public static class HadoopThriftAuthBridge.Server extends Object
Modifier and Type | Class and Description |
---|---|
static class |
HadoopThriftAuthBridge.Server.ServerMode |
protected class |
HadoopThriftAuthBridge.Server.TUGIAssumingProcessor
Processor that pulls the SaslServer object out of the transport, and
assumes the remote user's UGI before calling through to the original
processor.
|
Modifier and Type | Field and Description |
---|---|
static long |
DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT |
static String |
DELEGATION_KEY_UPDATE_INTERVAL_KEY |
static String |
DELEGATION_TOKEN_GC_INTERVAL |
static long |
DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT |
static String |
DELEGATION_TOKEN_MAX_LIFETIME_KEY |
static long |
DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT |
static String |
DELEGATION_TOKEN_RENEW_INTERVAL_KEY |
static String |
DELEGATION_TOKEN_STORE_CLS |
static String |
DELEGATION_TOKEN_STORE_ZK_ACL |
static String |
DELEGATION_TOKEN_STORE_ZK_CONNECT_STR |
static String |
DELEGATION_TOKEN_STORE_ZK_CONNECT_STR_ALTERNATE |
static String |
DELEGATION_TOKEN_STORE_ZK_CONNECT_TIMEOUTMILLIS |
static String |
DELEGATION_TOKEN_STORE_ZK_ZNODE |
static String |
DELEGATION_TOKEN_STORE_ZK_ZNODE_DEFAULT |
protected org.apache.hadoop.security.UserGroupInformation |
realUgi |
protected DelegationTokenSecretManager |
secretManager |
Modifier | Constructor and Description |
---|---|
|
HadoopThriftAuthBridge.Server() |
protected |
HadoopThriftAuthBridge.Server(String keytabFile,
String principalConf)
Create a server with a kerberos keytab/principal.
|
Modifier and Type | Method and Description |
---|---|
void |
cancelDelegationToken(String tokenStrForm) |
org.apache.thrift.transport.TTransportFactory |
createTransportFactory(Map<String,String> saslProps)
Create a TTransportFactory that, upon connection of a client socket,
negotiates a Kerberized SASL transport.
|
String |
getDelegationToken(String owner,
String renewer) |
String |
getDelegationTokenWithService(String owner,
String renewer,
String service) |
InetAddress |
getRemoteAddress() |
String |
getRemoteUser() |
protected DelegationTokenStore |
getTokenStore(org.apache.hadoop.conf.Configuration conf) |
String |
getUserFromToken(String tokenStr) |
long |
renewDelegationToken(String tokenStrForm) |
void |
startDelegationTokenSecretManager(org.apache.hadoop.conf.Configuration conf,
Object rawStore,
HadoopThriftAuthBridge.Server.ServerMode smode) |
org.apache.thrift.TProcessor |
wrapNonAssumingProcessor(org.apache.thrift.TProcessor processor)
Wrap a TProcessor to capture the client information like connecting userid, ip etc
|
org.apache.thrift.TProcessor |
wrapProcessor(org.apache.thrift.TProcessor processor)
Wrap a TProcessor in such a way that, before processing any RPC, it
assumes the UserGroupInformation of the user authenticated by
the SASL transport.
|
public static final String DELEGATION_TOKEN_GC_INTERVAL
public static final String DELEGATION_KEY_UPDATE_INTERVAL_KEY
public static final long DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT
public static final String DELEGATION_TOKEN_RENEW_INTERVAL_KEY
public static final long DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT
public static final String DELEGATION_TOKEN_MAX_LIFETIME_KEY
public static final long DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT
public static final String DELEGATION_TOKEN_STORE_CLS
public static final String DELEGATION_TOKEN_STORE_ZK_CONNECT_STR
public static final String DELEGATION_TOKEN_STORE_ZK_CONNECT_STR_ALTERNATE
public static final String DELEGATION_TOKEN_STORE_ZK_CONNECT_TIMEOUTMILLIS
public static final String DELEGATION_TOKEN_STORE_ZK_ZNODE
public static final String DELEGATION_TOKEN_STORE_ZK_ACL
public static final String DELEGATION_TOKEN_STORE_ZK_ZNODE_DEFAULT
protected final org.apache.hadoop.security.UserGroupInformation realUgi
protected DelegationTokenSecretManager secretManager
public HadoopThriftAuthBridge.Server() throws org.apache.thrift.transport.TTransportException
org.apache.thrift.transport.TTransportException
public org.apache.thrift.transport.TTransportFactory createTransportFactory(Map<String,String> saslProps) throws org.apache.thrift.transport.TTransportException
saslProps
- Map of SASL propertiesorg.apache.thrift.transport.TTransportException
public org.apache.thrift.TProcessor wrapProcessor(org.apache.thrift.TProcessor processor)
public org.apache.thrift.TProcessor wrapNonAssumingProcessor(org.apache.thrift.TProcessor processor)
protected DelegationTokenStore getTokenStore(org.apache.hadoop.conf.Configuration conf) throws IOException
IOException
public void startDelegationTokenSecretManager(org.apache.hadoop.conf.Configuration conf, Object rawStore, HadoopThriftAuthBridge.Server.ServerMode smode) throws IOException
IOException
public String getDelegationToken(String owner, String renewer) throws IOException, InterruptedException
IOException
InterruptedException
public String getDelegationTokenWithService(String owner, String renewer, String service) throws IOException, InterruptedException
IOException
InterruptedException
public long renewDelegationToken(String tokenStrForm) throws IOException
IOException
public String getUserFromToken(String tokenStr) throws IOException
IOException
public void cancelDelegationToken(String tokenStrForm) throws IOException
IOException
public InetAddress getRemoteAddress()
public String getRemoteUser()
Copyright © 2017 The Apache Software Foundation. All rights reserved.