- alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
Subclasses should implement this method to provide the custom
authentication to be used for browsers.
- alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
-
- AltKerberosAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
-
- AltKerberosAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
- ANONYMOUS - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationToken
-
Constant that identifies an anonymous request.
- ANONYMOUS_ALLOWED - Static variable in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
-
Constant for the configuration property that indicates if anonymous users are allowed.
- AUTH_COOKIE - Static variable in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
Name of the HTTP cookie used for the authentication token between the client and the server.
- AUTH_HANDLER_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- AUTH_TOKEN_MAX_INACTIVE_INTERVAL - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the configuration property
that indicates the max inactive interval of the generated token.
- AUTH_TOKEN_VALIDITY - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the configuration property that indicates the validity of the generated token.
- AUTH_TYPE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the property that specifies the authentication handler to use.
- authenticate(URL, AuthenticatedURL.Token) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator
-
- authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
-
Performs SPNEGO authentication against the specified URL.
- authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
-
Performs simple authentication against the specified URL.
- authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
It enforces the the Kerberos SPNEGO authentication sequence returning an
AuthenticationToken
only after the Kerberos SPNEGO sequence has
completed successfully (in the case of Java access) and only after the
custom authentication implemented by the subclass in alternateAuthenticate
has completed successfully (in the case of browser access).
- authenticate(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
-
Performs an authentication step for the given HTTP client request.
- authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
-
It enforces the the Kerberos SPNEGO authentication sequence returning an
AuthenticationToken
only after the Kerberos SPNEGO sequence has
completed successfully.
- authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
- authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
-
Authenticates an HTTP client request.
- AuthenticatedURL - Class in org.apache.hadoop.security.authentication.client
-
- AuthenticatedURL() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
- AuthenticatedURL(Authenticator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
Creates an AuthenticatedURL
.
- AuthenticatedURL(Authenticator, ConnectionConfigurator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
Creates an AuthenticatedURL
.
- AuthenticatedURL.Token - Class in org.apache.hadoop.security.authentication.client
-
Client side authentication token.
- AuthenticatedURL.Token() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
-
Creates a token.
- AuthenticatedURL.Token(String) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
-
Creates a token using an existing string representation of the token.
- AUTHENTICATION_PROVIDER_URL - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
-
- AuthenticationException - Exception in org.apache.hadoop.security.authentication.client
-
Exception thrown when an authentication error occurrs.
- AuthenticationException(Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
-
- AuthenticationException(String) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
-
- AuthenticationException(String, Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
-
- AuthenticationFilter - Class in org.apache.hadoop.security.authentication.server
-
The
AuthenticationFilter
enables protecting web application
resources with different (pluggable)
authentication mechanisms and signer secret providers.
- AuthenticationFilter() - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- AuthenticationHandler - Interface in org.apache.hadoop.security.authentication.server
-
Interface for server authentication mechanisms.
- AuthenticationHandlerUtil - Class in org.apache.hadoop.security.authentication.server
-
- AuthenticationToken - Class in org.apache.hadoop.security.authentication.server
-
The
AuthenticationToken
contains information about an authenticated
HTTP client and doubles as the
Principal
to be returned by
authenticated
HttpServletRequest
s
- AuthenticationToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationToken
-
Creates an authentication token.
- Authenticator - Interface in org.apache.hadoop.security.authentication.client
-
Interface for client authentication mechanisms.
- AUTHORIZATION - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
-
HTTP header used by the SPNEGO client endpoint during an authentication sequence.
- AUTHORIZATION_HEADER - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
-
HTTP header used by the client endpoint during an authentication sequence.
- AuthToken - Class in org.apache.hadoop.security.authentication.util
-
- AuthToken() - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken
-
- AuthToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken
-
Creates an authentication token.
- generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
-
- generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
Subclasses should implement this to return a new secret.
- generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
-
- getAcceptAnonymous() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
-
Returns if the handler is configured to support anonymous users.
- getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
-
- getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
- getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
-
Returns all secrets that a cookie could have been signed with and are still
valid; this should include the secret returned by getCurrentSecret().
- getAppConfigurationEntry(String) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider.JaasConfiguration
-
- getAuthenticationHandler() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the authentication handler being used.
- getAuthenticationHandlerClassName(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil
-
- getAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
- getConfiguration() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- getConfiguration(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the filtered configuration (only properties starting with the specified prefix).
- getCookieDomain() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the cookie domain to use for the HTTP cookie.
- getCookiePath() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the cookie path to use for the HTTP cookie.
- getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
-
- getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
- getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
-
Returns the current secret to be used by the Signer for signing new
cookies.
- getDefaultAuthenticator() - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
- getDefaultRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the configured default realm.
- getDefaultRealm() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
- getDefaultRealmProtected() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
- getDomainRealm(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
- getExpires() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns the expiration time of the token.
- getFallBackAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
-
If the specified URL does not support SPNEGO authentication, a fallback
Authenticator
will be used.
- getHostName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the second component of the name.
- getJWTFromCookie(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
-
Encapsulate the acquisition of the JWT token from HTTP cookies within the
request.
- getKeytab() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
-
Returns the keytab used by the authentication handler.
