Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.hadoop.hive.thrift
Class HadoopThriftAuthBridge20S.Server

java.lang.Object
  extended by org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge.Server
      extended by org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S.Server
Enclosing class:
HadoopThriftAuthBridge20S
public static class HadoopThriftAuthBridge20S.Server
extends HadoopThriftAuthBridge.Server

Nested Class Summary
protected  class HadoopThriftAuthBridge20S.Server.TUGIAssumingProcessor
          Processor that pulls the SaslServer object out of the transport, and assumes the remote user's UGI before calling through to the original processor.
 
Field Summary
static long DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT
           
static String DELEGATION_KEY_UPDATE_INTERVAL_KEY
           
static long DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT
           
static String DELEGATION_TOKEN_MAX_LIFETIME_KEY
           
static long DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT
           
static String DELEGATION_TOKEN_RENEW_INTERVAL_KEY
           
static String DELEGATION_TOKEN_STORE_CLS
           
static String DELEGATION_TOKEN_STORE_ZK_ACL
           
static String DELEGATION_TOKEN_STORE_ZK_CONNECT_STR
           
static String DELEGATION_TOKEN_STORE_ZK_CONNECT_TIMEOUTMILLIS
           
static String DELEGATION_TOKEN_STORE_ZK_ZNODE
           
static String DELEGATION_TOKEN_STORE_ZK_ZNODE_DEFAULT
           
 
Constructor Summary
  HadoopThriftAuthBridge20S.Server()
           
protected HadoopThriftAuthBridge20S.Server(String keytabFile, String principalConf)
          Create a server with a kerberos keytab/principal.
 
Method Summary
 void cancelDelegationToken(String tokenStrForm)
           
 org.apache.thrift.transport.TTransportFactory createTransportFactory(Map<String,String> saslProps)
          Create a TTransportFactory that, upon connection of a client socket, negotiates a Kerberized SASL transport.
 String getDelegationToken(String owner, String renewer)
           
 String getDelegationTokenWithService(String owner, String renewer, String service)
           
 InetAddress getRemoteAddress()
           
 String getRemoteUser()
           
protected  DelegationTokenStore getTokenStore(org.apache.hadoop.conf.Configuration conf)
           
 String getUserFromToken(String tokenStr)
           
 long renewDelegationToken(String tokenStrForm)
           
 void startDelegationTokenSecretManager(org.apache.hadoop.conf.Configuration conf, Object hms)
           
 org.apache.thrift.TProcessor wrapNonAssumingProcessor(org.apache.thrift.TProcessor processor)
          Wrap a TProcessor to capture the client information like connecting userid, ip etc
 org.apache.thrift.TProcessor wrapProcessor(org.apache.thrift.TProcessor processor)
          Wrap a TProcessor in such a way that, before processing any RPC, it assumes the UserGroupInformation of the user authenticated by the SASL transport.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DELEGATION_KEY_UPDATE_INTERVAL_KEY

public static final String DELEGATION_KEY_UPDATE_INTERVAL_KEY
See Also:
Constant Field Values

DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT

public static final long DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT
See Also:
Constant Field Values

DELEGATION_TOKEN_RENEW_INTERVAL_KEY

public static final String DELEGATION_TOKEN_RENEW_INTERVAL_KEY
See Also:
Constant Field Values

DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT

public static final long DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT
See Also:
Constant Field Values

DELEGATION_TOKEN_MAX_LIFETIME_KEY

public static final String DELEGATION_TOKEN_MAX_LIFETIME_KEY
See Also:
Constant Field Values

DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT

public static final long DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_CLS

public static final String DELEGATION_TOKEN_STORE_CLS
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_ZK_CONNECT_STR

public static final String DELEGATION_TOKEN_STORE_ZK_CONNECT_STR
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_ZK_CONNECT_TIMEOUTMILLIS

public static final String DELEGATION_TOKEN_STORE_ZK_CONNECT_TIMEOUTMILLIS
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_ZK_ZNODE

public static final String DELEGATION_TOKEN_STORE_ZK_ZNODE
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_ZK_ACL

public static final String DELEGATION_TOKEN_STORE_ZK_ACL
See Also:
Constant Field Values

