Class KerberosToken
- java.lang.Object
-
- org.apache.accumulo.core.client.security.tokens.KerberosToken
-
- All Implemented Interfaces:
Cloneable
,Destroyable
,AuthenticationToken
,org.apache.hadoop.io.Writable
public class KerberosToken extends Object implements AuthenticationToken
Authentication token for Kerberos authenticated clients- Since:
- 1.7.0
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.accumulo.core.client.security.tokens.AuthenticationToken
AuthenticationToken.AuthenticationTokenSerializer, AuthenticationToken.Properties, AuthenticationToken.TokenProperty
-
-
Field Summary
Fields Modifier and Type Field Description static String
CLASS_NAME
-
Constructor Summary
Constructors Constructor Description KerberosToken()
Creates a token using the login user as returned byUserGroupInformation.getCurrentUser()
KerberosToken(String principal)
Creates a token using the provided principal and the currently logged-in user viaUserGroupInformation
.KerberosToken(String principal, File keytab)
Creates a Kerberos token for the specified principal using the provided keytab.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description KerberosToken
clone()
void
destroy()
boolean
equals(Object obj)
File
getKeytab()
The keytab file used to perform Kerberos login.String
getPrincipal()
The identity of the user to which this token belongs to according to KerberosSet<AuthenticationToken.TokenProperty>
getProperties()
int
hashCode()
void
init(AuthenticationToken.Properties properties)
boolean
isDestroyed()
void
readFields(DataInput in)
void
write(DataOutput out)
-
-
-
Field Detail
-
CLASS_NAME
public static final String CLASS_NAME
-
-
Constructor Detail
-
KerberosToken
public KerberosToken(String principal) throws IOException
Creates a token using the provided principal and the currently logged-in user viaUserGroupInformation
. This method expects the current user (as defined byUserGroupInformation.getCurrentUser()
to be authenticated via Kerberos or as a Proxy (on top of another user). AnIllegalArgumentException
will be thrown for all other cases.- Parameters:
principal
- The user that is logged in- Throws:
IllegalArgumentException
- If the current user is not authentication via Kerberos or Proxy methods.IOException
- See Also:
UserGroupInformation.getCurrentUser()
,UserGroupInformation.getAuthenticationMethod()
-
KerberosToken
public KerberosToken(String principal, File keytab) throws IOException
Creates a Kerberos token for the specified principal using the provided keytab. The principal and keytab combination are verified by attempting a log in.This constructor does not have any side effects.
- Parameters:
principal
- The Kerberos principalkeytab
- A keytab file containing the principal's credentials.- Throws:
IOException
-
KerberosToken
public KerberosToken() throws IOException
Creates a token using the login user as returned byUserGroupInformation.getCurrentUser()
- Throws:
IOException
- If the current logged in user cannot be computed.
-
-
Method Detail
-
clone
public KerberosToken clone()
- Specified by:
clone
in interfaceAuthenticationToken
- Overrides:
clone
in classObject
-
getPrincipal
public String getPrincipal()
The identity of the user to which this token belongs to according to Kerberos- Returns:
- The principal
-
getKeytab
public File getKeytab()
The keytab file used to perform Kerberos login. Optional, may be null.
-
write
public void write(DataOutput out) throws IOException
- Specified by:
write
in interfaceorg.apache.hadoop.io.Writable
- Throws:
IOException
-
readFields
public void readFields(DataInput in) throws IOException
- Specified by:
readFields
in interfaceorg.apache.hadoop.io.Writable
- Throws:
IOException
-
destroy
public void destroy() throws DestroyFailedException
- Specified by:
destroy
in interfaceDestroyable
- Throws:
DestroyFailedException
-
isDestroyed
public boolean isDestroyed()
- Specified by:
isDestroyed
in interfaceDestroyable
-
init
public void init(AuthenticationToken.Properties properties)
- Specified by:
init
in interfaceAuthenticationToken
-
getProperties
public Set<AuthenticationToken.TokenProperty> getProperties()
- Specified by:
getProperties
in interfaceAuthenticationToken
-
-