org.apache.hadoop.security.authentication.server
Class MultiMechsAuthenticationHandler

java.lang.Object
  extended by org.apache.hadoop.security.authentication.server.MultiMechsAuthenticationHandler
All Implemented Interfaces:
AuthenticationHandler
Direct Known Subclasses:
KerberosAuthHandler

public class MultiMechsAuthenticationHandler
extends Object
implements AuthenticationHandler


Nested Class Summary
static class MultiMechsAuthenticationHandler.AuthHandlerEnum
           
 
Constructor Summary
MultiMechsAuthenticationHandler()
           
 
Method Summary
protected  void addHeader(javax.servlet.http.HttpServletResponse response)
          Children must override this method with supplying corresponding header
 AuthenticationToken authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Authenticate main method: In step 1.
 void destroy()
          Destroys the authentication handler instance.
protected  MultiMechsAuthenticationHandler getAuthBasedEntity(String authorization)
          Children must override this method to essentially return "this" based on the request header or null if request header is not suitable to a given auth mechanism
 String getType()
          Returns the authentication type of the authentication handler.
 void init(Properties config)
          Initializes the authentication handler instance.
 boolean managementOperation(AuthenticationToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Performs an authentication management operation.
protected  AuthenticationToken postauthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Children must override this method to perform real authentication based on the information received in the request header
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

MultiMechsAuthenticationHandler

public MultiMechsAuthenticationHandler()
Method Detail

init

public void init(Properties config)
          throws javax.servlet.ServletException
Description copied from interface: AuthenticationHandler
Initializes the authentication handler instance.

This method is invoked by the AuthenticationFilter.init(javax.servlet.FilterConfig) method.

Specified by:
init in interface AuthenticationHandler
Parameters:
config - configuration properties to initialize the handler.
Throws:
javax.servlet.ServletException - thrown if the handler could not be initialized.

authenticate

public AuthenticationToken authenticate(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response)
                                 throws IOException,
                                        AuthenticationException
Authenticate main method: In step 1. it will get headers from all children and return all of them ordered from strongest to weakest In step 2. based on the client choice it will pick authentication mechanism and does authentication based on that one

Specified by:
authenticate in interface AuthenticationHandler
Parameters:
request - the HTTP client request.
response - the HTTP client response.
Returns:
an AuthenticationToken if the HTTP client request has been authenticated, null otherwise (in this case it must take care of the response).
Throws:
IOException - thrown if an IO error occurred.
AuthenticationException - thrown if an Authentication error occurred.

addHeader

protected void addHeader(javax.servlet.http.HttpServletResponse response)
Children must override this method with supplying corresponding header

Parameters:
response -

postauthenticate

protected AuthenticationToken postauthenticate(javax.servlet.http.HttpServletRequest request,
                                               javax.servlet.http.HttpServletResponse response)
                                        throws IOException,
                                               AuthenticationException
Children must override this method to perform real authentication based on the information received in the request header

Parameters:
request -
response -
Returns:
Throws:
IOException
AuthenticationException

destroy

public void destroy()
Description copied from interface: AuthenticationHandler
Destroys the authentication handler instance.

This method is invoked by the AuthenticationFilter.destroy() method.

Specified by:
destroy in interface AuthenticationHandler

getAuthBasedEntity

protected MultiMechsAuthenticationHandler getAuthBasedEntity(String authorization)
Children must override this method to essentially return "this" based on the request header or null if request header is not suitable to a given auth mechanism

Parameters:
authorization -
Returns:

getType

public String getType()
Description copied from interface: AuthenticationHandler
Returns the authentication type of the authentication handler.

This should be a name that uniquely identifies the authentication type. For example 'simple' or 'kerberos'.

Specified by:
getType in interface AuthenticationHandler
Returns:
the authentication type of the authentication handler.

managementOperation

public boolean managementOperation(AuthenticationToken token,
                                   javax.servlet.http.HttpServletRequest request,
                                   javax.servlet.http.HttpServletResponse response)
                            throws IOException,
                                   AuthenticationException
Description copied from interface: AuthenticationHandler
Performs an authentication management operation.

This is useful for handling operations like get/renew/cancel delegation tokens which are being handled as operations of the service end-point.

If the method returns TRUE the request will continue normal processing, this means the method has not produced any HTTP response.

If the method returns FALSE the request will end, this means the method has produced the corresponding HTTP response.

Specified by:
managementOperation in interface AuthenticationHandler
Parameters:
token - the authentication token if any, otherwise NULL.
request - the HTTP client request.
response - the HTTP client response.
Returns:
TRUE if the request should be processed as a regular request, FALSE otherwise.
Throws:
IOException - thrown if an IO error occurred.
AuthenticationException - thrown if an Authentication error occurred.


Copyright © 2014 Apache Software Foundation. All Rights Reserved.