All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.hadoop.security.authentication.util.SignerSecretProvider Maven / Gradle / Ivy

/**
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License. See accompanying LICENSE file.
 */
package org.apache.hadoop.security.authentication.util;

import java.util.Properties;
import javax.servlet.ServletContext;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;

/**
 * The SignerSecretProvider is an abstract way to provide a secret to be used
 * by the Signer so that we can have different implementations that potentially
 * do more complicated things in the backend.
 * See the RolloverSignerSecretProvider class for an implementation that
 * supports rolling over the secret at a regular interval.
 */
@InterfaceStability.Unstable
@InterfaceAudience.Private
public abstract class SignerSecretProvider {

  /**
   * Initialize the SignerSecretProvider
   * @param config configuration properties
   * @param servletContext servlet context
   * @param tokenValidity The amount of time a token is valid for
   * @throws Exception thrown if an error occurred
   */
  public abstract void init(Properties config, ServletContext servletContext,
          long tokenValidity) throws Exception;
  /**
   * Will be called on shutdown; subclasses should perform any cleanup here.
   */
  public void destroy() {}

  /**
   * Returns the current secret to be used by the Signer for signing new
   * cookies.  This should never return null.
   * 

* Callers should be careful not to modify the returned value. * @return the current secret */ public abstract byte[] getCurrentSecret(); /** * Returns all secrets that a cookie could have been signed with and are still * valid; this should include the secret returned by getCurrentSecret(). *

* Callers should be careful not to modify the returned value. * @return the secrets */ public abstract byte[][] getAllSecrets(); }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy