java.lang.Object

org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler

com.mapr.security.maprauth.MaprAuthenticationHandler

All Implemented Interfaces:: org.apache.hadoop.security.authentication.server.AuthenticationHandler

public class MaprAuthenticationHandler extends org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler
org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler.AuthHandlerEnum
Field Summary

Fields inherited from class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler
TYPE

Fields inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler
MTYPE

Fields inherited from interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
WWW_AUTHENTICATE
Constructor Summary

Constructors

Constructor

Description

MaprAuthenticationHandler()
Method Summary

Modifier and Type

Method

Description

void

init(Properties config)

This function is invoked when the filter is coming up.

org.apache.hadoop.security.authentication.server.AuthenticationToken

maprAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

This function is called once we establish the client is authenticating using Mapr ticket and has responded with Mapr negotiate header.

Methods inherited from class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler
addHeader, destroy, getAuthBasedEntity, getAuthorizationHeaderName, postauthenticate

Methods inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler
authenticate, getType, managementOperation

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- MaprAuthenticationHandler
  
  public MaprAuthenticationHandler()
Method Details
- init
  
  public void init(Properties config) throws javax.servlet.ServletException
  
  This function is invoked when the filter is coming up. we try to get the mapr serverkey which will be used later to decrypt information sent by the client Also since we may be required to authenticate using Kerberos we invoke the kerberos init code after checking if the principal and keytab specified in the config file exist. If they don't exist we don't invoke the kerberos init code because we don't expect to use kerberos.
  
  Specified by:
  
  init in interface org.apache.hadoop.security.authentication.server.AuthenticationHandler
  
  Specified by:
  
  init in class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler
  
  Parameters:
  
  config - configuration properties to initialize the handler.
  
  Throws:
  
  javax.servlet.ServletException
- maprAuthenticate
  
  public org.apache.hadoop.security.authentication.server.AuthenticationToken maprAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, org.apache.hadoop.security.authentication.client.AuthenticationException
  
  This function is called once we establish the client is authenticating using Mapr ticket and has responded with Mapr negotiate header. Here the server tries to decrypt the bytes (ticket and key) sent by the client using serverkey. Verifies the credentials in the ticket and if the ticket has not expired. Once the server decrypts the ticket and key it has the userkey Using this userkey it decrypts the random secret challenge sent by the client. Increments this by one, encrypts it using userkey and adds it to the response. Since the server has completed verifying the client it generates the authentication token and completes the handshake Anytime there is an error the server sets the error header (WWW_ERR_AUTHENTICATE) and appends the reason for the error, so that the client can display relevant error message
  
  Specified by:
  
  maprAuthenticate in class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler
  
  Parameters:
  
  request - the HTTP client request
  
  response - the HTTP client response
  
  Returns:
  
  Throws:
  
  IOException
  
  org.apache.hadoop.security.authentication.client.AuthenticationException

Class MaprAuthenticationHandler

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

Field Summary

Fields inherited from class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler

Fields inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

Fields inherited from interface org.apache.hadoop.security.authentication.server.AuthenticationHandler

Constructor Summary

Method Summary

Methods inherited from class org.apache.hadoop.security.authentication.server.AbstractMaprAuthenticationHandler

Methods inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

Methods inherited from class java.lang.Object

Constructor Details

MaprAuthenticationHandler

Method Details

init

maprAuthenticate