List of usage examples for org.apache.hadoop.security.token.delegation DelegationKey getKeyId
public int getKeyId()
From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java
License:Apache License
protected Map<Integer, DelegationKey> reloadKeys() throws IOException { // read keys from token store String[] allKeys = tokenStore.getMasterKeys(); Map<Integer, DelegationKey> keys = new HashMap<Integer, DelegationKey>(allKeys.length); for (String keyStr : allKeys) { DelegationKey key = new DelegationKey(); try {//from w w w. ja v a 2 s . c om decodeWritable(key, keyStr); keys.put(key.getKeyId(), key); } catch (IOException ex) { LOGGER.error("Failed to load master key.", ex); } } synchronized (this) { super.allKeys.clear(); super.allKeys.putAll(keys); } return keys; }
From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java
License:Apache License
/** * Synchronize master key updates / sequence generation for multiple nodes. * NOTE: {@Link AbstractDelegationTokenSecretManager} keeps currentKey private, so we need * to utilize this "hook" to manipulate the key through the object reference. * This .20S workaround should cease to exist when Hadoop supports token store. *///from www . j a va 2 s .co m @Override protected void logUpdateMasterKey(DelegationKey key) throws IOException { int keySeq = this.tokenStore.addMasterKey(encodeWritable(key)); // update key with assigned identifier DelegationKey keyWithSeq = new DelegationKey(keySeq, key.getExpiryDate(), key.getKey()); String keyStr = encodeWritable(keyWithSeq); this.tokenStore.updateMasterKey(keySeq, keyStr); decodeWritable(key, keyStr); LOGGER.info("New master key with key id={}", key.getKeyId()); super.logUpdateMasterKey(key); }
From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java
License:Apache License
/** * Extension of rollMasterKey to remove expired keys from store. * * @throws IOException//w w w. ja v a 2s . c o m */ protected void rollMasterKeyExt() throws IOException { Map<Integer, DelegationKey> keys = reloadKeys(); int currentKeyId = super.currentId; HiveDelegationTokenSupport.rollMasterKey(PersistedDelegationTokenSecretManager.this); List<DelegationKey> keysAfterRoll = Arrays.asList(getAllKeys()); for (DelegationKey key : keysAfterRoll) { keys.remove(key.getKeyId()); if (key.getKeyId() == currentKeyId) { tokenStore.updateMasterKey(currentKeyId, encodeWritable(key)); } } for (DelegationKey expiredKey : keys.values()) { LOGGER.info("Removing expired key id={}", expiredKey.getKeyId()); try { tokenStore.removeMasterKey(expiredKey.getKeyId()); } catch (Exception e) { LOGGER.error("Error removing expired key id={}", expiredKey.getKeyId(), e); } } }