Example 1 with HttpURLConnectionFactory
use of com.sun.jersey.client.urlconnection.HttpURLConnectionFactory in project incubator-atlas by apache.
the class SecureClientUtils method getClientConnectionHandler.
public static URLConnectionClientHandler getClientConnectionHandler(DefaultClientConfig config, org.apache.commons.configuration.Configuration clientConfig, String doAsUser, final UserGroupInformation ugi) {
config.getProperties().put(URLConnectionClientHandler.PROPERTY_HTTP_URL_CONNECTION_SET_METHOD_WORKAROUND, true);
Configuration conf = new Configuration();
conf.addResource(conf.get(SSLFactory.SSL_CLIENT_CONF_KEY, SecurityProperties.SSL_CLIENT_PROPERTIES));
UserGroupInformation.setConfiguration(conf);
final ConnectionConfigurator connConfigurator = newConnConfigurator(conf);
Authenticator authenticator = new KerberosDelegationTokenAuthenticator();
authenticator.setConnectionConfigurator(connConfigurator);
final DelegationTokenAuthenticator finalAuthenticator = (DelegationTokenAuthenticator) authenticator;
final DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token();
HttpURLConnectionFactory httpURLConnectionFactory = null;
try {
UserGroupInformation ugiToUse = ugi != null ? ugi : UserGroupInformation.getCurrentUser();
final UserGroupInformation actualUgi = (ugiToUse.getAuthenticationMethod() == UserGroupInformation.AuthenticationMethod.PROXY) ? ugiToUse.getRealUser() : ugiToUse;
LOG.info("Real User: {}, is from ticket cache? {}", actualUgi, actualUgi.isLoginTicketBased());
if (StringUtils.isEmpty(doAsUser)) {
doAsUser = actualUgi.getShortUserName();
}
LOG.info("doAsUser: {}", doAsUser);
final String finalDoAsUser = doAsUser;
httpURLConnectionFactory = new HttpURLConnectionFactory() {
@Override
public HttpURLConnection getHttpURLConnection(final URL url) throws IOException {
try {
return actualUgi.doAs(new PrivilegedExceptionAction<HttpURLConnection>() {
@Override
public HttpURLConnection run() throws Exception {
try {
return new DelegationTokenAuthenticatedURL(finalAuthenticator, connConfigurator).openConnection(url, token, finalDoAsUser);
} catch (Exception e) {
throw new IOException(e);
}
}
});
} catch (Exception e) {
if (e instanceof IOException) {
throw (IOException) e;
} else {
throw new IOException(e);
}
}
}
};
} catch (IOException e) {
LOG.warn("Error obtaining user", e);
}
return new URLConnectionClientHandler(httpURLConnectionFactory);
}
Also used :
ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator)
Configuration(org.apache.hadoop.conf.Configuration)
DelegationTokenAuthenticatedURL(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL)
KerberosDelegationTokenAuthenticator(org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator)
DelegationTokenAuthenticator(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator)
IOException(java.io.IOException)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
URL(java.net.URL)
DelegationTokenAuthenticatedURL(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
AtlasException(org.apache.atlas.AtlasException)
HttpURLConnectionFactory(com.sun.jersey.client.urlconnection.HttpURLConnectionFactory)
HttpURLConnection(java.net.HttpURLConnection)
URLConnectionClientHandler(com.sun.jersey.client.urlconnection.URLConnectionClientHandler)
KerberosDelegationTokenAuthenticator(org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator)
Authenticator(org.apache.hadoop.security.authentication.client.Authenticator)
DelegationTokenAuthenticator(org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator)
KerberosDelegationTokenAuthenticator(org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Aggregations
HttpURLConnectionFactory (com.sun.jersey.client.urlconnection.HttpURLConnectionFactory)1
URLConnectionClientHandler (com.sun.jersey.client.urlconnection.URLConnectionClientHandler)1
IOException (java.io.IOException)1
HttpURLConnection (java.net.HttpURLConnection)1
URL (java.net.URL)1
GeneralSecurityException (java.security.GeneralSecurityException)1
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1
AtlasException (org.apache.atlas.AtlasException)1
Configuration (org.apache.hadoop.conf.Configuration)1
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)1
Authenticator (org.apache.hadoop.security.authentication.client.Authenticator)1
ConnectionConfigurator (org.apache.hadoop.security.authentication.client.ConnectionConfigurator)1
DelegationTokenAuthenticatedURL (org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL)1
DelegationTokenAuthenticator (org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator)1
KerberosDelegationTokenAuthenticator (org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator)1
