org.apache.hadoop.security.authentication.server.AuthenticationFilter Java Examples
The following examples show how to use
org.apache.hadoop.security.authentication.server.AuthenticationFilter.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SentryWebServer.java From incubator-sentry with Apache License 2.0 | 6 votes |
|
private static Map<String, String> loadWebAuthenticationConf(Configuration conf) {
Map<String,String> prop = new HashMap<String, String>();
prop.put(AuthenticationFilter.CONFIG_PREFIX, ServerConfig.SENTRY_WEB_SECURITY_PREFIX);
String allowUsers = conf.get(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS);
if (allowUsers == null || allowUsers.equals("")) {
allowUsers = conf.get(ServerConfig.ALLOW_CONNECT);
conf.set(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS, allowUsers);
}
validateConf(conf);
for (Map.Entry<String, String> entry : conf) {
String name = entry.getKey();
if (name.startsWith(ServerConfig.SENTRY_WEB_SECURITY_PREFIX)) {
String value = conf.get(name);
prop.put(name, value);
}
}
return prop;
}
Example #2
| Source File: TestFileSignerSecretProvider.java From hadoop with Apache License 2.0 | 6 votes |
|
@Test
public void testGetSecrets() throws Exception {
File testDir = new File(System.getProperty("test.build.data",
"target/test-dir"));
testDir.mkdirs();
String secretValue = "hadoop";
File secretFile = new File(testDir, "http-secret.txt");
Writer writer = new FileWriter(secretFile);
writer.write(secretValue);
writer.close();
FileSignerSecretProvider secretProvider
= new FileSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(
AuthenticationFilter.SIGNATURE_SECRET_FILE,
secretFile.getAbsolutePath());
secretProvider.init(secretProviderProps, null, -1);
Assert.assertArrayEquals(secretValue.getBytes(),
secretProvider.getCurrentSecret());
byte[][] allSecrets = secretProvider.getAllSecrets();
Assert.assertEquals(1, allSecrets.length);
Assert.assertArrayEquals(secretValue.getBytes(), allSecrets[0]);
}
Example #3
| Source File: TestFileSignerSecretProvider.java From big-c with Apache License 2.0 | 6 votes |
|
@Test
public void testGetSecrets() throws Exception {
File testDir = new File(System.getProperty("test.build.data",
"target/test-dir"));
testDir.mkdirs();
String secretValue = "hadoop";
File secretFile = new File(testDir, "http-secret.txt");
Writer writer = new FileWriter(secretFile);
writer.write(secretValue);
writer.close();
FileSignerSecretProvider secretProvider
= new FileSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(
AuthenticationFilter.SIGNATURE_SECRET_FILE,
secretFile.getAbsolutePath());
secretProvider.init(secretProviderProps, null, -1);
Assert.assertArrayEquals(secretValue.getBytes(),
secretProvider.getCurrentSecret());
byte[][] allSecrets = secretProvider.getAllSecrets();
Assert.assertEquals(1, allSecrets.length);
Assert.assertArrayEquals(secretValue.getBytes(), allSecrets[0]);
}
Example #4
| Source File: TestRMWebServicesAppsModification.java From big-c with Apache License 2.0 | 6 votes |
|
@Override
protected Properties getConfiguration(String configPrefix,
FilterConfig filterConfig) throws ServletException {
Properties props = new Properties();
Enumeration<?> names = filterConfig.getInitParameterNames();
while (names.hasMoreElements()) {
String name = (String) names.nextElement();
if (name.startsWith(configPrefix)) {
String value = filterConfig.getInitParameter(name);
props.put(name.substring(configPrefix.length()), value);
}
}
props.put(AuthenticationFilter.AUTH_TYPE, "simple");
props.put(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
return props;
}
Example #5
| Source File: HttpServer2.java From hadoop with Apache License 2.0 | 6 votes |
|
private void initSpnego(Configuration conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #6
| Source File: HttpServer2.java From lucene-solr with Apache License 2.0 | 6 votes |
|
private void initSpnego(Configuration conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #7
| Source File: HttpServer.java From hadoop with Apache License 2.0 | 6 votes |
|
protected void initSpnego(Configuration conf,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<String, String>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal",
SecurityUtil.getServerPrincipal(principalInConf, listener.getHost()));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #8
| Source File: HttpServer2.java From big-c with Apache License 2.0 | 6 votes |
|
private void initSpnego(Configuration conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #9
| Source File: AtlasAuthenticationFilter.java From incubator-atlas with Apache License 2.0 | 6 votes |
|
@Override
public void initializeSecretProvider(FilterConfig filterConfig)
throws ServletException {
LOG.debug("AtlasAuthenticationFilter :: initializeSecretProvider {}", filterConfig);
secretProvider = (SignerSecretProvider) filterConfig.getServletContext().
getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);
if (secretProvider == null) {
// As tomcat cannot specify the provider object in the configuration.
// It'll go into this path
String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);
configPrefix = (configPrefix != null) ? configPrefix + "." : "";
try {
secretProvider = AuthenticationFilter.constructSecretProvider(
filterConfig.getServletContext(),
super.getConfiguration(configPrefix, filterConfig), false);
this.isInitializedByTomcat = true;
} catch (Exception ex) {
throw new ServletException(ex);
}
}
signer = new Signer(secretProvider);
}
Example #10
| Source File: HttpServer.java From big-c with Apache License 2.0 | 6 votes |
|
protected void initSpnego(Configuration conf,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<String, String>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal",
SecurityUtil.getServerPrincipal(principalInConf, listener.getHost()));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #11
| Source File: HttpServer2.java From knox with Apache License 2.0 | 6 votes |
|
private void initSpnego(Configuration conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #12
| Source File: TestRMWebServicesAppsModification.java From hadoop with Apache License 2.0 | 6 votes |
|
@Override
protected Properties getConfiguration(String configPrefix,
FilterConfig filterConfig) throws ServletException {
Properties props = new Properties();
Enumeration<?> names = filterConfig.getInitParameterNames();
while (names.hasMoreElements()) {
String name = (String) names.nextElement();
if (name.startsWith(configPrefix)) {
String value = filterConfig.getInitParameter(name);
props.put(name.substring(configPrefix.length()), value);
}
}
props.put(AuthenticationFilter.AUTH_TYPE, "simple");
props.put(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
return props;
}
Example #13
| Source File: HttpServer2.java From knox with Apache License 2.0 | 6 votes |
|
private void initSpnego(Configuration conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #14
| Source File: AtlasAuthenticationFilter.java From atlas with Apache License 2.0 | 6 votes |
|
@Override
public void initializeSecretProvider(FilterConfig filterConfig) throws ServletException {
LOG.info("==> AtlasAuthenticationFilter.initializeSecretProvider");
secretProvider = (SignerSecretProvider) filterConfig.getServletContext().getAttribute(AuthenticationFilter.SIGNER_SECRET_PROVIDER_ATTRIBUTE);
if (secretProvider == null) {
// As tomcat cannot specify the provider object in the configuration.
// It'll go into this path
String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);
configPrefix = (configPrefix != null) ? configPrefix + "." : "";
try {
secretProvider = AuthenticationFilter.constructSecretProvider(filterConfig.getServletContext(), super.getConfiguration(configPrefix, filterConfig), false);
this.isInitializedByTomcat = true;
} catch (Exception ex) {
throw new ServletException(ex);
}
}
signer = new Signer(secretProvider);
LOG.info("<== AtlasAuthenticationFilter.initializeSecretProvider(filterConfig={})", filterConfig);
}
Example #15
| Source File: HttpServer2.java From hadoop-ozone with Apache License 2.0 | 6 votes |
|
private void initSpnego(ConfigurationSource conf, String hostName,
String usernameConfKey, String keytabConfKey) throws IOException {
Map<String, String> params = new HashMap<>();
String principalInConf = conf.get(usernameConfKey);
if (principalInConf != null && !principalInConf.isEmpty()) {
params.put("kerberos.principal", SecurityUtil.getServerPrincipal(
principalInConf, hostName));
}
String httpKeytab = conf.get(keytabConfKey);
if (httpKeytab != null && !httpKeytab.isEmpty()) {
params.put("kerberos.keytab", httpKeytab);
}
params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
defineFilter(webAppContext, SPNEGO_FILTER,
AuthenticationFilter.class.getName(), params, null);
}
Example #16
| Source File: HttpServer2.java From big-c with Apache License 2.0 | 5 votes |
|
private static SignerSecretProvider constructSecretProvider(final Builder b,
ServletContext ctx)
throws Exception {
final Configuration conf = b.conf;
Properties config = getFilterProperties(conf,
b.authFilterConfigurationPrefix);
return AuthenticationFilter.constructSecretProvider(
ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
Example #17
| Source File: TestRMWebServicesDelegationTokens.java From big-c with Apache License 2.0 | 5 votes |
|
@Override
protected Properties getConfiguration(String configPrefix,
FilterConfig filterConfig) throws ServletException {
Properties properties =
super.getConfiguration(configPrefix, filterConfig);
properties.put(KerberosAuthenticationHandler.PRINCIPAL,
httpSpnegoPrincipal);
properties.put(KerberosAuthenticationHandler.KEYTAB,
httpSpnegoKeytabFile.getAbsolutePath());
properties.put(AuthenticationFilter.AUTH_TYPE, "simple");
properties.put(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
return properties;
}
Example #18
| Source File: TestHttpCookieFlag.java From big-c with Apache License 2.0 | 5 votes |
|
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException,
ServletException {
HttpServletResponse resp = (HttpServletResponse) response;
boolean isHttps = "https".equals(request.getScheme());
AuthenticationFilter.createAuthCookie(resp, "token", null, null, -1,
isHttps);
chain.doFilter(request, resp);
}
Example #19
| Source File: AuthenticationFilterInitializer.java From big-c with Apache License 2.0 | 5 votes |
|
public static Map<String, String> getFilterConfigMap(Configuration conf,
String prefix) {
Map<String, String> filterConfig = new HashMap<String, String>();
//setting the cookie path to root '/' so it is used for all resources.
filterConfig.put(AuthenticationFilter.COOKIE_PATH, "/");
for (Map.Entry<String, String> entry : conf) {
String name = entry.getKey();
if (name.startsWith(prefix)) {
String value = conf.get(name);
name = name.substring(prefix.length());
filterConfig.put(name, value);
}
}
//Resolve _HOST into bind address
String bindAddress = conf.get(HttpServer2.BIND_ADDRESS);
String principal = filterConfig.get(KerberosAuthenticationHandler.PRINCIPAL);
if (principal != null) {
try {
principal = SecurityUtil.getServerPrincipal(principal, bindAddress);
}
catch (IOException ex) {
throw new RuntimeException("Could not resolve Kerberos principal name: " + ex.toString(), ex);
}
filterConfig.put(KerberosAuthenticationHandler.PRINCIPAL, principal);
}
return filterConfig;
}
Example #20
| Source File: FileSignerSecretProvider.java From big-c with Apache License 2.0 | 5 votes |
|
@Override
public void init(Properties config, ServletContext servletContext,
long tokenValidity) throws Exception {
String signatureSecretFile = config.getProperty(
AuthenticationFilter.SIGNATURE_SECRET_FILE, null);
Reader reader = null;
if (signatureSecretFile != null) {
try {
StringBuilder sb = new StringBuilder();
reader = new InputStreamReader(
new FileInputStream(signatureSecretFile), Charsets.UTF_8);
int c = reader.read();
while (c > -1) {
sb.append((char) c);
c = reader.read();
}
secret = sb.toString().getBytes(Charset.forName("UTF-8"));
} catch (IOException ex) {
throw new RuntimeException("Could not read signature secret file: " +
signatureSecretFile);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
// nothing to do
}
}
}
}
secrets = new byte[][]{secret};
}
Example #21
| Source File: TestKerberosAuthenticator.java From big-c with Apache License 2.0 | 5 votes |
|
private Properties getAuthenticationHandlerConfiguration() {
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "kerberos");
props.setProperty(KerberosAuthenticationHandler.PRINCIPAL, KerberosTestUtils.getServerPrincipal());
props.setProperty(KerberosAuthenticationHandler.KEYTAB, KerberosTestUtils.getKeytabFile());
props.setProperty(KerberosAuthenticationHandler.NAME_RULES,
"RULE:[1:$1@$0](.*@" + KerberosTestUtils.getRealm()+")s/@.*//\n");
return props;
}
Example #22
| Source File: TestKerberosAuthenticator.java From big-c with Apache License 2.0 | 5 votes |
|
@Test(timeout=60000)
public void testFallbacktoPseudoAuthenticator() throws Exception {
AuthenticatorTestCase auth = new AuthenticatorTestCase(useTomcat);
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "false");
AuthenticatorTestCase.setAuthenticationHandlerConfig(props);
auth._testAuthentication(new KerberosAuthenticator(), false);
}
Example #23
| Source File: TestKerberosAuthenticator.java From big-c with Apache License 2.0 | 5 votes |
|
@Test(timeout=60000)
public void testFallbacktoPseudoAuthenticatorAnonymous() throws Exception {
AuthenticatorTestCase auth = new AuthenticatorTestCase(useTomcat);
Properties props = new Properties();
props.setProperty(AuthenticationFilter.AUTH_TYPE, "simple");
props.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
AuthenticatorTestCase.setAuthenticationHandlerConfig(props);
auth._testAuthentication(new KerberosAuthenticator(), false);
}
Example #24
| Source File: TestStringSignerSecretProvider.java From big-c with Apache License 2.0 | 5 votes |
|
@Test
public void testGetSecrets() throws Exception {
String secretStr = "secret";
StringSignerSecretProvider secretProvider
= new StringSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(
AuthenticationFilter.SIGNATURE_SECRET, "secret");
secretProvider.init(secretProviderProps, null, -1);
byte[] secretBytes = secretStr.getBytes();
Assert.assertArrayEquals(secretBytes, secretProvider.getCurrentSecret());
byte[][] allSecrets = secretProvider.getAllSecrets();
Assert.assertEquals(1, allSecrets.length);
Assert.assertArrayEquals(secretBytes, allSecrets[0]);
}
Example #25
| Source File: StringSignerSecretProvider.java From big-c with Apache License 2.0 | 5 votes |
|
@Override
public void init(Properties config, ServletContext servletContext,
long tokenValidity) throws Exception {
String signatureSecret = config.getProperty(