- getKrb5LoginModuleName() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
- getMaxInactiveInterval() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the max inactive interval time of the generated tokens.
- getMaxInactives() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns the max inactive time of the token.
- getName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns the principal name (this method name comes from the JDK
Principal
interface).
- getOidInstance(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
- getPrincipalNames(String, Pattern) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
Get all the unique principals from keytabfile which matches a pattern.
- getPrincipals() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
-
Returns the Kerberos principals used by the authentication handler.
- getRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the realm of the name.
- getRequestURL(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the full URL of the request including the query string.
- getRules() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the rules.
- getServiceName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the first component of the name.
- getServicePrincipal(String, String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
-
Create Kerberos principal for a given service and hostname,
inferring realm from the fqdn of the hostname.
- getShortName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Get the translation of the principal name into an operating system
user name.
- getToken(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- getTokenTypes() - Method in interface org.apache.hadoop.security.authentication.server.CompositeAuthenticationHandler
-
This method returns the token types supported by this authentication
handler.
- getTokenTypes() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
This method returns the token types supported by this authentication
handler.
- getType() - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
Returns the authentication type of the authentication handler,
'alt-kerberos'.
- getType() - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
-
Returns the authentication type of the authentication handler.
- getType() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
-
Returns the authentication type of the authentication handler, 'kerberos'.
- getType() - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
- getType() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- getType() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
-
Returns the authentication type of the authentication handler, 'simple'.
- getType() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns the authentication mechanism of the token.
- getUserName() - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
-
Returns the current user name.
- getUserName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns the user name.
- getValidity() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the validity time of the generated tokens.
- IBM_JAVA - Static variable in class org.apache.hadoop.util.PlatformName
-
A public static variable to indicate the current java vendor is
IBM java or not.
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
- init(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Initializes the authentication filter and signer secret provider.
- init(Properties) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
-
Initializes the authentication handler instance.
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
-
Initializes the authentication handler instance.
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
-
Initializes the authentication handler instance.
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- init(Properties) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
-
Initializes the authentication handler instance.
- init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
-
- init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
Initialize the SignerSecretProvider.
- init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
-
Initialize the SignerSecretProvider
- init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
-
- initializeAuthHandler(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- initializeAuthHandler(String, Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- initializeSecretProvider(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- initSecrets(byte[], byte[]) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
Initializes the secrets array.
- injectToken(HttpURLConnection, AuthenticatedURL.Token) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
Helper method that injects an authentication token to send with a connection.
- isBrowser(String) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
-
This method parses the User-Agent String and returns whether or not it
refers to a browser.
- isCookiePersistent() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns the cookie persistence to use for the HTTP cookie.
- isCustomSignerSecretProvider() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns if a custom implementation of a SignerSecretProvider is being used.
- isExpired() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
-
Returns true if the token has expired.
- isExpired() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Returns true if the token has expired.
- isRandomSecret() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Returns if a random secret is being used.
- isSet() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
-
Returns if a token from the server has been set.
- SCHEMES_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
-
- SECURITY_AUTHENTICATION - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
Constant that identifies the authentication mechanism to be used with the
LDAP server.
- setConnectionConfigurator(ConnectionConfigurator) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator
-
- setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
-
- setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
-
- setDefaultAuthenticator(Class<? extends Authenticator>) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
-
- setDisableHostNameVerification(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
Configure the Host name verification for this handler.
- setEnableStartTls(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
-
Configure StartTLS LDAP extension for this handler.
- setExpires(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
-
Sets the expiration of the token.
- setExpires(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Sets the expiration of the token.
- setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
-
Sets the max inactive time of the token.
- setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken
-
Sets the max inactive interval of the token.
- setPublicKey(RSAPublicKey) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
-
Primarily for testing, this provides a way to set the publicKey for
signature verification without needing to get a PEM encoded value.
- setRules(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
-
Set the rules.
- sign(String) - Method in class org.apache.hadoop.security.authentication.util.Signer
-
Returns a signed string.
- SIGNATURE_SECRET - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the property that specifies the secret to use for signing the HTTP Cookies.
- SIGNATURE_SECRET_FILE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
- Signer - Class in org.apache.hadoop.security.authentication.util
-
Signs strings and verifies signed strings using a SHA digest.
- Signer(SignerSecretProvider) - Constructor for class org.apache.hadoop.security.authentication.util.Signer
-
Creates a Signer instance using the specified SignerSecretProvider.
- SIGNER_SECRET_PROVIDER - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the configuration property that indicates the name of the
SignerSecretProvider class to use.
- SIGNER_SECRET_PROVIDER_ATTRIBUTE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
-
Constant for the ServletContext attribute that can be used for providing a
custom implementation of the SignerSecretProvider.
- SignerException - Exception in org.apache.hadoop.security.authentication.util
-
Exception thrown by
Signer
when a string signature is invalid.
- SignerException(String) - Constructor for exception org.apache.hadoop.security.authentication.util.SignerException
-
Creates an exception instance.
- SignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
-
The SignerSecretProvider is an abstract way to provide a secret to be used
by the Signer so that we can have different implementations that potentially
do more complicated things in the backend.
- SignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.SignerSecretProvider
-
- startScheduler(long, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
-
Starts the scheduler for the rollover to run at an interval.