Example usage for org.apache.hadoop.security.token.delegation DelegationKey getKeyId

List of usage examples for org.apache.hadoop.security.token.delegation DelegationKey getKeyId

  1. HOME
  2. Java
  3. org.apache.hadoop
  4. org.apache.hadoop.security.token.delegation.*
  5. DelegationKey
  6. getKeyId

Introduction

In this page you can find the example usage for org.apache.hadoop.security.token.delegation DelegationKey getKeyId.

Prototype

public int getKeyId()

Source Link

Usage

From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java

License:Apache License

protected Map<Integer, DelegationKey> reloadKeys() throws IOException {
    // read keys from token store
    String[] allKeys = tokenStore.getMasterKeys();
    Map<Integer, DelegationKey> keys = new HashMap<Integer, DelegationKey>(allKeys.length);
    for (String keyStr : allKeys) {
        DelegationKey key = new DelegationKey();
        try {//from  w w  w.  ja  v a 2 s  .  c om
            decodeWritable(key, keyStr);
            keys.put(key.getKeyId(), key);
        } catch (IOException ex) {
            LOGGER.error("Failed to load master key.", ex);
        }
    }
    synchronized (this) {
        super.allKeys.clear();
        super.allKeys.putAll(keys);
    }
    return keys;
}

From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java

License:Apache License

/**
 * Synchronize master key updates / sequence generation for multiple nodes.
 * NOTE: {@Link AbstractDelegationTokenSecretManager} keeps currentKey private, so we need
 * to utilize this "hook" to manipulate the key through the object reference.
 * This .20S workaround should cease to exist when Hadoop supports token store.
 *///from www .  j a va 2 s  .co m
@Override
protected void logUpdateMasterKey(DelegationKey key) throws IOException {
    int keySeq = this.tokenStore.addMasterKey(encodeWritable(key));
    // update key with assigned identifier
    DelegationKey keyWithSeq = new DelegationKey(keySeq, key.getExpiryDate(), key.getKey());
    String keyStr = encodeWritable(keyWithSeq);
    this.tokenStore.updateMasterKey(keySeq, keyStr);
    decodeWritable(key, keyStr);
    LOGGER.info("New master key with key id={}", key.getKeyId());
    super.logUpdateMasterKey(key);
}

From source file:com.cloudera.impala.security.PersistedDelegationTokenSecretManager.java

License:Apache License

/**
 * Extension of rollMasterKey to remove expired keys from store.
 *
 * @throws IOException//w w w. ja v  a 2s  . c  o m
 */
protected void rollMasterKeyExt() throws IOException {
    Map<Integer, DelegationKey> keys = reloadKeys();
    int currentKeyId = super.currentId;
    HiveDelegationTokenSupport.rollMasterKey(PersistedDelegationTokenSecretManager.this);
    List<DelegationKey> keysAfterRoll = Arrays.asList(getAllKeys());
    for (DelegationKey key : keysAfterRoll) {
        keys.remove(key.getKeyId());
        if (key.getKeyId() == currentKeyId) {
            tokenStore.updateMasterKey(currentKeyId, encodeWritable(key));
        }
    }
    for (DelegationKey expiredKey : keys.values()) {
        LOGGER.info("Removing expired key id={}", expiredKey.getKeyId());
        try {
            tokenStore.removeMasterKey(expiredKey.getKeyId());
        } catch (Exception e) {
            LOGGER.error("Error removing expired key id={}", expiredKey.getKeyId(), e);
        }
    }
}