org.apache.hadoop.security.authentication.client
Class AuthenticatedURL

java.lang.Object
  extended by org.apache.hadoop.security.authentication.client.AuthenticatedURL

public class AuthenticatedURL
extends Object

The AuthenticatedURL class enables the use of the JDK URL class against HTTP endpoints protected with the AuthenticationFilter.

The authentication mechanisms supported by default are Hadoop Simple authentication (also known as pseudo authentication) and Kerberos SPNEGO authentication.

Additional authentication mechanisms can be supported via Authenticator implementations.

The default Authenticator is the KerberosAuthenticator class which supports automatic fallback from Kerberos SPNEGO to Hadoop Simple authentication.

AuthenticatedURL instances are not thread-safe.

The usage pattern of the AuthenticatedURL is:


 // establishing an initial connection

 URL url = new URL("http://foo:8080/bar");
 AuthenticatedURL.Token token = new AuthenticatedURL.Token();
 AuthenticatedURL aUrl = new AuthenticatedURL();
 HttpURLConnection conn = new AuthenticatedURL(url, token).openConnection();
 ....
 // use the 'conn' instance
 ....

 // establishing a follow up connection using a token from the previous connection

 HttpURLConnection conn = new AuthenticatedURL(url, token).openConnection();
 ....
 // use the 'conn' instance
 ....

 


Nested Class Summary
static class AuthenticatedURL.Token
          Client side authentication token.
 
Field Summary
static String AUTH_COOKIE
          Name of the HTTP cookie used for the authentication token between the client and the server.
 
Constructor Summary
AuthenticatedURL()
          Creates an AuthenticatedURL.
AuthenticatedURL(Authenticator authenticator)
          Creates an AuthenticatedURL.
 
Method Summary
static void extractToken(HttpURLConnection conn, AuthenticatedURL.Token token)
          Helper method that extracts an authentication token received from a connection.
static Class<? extends Authenticator> getDefaultAuthenticator()
          Returns the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
static void injectToken(HttpURLConnection conn, AuthenticatedURL.Token token)
          Helper method that injects an authentication token to send with a connection.
 HttpURLConnection openConnection(URL url, AuthenticatedURL.Token token)
          Returns an authenticated HttpURLConnection.
static void setDefaultAuthenticator(Class<? extends Authenticator> authenticator)
          Sets the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

AUTH_COOKIE

public static final String AUTH_COOKIE
Name of the HTTP cookie used for the authentication token between the client and the server.

See Also:
Constant Field Values
Constructor Detail

AuthenticatedURL

public AuthenticatedURL()
Creates an AuthenticatedURL.


AuthenticatedURL

public AuthenticatedURL(Authenticator authenticator)
Creates an AuthenticatedURL.

Parameters:
authenticator - the Authenticator instance to use, if null a KerberosAuthenticator is used.
Method Detail

setDefaultAuthenticator

public static void setDefaultAuthenticator(Class<? extends Authenticator> authenticator)
Sets the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.

Parameters:
authenticator - the authenticator class to use as default.

getDefaultAuthenticator

public static Class<? extends Authenticator> getDefaultAuthenticator()
Returns the default Authenticator class to use when an AuthenticatedURL instance is created without specifying an authenticator.

Returns:
the authenticator class to use as default.

openConnection

public HttpURLConnection openConnection(URL url,
                                        AuthenticatedURL.Token token)
                                 throws IOException,
                                        AuthenticationException
Returns an authenticated HttpURLConnection.

Parameters:
url - the URL to connect to. Only HTTP/S URLs are supported.
token - the authentication token being used for the user.
Returns:
an authenticated HttpURLConnection.
Throws:
IOException - if an IO error occurred.
AuthenticationException - if an authentication exception occurred.

injectToken

public static void injectToken(HttpURLConnection conn,
                               AuthenticatedURL.Token token)
Helper method that injects an authentication token to send with a connection.

Parameters:
conn - connection to inject the authentication token into.
token - authentication token to inject.

extractToken

public static void extractToken(HttpURLConnection conn,
                                AuthenticatedURL.Token token)
                         throws IOException,
                                AuthenticationException
Helper method that extracts an authentication token received from a connection.

This method is used by Authenticator implementations.

Parameters:
conn - connection to extract the authentication token from.
token - the authentication token.
Throws:
IOException - if an IO error occurred.
AuthenticationException - if an authentication exception occurred.


Copyright © 2009 The Apache Software Foundation