Package org.apache.hadoop.yarn.security.client

Class ClientToAMTokenSecretManager

java.lang.Object
org.apache.hadoop.security.token.SecretManager<ClientToAMTokenIdentifier>
org.apache.hadoop.yarn.security.client.BaseClientToAMTokenSecretManager
org.apache.hadoop.yarn.security.client.ClientToAMTokenSecretManager
@Public @Evolving public class ClientToAMTokenSecretManager extends BaseClientToAMTokenSecretManager
A simple SecretManager for AMs to validate Client-RM tokens issued to clients by the RM using the underlying master-key shared by RM to the AMs on their launch. All the methods are called by either Hadoop RPC or YARN, so this class is strictly for the purpose of inherit/extend and register with Hadoop RPC.

  • Constructor Details

    • ClientToAMTokenSecretManager

      public ClientToAMTokenSecretManager(ApplicationAttemptId applicationAttemptID, byte[] key)

  • Method Details

    • retrievePassword

      public byte[] retrievePassword(ClientToAMTokenIdentifier identifier) throws org.apache.hadoop.security.token.SecretManager.InvalidToken
      Description copied from class: SecretManager
      Retrieve the password for the given token identifier. Should check the date or registry to make sure the token hasn't expired or been revoked. Returns the relevant password.
      Parameters:
      identifier - the identifier to validate
      Returns:
      the password to use
      Throws:
      org.apache.hadoop.security.token.SecretManager.InvalidToken - the token was invalid

    • getMasterKey

      public SecretKey getMasterKey(ApplicationAttemptId applicationAttemptID)

    • setMasterKey

      public void setMasterKey(byte[] key)