@InterfaceAudience.Private public class AuthenticationTokenSecretManager extends <any>
A single instance of AuthenticationTokenSecretManager
will be
running as the "leader" in a given HBase cluster. The leader is responsible
for periodically generating new secret keys, which are then distributed to
followers via ZooKeeper, and for expiring previously used secret keys that
are no longer needed (as any tokens using them have expired).
Constructor and Description |
---|
AuthenticationTokenSecretManager(Configuration conf,
ZooKeeperWatcher zk,
java.lang.String serverName,
long keyUpdateInterval,
long tokenMaxLifetime)
Create a new secret manager instance for generating keys.
|
Modifier and Type | Method and Description |
---|---|
void |
addKey(AuthenticationKey key) |
AuthenticationTokenIdentifier |
createIdentifier() |
protected byte[] |
createPassword(AuthenticationTokenIdentifier identifier) |
static javax.crypto.SecretKey |
createSecretKey(byte[] raw) |
<any> |
generateToken(java.lang.String username) |
java.lang.String |
getName() |
boolean |
isMaster() |
byte[] |
retrievePassword(AuthenticationTokenIdentifier identifier) |
void |
start() |
void |
stop() |
public AuthenticationTokenSecretManager(Configuration conf, ZooKeeperWatcher zk, java.lang.String serverName, long keyUpdateInterval, long tokenMaxLifetime)
conf
- Configuration to usezk
- Connection to zookeeper for handling leader electionskeyUpdateInterval
- Time (in milliseconds) between rolling a new master key for token signingtokenMaxLifetime
- Maximum age (in milliseconds) before a token expires and is no longer validpublic void start()
public void stop()
public boolean isMaster()
public java.lang.String getName()
protected byte[] createPassword(AuthenticationTokenIdentifier identifier)
public byte[] retrievePassword(AuthenticationTokenIdentifier identifier) throws InvalidToken
InvalidToken
public AuthenticationTokenIdentifier createIdentifier()
public <any> generateToken(java.lang.String username)
public void addKey(AuthenticationKey key) throws java.io.IOException
java.io.IOException
public static javax.crypto.SecretKey createSecretKey(byte[] raw)