public abstract class AbstractDelegationTokenSecretManager<TokenIdent extends AbstractDelegationTokenIdentifier> extends SecretManager<TokenIdent>
限定符和类型 | 类和说明 |
---|---|
static class |
AbstractDelegationTokenSecretManager.DelegationTokenInformation
Class to encapsulate a token's renew date and password.
|
SecretManager.InvalidToken
限定符和类型 | 字段和说明 |
---|---|
protected Map<Integer,DelegationKey> |
allKeys
Access to allKeys is protected by this object lock
|
protected int |
currentId
Access to currentId is protected by this object lock.
|
protected Map<TokenIdent,AbstractDelegationTokenSecretManager.DelegationTokenInformation> |
currentTokens
Cache of currently valid tokens, mapping from DelegationTokenIdentifier
to DelegationTokenInformation.
|
protected int |
delegationTokenSequenceNumber
Sequence number to create DelegationTokenIdentifier.
|
protected Object |
noInterruptsLock
If the delegation token update thread holds this lock, it will
not get interrupted.
|
protected boolean |
running |
构造器和说明 |
---|
AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval,
long delegationTokenMaxLifetime,
long delegationTokenRenewInterval,
long delegationTokenRemoverScanInterval) |
限定符和类型 | 方法和说明 |
---|---|
void |
addKey(DelegationKey key)
Add a previously used master key to cache (when NN restarts),
should be called before activate().
|
TokenIdent |
cancelToken(Token<TokenIdent> token,
String canceller)
Cancel a token by removing it from cache.
|
protected byte[] |
createPassword(TokenIdent identifier)
Create the password for the given identifier.
|
static SecretKey |
createSecretKey(byte[] key)
Convert the byte[] to a secret key
|
DelegationKey[] |
getAllKeys() |
boolean |
isRunning()
is secretMgr running
|
protected void |
logUpdateMasterKey(DelegationKey key) |
long |
renewToken(Token<TokenIdent> token,
String renewer)
Renew a delegation token.
|
byte[] |
retrievePassword(TokenIdent identifier)
Retrieve the password for the given token identifier.
|
void |
startThreads()
should be called before this object is used
|
void |
stopThreads() |
void |
verifyToken(TokenIdent identifier,
byte[] password)
Verifies that the given identifier and password are valid and match.
|
createIdentifier, createPassword, generateSecret
protected final Map<TokenIdent extends AbstractDelegationTokenIdentifier,AbstractDelegationTokenSecretManager.DelegationTokenInformation> currentTokens
protected int delegationTokenSequenceNumber
protected final Map<Integer,DelegationKey> allKeys
protected int currentId
protected volatile boolean running
protected Object noInterruptsLock
public AbstractDelegationTokenSecretManager(long delegationKeyUpdateInterval, long delegationTokenMaxLifetime, long delegationTokenRenewInterval, long delegationTokenRemoverScanInterval)
public void startThreads() throws IOException
IOException
public boolean isRunning()
public void addKey(DelegationKey key) throws IOException
IOException
public DelegationKey[] getAllKeys()
protected void logUpdateMasterKey(DelegationKey key) throws IOException
IOException
protected byte[] createPassword(TokenIdent identifier)
SecretManager
createPassword
在类中 SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
identifier
- the identifier to usepublic byte[] retrievePassword(TokenIdent identifier) throws SecretManager.InvalidToken
SecretManager
retrievePassword
在类中 SecretManager<TokenIdent extends AbstractDelegationTokenIdentifier>
identifier
- the identifier to validateSecretManager.InvalidToken
- the token was invalidpublic void verifyToken(TokenIdent identifier, byte[] password) throws SecretManager.InvalidToken
identifier
- Token identifier.password
- Password in the token.InvalidToken
SecretManager.InvalidToken
public long renewToken(Token<TokenIdent> token, String renewer) throws SecretManager.InvalidToken, IOException
token
- the token to renewrenewer
- the full principal name of the user doing the renewalInvalidToken
- if the token is invalidAccessControlException
- if the user can't renew tokenSecretManager.InvalidToken
IOException
public TokenIdent cancelToken(Token<TokenIdent> token, String canceller) throws IOException
InvalidToken
- for invalid tokenAccessControlException
- if the user isn't allowed to cancelIOException
public static SecretKey createSecretKey(byte[] key)
key
- the byte[] to create the secret key frompublic void stopThreads()
Copyright © 2009 The Apache Software Foundation