org.apache.hadoop.security.authentication.server.AuthenticationHandler Java Examples

The following examples show how to use org.apache.hadoop.security.authentication.server.AuthenticationHandler. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DelegationTokenAuthenticationFilter.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Override
public void init(FilterConfig filterConfig) throws ServletException {
  super.init(filterConfig);
  AuthenticationHandler handler = getAuthenticationHandler();
  AbstractDelegationTokenSecretManager dtSecretManager =
      (AbstractDelegationTokenSecretManager) filterConfig.getServletContext().
          getAttribute(DELEGATION_TOKEN_SECRET_MANAGER_ATTR);
  if (dtSecretManager != null && handler
      instanceof DelegationTokenAuthenticationHandler) {
    DelegationTokenAuthenticationHandler dtHandler =
        (DelegationTokenAuthenticationHandler) getAuthenticationHandler();
    dtHandler.setExternalDelegationTokenSecretManager(dtSecretManager);
  }
  if (handler instanceof PseudoAuthenticationHandler ||
      handler instanceof PseudoDelegationTokenAuthenticationHandler) {
    setHandlerAuthMethod(SaslRpcServer.AuthMethod.SIMPLE);
  }
  if (handler instanceof KerberosAuthenticationHandler ||
      handler instanceof KerberosDelegationTokenAuthenticationHandler) {
    setHandlerAuthMethod(SaslRpcServer.AuthMethod.KERBEROS);
  }

  // proxyuser configuration
  Configuration conf = getProxyuserConfiguration(filterConfig);
  ProxyUsers.refreshSuperUserGroupsConfiguration(conf, PROXYUSER_PREFIX);
}
 
Example #2
Source File: DelegationTokenAuthenticationFilter.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Override
public void init(FilterConfig filterConfig) throws ServletException {
  super.init(filterConfig);
  AuthenticationHandler handler = getAuthenticationHandler();
  AbstractDelegationTokenSecretManager dtSecretManager =
      (AbstractDelegationTokenSecretManager) filterConfig.getServletContext().
          getAttribute(DELEGATION_TOKEN_SECRET_MANAGER_ATTR);
  if (dtSecretManager != null && handler
      instanceof DelegationTokenAuthenticationHandler) {
    DelegationTokenAuthenticationHandler dtHandler =
        (DelegationTokenAuthenticationHandler) getAuthenticationHandler();
    dtHandler.setExternalDelegationTokenSecretManager(dtSecretManager);
  }
  if (handler instanceof PseudoAuthenticationHandler ||
      handler instanceof PseudoDelegationTokenAuthenticationHandler) {
    setHandlerAuthMethod(SaslRpcServer.AuthMethod.SIMPLE);
  }
  if (handler instanceof KerberosAuthenticationHandler ||
      handler instanceof KerberosDelegationTokenAuthenticationHandler) {
    setHandlerAuthMethod(SaslRpcServer.AuthMethod.KERBEROS);
  }

  // proxyuser configuration
  Configuration conf = getProxyuserConfiguration(filterConfig);
  ProxyUsers.refreshSuperUserGroupsConfiguration(conf, PROXYUSER_PREFIX);
}
 
Example #3
Source File: LogsearchKrbFilter.java    From ambari-logsearch with Apache License 2.0 5 votes vote down vote up
private void initializeAuthHandler(String authHandlerClassName)
    throws ServletException {
  try {
    Class<?> klass = Thread.currentThread().getContextClassLoader().loadClass(authHandlerClassName);
    authHandler = (AuthenticationHandler) klass.newInstance();
    authHandler.init(config);
  } catch (ClassNotFoundException | InstantiationException |
      IllegalAccessException ex) {
    throw new ServletException(ex);
  }
}
 
Example #4
Source File: AtlasAuthenticationFilter.java    From atlas with Apache License 2.0 5 votes vote down vote up
@Override
protected AuthenticationToken getToken(HttpServletRequest request)
        throws IOException, AuthenticationException {
    AuthenticationToken token = null;
    String tokenStr = null;
    Cookie[] cookies = request.getCookies();
    if (cookies != null) {
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
                tokenStr = cookie.getValue();
                try {
                    tokenStr = this.signer.verifyAndExtract(tokenStr);
                } catch (SignerException ex) {
                    throw new AuthenticationException(ex);
                }
            }
        }
    }

    if (tokenStr != null) {
        token = AuthenticationToken.parse(tokenStr);
        if (token != null) {
            AuthenticationHandler authHandler = getAuthenticationHandler();
            if (!token.getType().equals(authHandler.getType())) {
                throw new AuthenticationException("Invalid AuthenticationToken type");
            }
            if (token.isExpired()) {
                throw new AuthenticationException("AuthenticationToken expired");
            }
        }
    }
    return token;
}
 
