Package org.apache.hadoop.hbase.thrift
Class ThriftHttpServlet
java.lang.Object
javax.servlet.GenericServlet
javax.servlet.http.HttpServlet
org.apache.thrift.server.TServlet
org.apache.hadoop.hbase.thrift.ThriftHttpServlet
- All Implemented Interfaces:
Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
Thrift Http Servlet is used for performing Kerberos authentication if security is enabled and
also used for setting the user specified in "doAs" parameter.
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionprivate static class
private static class
Basic "struct" class to hold the final base64-encoded, authenticated GSSAPI token for the user with the given principal talking to the Thrift server. -
Field Summary
Modifier and TypeFieldDescriptionprivate final boolean
private final HBaseServiceHandler
private final org.apache.hadoop.security.UserGroupInformation
private static final org.slf4j.Logger
static final String
private final boolean
private static final long
private final org.apache.hadoop.security.UserGroupInformation
-
Constructor Summary
ConstructorDescriptionThriftHttpServlet
(org.apache.thrift.TProcessor processor, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.hadoop.security.UserGroupInformation serviceUGI, org.apache.hadoop.security.UserGroupInformation httpUGI, HBaseServiceHandler handler, boolean securityEnabled, boolean doAsEnabled) -
Method Summary
Modifier and TypeMethodDescriptiondoKerberosAuth
(javax.servlet.http.HttpServletRequest request) Do the GSS-API kerberos authentication.protected void
doPost
(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Methods inherited from class org.apache.thrift.server.TServlet
addCustomHeader, doGet, setCustomHeaders
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
Methods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log
-
Field Details
-
serialVersionUID
- See Also:
-
LOG
-
serviceUGI
-
httpUGI
-
handler
-
doAsEnabled
-
securityEnabled
-
NEGOTIATE
- See Also:
-
-
Constructor Details
-
ThriftHttpServlet
public ThriftHttpServlet(org.apache.thrift.TProcessor processor, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.hadoop.security.UserGroupInformation serviceUGI, org.apache.hadoop.security.UserGroupInformation httpUGI, HBaseServiceHandler handler, boolean securityEnabled, boolean doAsEnabled)
-
-
Method Details
-
doPost
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException - Overrides:
doPost
in classorg.apache.thrift.server.TServlet
- Throws:
javax.servlet.ServletException
IOException
-
doKerberosAuth
private ThriftHttpServlet.RemoteUserIdentity doKerberosAuth(javax.servlet.http.HttpServletRequest request) throws HttpAuthenticationException Do the GSS-API kerberos authentication. We already have a logged in subject in the form of httpUGI, which GSS-API will extract information from.- Throws:
HttpAuthenticationException
-