Google Git
Sign in
apache / hadoop-site / 952d547359cafef280f0a0324055741b2ed55be1 / . / content / docs / r3.3.1 / hadoop-auth / apidocs / org / apache / hadoop / security / authentication / server / KerberosAuthenticationHandler.html
blob: 6f507c0265bb50c881722964d28c7a38761c15b4 [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (1.8.0_292) on Tue Jun 15 06:01:17 GMT 2021 -->
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>KerberosAuthenticationHandler (Apache Hadoop Auth 3.3.1 API)</title>
<meta name="date" content="2021-06-15">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
<script type="text/javascript" src="../../../../../../script.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="KerberosAuthenticationHandler (Apache Hadoop Auth 3.3.1 API)";
}
}
catch(err) {
}
//-->
var methods = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a name="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/KerberosAuthenticationHandler.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../../../org/apache/hadoop/security/authentication/server/JWTRedirectAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
<li><a href="../../../../../../org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../../../index.html?org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html" target="_top">Frames</a></li>
<li><a href="KerberosAuthenticationHandler.html" target="_top">No&nbsp;Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a name="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">org.apache.hadoop.security.authentication.server</div>
<h2 title="Class KerberosAuthenticationHandler" class="title">Class KerberosAuthenticationHandler</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li>
<li>
<ul class="inheritance">
<li>org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></dd>
</dl>
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><a href="../../../../../../org/apache/hadoop/security/authentication/server/AltKerberosAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server">AltKerberosAuthenticationHandler</a></dd>
</dl>
<hr>
<br>
<pre>public class <span class="typeNameLabel">KerberosAuthenticationHandler</span>
extends <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a>
implements <a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></pre>
<div class="block">The <a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server"><code>KerberosAuthenticationHandler</code></a> implements the Kerberos SPNEGO
authentication mechanism for HTTP.
<p>
The supported configuration properties are:
<ul>
<li>kerberos.principal: the Kerberos principal to used by the server. As
stated by the Kerberos SPNEGO specification, it should be
<code>HTTP/${HOSTNAME}@{REALM}</code>. The realm can be omitted from the
principal as the JDK GSS libraries will use the realm name of the configured
default realm.
It does not have a default value.</li>
<li>kerberos.keytab: the keytab file containing the credentials for the
Kerberos principal.
It does not have a default value.</li>
<li>kerberos.name.rules: kerberos names rules to resolve principal names, see
<a href="../../../../../../org/apache/hadoop/security/authentication/util/KerberosName.html#setRules-java.lang.String-"><code>KerberosName.setRules(String)</code></a></li>
</ul></div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- =========== FIELD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="field.summary">
<!-- -->
</a>
<h3>Field Summary</h3>
<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Field Summary table, listing fields, and an explanation">
<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Field and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#KEYTAB">KEYTAB</a></span></code>
<div class="block">Constant for the configuration property that indicates the keytab
file path.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static org.slf4j.Logger</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#LOG">LOG</a></span></code>&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#NAME_RULES">NAME_RULES</a></span></code>
<div class="block">Constant for the configuration property that indicates the Kerberos name
rules for the Kerberos principals.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#PRINCIPAL">PRINCIPAL</a></span></code>
<div class="block">Constant for the configuration property that indicates the kerberos
principal.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#RULE_MECHANISM">RULE_MECHANISM</a></span></code>
<div class="block">Constant for the configuration property that indicates how auth_to_local
rules are evaluated.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#TYPE">TYPE</a></span></code>
<div class="block">Constant that identifies the authentication mechanism.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="fields.inherited.from.class.org.apache.hadoop.security.authentication.server.AuthenticationHandler">
<!-- -->
</a>
<h3>Fields inherited from interface&nbsp;org.apache.hadoop.security.authentication.server.<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></h3>
<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#WWW_AUTHENTICATE">WWW_AUTHENTICATE</a></code></li>
</ul>
</li>
</ul>
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor.summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colOne" scope="col">Constructor and Description</th>
</tr>
<tr class="altColor">
<td class="colOne"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#KerberosAuthenticationHandler--">KerberosAuthenticationHandler</a></span>()</code>
<div class="block">Creates a Kerberos SPNEGO authentication handler with the default
auth-token type, <code>kerberos</code>.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colOne"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#KerberosAuthenticationHandler-java.lang.String-">KerberosAuthenticationHandler</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;type)</code>
<div class="block">Creates a Kerberos SPNEGO authentication handler with a custom auth-token
type.</div>
</td>
</tr>
</table>
</li>
</ul>
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method.summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server">AuthenticationToken</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">authenticate</a></span>(javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)</code>
<div class="block">It enforces the the Kerberos SPNEGO authentication sequence returning an
<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server"><code>AuthenticationToken</code></a> only after the Kerberos SPNEGO sequence has
completed successfully.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#destroy--">destroy</a></span>()</code>
<div class="block">Releases any resources initialized by the authentication handler.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#getKeytab--">getKeytab</a></span>()</code>
<div class="block">Returns the keytab used by the authentication handler.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/javax/security/auth/kerberos/KerberosPrincipal.html?is-external=true" title="class or interface in javax.security.auth.kerberos">KerberosPrincipal</a>&gt;</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#getPrincipals--">getPrincipals</a></span>()</code>
<div class="block">Returns the Kerberos principals used by the authentication handler.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#getType--">getType</a></span>()</code>