DELEGATION_TOKEN_STORE_ZK_ZNODE_DEFAULT

public static final String DELEGATION_TOKEN_STORE_ZK_ZNODE_DEFAULT
See Also:
Constant Field Values
Constructor Detail

HadoopThriftAuthBridge20S.Server

public HadoopThriftAuthBridge20S.Server()
                                 throws org.apache.thrift.transport.TTransportException
Throws:
org.apache.thrift.transport.TTransportException

HadoopThriftAuthBridge20S.Server

protected HadoopThriftAuthBridge20S.Server(String keytabFile,
                                           String principalConf)
                                    throws org.apache.thrift.transport.TTransportException
Create a server with a kerberos keytab/principal.

Throws:
org.apache.thrift.transport.TTransportException
Method Detail

createTransportFactory

public org.apache.thrift.transport.TTransportFactory createTransportFactory(Map<String,String> saslProps)
                                                                     throws org.apache.thrift.transport.TTransportException
Create a TTransportFactory that, upon connection of a client socket, negotiates a Kerberized SASL transport. The resulting TTransportFactory can be passed as both the input and output transport factory when instantiating a TThreadPoolServer, for example.

Specified by:
createTransportFactory in class HadoopThriftAuthBridge.Server
Parameters:
saslProps - Map of SASL properties
Throws:
org.apache.thrift.transport.TTransportException

wrapProcessor

public org.apache.thrift.TProcessor wrapProcessor(org.apache.thrift.TProcessor processor)
Wrap a TProcessor in such a way that, before processing any RPC, it assumes the UserGroupInformation of the user authenticated by the SASL transport.

Specified by:
wrapProcessor in class HadoopThriftAuthBridge.Server

wrapNonAssumingProcessor

public org.apache.thrift.TProcessor wrapNonAssumingProcessor(org.apache.thrift.TProcessor processor)
Wrap a TProcessor to capture the client information like connecting userid, ip etc

Specified by:
wrapNonAssumingProcessor in class HadoopThriftAuthBridge.Server

getTokenStore

protected DelegationTokenStore getTokenStore(org.apache.hadoop.conf.Configuration conf)
                                      throws IOException
Throws:
IOException

startDelegationTokenSecretManager

public void startDelegationTokenSecretManager(org.apache.hadoop.conf.Configuration conf,
                                              Object hms)
                                       throws IOException
Specified by:
startDelegationTokenSecretManager in class HadoopThriftAuthBridge.Server
Throws:
IOException

getDelegationToken

public String getDelegationToken(String owner,
                                 String renewer)
                          throws IOException,
                                 InterruptedException
Specified by:
getDelegationToken in class HadoopThriftAuthBridge.Server
Throws:
IOException
InterruptedException

getDelegationTokenWithService

public String getDelegationTokenWithService(String owner,
                                            String renewer,
                                            String service)
                                     throws IOException,
                                            InterruptedException
Specified by:
getDelegationTokenWithService in class HadoopThriftAuthBridge.Server
Throws:
IOException
InterruptedException

renewDelegationToken

public long renewDelegationToken(String tokenStrForm)
                          throws IOException
Specified by:
renewDelegationToken in class HadoopThriftAuthBridge.Server
Throws:
IOException

getUserFromToken

public String getUserFromToken(String tokenStr)
                        throws IOException
Specified by:
getUserFromToken in class HadoopThriftAuthBridge.Server
Throws:
IOException

cancelDelegationToken

public void cancelDelegationToken(String tokenStrForm)
                           throws IOException
Specified by:
cancelDelegationToken in class HadoopThriftAuthBridge.Server
Throws:
IOException

getRemoteAddress

public InetAddress getRemoteAddress()
Specified by:
getRemoteAddress in class HadoopThriftAuthBridge.Server

getRemoteUser

public String getRemoteUser()
Specified by:
getRemoteUser in class HadoopThriftAuthBridge.Server
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2014 The Apache Software Foundation. All rights reserved.