Example #5
Source File: DelegationTokenKerberosFilter.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Override
protected void initializeAuthHandler(String authHandlerClassName,
                                     FilterConfig filterConfig) throws ServletException {
  // set the internal authentication handler in order to record whether the request should continue
  super.initializeAuthHandler(authHandlerClassName, filterConfig);
  AuthenticationHandler authHandler = getAuthenticationHandler();
  super.initializeAuthHandler(RequestContinuesRecorderAuthenticationHandler.class.getName(), filterConfig);
  RequestContinuesRecorderAuthenticationHandler newAuthHandler =
      (RequestContinuesRecorderAuthenticationHandler)getAuthenticationHandler();
  newAuthHandler.setAuthHandler(authHandler);
}
 
Example #6
Source File: HadoopAuthFilter.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Override
protected void initializeAuthHandler(String authHandlerClassName,
                                     FilterConfig filterConfig) throws ServletException {
  // set the internal authentication handler in order to record whether the request should continue
  super.initializeAuthHandler(authHandlerClassName, filterConfig);
  AuthenticationHandler authHandler = getAuthenticationHandler();
  super.initializeAuthHandler(RequestContinuesRecorderAuthenticationHandler.class.getName(), filterConfig);
  RequestContinuesRecorderAuthenticationHandler newAuthHandler =
      (RequestContinuesRecorderAuthenticationHandler)getAuthenticationHandler();
  newAuthHandler.setAuthHandler(authHandler);
}
 
Example #7
Source File: KerberosFilter.java    From lucene-solr with Apache License 2.0 5 votes vote down vote up
@Override
protected void initializeAuthHandler(String authHandlerClassName,
                                     FilterConfig filterConfig) throws ServletException {
  // set the internal authentication handler in order to record whether the request should continue
  super.initializeAuthHandler(authHandlerClassName, filterConfig);
  AuthenticationHandler authHandler = getAuthenticationHandler();
  super.initializeAuthHandler(
      RequestContinuesRecorderAuthenticationHandler.class.getName(), filterConfig);
  RequestContinuesRecorderAuthenticationHandler newAuthHandler =
      (RequestContinuesRecorderAuthenticationHandler)getAuthenticationHandler();
  newAuthHandler.setAuthHandler(authHandler);
}
 
Example #8
Source File: AtlasAuthenticationFilter.java    From incubator-atlas with Apache License 2.0 5 votes vote down vote up
@Override
protected AuthenticationToken getToken(HttpServletRequest request)
        throws IOException, AuthenticationException {
    AuthenticationToken token = null;
    String tokenStr = null;
    Cookie[] cookies = request.getCookies();
    if (cookies != null) {
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
                tokenStr = cookie.getValue();
                try {
                    tokenStr = this.signer.verifyAndExtract(tokenStr);
                } catch (SignerException ex) {
                    throw new AuthenticationException(ex);
                }
            }
        }
    }

    if (tokenStr != null) {
        token = AuthenticationToken.parse(tokenStr);
        if (token != null) {
            AuthenticationHandler authHandler = getAuthenticationHandler();
            if (!token.getType().equals(authHandler.getType())) {
                throw new AuthenticationException("Invalid AuthenticationToken type");
            }
            if (token.isExpired()) {
                throw new AuthenticationException("AuthenticationToken expired");
            }
        }
    }
    return token;
}
 
Example #9
Source File: RangerKrbFilter.java    From ranger with Apache License 2.0 5 votes vote down vote up
protected void initializeAuthHandler(String authHandlerClassName, FilterConfig filterConfig)
    throws ServletException {
  try {
    Class<?> klass = Thread.currentThread().getContextClassLoader().loadClass(authHandlerClassName);
    authHandler = (AuthenticationHandler) klass.newInstance();
    authHandler.init(config);
  } catch (ClassNotFoundException | InstantiationException |
      IllegalAccessException ex) {
    throw new ServletException(ex);
  }
}
 
Example #10
Source File: DelegationTokenAuthenticationHandler.java    From hadoop with Apache License 2.0 4 votes vote down vote up
public DelegationTokenAuthenticationHandler(AuthenticationHandler handler) {
  authHandler = handler;
  authType = handler.getType();
}
 
Example #11
Source File: DelegationTokenAuthenticationHandler.java    From big-c with Apache License 2.0 4 votes vote down vote up
public DelegationTokenAuthenticationHandler(AuthenticationHandler handler) {
  authHandler = handler;
  authType = handler.getType();
}
 
Example #12
Source File: RequestContinuesRecorderAuthenticationHandler.java    From lucene-solr with Apache License 2.0 4 votes vote down vote up
public void setAuthHandler(AuthenticationHandler authHandler) {
  this.authHandler = authHandler;
}
 
Example #13
Source File: LogsearchKrbFilter.java    From ambari-logsearch with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the authentication handler being used.
 *
 * @return the authentication handler being used.
 */
protected AuthenticationHandler getAuthenticationHandler() {
  return authHandler;
}
 
Example #14
Source File: RangerKrbFilter.java    From ranger with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the authentication handler being used.
 *
 * @return the authentication handler being used.
 */
protected AuthenticationHandler getAuthenticationHandler() {
  return authHandler;
}