Index (Apache Hadoop Auth 2.8.3 API)

A B C D E F G H I J K L M N O P R S T U V W Z

A

alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: Subclasses should implement this method to provide the custom authentication to be used for browsers.
alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
AltKerberosAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The AltKerberosAuthenticationHandler behaves exactly the same way as the KerberosAuthenticationHandler, except that it allows for an alternative form of authentication for browsers while still using Kerberos for Java access.
AltKerberosAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
ANONYMOUS - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationToken: Constant that identifies an anonymous request.
ANONYMOUS_ALLOWED - Static variable in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Constant for the configuration property that indicates if anonymous users are allowed.
AUTH_COOKIE - Static variable in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Name of the HTTP cookie used for the authentication token between the client and the server.
AUTH_HANDLER_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
AUTH_TOKEN_MAX_INACTIVE_INTERVAL - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the max inactive interval of the generated token.
AUTH_TOKEN_VALIDITY - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the validity of the generated token.
AUTH_TYPE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the property that specifies the authentication handler to use.
authenticate(URL, AuthenticatedURL.Token) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator: Authenticates against a URL and returns a AuthenticatedURL.Token to be used by subsequent requests.
authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: Performs SPNEGO authentication against the specified URL.
authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator: Performs simple authentication against the specified URL.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: It enforces the the Kerberos SPNEGO authentication sequence returning an AuthenticationToken only after the Kerberos SPNEGO sequence has completed successfully (in the case of Java access) and only after the custom authentication implemented by the subclass in alternateAuthenticate has completed successfully (in the case of browser access).
authenticate(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler: Performs an authentication step for the given HTTP client request.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: It enforces the the Kerberos SPNEGO authentication sequence returning an AuthenticationToken only after the Kerberos SPNEGO sequence has completed successfully.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Authenticates an HTTP client request.
AuthenticatedURL - Class in org.apache.hadoop.security.authentication.client: The AuthenticatedURL class enables the use of the JDK URL class against HTTP endpoints protected with the AuthenticationFilter.
AuthenticatedURL() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Creates an AuthenticatedURL.
AuthenticatedURL(Authenticator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Creates an AuthenticatedURL.
AuthenticatedURL(Authenticator, ConnectionConfigurator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Creates an AuthenticatedURL.
AuthenticatedURL.Token - Class in org.apache.hadoop.security.authentication.client: Client side authentication token.
AuthenticatedURL.Token() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token: Creates a token.
AuthenticatedURL.Token(String) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token: Creates a token using an existing string representation of the token.
AUTHENTICATION_PROVIDER_URL - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
AuthenticationException - Exception in org.apache.hadoop.security.authentication.client: Exception thrown when an authentication error occurrs.
AuthenticationException(Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException: Creates an AuthenticationException.
AuthenticationException(String) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException: Creates an AuthenticationException.
AuthenticationException(String, Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException: Creates an AuthenticationException.
AuthenticationFilter - Class in org.apache.hadoop.security.authentication.server: The AuthenticationFilter enables protecting web application resources with different (pluggable) authentication mechanisms and signer secret providers.
AuthenticationFilter() - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationFilter
AuthenticationHandler - Interface in org.apache.hadoop.security.authentication.server: Interface for server authentication mechanisms.
AuthenticationHandlerUtil - Class in org.apache.hadoop.security.authentication.server: This is a utility class designed to provide functionality related to AuthenticationHandler.
AuthenticationToken - Class in org.apache.hadoop.security.authentication.server: The AuthenticationToken contains information about an authenticated HTTP client and doubles as the Principal to be returned by authenticated HttpServletRequests
AuthenticationToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationToken: Creates an authentication token.
Authenticator - Interface in org.apache.hadoop.security.authentication.client: Interface for client authentication mechanisms.
AUTHORIZATION - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: HTTP header used by the SPNEGO client endpoint during an authentication sequence.
AUTHORIZATION_HEADER - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants: HTTP header used by the client endpoint during an authentication sequence.
AuthToken - Class in org.apache.hadoop.security.authentication.util
AuthToken() - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken
AuthToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken: Creates an authentication token.

B

BASE_DN - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant for the configuration property that indicates the base distinguished name (DN) to be used with the LDAP server.
BASIC - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants: HTTP header prefix used during the Basic authentication sequence.

C

CertificateUtil - Class in org.apache.hadoop.security.authentication.util
CertificateUtil() - Constructor for class org.apache.hadoop.security.authentication.util.CertificateUtil
checkAuthScheme(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil: This method checks if the specified HTTP authentication scheme value is valid.
checkForIllegalArgument(String, String) - Static method in class org.apache.hadoop.security.authentication.util.AuthToken: Check if the provided value is invalid.
checkSignatures(String, String) - Method in class org.apache.hadoop.security.authentication.util.Signer
CompositeAuthenticationHandler - Interface in org.apache.hadoop.security.authentication.server: Interface to support multiple authentication mechanisms simultaneously.
computeSignature(byte[], String) - Method in class org.apache.hadoop.security.authentication.util.Signer: Returns then signature of a string.
CONFIG_PREFIX - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the property that specifies the configuration prefix.
configure(HttpURLConnection) - Method in interface org.apache.hadoop.security.authentication.client.ConnectionConfigurator: Configures the given HttpURLConnection instance.
ConnectionConfigurator - Interface in org.apache.hadoop.security.authentication.client: Interface to configure HttpURLConnection created by AuthenticatedURL instances.
constructLoginURL(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Create the URL to be used for authentication of the user in the absence of a JWT token within the incoming request.
constructSecretProvider(ServletContext, Properties, boolean) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
COOKIE_DOMAIN - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the domain to use in the HTTP cookie.
COOKIE_PATH - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the path to use in the HTTP cookie.
COOKIE_PERSISTENT - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the persistence of the HTTP cookie.
createAuthCookie(HttpServletResponse, String, String, String, long, boolean, boolean) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Creates the Hadoop authentication HTTP cookie.
createCuratorClient(Properties) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: This method creates the Curator client and connects to ZooKeeper.

D

destroy() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Destroys the filter.
destroy() - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler: Destroys the authentication handler instance.
destroy() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Releases any resources initialized by the authentication handler.
destroy() - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
destroy() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
destroy() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Releases any resources initialized by the authentication handler.
destroy() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
destroy() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider: Will be called on shutdown; subclasses should perform any cleanup here.
destroy() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Disconnects from ZooKeeper unless told not to.
DIGEST - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants: HTTP header prefix used during the Basic authentication sequence.
DISCONNECT_FROM_ZOOKEEPER_ON_SHUTDOWN - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies whether or not the Curator client should disconnect from ZooKeeper on shutdown.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: If the request has a valid authentication token it allows the request to continue to the target resource, otherwise it triggers an authentication sequence using the configured AuthenticationHandler.
doFilter(FilterChain, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Delegates call to the servlet filter chain.

E

ENABLE_START_TLS - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant for the configuration property that indicates the base distinguished name (DN) to be used with the LDAP server.
EXPECTED_JWT_AUDIENCES - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
extractToken(HttpURLConnection, AuthenticatedURL.Token) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Helper method that extracts an authentication token received from a connection.

F

FileSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util: A SignerSecretProvider that simply loads a secret from a specified file.
FileSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider

G

generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider: Subclasses should implement this to return a new secret.
generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
getAcceptAnonymous() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Returns if the handler is configured to support anonymous users.
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider: Returns all secrets that a cookie could have been signed with and are still valid; this should include the secret returned by getCurrentSecret().
getAppConfigurationEntry(String) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider.JaasConfiguration
getAuthenticationHandler() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the authentication handler being used.
getAuthenticationHandlerClassName(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil: This method provides an instance of AuthenticationHandler based on specified authHandlerName.
getAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Returns the Authenticator instance used by the AuthenticatedURL.
getConfiguration() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the configuration properties of the AuthenticationFilter without the prefix.
getConfiguration(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the filtered configuration (only properties starting with the specified prefix).
getCookieDomain() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the cookie domain to use for the HTTP cookie.
getCookiePath() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the cookie path to use for the HTTP cookie.
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider: Returns the current secret to be used by the Signer for signing new cookies.
getDefaultAuthenticator() - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Returns the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
getDefaultRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the configured default realm.
getDefaultRealm() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
getDefaultRealmProtected() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
getDomainRealm(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
getExpires() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the expiration time of the token.
getFallBackAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: If the specified URL does not support SPNEGO authentication, a fallback Authenticator will be used.
getHostName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the second component of the name.
getJWTFromCookie(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Encapsulate the acquisition of the JWT token from HTTP cookies within the request.
getKeytab() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Returns the keytab used by the authentication handler.
getKrb5LoginModuleName() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
getMaxInactiveInterval() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the max inactive interval time of the generated tokens.
getMaxInactives() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the max inactive time of the token.
getName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the principal name (this method name comes from the JDK Principal interface).
getOidInstance(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
getPrincipalNames(String, Pattern) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil: Get all the unique principals from keytabfile which matches a pattern.
getPrincipals() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Returns the Kerberos principals used by the authentication handler.
getRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the realm of the name.
getRequestURL(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the full URL of the request including the query string.
getRules() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the rules.
getServiceName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the first component of the name.
getServicePrincipal(String, String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil: Create Kerberos principal for a given service and hostname, inferring realm from the fqdn of the hostname.
getShortName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Get the translation of the principal name into an operating system user name.
getToken(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the AuthenticationToken for the request.
getTokenServerName(byte[]) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil: Extract the TGS server principal from the given gssapi kerberos or spnego wrapped token.
getTokenTypes() - Method in interface org.apache.hadoop.security.authentication.server.CompositeAuthenticationHandler: This method returns the token types supported by this authentication handler.
getTokenTypes() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler: This method returns the token types supported by this authentication handler.
getType() - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: Returns the authentication type of the authentication handler, 'alt-kerberos'.
getType() - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler: Returns the authentication type of the authentication handler.
getType() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Returns the authentication type of the authentication handler, 'kerberos'.
getType() - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
getType() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
getType() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Returns the authentication type of the authentication handler, 'simple'.
getType() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the authentication mechanism of the token.
getUserName() - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator: Returns the current user name.
getUserName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the user name.
getValidity() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the validity time of the generated tokens.
GSS_KRB5_MECH_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil
GSS_SPNEGO_MECH_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil

H

hasKerberosKeyTab(Subject) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil: Check if the subject contains Kerberos keytab related objects.
hasKerberosTicket(Subject) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil: Check if the subject contains Kerberos ticket.
hasRulesBeenSet() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName: Indicates if the name rules have been set.
HttpConstants - Class in org.apache.hadoop.security.authentication.server: This class defines constants used for HTTP protocol entities (such as headers, methods and their values).

I

IBM_JAVA - Static variable in class org.apache.hadoop.util.PlatformName: A public static variable to indicate the current java vendor is IBM java or not.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
init(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Initializes the authentication filter and signer secret provider.
init(Properties) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler: Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Initializes the authentication handler instance.
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider: Initialize the SignerSecretProvider.
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider: Initialize the SignerSecretProvider
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
initializeAuthHandler(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
initializeAuthHandler(String, Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
initializeSecretProvider(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
initSecrets(byte[], byte[]) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider: Initializes the secrets array.
injectToken(HttpURLConnection, AuthenticatedURL.Token) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Helper method that injects an authentication token to send with a connection.
isBrowser(String) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: This method parses the User-Agent String and returns whether or not it refers to a browser.
isCookiePersistent() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns the cookie persistence to use for the HTTP cookie.
isCustomSignerSecretProvider() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns if a custom implementation of a SignerSecretProvider is being used.
isExpired() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken: Returns true if the token has expired.
isExpired() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns true if the token has expired.
isRandomSecret() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Returns if a random secret is being used.
isSet() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token: Returns if a token from the server has been set.

J

JAVA_VENDOR_NAME - Static variable in class org.apache.hadoop.util.PlatformName: The java vendor name used in this platform.
JWT_COOKIE_NAME - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
JWTRedirectAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The JWTRedirectAuthenticationHandler extends AltKerberosAuthenticationHandler to add WebSSO behavior for UIs.
JWTRedirectAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler

K

KerberosAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The KerberosAuthenticationHandler implements the Kerberos SPNEGO authentication mechanism for HTTP.
KerberosAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Creates a Kerberos SPNEGO authentication handler with the default auth-token type, kerberos.
KerberosAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Creates a Kerberos SPNEGO authentication handler with a custom auth-token type.
KerberosAuthenticator - Class in org.apache.hadoop.security.authentication.client: The KerberosAuthenticator implements the Kerberos SPNEGO authentication sequence.
KerberosAuthenticator() - Constructor for class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
KerberosName - Class in org.apache.hadoop.security.authentication.util: This class implements parsing and handling of Kerberos principal names.
KerberosName(String) - Constructor for class org.apache.hadoop.security.authentication.util.KerberosName: Create a name from the full Kerberos principal name.
KerberosName.BadFormatString - Exception in org.apache.hadoop.security.authentication.util
KerberosName.NoMatchingRule - Exception in org.apache.hadoop.security.authentication.util
KerberosUtil - Class in org.apache.hadoop.security.authentication.util
KerberosUtil() - Constructor for class org.apache.hadoop.security.authentication.util.KerberosUtil
KEYTAB - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Constant for the configuration property that indicates the keytab file path.

