org.apache.hadoop.hbase.security.token

类 AuthenticationTokenSecretManager

java.lang.Object

org.apache.hadoop.security.token.SecretManager<AuthenticationTokenIdentifier>

org.apache.hadoop.hbase.security.token.AuthenticationTokenSecretManager

@InterfaceAudience.Private
public class AuthenticationTokenSecretManager
extends org.apache.hadoop.security.token.SecretManager<AuthenticationTokenIdentifier>

Manages an internal list of secret keys used to sign new authentication tokens as they are generated, and to valid existing tokens used for authentication.

A single instance of AuthenticationTokenSecretManager will be running as the "leader" in a given HBase cluster. The leader is responsible for periodically generating new secret keys, which are then distributed to followers via ZooKeeper, and for expiring previously used secret keys that are no longer needed (as any tokens using them have expired).

嵌套类概要

从类继承的嵌套类/接口 org.apache.hadoop.security.token.SecretManager

org.apache.hadoop.security.token.SecretManager.InvalidToken

构造器概要

构造器

构造器和说明
AuthenticationTokenSecretManager(org.apache.hadoop.conf.Configuration conf, ZKWatcher zk, String serverName, long keyUpdateInterval, long tokenMaxLifetime) Create a new secret manager instance for generating keys.

方法概要

限定符和类型	方法和说明
void	addKey(AuthenticationKey key)
AuthenticationTokenIdentifier	createIdentifier()
protected byte[]	createPassword(AuthenticationTokenIdentifier identifier)
static SecretKey	createSecretKey(byte[] raw)
org.apache.hadoop.security.token.Token<AuthenticationTokenIdentifier>	generateToken(String username)
String	getName()
boolean	isMaster()
byte[]	retrievePassword(AuthenticationTokenIdentifier identifier)
void	start()
void	stop()

从类继承的方法 org.apache.hadoop.security.token.SecretManager

checkAvailableForRead, createPassword, generateSecret, retriableRetrievePassword

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

构造器详细资料

AuthenticationTokenSecretManager

public AuthenticationTokenSecretManager(org.apache.hadoop.conf.Configuration conf,
                                        ZKWatcher zk,
                                        String serverName,
                                        long keyUpdateInterval,
                                        long tokenMaxLifetime)

Create a new secret manager instance for generating keys.

参数:

conf - Configuration to use

zk - Connection to zookeeper for handling leader elections

keyUpdateInterval - Time (in milliseconds) between rolling a new master key for token signing

tokenMaxLifetime - Maximum age (in milliseconds) before a token expires and is no longer valid

方法详细资料

start

public void start()

stop

public void stop()

isMaster

public boolean isMaster()

getName

public String getName()

createPassword

protected byte[] createPassword(AuthenticationTokenIdentifier identifier)

指定者:

createPassword 在类中 org.apache.hadoop.security.token.SecretManager<AuthenticationTokenIdentifier>

retrievePassword

public byte[] retrievePassword(AuthenticationTokenIdentifier identifier)
                        throws org.apache.hadoop.security.token.SecretManager.InvalidToken

指定者:

retrievePassword 在类中 org.apache.hadoop.security.token.SecretManager<AuthenticationTokenIdentifier>

抛出:

org.apache.hadoop.security.token.SecretManager.InvalidToken

createIdentifier

public AuthenticationTokenIdentifier createIdentifier()

指定者:

createIdentifier 在类中 org.apache.hadoop.security.token.SecretManager<AuthenticationTokenIdentifier>

generateToken

public org.apache.hadoop.security.token.Token<AuthenticationTokenIdentifier> generateToken(String username)

addKey

public void addKey(AuthenticationKey key)
            throws IOException

抛出:

IOException

createSecretKey

public static SecretKey createSecretKey(byte[] raw)