Examples with Subject javax.security.auth.Subject used on opensource projects

Search in sources :

Example 11 with Subject

use of javax.security.auth.Subject in project hbase by apache.

the class HttpDoAsClient method getSubject.

static Subject getSubject() throws Exception {
    if (!secure)
        return new Subject();
    /*
     * To authenticate the DemoClient, kinit should be invoked ahead.
     * Here we try to get the Kerberos credential from the ticket cache.
     */
    LoginContext context = new LoginContext("", new Subject(), null, new Configuration() {

        @Override
        public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
            Map<String, String> options = new HashMap<>();
            options.put("useKeyTab", "false");
            options.put("storeKey", "false");
            options.put("doNotPrompt", "true");
            options.put("useTicketCache", "true");
            options.put("renewTGT", "true");
            options.put("refreshKrb5Config", "true");
            options.put("isInitiator", "true");
            String ticketCache = System.getenv("KRB5CCNAME");
            if (ticketCache != null) {
                options.put("ticketCache", ticketCache);
            }
            options.put("debug", "true");
            return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) };
        }
    });
    context.login();
    return context.getSubject();
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) LoginContext(javax.security.auth.login.LoginContext) Configuration(javax.security.auth.login.Configuration) HashMap(java.util.HashMap) Map(java.util.Map) TreeMap(java.util.TreeMap) SortedMap(java.util.SortedMap) Subject(javax.security.auth.Subject)

Example 12 with Subject

use of javax.security.auth.Subject in project hive by apache.

the class HttpAuthUtils method getKerberosServiceTicket.

/**
   * @return Stringified Base64 encoded kerberosAuthHeader on success
   * @throws Exception
   */
public static String getKerberosServiceTicket(String principal, String host, String serverHttpUrl, boolean assumeSubject) throws Exception {
    String serverPrincipal = ShimLoader.getHadoopThriftAuthBridge().getServerPrincipal(principal, host);
    if (assumeSubject) {
        // With this option, we're assuming that the external application,
        // using the JDBC driver has done a JAAS kerberos login already
        AccessControlContext context = AccessController.getContext();
        Subject subject = Subject.getSubject(context);
        if (subject == null) {
            throw new Exception("The Subject is not set");
        }
        return Subject.doAs(subject, new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
    } else {
        // JAAS login from ticket cache to setup the client UserGroupInformation
        UserGroupInformation clientUGI = ShimLoader.getHadoopThriftAuthBridge().getCurrentUGIWithConf("kerberos");
        return clientUGI.doAs(new HttpKerberosClientAction(serverPrincipal, serverHttpUrl));
    }
}
Also used : AccessControlContext(java.security.AccessControlContext) Subject(javax.security.auth.Subject) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)

Example 13 with Subject

use of javax.security.auth.Subject in project storm by apache.

the class AutoHBase method main.

@SuppressWarnings("unchecked")
public static void main(String[] args) throws Exception {
    Map conf = new HashMap();
    //with realm e.g. storm@WITZEND.COM
    conf.put(Config.TOPOLOGY_SUBMITTER_PRINCIPAL, args[0]);
    // hbase principal storm-hbase@WITZEN.COM
    conf.put(HBASE_PRINCIPAL_KEY, args[1]);
    // storm hbase keytab /etc/security/keytabs/storm-hbase.keytab
    conf.put(HBASE_KEYTAB_FILE_KEY, args[2]);
    AutoHBase autoHBase = new AutoHBase();
    autoHBase.prepare(conf);
    Map<String, String> creds = new HashMap<String, String>();
    autoHBase.populateCredentials(creds, conf);
    LOG.info("Got HBase credentials" + autoHBase.getCredentials(creds));
    Subject s = new Subject();
    autoHBase.populateSubject(s, creds);
    LOG.info("Got a Subject " + s);
    autoHBase.renew(creds, conf);
    LOG.info("renewed credentials" + autoHBase.getCredentials(creds));
}
Also used : HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) Subject(javax.security.auth.Subject)

Example 14 with Subject

use of javax.security.auth.Subject in project storm by apache.

the class AutoHDFS method main.

@SuppressWarnings("unchecked")
public static void main(String[] args) throws Exception {
    Map conf = new HashMap();
    //with realm e.g. storm@WITZEND.COM
    conf.put(Config.TOPOLOGY_SUBMITTER_PRINCIPAL, args[0]);
    //with realm e.g. hdfs@WITZEND.COM
    conf.put(STORM_USER_NAME_KEY, args[1]);
    // /etc/security/keytabs/storm.keytab
    conf.put(STORM_KEYTAB_FILE_KEY, args[2]);
    Configuration configuration = new Configuration();
    AutoHDFS autoHDFS = new AutoHDFS();
    autoHDFS.prepare(conf);
    Map<String, String> creds = new HashMap<String, String>();
    autoHDFS.populateCredentials(creds, conf);
    LOG.info("Got HDFS credentials", autoHDFS.getCredentials(creds));
    Subject s = new Subject();
    autoHDFS.populateSubject(s, creds);
    LOG.info("Got a Subject " + s);
    autoHDFS.renew(creds, conf);
    LOG.info("renewed credentials", autoHDFS.getCredentials(creds));
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) Subject(javax.security.auth.Subject)

Example 15 with Subject

use of javax.security.auth.Subject in project storm by apache.

the class BlobStoreTest method getNimbusSubject.

//Gets Nimbus Subject with NimbusPrincipal set on it
public static Subject getNimbusSubject() {
    Subject nimbus = new Subject();
    nimbus.getPrincipals().add(new NimbusPrincipal());
    return nimbus;
}
Also used : NimbusPrincipal(org.apache.storm.security.auth.NimbusPrincipal) Subject(javax.security.auth.Subject)

Aggregations

Subject (javax.security.auth.Subject)669 Test (org.testng.annotations.Test)131 Test (org.junit.Test)122 HashMap (java.util.HashMap)120 Principal (java.security.Principal)114 HashSet (java.util.HashSet)109 Set (java.util.Set)82 EntitlementException (com.sun.identity.entitlement.EntitlementException)64 LoginContext (javax.security.auth.login.LoginContext)62 LoginException (javax.security.auth.login.LoginException)49 ConditionDecision (com.sun.identity.entitlement.ConditionDecision)47 ResourceResponse (org.forgerock.json.resource.ResourceResponse)47 RealmContext (org.forgerock.openam.rest.RealmContext)46 Context (org.forgerock.services.context.Context)41 SSOToken (com.iplanet.sso.SSOToken)40 IOException (java.io.IOException)40 ClientContext (org.forgerock.services.context.ClientContext)40 Map (java.util.Map)38 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)38 ResourceException (org.forgerock.json.resource.ResourceException)37
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial