org.apache.hadoop.hdfs.security.token.block

Class BlockPoolTokenSecretManager

java.lang.Object

org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>

org.apache.hadoop.hdfs.security.token.block.BlockPoolTokenSecretManager

public class BlockPoolTokenSecretManager
extends org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>

Manages a BlockTokenSecretManager per block pool. Routes the requests given a block pool Id to corresponding BlockTokenSecretManager

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager

org.apache.hadoop.security.token.SecretManager.InvalidToken

Constructor Summary

Constructors

Constructor and Description
BlockPoolTokenSecretManager()

Method Summary

Methods

Modifier and Type	Method and Description
void	addBlockPool(String bpid, org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager secretMgr) Add a block pool Id and corresponding BlockTokenSecretManager to map
void	addKeys(String bpid, org.apache.hadoop.hdfs.security.token.block.ExportedBlockKeys exportedKeys) See BlockTokenSecretManager.addKeys(ExportedBlockKeys)
void	checkAccess(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier id, String userId, org.apache.hadoop.hdfs.protocol.ExtendedBlock block, org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode mode) See BlockTokenSecretManager.checkAccess(BlockTokenIdentifier, String, ExtendedBlock, BlockTokenIdentifier.AccessMode)
void	checkAccess(org.apache.hadoop.security.token.Token<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier> token, String userId, org.apache.hadoop.hdfs.protocol.ExtendedBlock block, org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode mode) See BlockTokenSecretManager.checkAccess(Token, String, ExtendedBlock, BlockTokenIdentifier.AccessMode)
void	clearAllKeysForTesting()
org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier	createIdentifier() Return an empty BlockTokenIdentifer
byte[]	createPassword(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier identifier)
org.apache.hadoop.hdfs.security.token.block.DataEncryptionKey	generateDataEncryptionKey(String blockPoolId)
org.apache.hadoop.security.token.Token<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>	generateToken(org.apache.hadoop.hdfs.protocol.ExtendedBlock b, EnumSet<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode> of) See BlockTokenSecretManager.generateToken(ExtendedBlock, EnumSet)
org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager	get(String bpid)
boolean	isBlockPoolRegistered(String bpid)
byte[]	retrieveDataEncryptionKey(int keyId, String blockPoolId, byte[] nonce)
byte[]	retrievePassword(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier identifier)

Methods inherited from class org.apache.hadoop.security.token.SecretManager

checkAvailableForRead, createPassword, createSecretKey, generateSecret, retriableRetrievePassword

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BlockPoolTokenSecretManager

public BlockPoolTokenSecretManager()

Method Detail

addBlockPool

public void addBlockPool(String bpid,
                org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager secretMgr)

Add a block pool Id and corresponding BlockTokenSecretManager to map

Parameters:

bpid - block pool Id

secretMgr - BlockTokenSecretManager

get

public org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager get(String bpid)

isBlockPoolRegistered

public boolean isBlockPoolRegistered(String bpid)

createIdentifier

public org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier createIdentifier()

Return an empty BlockTokenIdentifer

Specified by:

createIdentifier in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>

createPassword

public byte[] createPassword(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier identifier)

Specified by:

createPassword in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>

retrievePassword

public byte[] retrievePassword(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier identifier)
                        throws org.apache.hadoop.security.token.SecretManager.InvalidToken

Specified by:

retrievePassword in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier>

Throws:

org.apache.hadoop.security.token.SecretManager.InvalidToken

checkAccess

public void checkAccess(org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier id,
               String userId,
               org.apache.hadoop.hdfs.protocol.ExtendedBlock block,
               org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode mode)
                 throws org.apache.hadoop.security.token.SecretManager.InvalidToken

See BlockTokenSecretManager.checkAccess(BlockTokenIdentifier, String, ExtendedBlock, BlockTokenIdentifier.AccessMode)

Throws:

org.apache.hadoop.security.token.SecretManager.InvalidToken

checkAccess

public void checkAccess(org.apache.hadoop.security.token.Token<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier> token,
               String userId,
               org.apache.hadoop.hdfs.protocol.ExtendedBlock block,
               org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode mode)
                 throws org.apache.hadoop.security.token.SecretManager.InvalidToken

See BlockTokenSecretManager.checkAccess(Token, String, ExtendedBlock, BlockTokenIdentifier.AccessMode)

Throws:

org.apache.hadoop.security.token.SecretManager.InvalidToken

addKeys

public void addKeys(String bpid,
           org.apache.hadoop.hdfs.security.token.block.ExportedBlockKeys exportedKeys)
             throws IOException

See BlockTokenSecretManager.addKeys(ExportedBlockKeys)

Throws:

IOException

generateToken

public org.apache.hadoop.security.token.Token<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier> generateToken(org.apache.hadoop.hdfs.protocol.ExtendedBlock b,
                                                                                                                     EnumSet<org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier.AccessMode> of)
                                                                                                                       throws IOException

See BlockTokenSecretManager.generateToken(ExtendedBlock, EnumSet)

Throws:

IOException

clearAllKeysForTesting

public void clearAllKeysForTesting()

generateDataEncryptionKey

public org.apache.hadoop.hdfs.security.token.block.DataEncryptionKey generateDataEncryptionKey(String blockPoolId)

retrieveDataEncryptionKey

public byte[] retrieveDataEncryptionKey(int keyId,
                               String blockPoolId,
                               byte[] nonce)
                                 throws IOException

Throws:

IOException