Package org.apache.solr.security.hadoop

Class DelegationTokenKerberosFilter

  • All Implemented Interfaces:
    javax.servlet.Filter
    public class DelegationTokenKerberosFilter
extends org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter
    This is an authentication filter based on Hadoop's DelegationTokenAuthenticationFilter. The Kerberos plugin can be configured to use delegation tokens, which allow an application to reuse the authentication of an end-user or another application.

    • Field Summary

      • Fields inherited from class org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter

        DELEGATION_TOKEN_SECRET_MANAGER_ATTR, PROXYUSER_PREFIX

      • Fields inherited from class org.apache.hadoop.security.authentication.server.AuthenticationFilter

        AUTH_TOKEN_MAX_INACTIVE_INTERVAL, AUTH_TOKEN_VALIDITY, AUTH_TYPE, CONFIG_PREFIX, COOKIE_DOMAIN, COOKIE_PATH, COOKIE_PERSISTENT, SIGNATURE_SECRET, SIGNATURE_SECRET_FILE, SIGNER_SECRET_PROVIDER, SIGNER_SECRET_PROVIDER_ATTRIBUTE

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void destroy()  
      void doFilter​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)  
      protected org.apache.curator.framework.CuratorFramework getCuratorClient​(org.apache.solr.common.cloud.SolrZkClient zkClient)  
      protected org.apache.hadoop.conf.Configuration getProxyuserConfiguration​(javax.servlet.FilterConfig filterConf)
      Return the ProxyUser Configuration.
      void init​(javax.servlet.FilterConfig conf)  
      protected void initializeAuthHandler​(String authHandlerClassName, javax.servlet.FilterConfig filterConfig)  

      • Methods inherited from class org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter

        doFilter, getConfiguration, setAuthHandlerClass, setHandlerAuthMethod

      • Methods inherited from class org.apache.hadoop.security.authentication.server.AuthenticationFilter

        constructSecretProvider, createAuthCookie, getAuthenticationHandler, getConfiguration, getCookieDomain, getCookiePath, getMaxInactiveInterval, getRequestURL, getToken, getValidity, initializeSecretProvider, isCookiePersistent, isCustomSignerSecretProvider, isRandomSecret, verifyTokenType

    • Constructor Detail

      • DelegationTokenKerberosFilter

        public DelegationTokenKerberosFilter()

    • Method Detail

      • init

        public void init​(javax.servlet.FilterConfig conf)
          throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Filter
        Overrides:
        init in class org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter
        Throws:
        javax.servlet.ServletException

      • getProxyuserConfiguration

        protected org.apache.hadoop.conf.Configuration getProxyuserConfiguration​(javax.servlet.FilterConfig filterConf)
        Return the ProxyUser Configuration. FilterConfig properties beginning with "solr.impersonator.user.name" will be added to the configuration.
        Overrides:
        getProxyuserConfiguration in class org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter

      • doFilter

        public void doFilter​(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain filterChain)
              throws IOException,
                     javax.servlet.ServletException
        Specified by:
        doFilter in interface javax.servlet.Filter
        Overrides:
        doFilter in class org.apache.hadoop.security.authentication.server.AuthenticationFilter
        Throws:
        IOException
        javax.servlet.ServletException

      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Filter
        Overrides:
        destroy in class org.apache.hadoop.security.authentication.server.AuthenticationFilter

      • initializeAuthHandler

        protected void initializeAuthHandler​(String authHandlerClassName,
                                     javax.servlet.FilterConfig filterConfig)
                              throws javax.servlet.ServletException
        Overrides:
        initializeAuthHandler in class org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter
        Throws:
        javax.servlet.ServletException

      • getCuratorClient

        protected org.apache.curator.framework.CuratorFramework getCuratorClient​(org.apache.solr.common.cloud.SolrZkClient zkClient)
                                                                  throws InterruptedException,
                                                                         org.apache.zookeeper.KeeperException
        Throws:
        InterruptedException
        org.apache.zookeeper.KeeperException