AuthenticationFilter.SIGNATURE_SECRET, null);
secret = signatureSecret.getBytes(Charset.forName("UTF-8"));
secrets = new byte[][]{secret};
}
Example #26
| Source File: TestSigner.java From big-c with Apache License 2.0 | 5 votes |
|
private StringSignerSecretProvider createStringSignerSecretProvider() throws Exception {
StringSignerSecretProvider secretProvider = new StringSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret");
secretProvider.init(secretProviderProps, null, -1);
return secretProvider;
}
Example #27
| Source File: HttpServer2.java From lucene-solr with Apache License 2.0 | 5 votes |
|
private static SignerSecretProvider constructSecretProvider(final Builder b,
ServletContext ctx)
throws Exception {
final Configuration conf = b.conf;
Properties config = getFilterProperties(conf,
b.authFilterConfigurationPrefix);
return AuthenticationFilter.constructSecretProvider(
ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
Example #28
| Source File: HttpParamDelegationTokenPlugin.java From lucene-solr with Apache License 2.0 | 5 votes |
|
@Override
public void init(Map<String, Object> pluginConfig) {
try {
final FilterConfig initConf = getInitFilterConfig(pluginConfig, true);
FilterConfig conf = new FilterConfig() {
@Override
public ServletContext getServletContext() {
return initConf.getServletContext();
}
@Override
public Enumeration<String> getInitParameterNames() {
return initConf.getInitParameterNames();
}
@Override
public String getInitParameter(String param) {
if (AuthenticationFilter.AUTH_TYPE.equals(param)) {
return HttpParamDelegationTokenAuthenticationHandler.class.getName();
}
return initConf.getInitParameter(param);
}
@Override
public String getFilterName() {
return "HttpParamFilter";
}
};
Filter kerberosFilter = new HttpParamToRequestFilter();
kerberosFilter.init(conf);
setKerberosFilter(kerberosFilter);
} catch (ServletException e) {
throw new SolrException(SolrException.ErrorCode.SERVER_ERROR,
"Error initializing kerberos authentication plugin: "+e);
}
}
Example #29
| Source File: AuthFilter.java From hbase with Apache License 2.0 | 5 votes |
|
/**
* Returns the configuration to be used by the authentication filter
* to initialize the authentication handler.
*
* This filter retrieves all HBase configurations and passes those started
* with REST_PREFIX to the authentication handler. It is useful to support
* plugging different authentication handlers.
*/
@Override
protected Properties getConfiguration(
String configPrefix, FilterConfig filterConfig) throws ServletException {
Properties props = super.getConfiguration(configPrefix, filterConfig);
//setting the cookie path to root '/' so it is used for all resources.
props.setProperty(AuthenticationFilter.COOKIE_PATH, "/");
Configuration conf = null;
// Dirty hack to get at the RESTServer's configuration. These should be pulled out
// of the FilterConfig.
if (RESTServer.conf != null) {
conf = RESTServer.conf;
} else {
conf = HBaseConfiguration.create();
}
for (Map.Entry<String, String> entry : conf) {
String name = entry.getKey();
if (name.startsWith(REST_PREFIX)) {
String value = entry.getValue();
if(name.equals(REST_AUTHENTICATION_PRINCIPAL)) {
try {
String machineName = Strings.domainNamePointerToHostName(
DNS.getDefaultHost(conf.get(REST_DNS_INTERFACE, "default"),
conf.get(REST_DNS_NAMESERVER, "default")));
value = SecurityUtil.getServerPrincipal(value, machineName);
} catch (IOException ie) {
throw new ServletException("Failed to retrieve server principal", ie);
}
}
if (LOG.isTraceEnabled()) {
LOG.trace("Setting property " + name + "=" + value);
}
name = name.substring(REST_PREFIX_LEN);
props.setProperty(name, value);
}
}
return props;
}
Example #30
| Source File: HttpServer2.java From knox with Apache License 2.0 | 5 votes |
|
private static SignerSecretProvider constructSecretProvider(final Builder b,
ServletContext ctx)
throws Exception {
final Configuration conf = b.conf;
Properties config = getFilterProperties(conf,
b.authFilterConfigurationPrefix);
return AuthenticationFilter.constructSecretProvider(
ctx, config, b.disallowFallbackToRandomSignerSecretProvider);
}