L

LDAP_BIND_DOMAIN - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant for the configuration property that indicates the LDAP bind domain value to be used with the LDAP server.
LdapAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The LdapAuthenticationHandler implements the BASIC authentication mechanism for HTTP using LDAP back-end.
LdapAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
LOG - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler

M

main(String[]) - Static method in class org.apache.hadoop.util.PlatformName
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler: Performs an authentication management operation.
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: This is an empty implementation, it always returns TRUE.
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: This is an empty implementation, it always returns TRUE.
matchAuthScheme(String, String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil: This method checks if the specified authToken belongs to the specified HTTP authentication scheme.
MultiSchemeAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The MultiSchemeAuthenticationHandler supports configuring multiple authentication mechanisms simultaneously.
MultiSchemeAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
MultiSchemeAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler

N

NAME_RULES - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Constant for the configuration property that indicates the Kerberos name rules for the Kerberos principals.
NEGOTIATE - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: HTTP header prefix used by the SPNEGO client/server endpoints during an authentication sequence.
NEGOTIATE - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants: HTTP header prefix used by the SPNEGO client/server endpoints during an authentication sequence.
NON_BROWSER_USER_AGENTS - Static variable in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: Constant for the configuration property that indicates which user agents are not considered browsers (comma separated)
NT_GSS_KRB5_PRINCIPAL_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil

O

openConnection(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Returns an authenticated HttpURLConnection.
org.apache.hadoop.security.authentication.client - package org.apache.hadoop.security.authentication.client
org.apache.hadoop.security.authentication.server - package org.apache.hadoop.security.authentication.server: Provides the server-side framework for authentication.
org.apache.hadoop.security.authentication.util - package org.apache.hadoop.security.authentication.util
org.apache.hadoop.util - package org.apache.hadoop.util

P

parse(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationToken: Parses a string into an authentication token.
parse(String) - Static method in class org.apache.hadoop.security.authentication.util.AuthToken
parseRSAPublicKey(String) - Static method in class org.apache.hadoop.security.authentication.util.CertificateUtil: Gets an RSAPublicKey from the provided PEM encoding.
PLATFORM_NAME - Static variable in class org.apache.hadoop.util.PlatformName: The complete platform 'name' to identify the platform as per the java-vm.
PlatformName - Class in org.apache.hadoop.util: A helper class for getting build-info of the java-vm.
PlatformName() - Constructor for class org.apache.hadoop.util.PlatformName
PRINCIPAL - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Constant for the configuration property that indicates the kerberos principal.
PROVIDER_URL - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant for the configuration property that indicates the url of the LDAP server.
PseudoAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server: The PseudoAuthenticationHandler provides a pseudo authentication mechanism that accepts the user name specified as a query string parameter.
PseudoAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Creates a Hadoop pseudo authentication handler with the default auth-token type, simple.
PseudoAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Creates a Hadoop pseudo authentication handler with a custom auth-token type.
PseudoAuthenticator - Class in org.apache.hadoop.security.authentication.client: The PseudoAuthenticator implementation provides an authentication equivalent to Hadoop's Simple authentication, it trusts the value of the 'user.name' Java System property.
PseudoAuthenticator() - Constructor for class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
PUBLIC_KEY_PEM - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler

R

RandomSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util: A SignerSecretProvider that uses a random number as its secret.
RandomSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
RandomSignerSecretProvider(long) - Constructor for class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider: This constructor lets you set the seed of the Random Number Generator and is meant for testing.
resetDefaultRealm() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
RolloverSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util: An abstract SignerSecretProvider that can be use used as the base for a rolling secret.
RolloverSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
rollSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider: Rolls the secret.
rollSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider

S

SCHEMES_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
SECURITY_AUTHENTICATION - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant that identifies the authentication mechanism to be used with the LDAP server.
setConnectionConfigurator(ConnectionConfigurator) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator: Sets a ConnectionConfigurator instance to use for configuring connections.
setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: Sets a ConnectionConfigurator instance to use for configuring connections.
setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator: Sets a ConnectionConfigurator instance to use for configuring connections.
setDefaultAuthenticator(Class<? extends Authenticator>) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL: Sets the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
setDisableHostNameVerification(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Configure the Host name verification for this handler.
setEnableStartTls(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Configure StartTLS LDAP extension for this handler.
setExpires(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken: Sets the expiration of the token.
setExpires(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Sets the expiration of the token.
setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken: Sets the max inactive time of the token.
setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Sets the max inactive interval of the token.
setPublicKey(RSAPublicKey) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Primarily for testing, this provides a way to set the publicKey for signature verification without needing to get a PEM encoded value.
setRules(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosName: Set the rules.
sign(String) - Method in class org.apache.hadoop.security.authentication.util.Signer: Returns a signed string.
SIGNATURE_SECRET - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the property that specifies the secret to use for signing the HTTP Cookies.
SIGNATURE_SECRET_FILE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Signer - Class in org.apache.hadoop.security.authentication.util: Signs strings and verifies signed strings using a SHA digest.
Signer(SignerSecretProvider) - Constructor for class org.apache.hadoop.security.authentication.util.Signer: Creates a Signer instance using the specified SignerSecretProvider.
SIGNER_SECRET_PROVIDER - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the configuration property that indicates the name of the SignerSecretProvider class to use.
SIGNER_SECRET_PROVIDER_ATTRIBUTE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: Constant for the ServletContext attribute that can be used for providing a custom implementation of the SignerSecretProvider.
SignerException - Exception in org.apache.hadoop.security.authentication.util: Exception thrown by Signer when a string signature is invalid.
SignerException(String) - Constructor for exception org.apache.hadoop.security.authentication.util.SignerException: Creates an exception instance.
SignerSecretProvider - Class in org.apache.hadoop.security.authentication.util: The SignerSecretProvider is an abstract way to provide a secret to be used by the Signer so that we can have different implementations that potentially do more complicated things in the backend.
SignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.SignerSecretProvider
startScheduler(long, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider: Starts the scheduler for the rollover to run at an interval.

T

toString() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token: Returns the string representation of the token.
toString() - Method in class org.apache.hadoop.security.authentication.util.AuthToken: Returns the string representation of the token.
toString() - Method in class org.apache.hadoop.security.authentication.util.KerberosName: Put the name back together from the parts.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler: Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler: Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler: Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler: Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler: Constant that identifies the authentication mechanism.

U

USER_NAME - Static variable in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator: Name of the additional parameter that carries the 'user.name' value.

V

validateAudiences(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Validate whether any of the accepted audience claims is present in the issued token claims list for audience.
validateExpiration(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Validate that the expiration time of the JWT token has not been violated.
validateSignature(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: Verify the signature of the JWT token in this method.
validateToken(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler: This method provides a single method for validating the JWT for use in request processing.
verifyAndExtract(String) - Method in class org.apache.hadoop.security.authentication.util.Signer: Verifies a signed string and extracts the original string.
verifyTokenType(AuthenticationHandler, AuthenticationToken) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter: This method verifies if the specified token type matches one of the the token types supported by a specified AuthenticationHandler.

W

WWW_AUTHENTICATE - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator: HTTP header used by the SPNEGO server endpoint during an authentication sequence.
WWW_AUTHENTICATE - Static variable in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
WWW_AUTHENTICATE_HEADER - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants: HTTP header used by the server endpoint during an authentication sequence.

Z

ZKSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util: A SignerSecretProvider that synchronizes a rolling random secret between multiple servers using ZooKeeper.
ZKSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
ZKSignerSecretProvider(long) - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: This constructor lets you set the seed of the Random Number Generator and is meant for testing.
ZKSignerSecretProvider.JaasConfiguration - Class in org.apache.hadoop.security.authentication.util: Creates a programmatic version of a jaas.conf file.
ZKSignerSecretProvider.JaasConfiguration(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider.JaasConfiguration: Add an entry to the jaas configuration with the passed in name, principal, and keytab.
ZOOKEEPER_AUTH_TYPE - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies the auth type to use.
ZOOKEEPER_CONNECTION_STRING - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies the ZooKeeper connection string.
ZOOKEEPER_KERBEROS_KEYTAB - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies the Kerberos keytab file.
ZOOKEEPER_KERBEROS_PRINCIPAL - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies the Kerberos principal.
ZOOKEEPER_PATH - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the property that specifies the ZooKeeper path.
ZOOKEEPER_SIGNER_SECRET_PROVIDER_CURATOR_CLIENT_ATTRIBUTE - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider: Constant for the ServletContext attribute that can be used for providing a custom CuratorFramework client.

A B C D E F G H I J K L M N O P R S T U V W Z