@InterfaceAudience.Private public class HttpFSKerberosAuthenticationHandler extends KerberosAuthenticationHandler
AuthenticationHandler
that authenticates requests
using the incoming delegation token as a 'delegation' query string parameter.
If not delegation token is present in the request it delegates to the
KerberosAuthenticationHandler
Modifier and Type | Field and Description |
---|---|
static String |
TYPE |
KEYTAB, NAME_RULES, PRINCIPAL
Constructor and Description |
---|
HttpFSKerberosAuthenticationHandler() |
Modifier and Type | Method and Description |
---|---|
AuthenticationToken |
authenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Authenticates a request looking for the
delegation
query-string parameter and verifying it is a valid token. |
String |
getType()
Returns authentication type of the handler.
|
boolean |
managementOperation(AuthenticationToken token,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
This is an empty implementation, it always returns
TRUE . |
destroy, getKeytab, getPrincipal, init
public static final String TYPE
public String getType()
getType
in interface AuthenticationHandler
getType
in class KerberosAuthenticationHandler
delegationtoken-kerberos
public boolean managementOperation(AuthenticationToken token, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, AuthenticationException
KerberosAuthenticationHandler
TRUE
.managementOperation
in interface AuthenticationHandler
managementOperation
in class KerberosAuthenticationHandler
token
- the authentication token if any, otherwise NULL
.request
- the HTTP client request.response
- the HTTP client response.TRUE
IOException
- it is never thrown.AuthenticationException
- it is never thrown.public AuthenticationToken authenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, AuthenticationException
delegation
query-string parameter and verifying it is a valid token. If there is not
delegation
query-string parameter, it delegates the
authentication to the KerberosAuthenticationHandler
unless it is
disabled.authenticate
in interface AuthenticationHandler
authenticate
in class KerberosAuthenticationHandler
request
- the HTTP client request.response
- the HTTP client response.IOException
- thrown if an IO error occurred.AuthenticationException
- thrown if the authentication failed.Copyright © 2013 Apache Software Foundation. All rights reserved.