Package org.apache.hadoop.hdfs.server.federation.router.security.token

Class ZKDelegationTokenSecretManagerImpl

java.lang.Object
org.apache.hadoop.security.token.SecretManager<TokenIdent>
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<TokenIdent>
org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
org.apache.hadoop.hdfs.server.federation.router.security.token.ZKDelegationTokenSecretManagerImpl
public class ZKDelegationTokenSecretManagerImpl extends org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
Zookeeper based router delegation token store implementation.

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

    org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformation

    Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager

    org.apache.hadoop.security.token.SecretManager.InvalidToken

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL
     
    static final int
    ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL_DEFAULT
     

    Fields inherited from class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager

    ZK_CONF_PREFIX, ZK_DTSM_TOKEN_SEQNUM_BATCH_SIZE, ZK_DTSM_TOKEN_SEQNUM_BATCH_SIZE_DEFAULT, ZK_DTSM_TOKEN_WATCHER_ENABLED, ZK_DTSM_TOKEN_WATCHER_ENABLED_DEFAULT, ZK_DTSM_TOKENS_ROOT, ZK_DTSM_ZK_AUTH_TYPE, ZK_DTSM_ZK_CONNECTION_STRING, ZK_DTSM_ZK_CONNECTION_TIMEOUT, ZK_DTSM_ZK_CONNECTION_TIMEOUT_DEFAULT, ZK_DTSM_ZK_KERBEROS_KEYTAB, ZK_DTSM_ZK_KERBEROS_PRINCIPAL, ZK_DTSM_ZK_KERBEROS_SERVER_PRINCIPAL, ZK_DTSM_ZK_NUM_RETRIES, ZK_DTSM_ZK_NUM_RETRIES_DEFAULT, ZK_DTSM_ZK_SESSION_TIMEOUT, ZK_DTSM_ZK_SESSION_TIMEOUT_DEFAULT, ZK_DTSM_ZK_SHUTDOWN_TIMEOUT, ZK_DTSM_ZK_SHUTDOWN_TIMEOUT_DEFAULT, ZK_DTSM_ZK_SSL_ENABLED, ZK_DTSM_ZK_SSL_KEYSTORE_LOCATION, ZK_DTSM_ZK_SSL_KEYSTORE_PASSWORD, ZK_DTSM_ZK_SSL_TRUSTSTORE_LOCATION, ZK_DTSM_ZK_SSL_TRUSTSTORE_PASSWORD, ZK_DTSM_ZNODE_WORKING_PATH, ZK_DTSM_ZNODE_WORKING_PATH_DEAFULT, zkClient

    Fields inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

    allKeys, currentId, currentTokens, delegationTokenSequenceNumber, noInterruptsLock, running, storeTokenTrackingId, tokenOwnerStats

  • Constructor Summary

    Constructors
    Constructor
    Description
    ZKDelegationTokenSecretManagerImpl(org.apache.hadoop.conf.Configuration conf)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    addOrUpdateToken(org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier ident, org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformation info, boolean isUpdate)
     
    org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier
    cancelToken(org.apache.hadoop.security.token.Token<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier> token, String canceller)
     
    org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier
    createIdentifier()
     
    protected void
    removeStoredToken(org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier ident)
     
    void
    startThreads()
     
    void
    stopThreads()
     

    Methods inherited from class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager

    getCurator, getCurrentKeyId, getDelegationKey, getDelegationTokenSeqNum, getTokenInfo, getTokenInfoFromZK, getTokenInfoFromZK, getTokenInfoFromZK, incrementCurrentKeyId, incrementDelegationTokenSeqNum, isTokenWatcherEnabled, processTokenAddOrUpdate, removeStoredMasterKey, removeStoredToken, setCurator, setDelegationTokenSeqNum, storeDelegationKey, storeToken, syncLocalCacheWithZk, updateDelegationKey, updateToken

    Methods inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

    addKey, addPersistedDelegationToken, addTokenForOwnerStats, checkToken, createPassword, createSecretKey, decodeTokenIdentifier, getAllKeys, getCandidateTokensForCleanup, getCurrentTokensSize, getMetrics, getTokenRenewInterval, getTokenTrackingId, getTopTokenRealOwners, getTrackingIdIfEnabled, isRunning, logExpireToken, logExpireTokens, logUpdateMasterKey, removeExpiredStoredToken, renewToken, reset, retrievePassword, rollMasterKey, setCurrentKeyId, storeNewMasterKey, storeNewToken, syncTokenOwnerStats, updateStoredToken, verifyToken

    Methods inherited from class org.apache.hadoop.security.token.SecretManager

    checkAvailableForRead, createPassword, generateSecret, retriableRetrievePassword, update, validateSecretKeyLength

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL

      public static final String ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL
      See Also:

    • ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL_DEFAULT

      public static final int ZK_DTSM_ROUTER_TOKEN_SYNC_INTERVAL_DEFAULT
      See Also:

  • Constructor Details

    • ZKDelegationTokenSecretManagerImpl

      public ZKDelegationTokenSecretManagerImpl(org.apache.hadoop.conf.Configuration conf)

  • Method Details

    • startThreads

      public void startThreads() throws IOException
      Overrides:
      startThreads in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
      Throws:
      IOException

    • stopThreads

      public void stopThreads()
      Overrides:
      stopThreads in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>

    • createIdentifier

      public org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier createIdentifier()
      Specified by:
      createIdentifier in class org.apache.hadoop.security.token.SecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>

    • cancelToken

      public org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier cancelToken(org.apache.hadoop.security.token.Token<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier> token, String canceller) throws IOException
      Overrides:
      cancelToken in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
      Throws:
      IOException

    • removeStoredToken

      protected void removeStoredToken(org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier ident) throws IOException
      Overrides:
      removeStoredToken in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
      Throws:
      IOException

    • addOrUpdateToken

      protected void addOrUpdateToken(org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier ident, org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformation info, boolean isUpdate) throws Exception
      Overrides:
      addOrUpdateToken in class org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager<org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier>
      Throws:
      Exception