Class JHSDelegationTokenSecretManager
java.lang.Object
org.apache.hadoop.security.token.SecretManager<TokenIdent>
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
org.apache.hadoop.mapreduce.v2.hs.JHSDelegationTokenSecretManager
@Private
@Unstable
public class JHSDelegationTokenSecretManager
extends org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
A MapReduce specific delegation token secret manager.
The secret manager is responsible for generating and accepting the password
for each token.
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformationNested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager
org.apache.hadoop.security.token.SecretManager.InvalidToken -
Field Summary
Fields inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager
allKeys, currentId, currentTokens, delegationTokenSequenceNumber, noInterruptsLock, running, storeTokenTrackingId, tokenOwnerStats -
Constructor Summary
ConstructorsConstructorDescriptionJHSDelegationTokenSecretManager(long delegationKeyUpdateInterval, long delegationTokenMaxLifetime, long delegationTokenRenewInterval, long delegationTokenRemoverScanInterval, HistoryServerStateStoreService store) Create a secret manager -
Method Summary
Modifier and TypeMethodDescriptionorg.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifiervoidprotected voidremoveStoredMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) protected voidremoveStoredToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId) protected voidstoreNewMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) protected voidstoreNewToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId, long renewDate) protected voidupdateStoredToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId, long renewDate) Methods inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager
addKey, addPersistedDelegationToken, addTokenForOwnerStats, cancelToken, checkToken, createPassword, createSecretKey, decodeTokenIdentifier, getAllKeys, getCandidateTokensForCleanup, getCurrentKeyId, getCurrentTokensSize, getDelegationKey, getDelegationTokenSeqNum, getMetrics, getTokenInfo, getTokenRenewInterval, getTokenTrackingId, getTopTokenRealOwners, getTrackingIdIfEnabled, incrementCurrentKeyId, incrementDelegationTokenSeqNum, isRunning, logExpireToken, logExpireTokens, logUpdateMasterKey, removeExpiredStoredToken, renewToken, reset, retrievePassword, rollMasterKey, setCurrentKeyId, setDelegationTokenSeqNum, startThreads, stopThreads, storeDelegationKey, storeToken, syncTokenOwnerStats, updateDelegationKey, updateToken, verifyTokenMethods inherited from class org.apache.hadoop.security.token.SecretManager
checkAvailableForRead, createPassword, generateSecret, retriableRetrievePassword, update, validateSecretKeyLength
-
Constructor Details
-
JHSDelegationTokenSecretManager
public JHSDelegationTokenSecretManager(long delegationKeyUpdateInterval, long delegationTokenMaxLifetime, long delegationTokenRenewInterval, long delegationTokenRemoverScanInterval, HistoryServerStateStoreService store) Create a secret manager- Parameters:
delegationKeyUpdateInterval- the number of milliseconds for rolling new secret keys.delegationTokenMaxLifetime- the maximum lifetime of the delegation tokens in millisecondsdelegationTokenRenewInterval- how often the tokens must be renewed in millisecondsdelegationTokenRemoverScanInterval- how often the tokens are scanned for expired tokens in millisecondsstore- history server state store for persisting state
-
-
Method Details
-
createIdentifier
public org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier createIdentifier()- Specified by:
createIdentifierin classorg.apache.hadoop.security.token.SecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
-
storeNewMasterKey
protected void storeNewMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) throws IOException - Overrides:
storeNewMasterKeyin classorg.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>- Throws:
IOException
-
removeStoredMasterKey
protected void removeStoredMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) - Overrides:
removeStoredMasterKeyin classorg.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
-
storeNewToken
protected void storeNewToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId, long renewDate) - Overrides:
storeNewTokenin classorg.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
-
removeStoredToken
protected void removeStoredToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId) throws IOException - Overrides:
removeStoredTokenin classorg.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>- Throws:
IOException
-
updateStoredToken
protected void updateStoredToken(org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier tokenId, long renewDate) - Overrides:
updateStoredTokenin classorg.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier>
-
recover
- Throws:
IOException
-