/// <summary>
/// Sets an external <code>DelegationTokenSecretManager</code> instance to
/// manage creation and verification of Delegation Tokens.
/// </summary>
/// <remarks>
/// Sets an external <code>DelegationTokenSecretManager</code> instance to
/// manage creation and verification of Delegation Tokens.
/// <p/>
/// This is useful for use cases where secrets must be shared across multiple
/// services.
/// </remarks>
/// <param name="secretManager">a <code>DelegationTokenSecretManager</code> instance</param>
public virtual void SetExternalDelegationTokenSecretManager(AbstractDelegationTokenSecretManager
secretManager)
{
this.secretManager.StopThreads();
this.secretManager = secretManager;
managedSecretManager = false;
}
/// <exception cref="Javax.Servlet.ServletException"/>
public override void Init(FilterConfig filterConfig)
{
base.Init(filterConfig);
AuthenticationHandler handler = GetAuthenticationHandler();
AbstractDelegationTokenSecretManager dtSecretManager = (AbstractDelegationTokenSecretManager
)filterConfig.GetServletContext().GetAttribute(DelegationTokenSecretManagerAttr);
if (dtSecretManager != null && handler is DelegationTokenAuthenticationHandler)
{
DelegationTokenAuthenticationHandler dtHandler = (DelegationTokenAuthenticationHandler
)GetAuthenticationHandler();
dtHandler.SetExternalDelegationTokenSecretManager(dtSecretManager);
}
if (handler is PseudoAuthenticationHandler || handler is PseudoDelegationTokenAuthenticationHandler)
{
SetHandlerAuthMethod(SaslRpcServer.AuthMethod.Simple);
}
if (handler is KerberosAuthenticationHandler || handler is KerberosDelegationTokenAuthenticationHandler)
{
SetHandlerAuthMethod(SaslRpcServer.AuthMethod.Kerberos);
}
// proxyuser configuration
Configuration conf = GetProxyuserConfiguration(filterConfig);
ProxyUsers.RefreshSuperUserGroupsConfiguration(conf, ProxyuserPrefix);
}
public DelegationTokenManager(Configuration conf, Text tokenKind)
{
if (conf.GetBoolean(EnableZkKey, false))
{
this.secretManager = new DelegationTokenManager.ZKSecretManager(conf, tokenKind);
}
else
{
this.secretManager = new DelegationTokenManager.DelegationTokenSecretManager(conf
, tokenKind);
}
managedSecretManager = true;
}
/// <summary>
/// Sets an external <code>DelegationTokenSecretManager</code> instance to
/// manage creation and verification of Delegation Tokens.
/// </summary>
/// <remarks>
/// Sets an external <code>DelegationTokenSecretManager</code> instance to
/// manage creation and verification of Delegation Tokens.
/// <p/>
/// This is useful for use cases where secrets must be shared across multiple
/// services.
/// </remarks>
/// <param name="secretManager">a <code>DelegationTokenSecretManager</code> instance</param>
public virtual void SetExternalDelegationTokenSecretManager(AbstractDelegationTokenSecretManager
secretManager)
{
tokenManager.SetExternalDelegationTokenSecretManager(secretManager);
}
public static void SetSecretManager(AbstractDelegationTokenSecretManager <RMDelegationTokenIdentifier
> secretManager, IPEndPoint serviceAddress)
{
localSecretManager = secretManager;
localServiceAddress = serviceAddress;
}
public static void SetDelegationTokenSecretManager <_T0>(AbstractDelegationTokenSecretManager
<_T0> manager)
where _T0 : AbstractDelegationTokenIdentifier
{
Org.Apache.Hadoop.Yarn.Server.Security.Http.RMAuthenticationFilter.manager = manager;
}
