A B C D E F G H I J K L M N O P R S T U V W Z 

A

alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
Subclasses should implement this method to provide the custom authentication to be used for browsers.
alternateAuthenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 
AltKerberosAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The AltKerberosAuthenticationHandler behaves exactly the same way as the KerberosAuthenticationHandler, except that it allows for an alternative form of authentication for browsers while still using Kerberos for Java access.
AltKerberosAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
 
ANONYMOUS - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationToken
Constant that identifies an anonymous request.
ANONYMOUS_ALLOWED - Static variable in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Constant for the configuration property that indicates if anonymous users are allowed.
AUTH_COOKIE - Static variable in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Name of the HTTP cookie used for the authentication token between the client and the server.
AUTH_HANDLER_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
AUTH_TOKEN_MAX_INACTIVE_INTERVAL - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the max inactive interval of the generated token.
AUTH_TOKEN_VALIDITY - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the validity of the generated token.
AUTH_TYPE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the property that specifies the authentication handler to use.
authenticate(URL, AuthenticatedURL.Token) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator
Authenticates against a URL and returns a AuthenticatedURL.Token to be used by subsequent requests.
authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
Performs SPNEGO authentication against the specified URL.
authenticate(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
Performs simple authentication against the specified URL.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
It enforces the the Kerberos SPNEGO authentication sequence returning an AuthenticationToken only after the Kerberos SPNEGO sequence has completed successfully (in the case of Java access) and only after the custom authentication implemented by the subclass in alternateAuthenticate has completed successfully (in the case of browser access).
authenticate(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
Performs an authentication step for the given HTTP client request.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
It enforces the the Kerberos SPNEGO authentication sequence returning an AuthenticationToken only after the Kerberos SPNEGO sequence has completed successfully.
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
authenticate(HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Authenticates an HTTP client request.
AuthenticatedURL - Class in org.apache.hadoop.security.authentication.client
The AuthenticatedURL class enables the use of the JDK URL class against HTTP endpoints protected with the AuthenticationFilter.
AuthenticatedURL() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Creates an AuthenticatedURL.
AuthenticatedURL(Authenticator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Creates an AuthenticatedURL.
AuthenticatedURL(Authenticator, ConnectionConfigurator) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Creates an AuthenticatedURL.
AuthenticatedURL.Token - Class in org.apache.hadoop.security.authentication.client
Client side authentication token.
AuthenticatedURL.Token() - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
Creates a token.
AuthenticatedURL.Token(String) - Constructor for class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
Creates a token using an existing string representation of the token.
AUTHENTICATION_PROVIDER_URL - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 
AuthenticationException - Exception in org.apache.hadoop.security.authentication.client
Exception thrown when an authentication error occurrs.
AuthenticationException(Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
AuthenticationException(String) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
AuthenticationException(String, Throwable) - Constructor for exception org.apache.hadoop.security.authentication.client.AuthenticationException
AuthenticationFilter - Class in org.apache.hadoop.security.authentication.server
The AuthenticationFilter enables protecting web application resources with different (pluggable) authentication mechanisms and signer secret providers.
AuthenticationFilter() - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationFilter
 
AuthenticationHandler - Interface in org.apache.hadoop.security.authentication.server
Interface for server authentication mechanisms.
AuthenticationHandlerUtil - Class in org.apache.hadoop.security.authentication.server
This is a utility class designed to provide functionality related to AuthenticationHandler.
AuthenticationToken - Class in org.apache.hadoop.security.authentication.server
The AuthenticationToken contains information about an authenticated HTTP client and doubles as the Principal to be returned by authenticated HttpServletRequests
AuthenticationToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.server.AuthenticationToken
Creates an authentication token.
Authenticator - Interface in org.apache.hadoop.security.authentication.client
Interface for client authentication mechanisms.
AUTHORIZATION - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
HTTP header used by the SPNEGO client endpoint during an authentication sequence.
AUTHORIZATION_HEADER - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
HTTP header used by the client endpoint during an authentication sequence.
AuthToken - Class in org.apache.hadoop.security.authentication.util
 
AuthToken() - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken
 
AuthToken(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.util.AuthToken
Creates an authentication token.

