public synchronized String getTokenTrackingId(TokenIdent identifier) { DelegationTokenInformation info = getTokenInfo(identifier); if (info == null) { return null; } return info.getTrackingId(); }
@Override public synchronized byte[] retrievePassword(TokenIdent identifier) throws InvalidToken { return checkToken(identifier).getPassword(); }
public static void rollMasterKey( AbstractDelegationTokenSecretManager<? extends AbstractDelegationTokenIdentifier> mgr) throws IOException { mgr.rollMasterKey(); }
/** * Add a previously used master key to cache (when NN restarts), * should be called before activate(). * */ public synchronized void addKey(DelegationKey key) throws IOException { if (running) // a safety check throw new IOException("Can't add delegation key to a running SecretManager."); if (key.getKeyId() > getCurrentKeyId()) { setCurrentKeyId(key.getKeyId()); } allKeys.put(key.getKeyId(), key); }
/** * For subclasses externalizing the storage, for example Zookeeper * based implementations */ protected void storeDelegationKey(DelegationKey key) throws IOException { allKeys.put(key.getKeyId(), key); storeNewMasterKey(key); }
@Override public synchronized TokenIdent cancelToken(Token<TokenIdent> token, String canceller) throws IOException { ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); TokenIdent id = createIdentifier(); id.readFields(in); syncLocalCacheWithZk(id); return super.cancelToken(token, canceller); }
/** * For subclasses externalizing the storage, for example Zookeeper * based implementations */ protected void storeToken(TokenIdent ident, DelegationTokenInformation tokenInfo) throws IOException { currentTokens.put(ident, tokenInfo); storeNewToken(ident, tokenInfo.getRenewDate()); }
/** * For subclasses externalizing the storage, for example Zookeeper * based implementations */ protected void updateToken(TokenIdent ident, DelegationTokenInformation tokenInfo) throws IOException { currentTokens.put(ident, tokenInfo); updateStoredToken(ident, tokenInfo.getRenewDate()); }
@SuppressWarnings("unchecked") public UserGroupInformation verifyToken( Token<? extends AbstractDelegationTokenIdentifier> token) throws IOException { AbstractDelegationTokenIdentifier id = secretManager.decodeTokenIdentifier(token); secretManager.verifyToken(id, token.getPassword()); return id.getUser(); }
public AbstractDelegationTokenIdentifier(Text owner, Text renewer, Text realUser) { setOwner(owner); setRenewer(renewer); setRealUser(realUser); issueDate = 0; maxDate = 0; }
@Override public DelegationKey getDelegationKey(int keyId) { return super.getDelegationKey(keyId); }
@Override protected void updateDelegationKey(DelegationKey key) throws IOException { addOrUpdateDelegationKey(key, true); }
@Override public String toString() { return KIND + "; " + super.toString() + ", cluster " + clusterId + ", app ID " + appId + ", signing " + isSigningRequired; }
protected String getTrackingIdIfEnabled(TokenIdent ident) { if (storeTokenTrackingId) { return ident.getTrackingId(); } return null; }
public SecretKey getKey() { if (keyBytes == null || keyBytes.length == 0) { return null; } else { SecretKey key = AbstractDelegationTokenSecretManager.createSecretKey(keyBytes); return key; } }
public void destroy() { if (managedSecretManager) { secretManager.stopThreads(); } }
private DelegationTokenInformation getTokenInfoFromZK(TokenIdent ident) throws IOException { return getTokenInfoFromZK(ident, false); }
@Override public synchronized DelegationKey getCurrentKey() throws IOException { DelegationKey currentKey = getDelegationKey(getCurrentKeyId()); if (currentKey != null) return currentKey; // Try to roll the key if none is found. HiveDelegationTokenSupport.rollMasterKey(this); return getDelegationKey(getCurrentKeyId()); }
public static void rollMasterKey( AbstractDelegationTokenSecretManager<? extends AbstractDelegationTokenIdentifier> mgr) throws IOException { mgr.rollMasterKey(); }
@Override protected void storeDelegationKey(DelegationKey key) throws IOException { addOrUpdateDelegationKey(key, false); }