|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.hadoop.security.token.SecretManager<TokenIdent>
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager
@InterfaceAudience.Private public class DelegationTokenSecretManager
A HDFS specific delegation token secret manager. The secret manager is responsible for generating and accepting the password for each token.
Nested Class Summary |
---|
Nested classes/interfaces inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager |
---|
org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager.DelegationTokenInformation |
Nested classes/interfaces inherited from class org.apache.hadoop.security.token.SecretManager |
---|
org.apache.hadoop.security.token.SecretManager.InvalidToken |
Field Summary |
---|
Fields inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager |
---|
allKeys, currentId, currentTokens, delegationTokenSequenceNumber, running |
Constructor Summary | |
---|---|
DelegationTokenSecretManager(long delegationKeyUpdateInterval,
long delegationTokenMaxLifetime,
long delegationTokenRenewInterval,
long delegationTokenRemoverScanInterval,
FSNamesystem namesystem)
Create a secret manager |
Method Summary | |
---|---|
void |
addPersistedDelegationToken(DelegationTokenIdentifier identifier,
long expiryTime)
This method is intended to be used only while reading edit logs. |
DelegationTokenIdentifier |
createIdentifier()
|
int |
getNumberOfKeys()
Returns the number of delegation keys currently stored. |
long |
getTokenExpiryTime(DelegationTokenIdentifier dtId)
Returns expiry time of a token given its identifier. |
void |
loadSecretManagerState(DataInputStream in)
Load SecretManager state from fsimage. |
protected void |
logUpdateMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key)
Call namesystem to update editlogs for new master key. |
void |
saveSecretManagerState(DataOutputStream out)
Store the current state of the SecretManager for persistence |
void |
updatePersistedMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key)
Add a MasterKey to the list of keys. |
void |
updatePersistedTokenCancellation(DelegationTokenIdentifier identifier)
Update the token cache with the cancel record in edit logs |
void |
updatePersistedTokenRenewal(DelegationTokenIdentifier identifier,
long expiryTime)
Update the token cache with renewal record in edit logs. |
Methods inherited from class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager |
---|
addKey, cancelToken, createPassword, createSecretKey, getAllKeys, renewToken, retrievePassword, startThreads, stopThreads |
Methods inherited from class org.apache.hadoop.security.token.SecretManager |
---|
createPassword, generateSecret |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public DelegationTokenSecretManager(long delegationKeyUpdateInterval, long delegationTokenMaxLifetime, long delegationTokenRenewInterval, long delegationTokenRemoverScanInterval, FSNamesystem namesystem)
delegationKeyUpdateInterval
- the number of seconds for rolling new
secret keys.delegationTokenMaxLifetime
- the maximum lifetime of the delegation
tokensdelegationTokenRenewInterval
- how often the tokens must be reneweddelegationTokenRemoverScanInterval
- how often the tokens are scanned
for expired tokensMethod Detail |
---|
public DelegationTokenIdentifier createIdentifier()
createIdentifier
in class org.apache.hadoop.security.token.SecretManager<DelegationTokenIdentifier>
public long getTokenExpiryTime(DelegationTokenIdentifier dtId) throws IOException
dtId
- DelegationTokenIdentifier of a token
IOException
public void loadSecretManagerState(DataInputStream in) throws IOException
in
- input stream to read fsimage
IOException
public void saveSecretManagerState(DataOutputStream out) throws IOException
out
- Output stream for writing into fsimage.
IOException
public void addPersistedDelegationToken(DelegationTokenIdentifier identifier, long expiryTime) throws IOException
identifier
- DelegationTokenIdentifier read from the edit logs or
fsimageexpiryTime
- token expiry time
IOException
public void updatePersistedMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) throws IOException
key
- DelegationKey
IOException
public void updatePersistedTokenRenewal(DelegationTokenIdentifier identifier, long expiryTime) throws IOException
identifier
- DelegationTokenIdentifier of the renewed tokenexpiryTime
-
IOException
public void updatePersistedTokenCancellation(DelegationTokenIdentifier identifier) throws IOException
identifier
- DelegationTokenIdentifier of the canceled token
IOException
public int getNumberOfKeys()
protected void logUpdateMasterKey(org.apache.hadoop.security.token.delegation.DelegationKey key) throws IOException
logUpdateMasterKey
in class org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager<DelegationTokenIdentifier>
IOException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |