Example 6 with PrivilegedExceptionAction
use of java.security.PrivilegedExceptionAction in project hbase by apache.
the class TestVisibilityLabelsWithDeletes method addLabels.
public static void addLabels() throws Exception {
PrivilegedExceptionAction<VisibilityLabelsResponse> action = new PrivilegedExceptionAction<VisibilityLabelsResponse>() {
@Override
public VisibilityLabelsResponse run() throws Exception {
String[] labels = { SECRET, TOPSECRET, CONFIDENTIAL, PUBLIC, PRIVATE };
try (Connection conn = ConnectionFactory.createConnection(conf)) {
VisibilityClient.addLabels(conn, labels);
} catch (Throwable t) {
throw new IOException(t);
}
return null;
}
};
SUPERUSER.runAs(action);
}
Also used :
Connection(org.apache.hadoop.hbase.client.Connection)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
InterruptedIOException(java.io.InterruptedIOException)
IOException(java.io.IOException)
VisibilityLabelsResponse(org.apache.hadoop.hbase.protobuf.generated.VisibilityLabelsProtos.VisibilityLabelsResponse)
Example 7 with PrivilegedExceptionAction
use of java.security.PrivilegedExceptionAction in project hive by apache.
the class TestHadoopAuthBridge23 method testMetastoreProxyUser.
@Test
public void testMetastoreProxyUser() throws Exception {
setup();
final String proxyUserName = "proxyUser";
//set the configuration up such that proxyUser can act on
//behalf of all users belonging to the group foo_bar_group (
//a dummy group)
String[] groupNames = new String[] { "foo_bar_group" };
setGroupsInConf(groupNames, proxyUserName);
final UserGroupInformation delegationTokenUser = UserGroupInformation.getCurrentUser();
final UserGroupInformation proxyUserUgi = UserGroupInformation.createRemoteUser(proxyUserName);
String tokenStrForm = proxyUserUgi.doAs(new PrivilegedExceptionAction<String>() {
public String run() throws Exception {
try {
//foo_bar_group, the call to getDelegationTokenStr will fail
return getDelegationTokenStr(delegationTokenUser, proxyUserUgi);
} catch (AuthorizationException ae) {
return null;
}
}
});
Assert.assertTrue("Expected the getDelegationToken call to fail", tokenStrForm == null);
//set the configuration up such that proxyUser can act on
//behalf of all users belonging to the real group(s) that the
//user running the test belongs to
setGroupsInConf(UserGroupInformation.getCurrentUser().getGroupNames(), proxyUserName);
tokenStrForm = proxyUserUgi.doAs(new PrivilegedExceptionAction<String>() {
public String run() throws Exception {
try {
//obtained above the call to getDelegationTokenStr will succeed
return getDelegationTokenStr(delegationTokenUser, proxyUserUgi);
} catch (AuthorizationException ae) {
return null;
}
}
});
Assert.assertTrue("Expected the getDelegationToken call to not fail", tokenStrForm != null);
Token<DelegationTokenIdentifier> t = new Token<DelegationTokenIdentifier>();
t.decodeFromUrlString(tokenStrForm);
//check whether the username in the token is what we expect
DelegationTokenIdentifier d = new DelegationTokenIdentifier();
d.readFields(new DataInputStream(new ByteArrayInputStream(t.getIdentifier())));
Assert.assertTrue("Usernames don't match", delegationTokenUser.getShortUserName().equals(d.getUser().getShortUserName()));
}
Also used :
AuthorizationException(org.apache.hadoop.security.authorize.AuthorizationException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InvalidToken(org.apache.hadoop.security.token.SecretManager.InvalidToken)
Token(org.apache.hadoop.security.token.Token)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
DataInputStream(java.io.DataInputStream)
MetaException(org.apache.hadoop.hive.metastore.api.MetaException)
TTransportException(org.apache.thrift.transport.TTransportException)
AuthorizationException(org.apache.hadoop.security.authorize.AuthorizationException)
IOException(java.io.IOException)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Test(org.junit.Test)
Example 8 with PrivilegedExceptionAction
use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class Gridmix method run.
public int run(final String[] argv) throws IOException, InterruptedException {
int val = -1;
final Configuration conf = getConf();
UserGroupInformation.setConfiguration(conf);
UserGroupInformation ugi = UserGroupInformation.getLoginUser();
val = ugi.doAs(new PrivilegedExceptionAction<Integer>() {
public Integer run() throws Exception {
return runJob(conf, argv);
}
});
// print the gridmix summary if the run was successful
if (val == 0) {
// print the run summary
System.out.print("\n\n");
System.out.println(summarizer.toString());
}
return val;
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Example 9 with PrivilegedExceptionAction
use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class TestTimelineClient method createTimelineClientFakeTimelineClientRetryOp.
private TimelineClientImpl createTimelineClientFakeTimelineClientRetryOp(YarnConfiguration conf) {
TimelineClientImpl client = new TimelineClientImpl() {
@Override
protected TimelineConnector createTimelineConnector() {
TimelineConnector connector = new TimelineConnector(true, authUgi, doAsUser, token) {
@Override
public TimelineClientRetryOp createRetryOpForOperateDelegationToken(final PrivilegedExceptionAction<?> action) throws IOException {
TimelineClientRetryOpForOperateDelegationToken op = spy(new TimelineClientRetryOpForOperateDelegationToken(UserGroupInformation.getCurrentUser(), action));
doThrow(new SocketTimeoutException("Test socketTimeoutException")).when(op).run();
return op;
}
};
addIfService(connector);
return connector;
}
};
client.init(conf);
client.start();
return client;
}
Also used :
SocketTimeoutException(java.net.SocketTimeoutException)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
Example 10 with PrivilegedExceptionAction
use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class WebServices method getApp.
public AppInfo getApp(HttpServletRequest req, HttpServletResponse res, String appId) {
UserGroupInformation callerUGI = getUser(req);
final ApplicationId id = parseApplicationId(appId);
ApplicationReport app = null;
try {
if (callerUGI == null) {
GetApplicationReportRequest request = GetApplicationReportRequest.newInstance(id);
app = appBaseProt.getApplicationReport(request).getApplicationReport();
} else {
app = callerUGI.doAs(new PrivilegedExceptionAction<ApplicationReport>() {
@Override
public ApplicationReport run() throws Exception {
GetApplicationReportRequest request = GetApplicationReportRequest.newInstance(id);
return appBaseProt.getApplicationReport(request).getApplicationReport();
}
});
}
} catch (Exception e) {
rewrapAndThrowException(e);
}
if (app == null) {
throw new NotFoundException("app with id: " + appId + " not found");
}
return new AppInfo(app);
}
Also used :
ApplicationReport(org.apache.hadoop.yarn.api.records.ApplicationReport)
GetApplicationReportRequest(org.apache.hadoop.yarn.api.protocolrecords.GetApplicationReportRequest)
ContainerNotFoundException(org.apache.hadoop.yarn.exceptions.ContainerNotFoundException)
NotFoundException(org.apache.hadoop.yarn.webapp.NotFoundException)
ApplicationAttemptNotFoundException(org.apache.hadoop.yarn.exceptions.ApplicationAttemptNotFoundException)
ApplicationNotFoundException(org.apache.hadoop.yarn.exceptions.ApplicationNotFoundException)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId)
ForbiddenException(org.apache.hadoop.yarn.webapp.ForbiddenException)
AuthorizationException(org.apache.hadoop.security.authorize.AuthorizationException)
ContainerNotFoundException(org.apache.hadoop.yarn.exceptions.ContainerNotFoundException)
NotFoundException(org.apache.hadoop.yarn.webapp.NotFoundException)
ApplicationAttemptNotFoundException(org.apache.hadoop.yarn.exceptions.ApplicationAttemptNotFoundException)
UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException)
WebApplicationException(javax.ws.rs.WebApplicationException)
ApplicationNotFoundException(org.apache.hadoop.yarn.exceptions.ApplicationNotFoundException)
BadRequestException(org.apache.hadoop.yarn.webapp.BadRequestException)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
AppInfo(org.apache.hadoop.yarn.server.webapp.dao.AppInfo)
Aggregations
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)390
IOException (java.io.IOException)200
PrivilegedActionException (java.security.PrivilegedActionException)138
Test (org.junit.Test)104
Connection (org.apache.hadoop.hbase.client.Connection)81
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)76
Table (org.apache.hadoop.hbase.client.Table)62
TableName (org.apache.hadoop.hbase.TableName)57
Result (org.apache.hadoop.hbase.client.Result)56
Scan (org.apache.hadoop.hbase.client.Scan)55
ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)53
Delete (org.apache.hadoop.hbase.client.Delete)48
InterruptedIOException (java.io.InterruptedIOException)47
Cell (org.apache.hadoop.hbase.Cell)38
CellScanner (org.apache.hadoop.hbase.CellScanner)38
Configuration (org.apache.hadoop.conf.Configuration)36
File (java.io.File)34
AuthorizationException (org.apache.hadoop.security.authorize.AuthorizationException)33
Path (org.apache.hadoop.fs.Path)23
ArrayList (java.util.ArrayList)22
