org.apache.hadoop.hive.llap.security

Class SecretManager

java.lang.Object

org.apache.hadoop.security.token.SecretManager<TokenIdent>

org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<TokenIdent>

org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<LlapTokenIdentifier>

org.apache.hadoop.hive.llap.security.SecretManager

All Implemented Interfaces:

SigningSecretManager

public class SecretManager
extends org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<LlapTokenIdentifier>
implements SigningSecretManager

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager

org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager.JaasConfiguration

Nested classes/interfaces inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformation

Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager

org.apache.hadoop.security.token.SecretManager.InvalidToken

Field Summary

Fields inherited from class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager

ZK_DTSM_ZK_AUTH_TYPE, ZK_DTSM_ZK_CONNECTION_STRING, ZK_DTSM_ZK_CONNECTION_TIMEOUT, ZK_DTSM_ZK_CONNECTION_TIMEOUT_DEFAULT, ZK_DTSM_ZK_KERBEROS_KEYTAB, ZK_DTSM_ZK_KERBEROS_PRINCIPAL, ZK_DTSM_ZK_NUM_RETRIES, ZK_DTSM_ZK_NUM_RETRIES_DEFAULT, ZK_DTSM_ZK_SESSION_TIMEOUT, ZK_DTSM_ZK_SESSION_TIMEOUT_DEFAULT, ZK_DTSM_ZK_SHUTDOWN_TIMEOUT, ZK_DTSM_ZK_SHUTDOWN_TIMEOUT_DEFAULT, ZK_DTSM_ZNODE_WORKING_PATH, ZK_DTSM_ZNODE_WORKING_PATH_DEAFULT

Fields inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

allKeys, currentId, currentTokens, delegationTokenSequenceNumber, noInterruptsLock, running, storeTokenTrackingId

Constructor Summary

Constructors

Constructor and Description
SecretManager(org.apache.hadoop.conf.Configuration conf, String clusterId)

Method Summary

Modifier and Type	Method and Description
void	close()
LlapTokenIdentifier	createIdentifier()
org.apache.hadoop.security.token.Token<LlapTokenIdentifier>	createLlapToken(String appId, String user, boolean isSignatureRequired)
static SecretManager	createSecretManager(org.apache.hadoop.conf.Configuration conf, String clusterId)
static SecretManager	createSecretManager(org.apache.hadoop.conf.Configuration conf, String llapPrincipal, String llapKeytab, String clusterId)
LlapTokenIdentifier	decodeTokenIdentifier(org.apache.hadoop.security.token.Token<LlapTokenIdentifier> token)
org.apache.hadoop.security.token.delegation.DelegationKey	getCurrentKey()
byte[]	signWithKey(byte[] message, org.apache.hadoop.security.token.delegation.DelegationKey key)
byte[]	signWithKey(byte[] message, int keyId)
void	startThreads()
void	verifyToken(byte[] tokenBytes) Verifies the token available as serialized bytes.

Methods inherited from class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager

cancelToken, getCurrentKeyId, getDelegationKey, getDelegationTokenSeqNum, getListenerThreadPool, getTokenInfo, incrementCurrentKeyId, incrementDelegationTokenSeqNum, removeStoredMasterKey, removeStoredToken, setCurator, setDelegationTokenSeqNum, stopThreads, storeDelegationKey, storeToken, updateDelegationKey, updateToken

Methods inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

addKey, addPersistedDelegationToken, checkToken, createPassword, createSecretKey, getAllKeys, getTokenTrackingId, getTrackingIdIfEnabled, isRunning, logExpireToken, logExpireTokens, logUpdateMasterKey, renewToken, reset, retrievePassword, setCurrentKeyId, storeNewMasterKey, storeNewToken, updateStoredToken, verifyToken

Methods inherited from class org.apache.hadoop.security.token.SecretManager

checkAvailableForRead, createPassword, generateSecret, retriableRetrievePassword

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecretManager

public SecretManager(org.apache.hadoop.conf.Configuration conf,
                     String clusterId)

Method Detail

startThreads

public void startThreads()
                  throws IOException

Overrides:

startThreads in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<LlapTokenIdentifier>

Throws:

IOException

createIdentifier

public LlapTokenIdentifier createIdentifier()

Specified by:

createIdentifier in class org.apache.hadoop.security.token.SecretManager<LlapTokenIdentifier>

decodeTokenIdentifier

public LlapTokenIdentifier decodeTokenIdentifier(org.apache.hadoop.security.token.Token<LlapTokenIdentifier> token)
                                          throws IOException

Overrides:

decodeTokenIdentifier in class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<LlapTokenIdentifier>

Throws:

IOException

getCurrentKey

public org.apache.hadoop.security.token.delegation.DelegationKey getCurrentKey()
                                                                        throws IOException

Specified by:

getCurrentKey in interface SigningSecretManager

Throws:

IOException

signWithKey

public byte[] signWithKey(byte[] message,
                          org.apache.hadoop.security.token.delegation.DelegationKey key)

Specified by:

signWithKey in interface SigningSecretManager

signWithKey

public byte[] signWithKey(byte[] message,
                          int keyId)
                   throws SecurityException

Specified by:

signWithKey in interface SigningSecretManager

Throws:

SecurityException

createSecretManager

public static SecretManager createSecretManager(org.apache.hadoop.conf.Configuration conf,
                                                String clusterId)

createSecretManager

public static SecretManager createSecretManager(org.apache.hadoop.conf.Configuration conf,
                                                String llapPrincipal,
                                                String llapKeytab,
                                                String clusterId)

createLlapToken

public org.apache.hadoop.security.token.Token<LlapTokenIdentifier> createLlapToken(String appId,
                                                                                   String user,
                                                                                   boolean isSignatureRequired)
                                                                            throws IOException

Throws:

IOException

close

public void close()

Specified by:

close in interface SigningSecretManager

verifyToken

public void verifyToken(byte[] tokenBytes)
                 throws IOException

Verifies the token available as serialized bytes.

Throws:

IOException