org.apache.hadoop.hdfs.security
Class AccessTokenHandler

java.lang.Object
  extended by org.apache.hadoop.hdfs.security.AccessTokenHandler

@InterfaceAudience.Private
public class AccessTokenHandler
extends Object

AccessTokenHandler can be instantiated in 2 modes, master mode and slave mode. Master can generate new access keys and export access keys to slaves, while slaves can only import and use access keys received from master. Both master and slave can generate and verify access tokens. Typically, master mode is used by NN and slave mode is used by DN.


Nested Class Summary
static class AccessTokenHandler.AccessMode
           
 
Constructor Summary
AccessTokenHandler(boolean isMaster, long keyUpdateInterval, long tokenLifetime)
          Constructor
 
Method Summary
 boolean checkAccess(BlockAccessToken token, String userID, long blockID, AccessTokenHandler.AccessMode mode)
          Check if access should be allowed.
 ExportedAccessKeys exportKeys()
          Export access keys, only to be used in master mode
 BlockAccessToken generateToken(long blockID, EnumSet<AccessTokenHandler.AccessMode> modes)
          Generate an access token for current user
 BlockAccessToken generateToken(String userID, long blockID, EnumSet<AccessTokenHandler.AccessMode> modes)
          Generate an access token for a specified user
 void setKeys(ExportedAccessKeys exportedKeys)
          Set access keys, only to be used in slave mode
 void updateKeys()
          Update access keys, only to be used in master mode
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessTokenHandler

public AccessTokenHandler(boolean isMaster,
                          long keyUpdateInterval,
                          long tokenLifetime)
                   throws IOException
Constructor

Parameters:
isMaster -
keyUpdateInterval -
tokenLifetime -
Throws:
IOException
Method Detail

exportKeys

public ExportedAccessKeys exportKeys()
Export access keys, only to be used in master mode


setKeys

public void setKeys(ExportedAccessKeys exportedKeys)
             throws IOException
Set access keys, only to be used in slave mode

Throws:
IOException

updateKeys

public void updateKeys()
                throws IOException
Update access keys, only to be used in master mode

Throws:
IOException

generateToken

public BlockAccessToken generateToken(long blockID,
                                      EnumSet<AccessTokenHandler.AccessMode> modes)
                               throws IOException
Generate an access token for current user

Throws:
IOException

generateToken

public BlockAccessToken generateToken(String userID,
                                      long blockID,
                                      EnumSet<AccessTokenHandler.AccessMode> modes)
                               throws IOException
Generate an access token for a specified user

Throws:
IOException

checkAccess

public boolean checkAccess(BlockAccessToken token,
                           String userID,
                           long blockID,
                           AccessTokenHandler.AccessMode mode)
                    throws IOException
Check if access should be allowed. userID is not checked if null

Throws:
IOException


Copyright © 2009 The Apache Software Foundation