001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.security.token.delegation.web;
019
020import org.apache.hadoop.classification.InterfaceAudience;
021import org.apache.hadoop.classification.InterfaceStability;
022import org.apache.hadoop.security.authentication.client.Authenticator;
023import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
024
025/**
026 * The <code>KerberosDelegationTokenAuthenticator</code> provides support for
027 * Kerberos SPNEGO authentication mechanism and support for Hadoop Delegation
028 * Token operations.
029 * <p/>
030 * It falls back to the {@link PseudoDelegationTokenAuthenticator} if the HTTP
031 * endpoint does not trigger a SPNEGO authentication
032 */
033@InterfaceAudience.Public
034@InterfaceStability.Evolving
035public class KerberosDelegationTokenAuthenticator
036    extends DelegationTokenAuthenticator {
037
038  public KerberosDelegationTokenAuthenticator() {
039    super(new KerberosAuthenticator() {
040      @Override
041      protected Authenticator getFallBackAuthenticator() {
042        return new PseudoDelegationTokenAuthenticator();
043      }
044    });
045  }
046}