Package org.apache.hadoop.security.token

Class SecretManager<T extends TokenIdentifier>

java.lang.Object

org.apache.hadoop.security.token.SecretManager<T>

Type Parameters:

T - The type of the token identifier

Direct Known Subclasses:

AbstractDelegationTokenSecretManager

@Public
@Evolving
public abstract class SecretManager<T extends TokenIdentifier>
extends Object

The server-side secret manager for each token type.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecretManager.InvalidToken	The token was invalid and the message explains why.

Field Summary

Fields

Modifier and Type	Field	Description
static final org.slf4j.Logger	LOG

Constructor Summary

Constructors

Constructor	Description
SecretManager()

Method Summary

Modifier and Type	Method	Description
void	checkAvailableForRead()	No-op if the secret manager is available for reading tokens, throw a StandbyException otherwise.
abstract T	createIdentifier()	Create an empty token identifier.
static byte[]	createPassword(byte[] identifier, SecretKey key)	Compute HMAC of the identifier using the secret key and return the output as password
protected abstract byte[]	createPassword(T identifier)	Create the password for the given identifier.
protected static SecretKey	createSecretKey(byte[] key)	Convert the byte[] to a secret key
protected SecretKey	generateSecret()	Generate a new random secret key.
byte[]	retriableRetrievePassword(T identifier)	The same functionality with retrievePassword(T), except that this method can throw a RetriableException or a StandbyException to indicate that client can retry/failover the same operation because of temporary issue on the server side.
abstract byte[]	retrievePassword(T identifier)	Retrieve the password for the given token identifier.
static void	update(Configuration conf)	Updates the selected cryptographic algorithm and key length using the provided Hadoop Configuration.
protected boolean	validateSecretKeyLength(byte[] secretKey)	Validate the secretKey length is equal to the selected config.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

LOG

public static final org.slf4j.Logger LOG

Constructor Details

SecretManager

public SecretManager()

Method Details

update

public static void update(Configuration conf)

Updates the selected cryptographic algorithm and key length using the provided Hadoop Configuration. This method reads the values for HADOOP_SECURITY_SECRET_MANAGER_KEY_GENERATOR_ALGORITHM_KEY and HADOOP_SECURITY_SECRET_MANAGER_KEY_LENGTH_KEY, or uses default values if not set.

Parameters:

conf - the configuration object containing cryptographic settings

createPassword

protected abstract byte[] createPassword(T identifier)

Create the password for the given identifier. identifier may be modified inside this method.

Parameters:

identifier - the identifier to use

Returns:

the new password

retrievePassword

public abstract byte[] retrievePassword(T identifier)
                                 throws SecretManager.InvalidToken

Retrieve the password for the given token identifier. Should check the date or registry to make sure the token hasn't expired or been revoked. Returns the relevant password.

Parameters:

identifier - the identifier to validate

Returns:

the password to use

Throws:

SecretManager.InvalidToken - the token was invalid

retriableRetrievePassword

public byte[] retriableRetrievePassword(T identifier)
                                 throws SecretManager.InvalidToken,
StandbyException,
RetriableException,
IOException

The same functionality with retrievePassword(T), except that this method can throw a RetriableException or a StandbyException to indicate that client can retry/failover the same operation because of temporary issue on the server side.

Parameters:

identifier - the identifier to validate

Returns:

the password to use

Throws:

SecretManager.InvalidToken - the token was invalid

StandbyException - the server is in standby state, the client can try other servers

RetriableException - the token was invalid, and the server thinks this may be a temporary issue and suggests the client to retry

IOException - to allow future exceptions to be added without breaking compatibility

createIdentifier

public abstract T createIdentifier()

Create an empty token identifier.

Returns:

the newly created empty token identifier

checkAvailableForRead

public void checkAvailableForRead()
                           throws StandbyException

No-op if the secret manager is available for reading tokens, throw a StandbyException otherwise.

Throws:

StandbyException - if the secret manager is not available to read tokens

generateSecret

protected SecretKey generateSecret()

Generate a new random secret key.

Returns:

the new key

validateSecretKeyLength

protected boolean validateSecretKeyLength(byte[] secretKey)

Validate the secretKey length is equal to the selected config.

Parameters:

secretKey - secretKey

Returns:

true if the secretKey length is equal to the currently configured length

createPassword

public static byte[] createPassword(byte[] identifier,
 SecretKey key)

Compute HMAC of the identifier using the secret key and return the output as password

Parameters:

identifier - the bytes of the identifier

key - the secret key

Returns:

the bytes of the generated password

createSecretKey

protected static SecretKey createSecretKey(byte[] key)

Convert the byte[] to a secret key

Parameters:

key - the byte[] to create a secret key from

Returns:

the secret key