Package org.apache.hadoop.security.authentication.server

Class KerberosAuthHandler

java.lang.Object

org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

org.apache.hadoop.security.authentication.server.KerberosAuthHandler

All Implemented Interfaces:

AuthenticationHandler

public class KerberosAuthHandler
extends MultiMechsAuthenticationHandler

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

MultiMechsAuthenticationHandler.AuthHandlerEnum

Field Summary

Fields

Modifier and Type	Field	Description
protected org.ietf.jgss.GSSManager	gssManager
protected java.lang.String	keytab
protected javax.security.auth.login.LoginContext	loginContext
protected java.lang.String	principal

Fields inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

MTYPE

Fields inherited from interface org.apache.hadoop.security.authentication.server.AuthenticationHandler

WWW_AUTHENTICATE

Constructor Summary

Constructors

Constructor	Description
KerberosAuthHandler()

Method Summary

Modifier and Type	Method	Description
void	addHeader(javax.servlet.http.HttpServletResponse response)	Children must override this method with supplying corresponding header
void	destroy()	Destroys the authentication handler instance.
MultiMechsAuthenticationHandler	getAuthBasedEntity(java.lang.String authorization)	Children must override this method to essentially return "this" based on the request header or null if request header is not suitable to a given auth mechanism
java.lang.String	getAuthorizationHeaderName()
protected java.lang.String	getKeytab()	Returns the keytab used by the authentication handler.
protected java.lang.String	getPrincipal()	Returns the Kerberos principal used by the authentication handler.
void	init(java.util.Properties config)	Initializes the authentication handler instance.
AuthenticationToken	postauthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)	Children must override this method to perform real authentication based on the information received in the request header

Methods inherited from class org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler

authenticate, getType, managementOperation

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

gssManager

protected org.ietf.jgss.GSSManager gssManager

loginContext

protected javax.security.auth.login.LoginContext loginContext

principal

protected java.lang.String principal

keytab

protected java.lang.String keytab

Constructor Detail

KerberosAuthHandler

public KerberosAuthHandler()

Method Detail

init

public void init(java.util.Properties config)
          throws javax.servlet.ServletException

Description copied from interface: AuthenticationHandler

Initializes the authentication handler instance.

This method is invoked by the AuthenticationFilter.init(javax.servlet.FilterConfig) method.

Specified by:

init in interface AuthenticationHandler

Overrides:

init in class MultiMechsAuthenticationHandler

Parameters:

config - configuration properties to initialize the handler.

Throws:

javax.servlet.ServletException - thrown if the handler could not be initialized.

postauthenticate

public AuthenticationToken postauthenticate(javax.servlet.http.HttpServletRequest request,
                                            javax.servlet.http.HttpServletResponse response)
                                     throws java.io.IOException,
                                            AuthenticationException

Description copied from class: MultiMechsAuthenticationHandler

Children must override this method to perform real authentication based on the information received in the request header

Overrides:

postauthenticate in class MultiMechsAuthenticationHandler

Returns:

Throws:

java.io.IOException

AuthenticationException

destroy

public void destroy()

Description copied from interface: AuthenticationHandler

Destroys the authentication handler instance.

This method is invoked by the AuthenticationFilter.destroy() method.

Specified by:

destroy in interface AuthenticationHandler

Overrides:

destroy in class MultiMechsAuthenticationHandler

addHeader

public void addHeader(javax.servlet.http.HttpServletResponse response)

Description copied from class: MultiMechsAuthenticationHandler

Children must override this method with supplying corresponding header

Overrides:

addHeader in class MultiMechsAuthenticationHandler

getAuthBasedEntity

public MultiMechsAuthenticationHandler getAuthBasedEntity(java.lang.String authorization)

Description copied from class: MultiMechsAuthenticationHandler

Children must override this method to essentially return "this" based on the request header or null if request header is not suitable to a given auth mechanism

Overrides:

getAuthBasedEntity in class MultiMechsAuthenticationHandler

Returns:

getPrincipal

protected java.lang.String getPrincipal()

Returns the Kerberos principal used by the authentication handler.

Returns:

the Kerberos principal used by the authentication handler.

getKeytab

protected java.lang.String getKeytab()

Returns the keytab used by the authentication handler.

Returns:

the keytab used by the authentication handler.

getAuthorizationHeaderName

public java.lang.String getAuthorizationHeaderName()

Overrides:

getAuthorizationHeaderName in class MultiMechsAuthenticationHandler