@Override public void cancelDelegationToken(String tokenStrForm) throws IOException { secretManager.cancelDelegationToken(tokenStrForm); }
@Override public String run() throws IOException { return secretManager.getDelegationToken(renewer); } });
@Override public String getUserFromToken(String tokenStr) throws IOException { return secretManager.getUserFromToken(tokenStr); }
public synchronized long renewDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); return renewToken(t, user); }
private char[] getPassword(DelegationTokenIdentifier tokenid) throws InvalidToken { return encodePassword(secretManager.retrievePassword(tokenid)); }
public synchronized void cancelDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); cancelToken(t, user); }
public long renewDelegationToken(String tokenStrForm) throws IOException { if (!authenticationMethod.get().equals(AuthenticationMethod.KERBEROS)) { throw new AuthorizationException( "Delegation Token can be issued only with kerberos authentication. " + "Current AuthenticationMethod: " + authenticationMethod.get() ); } return secretManager.renewDelegationToken(tokenStrForm); }
public String getUserFromToken(String tokenStr) throws IOException { Token<DelegationTokenIdentifier> delegationToken = new Token<DelegationTokenIdentifier>(); delegationToken.decodeFromUrlString(tokenStr); ByteArrayInputStream buf = new ByteArrayInputStream(delegationToken.getIdentifier()); DataInputStream in = new DataInputStream(buf); DelegationTokenIdentifier id = createIdentifier(); id.readFields(in); return id.getUser().getShortUserName(); } }
/** * Synchronize master key updates / sequence generation for multiple nodes. * NOTE: {@Link AbstractDelegationTokenSecretManager} keeps currentKey private, so we need * to utilize this "hook" to manipulate the key through the object reference. * This .20S workaround should cease to exist when Hadoop supports token store. */ @Override protected void logUpdateMasterKey(DelegationKey key) throws IOException { int keySeq = this.tokenStore.addMasterKey(encodeWritable(key)); // update key with assigned identifier DelegationKey keyWithSeq = new DelegationKey(keySeq, key.getExpiryDate(), key.getKey()); String keyStr = encodeWritable(keyWithSeq); this.tokenStore.updateMasterKey(keySeq, keyStr); decodeWritable(key, keyStr); LOGGER.info("New master key with key id={}", key.getKeyId()); super.logUpdateMasterKey(key); }
/** * Create the password and add it to shared store. */ @Override protected byte[] createPassword(DelegationTokenIdentifier id) { byte[] password; DelegationTokenInformation info; synchronized (this) { password = super.createPassword(id); // add new token to shared store // need to persist expiration along with password info = super.currentTokens.remove(id); if (info == null) { throw new IllegalStateException("Failed to retrieve token after creation"); } } this.tokenStore.addToken(id, info); return password; }
public synchronized long renewDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); return renewToken(t, user); }
private char[] getPassword(DelegationTokenIdentifier tokenid) throws InvalidToken { return encodePassword(secretManager.retrievePassword(tokenid)); }
public synchronized void cancelDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); cancelToken(t, user); }
public long renewDelegationToken(String tokenStrForm) throws IOException { if (!authenticationMethod.get().equals(AuthenticationMethod.KERBEROS)) { throw new AuthorizationException( "Delegation Token can be issued only with kerberos authentication. " + "Current AuthenticationMethod: " + authenticationMethod.get() ); } return secretManager.renewDelegationToken(tokenStrForm); }
public String getUserFromToken(String tokenStr) throws IOException { Token<DelegationTokenIdentifier> delegationToken = new Token<DelegationTokenIdentifier>(); delegationToken.decodeFromUrlString(tokenStr); ByteArrayInputStream buf = new ByteArrayInputStream(delegationToken.getIdentifier()); DataInputStream in = new DataInputStream(buf); DelegationTokenIdentifier id = createIdentifier(); id.readFields(in); return id.getUser().getShortUserName(); } }
/** * Synchronize master key updates / sequence generation for multiple nodes. * NOTE: {@Link AbstractDelegationTokenSecretManager} keeps currentKey private, so we need * to utilize this "hook" to manipulate the key through the object reference. * This .20S workaround should cease to exist when Hadoop supports token store. */ @Override protected void logUpdateMasterKey(DelegationKey key) throws IOException { int keySeq = this.tokenStore.addMasterKey(encodeWritable(key)); // update key with assigned identifier DelegationKey keyWithSeq = new DelegationKey(keySeq, key.getExpiryDate(), key.getKey()); String keyStr = encodeWritable(keyWithSeq); this.tokenStore.updateMasterKey(keySeq, keyStr); decodeWritable(key, keyStr); LOGGER.info("New master key with key id={}", key.getKeyId()); super.logUpdateMasterKey(key); }
/** * Create the password and add it to shared store. */ @Override protected byte[] createPassword(DelegationTokenIdentifier id) { byte[] password; DelegationTokenInformation info; synchronized (this) { password = super.createPassword(id); // add new token to shared store // need to persist expiration along with password info = super.currentTokens.remove(id); if (info == null) { throw new IllegalStateException("Failed to retrieve token after creation"); } } this.tokenStore.addToken(id, info); return password; }
public synchronized long renewDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); return renewToken(t, user); }
private char[] getPassword(DelegationTokenIdentifier tokenid) throws InvalidToken { return encodePassword(secretManager.retrievePassword(tokenid)); }
public synchronized void cancelDelegationToken(String tokenStrForm) throws IOException { Token<DelegationTokenIdentifier> t= new Token<DelegationTokenIdentifier>(); t.decodeFromUrlString(tokenStrForm); String user = UserGroupInformation.getCurrentUser().getUserName(); cancelToken(t, user); }