Package org.apache.hadoop.security.token.delegation.web

Class DelegationTokenAuthenticator

java.lang.Object
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator
All Implemented Interfaces:
org.apache.hadoop.security.authentication.client.Authenticator
Direct Known Subclasses:
KerberosDelegationTokenAuthenticator, PseudoDelegationTokenAuthenticator
@Public @Evolving public abstract class DelegationTokenAuthenticator extends Object implements org.apache.hadoop.security.authentication.client.Authenticator
Authenticator wrapper that enhances an Authenticator with Delegation Token support.

  • Field Details

  • Constructor Details

    • DelegationTokenAuthenticator

      public DelegationTokenAuthenticator(org.apache.hadoop.security.authentication.client.Authenticator authenticator)

  • Method Details

    • setConnectionConfigurator

      public void setConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator configurator)
      Description copied from interface: org.apache.hadoop.security.authentication.client.Authenticator
      Sets a ConnectionConfigurator instance to use for configuring connections.
      Specified by:
      setConnectionConfigurator in interface org.apache.hadoop.security.authentication.client.Authenticator
      Parameters:
      configurator - the ConnectionConfigurator instance.

    • authenticate

      public void authenticate(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
      Description copied from interface: org.apache.hadoop.security.authentication.client.Authenticator
      Authenticates against a URL and returns a AuthenticatedURL.Token to be used by subsequent requests.
      Specified by:
      authenticate in interface org.apache.hadoop.security.authentication.client.Authenticator
      Parameters:
      url - the URl to authenticate against.
      token - the authentication token being used for the user.
      Throws:
      IOException - if an IO error occurred.
      org.apache.hadoop.security.authentication.client.AuthenticationException - if an authentication error occurred.

    • getDelegationToken

      public Token<AbstractDelegationTokenIdentifier> getDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, String renewer) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
      Requests a delegation token using the configured Authenticator for authentication.
      Parameters:
      url - the URL to get the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token being used for the user where the Delegation token will be stored.
      renewer - the renewer user.
      Returns:
      abstract delegation token identifier.
      Throws:
      IOException - if an IO error occurred.
      org.apache.hadoop.security.authentication.client.AuthenticationException - if an authentication exception occurred.

    • getDelegationToken

      public Token<AbstractDelegationTokenIdentifier> getDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, String renewer, String doAsUser) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
      Requests a delegation token using the configured Authenticator for authentication.
      Parameters:
      url - the URL to get the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token being used for the user where the Delegation token will be stored.
      renewer - the renewer user.
      doAsUser - the user to do as, which will be the token owner.
      Returns:
      abstract delegation token identifier.
      Throws:
      IOException - if an IO error occurred.
      org.apache.hadoop.security.authentication.client.AuthenticationException - if an authentication exception occurred.

    • renewDelegationToken

      public long renewDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, Token<AbstractDelegationTokenIdentifier> dToken) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
      Renews a delegation token from the server end-point using the configured Authenticator for authentication.
      Parameters:
      url - the URL to renew the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token with the Delegation Token to renew.
      dToken - abstract delegation token identifier.
      Returns:
      delegation token long value.
      Throws:
      IOException - if an IO error occurred.
      org.apache.hadoop.security.authentication.client.AuthenticationException - if an authentication exception occurred.

    • renewDelegationToken

      public long renewDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, Token<AbstractDelegationTokenIdentifier> dToken, String doAsUser) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
      Renews a delegation token from the server end-point using the configured Authenticator for authentication.
      Parameters:
      url - the URL to renew the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token with the Delegation Token to renew.
      doAsUser - the user to do as, which will be the token owner.
      dToken - abstract delegation token identifier.
      Returns:
      delegation token long value.
      Throws:
      IOException - if an IO error occurred.
      org.apache.hadoop.security.authentication.client.AuthenticationException - if an authentication exception occurred.

    • cancelDelegationToken

      public void cancelDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, Token<AbstractDelegationTokenIdentifier> dToken) throws IOException
      Cancels a delegation token from the server end-point. It does not require being authenticated by the configured Authenticator.
      Parameters:
      url - the URL to cancel the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token with the Delegation Token to cancel.
      dToken - abstract delegation token identifier.
      Throws:
      IOException - if an IO error occurred.

    • cancelDelegationToken

      public void cancelDelegationToken(URL url, org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token token, Token<AbstractDelegationTokenIdentifier> dToken, String doAsUser) throws IOException
      Cancels a delegation token from the server end-point. It does not require being authenticated by the configured Authenticator.
      Parameters:
      url - the URL to cancel the delegation token from. Only HTTP/S URLs are supported.
      token - the authentication token with the Delegation Token to cancel.
      dToken - abstract delegation token identifier.
      doAsUser - the user to do as, which will be the token owner.
      Throws:
      IOException - if an IO error occurred.