Package org.apache.hadoop.crypto.key
Class KeyProviderDelegationTokenExtension
java.lang.Object
org.apache.hadoop.crypto.key.KeyProvider
org.apache.hadoop.crypto.key.KeyProviderExtension<KeyProviderDelegationTokenExtension.DelegationTokenExtension>
org.apache.hadoop.crypto.key.KeyProviderDelegationTokenExtension
- All Implemented Interfaces:
Closeable,AutoCloseable,DelegationTokenIssuer
public class KeyProviderDelegationTokenExtension
extends KeyProviderExtension<KeyProviderDelegationTokenExtension.DelegationTokenExtension>
implements DelegationTokenIssuer
A KeyProvider extension with the ability to add a renewer's Delegation
Tokens to the provided Credentials.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic interfaceDelegationTokenExtension is a type of Extension that exposes methods needed to work with Delegation Tokens.Nested classes/interfaces inherited from class org.apache.hadoop.crypto.key.KeyProviderExtension
KeyProviderExtension.ExtensionNested classes/interfaces inherited from class org.apache.hadoop.crypto.key.KeyProvider
KeyProvider.KeyVersion, KeyProvider.Metadata, KeyProvider.Options -
Field Summary
Fields inherited from class org.apache.hadoop.crypto.key.KeyProvider
DEFAULT_BITLENGTH, DEFAULT_BITLENGTH_NAME, DEFAULT_CIPHER, DEFAULT_CIPHER_NAME, JCEKS_KEY_SERIAL_FILTER, JCEKS_KEY_SERIALFILTER_DEFAULTFields inherited from interface org.apache.hadoop.security.token.DelegationTokenIssuer
TOKEN_LOG -
Method Summary
Modifier and TypeMethodDescriptioncreateKeyProviderDelegationTokenExtension(KeyProvider keyProvider) Creates aKeyProviderDelegationTokenExtensionusing a givenKeyProvider.The service name used as the alias for the token in the credential token map.Token<?>getDelegationToken(String renewer) Unconditionally get a new token with the optional renewer.Methods inherited from class org.apache.hadoop.crypto.key.KeyProviderExtension
createKey, createKey, deleteKey, flush, getCurrentKey, getExtension, getKeyProvider, getKeys, getKeysMetadata, getKeyVersion, getKeyVersions, getMetadata, invalidateCache, isTransient, rollNewVersion, rollNewVersion, toStringMethods inherited from class org.apache.hadoop.crypto.key.KeyProvider
buildVersionName, close, findProvider, generateKey, getBaseName, getConf, needsPassword, noPasswordError, noPasswordWarning, optionsMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.apache.hadoop.security.token.DelegationTokenIssuer
addDelegationTokens, getAdditionalTokenIssuers
-
Method Details
-
getCanonicalServiceName
Description copied from interface:DelegationTokenIssuerThe service name used as the alias for the token in the credential token map. addDelegationTokens will use this to determine if a token exists, and if not, add a new token with this alias.- Specified by:
getCanonicalServiceNamein interfaceDelegationTokenIssuer- Returns:
- the token.
-
getDelegationToken
Description copied from interface:DelegationTokenIssuerUnconditionally get a new token with the optional renewer. Returning null indicates the service does not issue tokens.- Specified by:
getDelegationTokenin interfaceDelegationTokenIssuer- Parameters:
renewer- renewer.- Returns:
- the token.
- Throws:
IOException- raised on errors performing I/O.
-
createKeyProviderDelegationTokenExtension
public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) Creates aKeyProviderDelegationTokenExtensionusing a givenKeyProvider.If the given
KeyProviderimplements theKeyProviderDelegationTokenExtension.DelegationTokenExtensioninterface theKeyProvideritself will provide the extension functionality, otherwise a default extension implementation will be used.- Parameters:
keyProvider-KeyProviderto use to create theKeyProviderDelegationTokenExtensionextension.- Returns:
- a
KeyProviderDelegationTokenExtensioninstance using the givenKeyProvider.
-