Class DelegationTokenManager
java.lang.Object
org.apache.hadoop.security.token.delegation.web.DelegationTokenManager
Delegation Token Manager used by the
KerberosDelegationTokenAuthenticationHandler.-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidcancelToken(Token<? extends AbstractDelegationTokenIdentifier> token, String canceler) Token<? extends AbstractDelegationTokenIdentifier>createToken(UserGroupInformation ugi, String renewer) Token<? extends AbstractDelegationTokenIdentifier>createToken(UserGroupInformation ugi, String renewer, String service) voiddestroy()voidinit()longrenewToken(Token<? extends AbstractDelegationTokenIdentifier> token, String renewer) voidSets an externalDelegationTokenSecretManagerinstance to manage creation and verification of Delegation Tokens.verifyToken(Token<? extends AbstractDelegationTokenIdentifier> token)
-
Field Details
-
ENABLE_ZK_KEY
- See Also:
-
PREFIX
- See Also:
-
UPDATE_INTERVAL
- See Also:
-
UPDATE_INTERVAL_DEFAULT
public static final long UPDATE_INTERVAL_DEFAULT- See Also:
-
MAX_LIFETIME
- See Also:
-
MAX_LIFETIME_DEFAULT
public static final long MAX_LIFETIME_DEFAULT- See Also:
-
RENEW_INTERVAL
- See Also:
-
RENEW_INTERVAL_DEFAULT
public static final long RENEW_INTERVAL_DEFAULT- See Also:
-
REMOVAL_SCAN_INTERVAL
- See Also:
-
REMOVAL_SCAN_INTERVAL_DEFAULT
public static final long REMOVAL_SCAN_INTERVAL_DEFAULT- See Also:
-
-
Constructor Details
-
DelegationTokenManager
-
-
Method Details
-
setExternalDelegationTokenSecretManager
public void setExternalDelegationTokenSecretManager(AbstractDelegationTokenSecretManager secretManager) Sets an externalDelegationTokenSecretManagerinstance to manage creation and verification of Delegation Tokens.This is useful for use cases where secrets must be shared across multiple services.
- Parameters:
secretManager- aDelegationTokenSecretManagerinstance
-
init
public void init() -
destroy
public void destroy() -
createToken
public Token<? extends AbstractDelegationTokenIdentifier> createToken(UserGroupInformation ugi, String renewer) -
createToken
public Token<? extends AbstractDelegationTokenIdentifier> createToken(UserGroupInformation ugi, String renewer, String service) -
renewToken
public long renewToken(Token<? extends AbstractDelegationTokenIdentifier> token, String renewer) throws IOException - Throws:
IOException
-
cancelToken
public void cancelToken(Token<? extends AbstractDelegationTokenIdentifier> token, String canceler) throws IOException - Throws:
IOException
-
verifyToken
public UserGroupInformation verifyToken(Token<? extends AbstractDelegationTokenIdentifier> token) throws IOException - Throws:
IOException
-
getDelegationTokenSecretManager
-