org.apache.oozie.servlet

Class AuthFilter

java.lang.Object

org.apache.hadoop.security.authentication.server.AuthenticationFilter

org.apache.oozie.servlet.AuthFilter

All Implemented Interfaces:

javax.servlet.Filter

public class AuthFilter
extends org.apache.hadoop.security.authentication.server.AuthenticationFilter

Authentication filter that extends Hadoop-auth AuthenticationFilter to override the configuration loading.

Field Summary

Fields inherited from class org.apache.hadoop.security.authentication.server.AuthenticationFilter

AUTH_TOKEN_VALIDITY, AUTH_TYPE, CONFIG_PREFIX, COOKIE_DOMAIN, COOKIE_PATH, SIGNATURE_SECRET

Constructor Summary

Constructors

Constructor and Description
AuthFilter()

Method Summary

Methods

Modifier and Type	Method and Description
void	destroy() Destroy the filter.
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) Enforces authentication using Hadoop-auth AuthenticationFilter.
protected Properties	getConfiguration(String configPrefix, javax.servlet.FilterConfig filterConfig) Returns the configuration from Oozie configuration to be used by the authentication filter.
void	init(javax.servlet.FilterConfig filterConfig) Initialize the filter.

Methods inherited from class org.apache.hadoop.security.authentication.server.AuthenticationFilter

createCookie, getAuthenticationHandler, getCookieDomain, getCookiePath, getRequestURL, getToken, getValidity, isRandomSecret

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthFilter

public AuthFilter()

Method Detail

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Initialize the filter.

Specified by:

init in interface javax.servlet.Filter

Overrides:

init in class org.apache.hadoop.security.authentication.server.AuthenticationFilter

Parameters:

filterConfig - filter configuration.

Throws:

javax.servlet.ServletException - thrown if the filter could not be initialized.

destroy

public void destroy()

Destroy the filter.

Specified by:

destroy in interface javax.servlet.Filter

Overrides:

destroy in class org.apache.hadoop.security.authentication.server.AuthenticationFilter

getConfiguration

protected Properties getConfiguration(String configPrefix,
                          javax.servlet.FilterConfig filterConfig)

Returns the configuration from Oozie configuration to be used by the authentication filter.

All properties from Oozie configuration which name starts with OOZIE_PREFIX will be returned. The keys of the returned properties are trimmed from the OOZIE_PREFIX prefix, for example the Oozie configuration property name 'oozie.authentication.type' will be just 'type'.

Overrides:

getConfiguration in class org.apache.hadoop.security.authentication.server.AuthenticationFilter

Parameters:

configPrefix - configuration prefix, this parameter is ignored by this implementation.

filterConfig - filter configuration, this parameter is ignored by this implementation.

Returns:

all Oozie configuration properties prefixed with OOZIE_PREFIX, without the prefix.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
            javax.servlet.ServletResponse response,
            javax.servlet.FilterChain filterChain)
              throws IOException,
                     javax.servlet.ServletException

Enforces authentication using Hadoop-auth AuthenticationFilter.

This method is overriden to respond to HTTP OPTIONS requests for authenticated calls, regardless of the target servlet supporting OPTIONS or not and to inject the authenticated user name as request attribute for Oozie to retrieve the user id.

Specified by:

doFilter in interface javax.servlet.Filter

Overrides:

doFilter in class org.apache.hadoop.security.authentication.server.AuthenticationFilter

Parameters:

request - http request.

response - http response.

filterChain - filter chain.

Throws:

IOException - thrown if an IO error occurs.

javax.servlet.ServletException - thrown if a servlet error occurs.