<div class="block">Returns the authentication type of the authentication handler, 'kerberos'.</div>
</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#init-java.util.Properties-">init</a></span>(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Properties.html?is-external=true" title="class or interface in java.util">Properties</a>&nbsp;config)</code>
<div class="block">Initializes the authentication handler instance.</div>
</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html#managementOperation-org.apache.hadoop.security.authentication.server.AuthenticationToken-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">managementOperation</a></span>(<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server">AuthenticationToken</a>&nbsp;token,
javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)</code>
<div class="block">This is an empty implementation, it always returns <code>TRUE</code>.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods.inherited.from.class.java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;java.lang.<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3>
<code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#clone--" title="class or interface in java.lang">clone</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#equals-java.lang.Object-" title="class or interface in java.lang">equals</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#finalize--" title="class or interface in java.lang">finalize</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang">getClass</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#hashCode--" title="class or interface in java.lang">hashCode</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#notify--" title="class or interface in java.lang">notify</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#notifyAll--" title="class or interface in java.lang">notifyAll</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#toString--" title="class or interface in java.lang">toString</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait--" title="class or interface in java.lang">wait</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait-long-" title="class or interface in java.lang">wait</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait-long-int-" title="class or interface in java.lang">wait</a></code></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ FIELD DETAIL =========== -->
<ul class="blockList">
<li class="blockList"><a name="field.detail">
<!-- -->
</a>
<h3>Field Detail</h3>
<a name="LOG">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>LOG</h4>
<pre>public static final&nbsp;org.slf4j.Logger LOG</pre>
</li>
</ul>
<a name="TYPE">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>TYPE</h4>
<pre>public static final&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> TYPE</pre>
<div class="block">Constant that identifies the authentication mechanism.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../../constant-values.html#org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.TYPE">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a name="PRINCIPAL">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>PRINCIPAL</h4>
<pre>public static final&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> PRINCIPAL</pre>
<div class="block">Constant for the configuration property that indicates the kerberos
principal.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../../constant-values.html#org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.PRINCIPAL">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a name="KEYTAB">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>KEYTAB</h4>
<pre>public static final&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> KEYTAB</pre>
<div class="block">Constant for the configuration property that indicates the keytab
file path.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../../constant-values.html#org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.KEYTAB">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a name="NAME_RULES">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>NAME_RULES</h4>
<pre>public static final&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> NAME_RULES</pre>
<div class="block">Constant for the configuration property that indicates the Kerberos name
rules for the Kerberos principals.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../../constant-values.html#org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.NAME_RULES">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a name="RULE_MECHANISM">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>RULE_MECHANISM</h4>
<pre>public static final&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> RULE_MECHANISM</pre>
<div class="block">Constant for the configuration property that indicates how auth_to_local
rules are evaluated.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../../constant-values.html#org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.RULE_MECHANISM">Constant Field Values</a></dd>
</dl>
</li>
</ul>
</li>
</ul>
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor.detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a name="KerberosAuthenticationHandler--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>KerberosAuthenticationHandler</h4>
<pre>public&nbsp;KerberosAuthenticationHandler()</pre>
<div class="block">Creates a Kerberos SPNEGO authentication handler with the default
auth-token type, <code>kerberos</code>.</div>
</li>
</ul>
<a name="KerberosAuthenticationHandler-java.lang.String-">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>KerberosAuthenticationHandler</h4>
<pre>public&nbsp;KerberosAuthenticationHandler(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;type)</pre>
<div class="block">Creates a Kerberos SPNEGO authentication handler with a custom auth-token
type.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>type</code> - auth-token type.</dd>
</dl>
</li>
</ul>
</li>
</ul>
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method.detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a name="init-java.util.Properties-">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>init</h4>
<pre>public&nbsp;void&nbsp;init(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Properties.html?is-external=true" title="class or interface in java.util">Properties</a>&nbsp;config)
throws javax.servlet.ServletException</pre>
<div class="block">Initializes the authentication handler instance.
<p>
It creates a Kerberos context using the principal and keytab specified in
the configuration.
<p>
This method is invoked by the <a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationFilter.html#init-javax.servlet.FilterConfig-"><code>AuthenticationFilter.init(javax.servlet.FilterConfig)</code></a> method.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#init-java.util.Properties-">init</a></code>&nbsp;in interface&nbsp;<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>config</code> - configuration properties to initialize the handler.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>javax.servlet.ServletException</code> - thrown if the handler could not be initialized.</dd>
</dl>
</li>
</ul>
<a name="destroy--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>destroy</h4>
<pre>public&nbsp;void&nbsp;destroy()</pre>
<div class="block">Releases any resources initialized by the authentication handler.