B

BASE_DN - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant for the configuration property that indicates the base distinguished name (DN) to be used with the LDAP server.
BASIC - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
HTTP header prefix used during the Basic authentication sequence.

C

CertificateUtil - Class in org.apache.hadoop.security.authentication.util
 
CertificateUtil() - Constructor for class org.apache.hadoop.security.authentication.util.CertificateUtil
 
checkAuthScheme(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil
This method checks if the specified HTTP authentication scheme value is valid.
checkForIllegalArgument(String, String) - Static method in class org.apache.hadoop.security.authentication.util.AuthToken
Check if the provided value is invalid.
checkSignatures(String, String) - Method in class org.apache.hadoop.security.authentication.util.Signer
 
CompositeAuthenticationHandler - Interface in org.apache.hadoop.security.authentication.server
Interface to support multiple authentication mechanisms simultaneously.
computeSignature(byte[], String) - Method in class org.apache.hadoop.security.authentication.util.Signer
Returns then signature of a string.
CONFIG_PREFIX - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the property that specifies the configuration prefix.
configure(HttpURLConnection) - Method in interface org.apache.hadoop.security.authentication.client.ConnectionConfigurator
Configures the given HttpURLConnection instance.
ConnectionConfigurator - Interface in org.apache.hadoop.security.authentication.client
Interface to configure HttpURLConnection created by AuthenticatedURL instances.
constructLoginURL(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Create the URL to be used for authentication of the user in the absence of a JWT token within the incoming request.
constructSecretProvider(ServletContext, Properties, boolean) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
 
COOKIE_DOMAIN - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the domain to use in the HTTP cookie.
COOKIE_PATH - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the path to use in the HTTP cookie.
COOKIE_PERSISTENT - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the persistence of the HTTP cookie.
createAuthCookie(HttpServletResponse, String, String, String, long, boolean, boolean) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Creates the Hadoop authentication HTTP cookie.
createCuratorClient(Properties) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
This method creates the Curator client and connects to ZooKeeper.

D

destroy() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Destroys the filter.
destroy() - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
Destroys the authentication handler instance.
destroy() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Releases any resources initialized by the authentication handler.
destroy() - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
destroy() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
destroy() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Releases any resources initialized by the authentication handler.
destroy() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
 
destroy() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
Will be called on shutdown; subclasses should perform any cleanup here.
destroy() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Disconnects from ZooKeeper unless told not to.
DIGEST - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
HTTP header prefix used during the Basic authentication sequence.
DISCONNECT_FROM_ZOOKEEPER_ON_SHUTDOWN - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies whether or not the Curator client should disconnect from ZooKeeper on shutdown.
doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
If the request has a valid authentication token it allows the request to continue to the target resource, otherwise it triggers an authentication sequence using the configured AuthenticationHandler.
doFilter(FilterChain, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Delegates call to the servlet filter chain.

E

ENABLE_START_TLS - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant for the configuration property that indicates the base distinguished name (DN) to be used with the LDAP server.
EXPECTED_JWT_AUDIENCES - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 
extractToken(HttpURLConnection, AuthenticatedURL.Token) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Helper method that extracts an authentication token received from a connection.

F

FileSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
A SignerSecretProvider that simply loads a secret from a specified file.
FileSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
 

G

generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
 
generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
Subclasses should implement this to return a new secret.
generateNewSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
 
generateRandomSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
 
getAcceptAnonymous() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Returns if the handler is configured to support anonymous users.
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
 
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
 
getAllSecrets() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
Returns all secrets that a cookie could have been signed with and are still valid; this should include the secret returned by getCurrentSecret().
getAppConfigurationEntry(String) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider.JaasConfiguration
 
getAuthenticationHandler() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the authentication handler being used.
getAuthenticationHandlerClassName(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil
This method provides an instance of AuthenticationHandler based on specified authHandlerName.
getAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Returns the Authenticator instance used by the AuthenticatedURL.
getConfiguration() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the configuration properties of the AuthenticationFilter without the prefix.
getConfiguration(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the filtered configuration (only properties starting with the specified prefix).
getCookieDomain() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the cookie domain to use for the HTTP cookie.
getCookiePath() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the cookie path to use for the HTTP cookie.
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
 
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
 
getCurrentSecret() - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
Returns the current secret to be used by the Signer for signing new cookies.
getDefaultAuthenticator() - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Returns the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
getDefaultRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the configured default realm.
getDefaultRealm() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
getDefaultRealmProtected() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
getDomainRealm(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
getExpires() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the expiration time of the token.
getFallBackAuthenticator() - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
If the specified URL does not support SPNEGO authentication, a fallback Authenticator will be used.
getHostName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the second component of the name.
getJWTFromCookie(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Encapsulate the acquisition of the JWT token from HTTP cookies within the request.
getKeytab() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Returns the keytab used by the authentication handler.
getKrb5LoginModuleName() - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
getMaxInactiveInterval() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the max inactive interval time of the generated tokens.
getMaxInactives() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the max inactive time of the token.
getName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the principal name (this method name comes from the JDK Principal interface).
getOidInstance(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
getPrincipalNames(String, Pattern) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
Get all the unique principals from keytabfile which matches a pattern.
getPrincipals() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Returns the Kerberos principals used by the authentication handler.
getRealm() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the realm of the name.
getRequestURL(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the full URL of the request including the query string.
getRules() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the rules.
getServiceName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the first component of the name.
getServicePrincipal(String, String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
Create Kerberos principal for a given service and hostname, inferring realm from the fqdn of the hostname.
getShortName() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Get the translation of the principal name into an operating system user name.
getToken(HttpServletRequest) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the AuthenticationToken for the request.
getTokenServerName(byte[]) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
Extract the TGS server principal from the given gssapi kerberos or spnego wrapped token.
getTokenTypes() - Method in interface org.apache.hadoop.security.authentication.server.CompositeAuthenticationHandler
This method returns the token types supported by this authentication handler.
getTokenTypes() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
This method returns the token types supported by this authentication handler.
getType() - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
Returns the authentication type of the authentication handler, 'alt-kerberos'.
getType() - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
Returns the authentication type of the authentication handler.
getType() - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Returns the authentication type of the authentication handler, 'kerberos'.
getType() - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
getType() - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
getType() - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Returns the authentication type of the authentication handler, 'simple'.
getType() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the authentication mechanism of the token.
getUserName() - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
Returns the current user name.
getUserName() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the user name.
getValidity() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the validity time of the generated tokens.
GSS_KRB5_MECH_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil
 
GSS_SPNEGO_MECH_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil
 

H

hasKerberosKeyTab(Subject) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
Check if the subject contains Kerberos keytab related objects.
hasKerberosTicket(Subject) - Static method in class org.apache.hadoop.security.authentication.util.KerberosUtil
Check if the subject contains Kerberos ticket.
hasRulesBeenSet() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
Indicates if the name rules have been set.
HttpConstants - Class in org.apache.hadoop.security.authentication.server
This class defines constants used for HTTP protocol entities (such as headers, methods and their values).

I

IBM_JAVA - Static variable in class org.apache.hadoop.util.PlatformName
A public static variable to indicate the current java vendor is IBM java or not.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
 
init(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Initializes the authentication filter and signer secret provider.
init(Properties) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Initializes the authentication handler instance.
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
init(Properties) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Initializes the authentication handler instance.
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.FileSignerSecretProvider
 
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
Initialize the SignerSecretProvider.
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.SignerSecretProvider
Initialize the SignerSecretProvider
init(Properties, ServletContext, long) - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
 
initializeAuthHandler(String, FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
 
initializeAuthHandler(String, Properties) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
initializeSecretProvider(FilterConfig) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
 
initSecrets(byte[], byte[]) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
Initializes the secrets array.
injectToken(HttpURLConnection, AuthenticatedURL.Token) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Helper method that injects an authentication token to send with a connection.
isBrowser(String) - Method in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
This method parses the User-Agent String and returns whether or not it refers to a browser.
isCookiePersistent() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns the cookie persistence to use for the HTTP cookie.
isCustomSignerSecretProvider() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns if a custom implementation of a SignerSecretProvider is being used.
isExpired() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
Returns true if the token has expired.
isExpired() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns true if the token has expired.
isRandomSecret() - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Returns if a random secret is being used.
isSet() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
Returns if a token from the server has been set.

