web; 019 020import org.apache.hadoop.classification.InterfaceAudience; 021import org.apache.hadoop.classification.InterfaceStability; 022import org.apache.hadoop.security.authentication.client.Authenticator; 023import org.apache.hadoop.security.authentication.client.KerberosAuthenticator; 024 025/** 026 * The <code>KerberosDelegationTokenAuthenticator</code> provides support for 027 * Kerberos SPNEGO authentication mechanism and support for Hadoop Delegation 028 * Token operations. 029 * <p/> 030 * It falls back to the {@link PseudoDelegationTokenAuthenticator} if the HTTP 031 * endpoint does not trigger a SPNEGO authentication 032 */ 033@InterfaceAudience.Public 034@InterfaceStability.Evolving 035public class KerberosDelegationTokenAuthenticator 036 extends DelegationTokenAuthenticator { 037 038 public KerberosDelegationTokenAuthenticator() { 039 super(new KerberosAuthenticator() { 040 @Override 041 protected Authenticator getFallBackAuthenticator() { 042 return new PseudoDelegationTokenAuthenticator(); 043 } 044 }); 045 } 046}