Service-to-service authentication with Azure Data Lake Storage Gen1 using Java

In this article, you learn about how to use the Java SDK to do service-to-service authentication with Azure Data Lake Storage Gen1. End-user authentication with Data Lake Storage Gen1 using Java SDK is not supported.

Prerequisites

Service-to-service authentication

  1. Create a Maven project using mvn archetype from the command line or using an IDE. For instructions on how to create a Java project using IntelliJ, see here. For instructions on how to create a project using Eclipse, see here.

  2. Add the following dependencies to your Maven pom.xml file. Add the following snippet before the </project> tag:

     <dependencies>
       <dependency>
         <groupId>com.microsoft.azure</groupId>
         <artifactId>azure-data-lake-store-sdk</artifactId>
         <version>2.2.3</version>
       </dependency>
       <dependency>
         <groupId>org.slf4j</groupId>
         <artifactId>slf4j-nop</artifactId>
         <version>1.7.21</version>
       </dependency>
     </dependencies>
    

    The first dependency is to use the Data Lake Storage Gen1 SDK (azure-data-lake-store-sdk) from the maven repository. The second dependency is to specify the logging framework (slf4j-nop) to use for this application. The Data Lake Storage Gen1 SDK uses slf4j logging façade, which lets you choose from a number of popular logging frameworks, like log4j, Java logging, logback, etc., or no logging. For this example, we disable logging, hence we use the slf4j-nop binding. To use other logging options in your app, see here.

  3. Add the following import statements to your application.

     import com.microsoft.azure.datalake.store.ADLException;
     import com.microsoft.azure.datalake.store.ADLStoreClient;
     import com.microsoft.azure.datalake.store.DirectoryEntry;
     import com.microsoft.azure.datalake.store.IfExists;
     import com.microsoft.azure.datalake.store.oauth2.AccessTokenProvider;
     import com.microsoft.azure.datalake.store.oauth2.ClientCredsTokenProvider;
    
  4. Use the following snippet in your Java application to obtain token for the Active Directory Web application you created earlier using one of the subclasses of AccessTokenProvider (the following example uses ClientCredsTokenProvider). The token provider caches the creds used to obtain the token in memory, and automatically renews the token if it is about to expire. It is possible to create your own subclasses of AccessTokenProvider so tokens are obtained by your customer code. For now, let's just use the one provided in the SDK.

    Replace FILL-IN-HERE with the actual values for the Azure Active Directory Web application.

     private static String clientId = "FILL-IN-HERE";
     private static String authTokenEndpoint = "FILL-IN-HERE";
     private static String clientKey = "FILL-IN-HERE";
    
     AccessTokenProvider provider = new ClientCredsTokenProvider(authTokenEndpoint, clientId, clientKey);   
    

The Data Lake Storage Gen1 SDK provides convenient methods that let you manage the security tokens needed to talk to the Data Lake Storage Gen1 account. However, the SDK does not mandate that only these methods be used. You can use any other means of obtaining token as well, like using the Azure Active Directory SDK, or your own custom code.

Next steps

In this article, you learned how to use end-user authentication to authenticate with Data Lake Storage Gen1 using Java SDK. You can now look at the following articles that talk about how to use the Java SDK to work with Data Lake Storage Gen1.