J

JAVA_VENDOR_NAME - Static variable in class org.apache.hadoop.util.PlatformName
The java vendor name used in this platform.
JWT_COOKIE_NAME - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 
JWTRedirectAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The JWTRedirectAuthenticationHandler extends AltKerberosAuthenticationHandler to add WebSSO behavior for UIs.
JWTRedirectAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 

K

KerberosAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The KerberosAuthenticationHandler implements the Kerberos SPNEGO authentication mechanism for HTTP.
KerberosAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Creates a Kerberos SPNEGO authentication handler with the default auth-token type, kerberos.
KerberosAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Creates a Kerberos SPNEGO authentication handler with a custom auth-token type.
KerberosAuthenticator - Class in org.apache.hadoop.security.authentication.client
The KerberosAuthenticator implements the Kerberos SPNEGO authentication sequence.
KerberosAuthenticator() - Constructor for class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
 
KerberosName - Class in org.apache.hadoop.security.authentication.util
This class implements parsing and handling of Kerberos principal names.
KerberosName(String) - Constructor for class org.apache.hadoop.security.authentication.util.KerberosName
Create a name from the full Kerberos principal name.
KerberosName.BadFormatString - Exception in org.apache.hadoop.security.authentication.util
 
KerberosName.NoMatchingRule - Exception in org.apache.hadoop.security.authentication.util
 
KerberosUtil - Class in org.apache.hadoop.security.authentication.util
 
KerberosUtil() - Constructor for class org.apache.hadoop.security.authentication.util.KerberosUtil
 
KEYTAB - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Constant for the configuration property that indicates the keytab file path.

L

LDAP_BIND_DOMAIN - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant for the configuration property that indicates the LDAP bind domain value to be used with the LDAP server.
LdapAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The LdapAuthenticationHandler implements the BASIC authentication mechanism for HTTP using LDAP back-end.
LdapAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
LOG - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
 

M

main(String[]) - Static method in class org.apache.hadoop.util.PlatformName
 
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
Performs an authentication management operation.
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
This is an empty implementation, it always returns TRUE.
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
 
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
managementOperation(AuthenticationToken, HttpServletRequest, HttpServletResponse) - Method in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
This is an empty implementation, it always returns TRUE.
matchAuthScheme(String, String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationHandlerUtil
This method checks if the specified authToken belongs to the specified HTTP authentication scheme.
MultiSchemeAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The MultiSchemeAuthenticationHandler supports configuring multiple authentication mechanisms simultaneously.
MultiSchemeAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
MultiSchemeAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 

N

NAME_RULES - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Constant for the configuration property that indicates the Kerberos name rules for the Kerberos principals.
NEGOTIATE - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
HTTP header prefix used by the SPNEGO client/server endpoints during an authentication sequence.
NEGOTIATE - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
HTTP header prefix used by the SPNEGO client/server endpoints during an authentication sequence.
NON_BROWSER_USER_AGENTS - Static variable in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
Constant for the configuration property that indicates which user agents are not considered browsers (comma separated)
NT_GSS_KRB5_PRINCIPAL_OID - Static variable in class org.apache.hadoop.security.authentication.util.KerberosUtil
 

O

openConnection(URL, AuthenticatedURL.Token) - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Returns an authenticated HttpURLConnection.
org.apache.hadoop.security.authentication.client - package org.apache.hadoop.security.authentication.client
 
org.apache.hadoop.security.authentication.server - package org.apache.hadoop.security.authentication.server
Provides the server-side framework for authentication.
org.apache.hadoop.security.authentication.util - package org.apache.hadoop.security.authentication.util
 
org.apache.hadoop.util - package org.apache.hadoop.util
 

P

parse(String) - Static method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
Parses a string into an authentication token.
parse(String) - Static method in class org.apache.hadoop.security.authentication.util.AuthToken
 
parseRSAPublicKey(String) - Static method in class org.apache.hadoop.security.authentication.util.CertificateUtil
Gets an RSAPublicKey from the provided PEM encoding.
PLATFORM_NAME - Static variable in class org.apache.hadoop.util.PlatformName
The complete platform 'name' to identify the platform as per the java-vm.
PlatformName - Class in org.apache.hadoop.util
A helper class for getting build-info of the java-vm.
PlatformName() - Constructor for class org.apache.hadoop.util.PlatformName
 
