Search in sources :

Example 1 with TokenManager

use of io.cdap.cdap.security.auth.TokenManager in project cdap by caskdata.

the class ArtifactLocalizerTwillRunnable method doInitialize.

private void doInitialize() throws Exception {
    CConfiguration cConf = CConfiguration.create();
    cConf.clear();
    cConf.addResource(new File(getArgument("cConf")).toURI().toURL());
    Configuration hConf = new Configuration();
    hConf.clear();
    hConf.addResource(new File(getArgument("hConf")).toURI().toURL());
    Injector injector = createInjector(cConf, hConf);
    // Initialize logging context
    logAppenderInitializer = injector.getInstance(LogAppenderInitializer.class);
    logAppenderInitializer.initialize();
    LoggingContext loggingContext = new ServiceLoggingContext(NamespaceId.SYSTEM.getNamespace(), Constants.Logging.COMPONENT_NAME, Constants.Service.ARTIFACT_LOCALIZER);
    LoggingContextAccessor.setLoggingContext(loggingContext);
    tokenManager = injector.getInstance(TokenManager.class);
    tokenManager.startAndWait();
    artifactLocalizerService = injector.getInstance(ArtifactLocalizerService.class);
}
Also used : LogAppenderInitializer(io.cdap.cdap.logging.appender.LogAppenderInitializer) Configuration(org.apache.hadoop.conf.Configuration) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) LoggingContext(io.cdap.cdap.common.logging.LoggingContext) ServiceLoggingContext(io.cdap.cdap.common.logging.ServiceLoggingContext) Injector(com.google.inject.Injector) ServiceLoggingContext(io.cdap.cdap.common.logging.ServiceLoggingContext) TokenManager(io.cdap.cdap.security.auth.TokenManager) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) File(java.io.File)

Example 2 with TokenManager

use of io.cdap.cdap.security.auth.TokenManager in project cdap by caskdata.

the class MasterEnvironmentMain method getInternalAuthenticator.

/**
 * Return {@link InternalAuthenticator} with
 *   {@link SystemAuthenticationContext} if cdap-secret is mounted (e.g. when only running system code / trusted code)
 *   or {@link WorkerAuthenticationContext} if cdap-secret is not mounted (e.g. running untrusted user provided code)
 */
private static InternalAuthenticator getInternalAuthenticator(CConfiguration cConf) {
    File sConfFile = new File(cConf.get(Constants.Twill.Security.MASTER_SECRET_DISK_PATH));
    Injector injector;
    if (sConfFile.exists()) {
        // cdap-secret is mounted and available, use system authentication context
        injector = Guice.createInjector(new IOModule(), new ConfigModule(cConf), CoreSecurityRuntimeModule.getDistributedModule(cConf), new AuthenticationContextModules().getMasterModule());
        if (cConf.getBoolean(Constants.Security.INTERNAL_AUTH_ENABLED)) {
            tokenManager = injector.getInstance(TokenManager.class);
            tokenManager.startAndWait();
        }
    } else {
        // cdap-secret is NOT mounted, use worker authentication context
        injector = Guice.createInjector(new IOModule(), new ConfigModule(cConf), CoreSecurityRuntimeModule.getDistributedModule(cConf), new AuthenticationContextModules().getMasterWorkerModule());
    }
    return injector.getInstance(InternalAuthenticator.class);
}
Also used : IOModule(io.cdap.cdap.common.guice.IOModule) Injector(com.google.inject.Injector) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) TokenManager(io.cdap.cdap.security.auth.TokenManager) File(java.io.File)

Aggregations

Injector (com.google.inject.Injector)2 TokenManager (io.cdap.cdap.security.auth.TokenManager)2 File (java.io.File)2 CConfiguration (io.cdap.cdap.common.conf.CConfiguration)1 ConfigModule (io.cdap.cdap.common.guice.ConfigModule)1 IOModule (io.cdap.cdap.common.guice.IOModule)1 LoggingContext (io.cdap.cdap.common.logging.LoggingContext)1 ServiceLoggingContext (io.cdap.cdap.common.logging.ServiceLoggingContext)1 LogAppenderInitializer (io.cdap.cdap.logging.appender.LogAppenderInitializer)1 AuthenticationContextModules (io.cdap.cdap.security.auth.context.AuthenticationContextModules)1 Configuration (org.apache.hadoop.conf.Configuration)1