org.apache.hadoop.fs.http.server

Class HttpFSKerberosAuthenticationHandler

java.lang.Object

org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler

org.apache.hadoop.fs.http.server.HttpFSKerberosAuthenticationHandler

All Implemented Interfaces:

AuthenticationHandler

@InterfaceAudience.Private
public class HttpFSKerberosAuthenticationHandler
extends KerberosAuthenticationHandler

Server side AuthenticationHandler that authenticates requests using the incoming delegation token as a 'delegation' query string parameter.

If not delegation token is present in the request it delegates to the KerberosAuthenticationHandler

Field Summary

Fields

Modifier and Type	Field and Description
static String	TYPE

Fields inherited from class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler

KEYTAB, NAME_RULES, PRINCIPAL

Constructor Summary

Constructors

Constructor and Description
HttpFSKerberosAuthenticationHandler()

Method Summary

Methods

Modifier and Type	Method and Description
AuthenticationToken	authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Authenticates a request looking for the delegation query-string parameter and verifying it is a valid token.
String	getType() Returns authentication type of the handler.
boolean	managementOperation(AuthenticationToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) This is an empty implementation, it always returns TRUE.

Methods inherited from class org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler

destroy, getKeytab, getPrincipal, init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TYPE

public static final String TYPE

See Also:

Constant Field Values

Constructor Detail

HttpFSKerberosAuthenticationHandler

public HttpFSKerberosAuthenticationHandler()

Method Detail

getType

public String getType()

Returns authentication type of the handler.

Specified by:

getType in interface AuthenticationHandler

Overrides:

getType in class KerberosAuthenticationHandler

Returns:

delegationtoken-kerberos

managementOperation

public boolean managementOperation(AuthenticationToken token,
                          javax.servlet.http.HttpServletRequest request,
                          javax.servlet.http.HttpServletResponse response)
                            throws IOException,
                                   AuthenticationException

Description copied from class: KerberosAuthenticationHandler

This is an empty implementation, it always returns TRUE.

Specified by:

managementOperation in interface AuthenticationHandler

Overrides:

managementOperation in class KerberosAuthenticationHandler

Parameters:

token - the authentication token if any, otherwise NULL.

request - the HTTP client request.

response - the HTTP client response.

Returns:

TRUE

Throws:

IOException - it is never thrown.

AuthenticationException - it is never thrown.

authenticate

public AuthenticationToken authenticate(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response)
                                 throws IOException,
                                        AuthenticationException

Authenticates a request looking for the delegation query-string parameter and verifying it is a valid token. If there is not delegation query-string parameter, it delegates the authentication to the KerberosAuthenticationHandler unless it is disabled.

Specified by:

authenticate in interface AuthenticationHandler

Overrides:

authenticate in class KerberosAuthenticationHandler

Parameters:

request - the HTTP client request.

response - the HTTP client response.

Returns:

the authentication token for the authenticated request.

Throws:

IOException - thrown if an IO error occurred.

AuthenticationException - thrown if the authentication failed.