PRINCIPAL - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Constant for the configuration property that indicates the kerberos principal.
PROVIDER_URL - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant for the configuration property that indicates the url of the LDAP server.
PseudoAuthenticationHandler - Class in org.apache.hadoop.security.authentication.server
The PseudoAuthenticationHandler provides a pseudo authentication mechanism that accepts the user name specified as a query string parameter.
PseudoAuthenticationHandler() - Constructor for class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Creates a Hadoop pseudo authentication handler with the default auth-token type, simple.
PseudoAuthenticationHandler(String) - Constructor for class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Creates a Hadoop pseudo authentication handler with a custom auth-token type.
PseudoAuthenticator - Class in org.apache.hadoop.security.authentication.client
The PseudoAuthenticator implementation provides an authentication equivalent to Hadoop's Simple authentication, it trusts the value of the 'user.name' Java System property.
PseudoAuthenticator() - Constructor for class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
 
PUBLIC_KEY_PEM - Static variable in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
 

R

RandomSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
A SignerSecretProvider that uses a random number as its secret.
RandomSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
 
RandomSignerSecretProvider(long) - Constructor for class org.apache.hadoop.security.authentication.util.RandomSignerSecretProvider
This constructor lets you set the seed of the Random Number Generator and is meant for testing.
resetDefaultRealm() - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
 
RolloverSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
An abstract SignerSecretProvider that can be use used as the base for a rolling secret.
RolloverSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
 
rollSecret() - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
Rolls the secret.
rollSecret() - Method in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
 

S

SCHEMES_PROPERTY - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
 
SECURITY_AUTHENTICATION - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant that identifies the authentication mechanism to be used with the LDAP server.
setConnectionConfigurator(ConnectionConfigurator) - Method in interface org.apache.hadoop.security.authentication.client.Authenticator
Sets a ConnectionConfigurator instance to use for configuring connections.
setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
Sets a ConnectionConfigurator instance to use for configuring connections.
setConnectionConfigurator(ConnectionConfigurator) - Method in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
Sets a ConnectionConfigurator instance to use for configuring connections.
setDefaultAuthenticator(Class<? extends Authenticator>) - Static method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL
Sets the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
setDisableHostNameVerification(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Configure the Host name verification for this handler.
setEnableStartTls(Boolean) - Method in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Configure StartTLS LDAP extension for this handler.
setExpires(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
Sets the expiration of the token.
setExpires(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Sets the expiration of the token.
setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationToken
Sets the max inactive time of the token.
setMaxInactives(long) - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Sets the max inactive interval of the token.
setPublicKey(RSAPublicKey) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Primarily for testing, this provides a way to set the publicKey for signature verification without needing to get a PEM encoded value.
setRules(String) - Static method in class org.apache.hadoop.security.authentication.util.KerberosName
Set the rules.
sign(String) - Method in class org.apache.hadoop.security.authentication.util.Signer
Returns a signed string.
SIGNATURE_SECRET - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the property that specifies the secret to use for signing the HTTP Cookies.
SIGNATURE_SECRET_FILE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
 
Signer - Class in org.apache.hadoop.security.authentication.util
Signs strings and verifies signed strings using a SHA digest.
Signer(SignerSecretProvider) - Constructor for class org.apache.hadoop.security.authentication.util.Signer
Creates a Signer instance using the specified SignerSecretProvider.
SIGNER_SECRET_PROVIDER - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the configuration property that indicates the name of the SignerSecretProvider class to use.
SIGNER_SECRET_PROVIDER_ATTRIBUTE - Static variable in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
Constant for the ServletContext attribute that can be used for providing a custom implementation of the SignerSecretProvider.
SignerException - Exception in org.apache.hadoop.security.authentication.util
Exception thrown by Signer when a string signature is invalid.
SignerException(String) - Constructor for exception org.apache.hadoop.security.authentication.util.SignerException
Creates an exception instance.
SignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
The SignerSecretProvider is an abstract way to provide a secret to be used by the Signer so that we can have different implementations that potentially do more complicated things in the backend.
SignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.SignerSecretProvider
 
startScheduler(long, long) - Method in class org.apache.hadoop.security.authentication.util.RolloverSignerSecretProvider
Starts the scheduler for the rollover to run at an interval.

T

toString() - Method in class org.apache.hadoop.security.authentication.client.AuthenticatedURL.Token
Returns the string representation of the token.
toString() - Method in class org.apache.hadoop.security.authentication.util.AuthToken
Returns the string representation of the token.
toString() - Method in class org.apache.hadoop.security.authentication.util.KerberosName
Put the name back together from the parts.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.AltKerberosAuthenticationHandler
Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.LdapAuthenticationHandler
Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.MultiSchemeAuthenticationHandler
Constant that identifies the authentication mechanism.
TYPE - Static variable in class org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler
Constant that identifies the authentication mechanism.

U

USER_NAME - Static variable in class org.apache.hadoop.security.authentication.client.PseudoAuthenticator
Name of the additional parameter that carries the 'user.name' value.

V

validateAudiences(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Validate whether any of the accepted audience claims is present in the issued token claims list for audience.
validateExpiration(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Validate that the expiration time of the JWT token has not been violated.
validateSignature(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
Verify the signature of the JWT token in this method.
validateToken(SignedJWT) - Method in class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
This method provides a single method for validating the JWT for use in request processing.
verifyAndExtract(String) - Method in class org.apache.hadoop.security.authentication.util.Signer
Verifies a signed string and extracts the original string.
verifyTokenType(AuthenticationHandler, AuthenticationToken) - Method in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
This method verifies if the specified token type matches one of the the token types supported by a specified AuthenticationHandler.

W

WWW_AUTHENTICATE - Static variable in class org.apache.hadoop.security.authentication.client.KerberosAuthenticator
HTTP header used by the SPNEGO server endpoint during an authentication sequence.
WWW_AUTHENTICATE - Static variable in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
 
WWW_AUTHENTICATE_HEADER - Static variable in class org.apache.hadoop.security.authentication.server.HttpConstants
HTTP header used by the server endpoint during an authentication sequence.

Z

ZKSignerSecretProvider - Class in org.apache.hadoop.security.authentication.util
A SignerSecretProvider that synchronizes a rolling random secret between multiple servers using ZooKeeper.
ZKSignerSecretProvider() - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
 
ZKSignerSecretProvider(long) - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
This constructor lets you set the seed of the Random Number Generator and is meant for testing.
ZKSignerSecretProvider.JaasConfiguration - Class in org.apache.hadoop.security.authentication.util
Creates a programmatic version of a jaas.conf file.
ZKSignerSecretProvider.JaasConfiguration(String, String, String) - Constructor for class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider.JaasConfiguration
Add an entry to the jaas configuration with the passed in name, principal, and keytab.
ZOOKEEPER_AUTH_TYPE - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies the auth type to use.
ZOOKEEPER_CONNECTION_STRING - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies the ZooKeeper connection string.
ZOOKEEPER_KERBEROS_KEYTAB - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies the Kerberos keytab file.
ZOOKEEPER_KERBEROS_PRINCIPAL - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies the Kerberos principal.
ZOOKEEPER_PATH - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the property that specifies the ZooKeeper path.
ZOOKEEPER_SIGNER_SECRET_PROVIDER_CURATOR_CLIENT_ATTRIBUTE - Static variable in class org.apache.hadoop.security.authentication.util.ZKSignerSecretProvider
Constant for the ServletContext attribute that can be used for providing a custom CuratorFramework client.
A B C D E F G H I J K L M N O P R S T U V W Z 

Copyright © 2017 Apache Software Foundation. All Rights Reserved.