<p>
It destroys the Kerberos context.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#destroy--">destroy</a></code>&nbsp;in interface&nbsp;<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></code></dd>
</dl>
</li>
</ul>
<a name="getType--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getType</h4>
<pre>public&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;getType()</pre>
<div class="block">Returns the authentication type of the authentication handler, 'kerberos'.
<p></div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#getType--">getType</a></code>&nbsp;in interface&nbsp;<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the authentication type of the authentication handler, 'kerberos'.</dd>
</dl>
</li>
</ul>
<a name="getPrincipals--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getPrincipals</h4>
<pre>protected&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Set.html?is-external=true" title="class or interface in java.util">Set</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/javax/security/auth/kerberos/KerberosPrincipal.html?is-external=true" title="class or interface in javax.security.auth.kerberos">KerberosPrincipal</a>&gt;&nbsp;getPrincipals()</pre>
<div class="block">Returns the Kerberos principals used by the authentication handler.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the Kerberos principals used by the authentication handler.</dd>
</dl>
</li>
</ul>
<a name="getKeytab--">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getKeytab</h4>
<pre>protected&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;getKeytab()</pre>
<div class="block">Returns the keytab used by the authentication handler.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the keytab used by the authentication handler.</dd>
</dl>
</li>
</ul>
<a name="managementOperation-org.apache.hadoop.security.authentication.server.AuthenticationToken-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>managementOperation</h4>
<pre>public&nbsp;boolean&nbsp;managementOperation(<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server">AuthenticationToken</a>&nbsp;token,
javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)
throws <a href="https://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a>,
<a href="../../../../../../org/apache/hadoop/security/authentication/client/AuthenticationException.html" title="class in org.apache.hadoop.security.authentication.client">AuthenticationException</a></pre>
<div class="block">This is an empty implementation, it always returns <code>TRUE</code>.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#managementOperation-org.apache.hadoop.security.authentication.server.AuthenticationToken-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">managementOperation</a></code>&nbsp;in interface&nbsp;<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>token</code> - the authentication token if any, otherwise <code>NULL</code>.</dd>
<dd><code>request</code> - the HTTP client request.</dd>
<dd><code>response</code> - the HTTP client response.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>TRUE</code></dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code> - it is never thrown.</dd>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/client/AuthenticationException.html" title="class in org.apache.hadoop.security.authentication.client">AuthenticationException</a></code> - it is never thrown.</dd>
</dl>
</li>
</ul>
<a name="authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>authenticate</h4>
<pre>public&nbsp;<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server">AuthenticationToken</a>&nbsp;authenticate(javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)
throws <a href="https://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a>,
<a href="../../../../../../org/apache/hadoop/security/authentication/client/AuthenticationException.html" title="class in org.apache.hadoop.security.authentication.client">AuthenticationException</a></pre>
<div class="block">It enforces the the Kerberos SPNEGO authentication sequence returning an
<a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationToken.html" title="class in org.apache.hadoop.security.authentication.server"><code>AuthenticationToken</code></a> only after the Kerberos SPNEGO sequence has
completed successfully.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html#authenticate-javax.servlet.http.HttpServletRequest-javax.servlet.http.HttpServletResponse-">authenticate</a></code>&nbsp;in interface&nbsp;<code><a href="../../../../../../org/apache/hadoop/security/authentication/server/AuthenticationHandler.html" title="interface in org.apache.hadoop.security.authentication.server">AuthenticationHandler</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>request</code> - the HTTP client request.</dd>
<dd><code>response</code> - the HTTP client response.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>an authentication token if the Kerberos SPNEGO sequence is complete
and valid, <code>null</code> if it is in progress (in this case the handler
handles the response to the client).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code> - thrown if an IO error occurred.</dd>
<dd><code><a href="../../../../../../org/apache/hadoop/security/authentication/client/AuthenticationException.html" title="class in org.apache.hadoop.security.authentication.client">AuthenticationException</a></code> - thrown if Kerberos SPNEGO sequence failed.</dd>
</dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a name="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/KerberosAuthenticationHandler.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../../../org/apache/hadoop/security/authentication/server/JWTRedirectAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
<li><a href="../../../../../../org/apache/hadoop/security/authentication/server/LdapAuthenticationHandler.html" title="class in org.apache.hadoop.security.authentication.server"><span class="typeNameLink">Next&nbsp;Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../../../index.html?org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.html" target="_top">Frames</a></li>
<li><a href="KerberosAuthenticationHandler.html" target="_top">No&nbsp;Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a name="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small>Copyright &#169; 2008&#x2013;2021 <a href="https://www.apache.org">Apache Software Foundation</a>. All rights reserved.</small></p>
</body>
</html>