use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class KMSClientProvider method createConnection.
private HttpURLConnection createConnection(final URL url, String method) throws IOException {
HttpURLConnection conn;
try {
final String doAsUser = getDoAsUser();
conn = getActualUgi().doAs(new PrivilegedExceptionAction<HttpURLConnection>() {
@Override
public HttpURLConnection run() throws Exception {
DelegationTokenAuthenticatedURL authUrl = new DelegationTokenAuthenticatedURL(configurator);
return authUrl.openConnection(url, authToken, doAsUser);
}
});
} catch (IOException ex) {
if (ex instanceof SocketTimeoutException) {
LOG.warn("Failed to connect to {}:{}", url.getHost(), url.getPort());
}
throw ex;
} catch (UndeclaredThrowableException ex) {
throw new IOException(ex.getUndeclaredThrowable());
} catch (Exception ex) {
throw new IOException(ex);
}
conn.setUseCaches(false);
conn.setRequestMethod(method);
if (method.equals(HTTP_POST) || method.equals(HTTP_PUT)) {
conn.setDoOutput(true);
}
conn = configureConnection(conn);
return conn;
}
use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class TestFileSystemCaching method testCacheForUgi.
@SuppressWarnings("unchecked")
@Test
public <T extends TokenIdentifier> void testCacheForUgi() throws Exception {
final Configuration conf = new Configuration();
conf.set("fs.cachedfile.impl", FileSystem.getFileSystemClass("file", null).getName());
UserGroupInformation ugiA = UserGroupInformation.createRemoteUser("foo");
UserGroupInformation ugiB = UserGroupInformation.createRemoteUser("bar");
FileSystem fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
FileSystem fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
//Since the UGIs are the same, we should have the same filesystem for both
assertSame(fsA, fsA1);
FileSystem fsB = ugiB.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
//Since the UGIs are different, we should end up with different filesystems
//corresponding to the two UGIs
assertNotSame(fsA, fsB);
Token<T> t1 = mock(Token.class);
UserGroupInformation ugiA2 = UserGroupInformation.createRemoteUser("foo");
fsA = ugiA2.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
// Although the users in the UGI are same, they have different subjects
// and so are different.
assertNotSame(fsA, fsA1);
ugiA.addToken(t1);
fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
// Make sure that different UGI's with the same subject lead to the same
// file system.
assertSame(fsA, fsA1);
}
use of java.security.PrivilegedExceptionAction in project hadoop by apache.
the class TestFileSystemCaching method testCloseAllForUGI.
@Test
public void testCloseAllForUGI() throws Exception {
final Configuration conf = new Configuration();
conf.set("fs.cachedfile.impl", FileSystem.getFileSystemClass("file", null).getName());
UserGroupInformation ugiA = UserGroupInformation.createRemoteUser("foo");
FileSystem fsA = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
//Now we should get the cached filesystem
FileSystem fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
assertSame(fsA, fsA1);
FileSystem.closeAllForUGI(ugiA);
//Now we should get a different (newly created) filesystem
fsA1 = ugiA.doAs(new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
return FileSystem.get(new URI("cachedfile://a"), conf);
}
});
assertNotSame(fsA, fsA1);
}
use of java.security.PrivilegedExceptionAction in project ranger by apache.
the class HDFSAuditDestination method logJSON.
@Override
public synchronized boolean logJSON(final Collection<String> events) {
logStatusIfRequired();
addTotalCount(events.size());
if (!initDone) {
addDeferredCount(events.size());
return false;
}
if (isStopped) {
addDeferredCount(events.size());
logError("log() called after stop was requested. name=" + getName());
return false;
}
PrintWriter out = null;
try {
if (logger.isDebugEnabled()) {
logger.debug("UGI=" + MiscUtil.getUGILoginUser() + ". Will write to HDFS file=" + currentFileName);
}
out = MiscUtil.executePrivilegedAction(new PrivilegedExceptionAction<PrintWriter>() {
@Override
public PrintWriter run() throws Exception {
PrintWriter out = getLogFileStream();
for (String event : events) {
out.println(event);
}
return out;
}
});
// flush and check the stream for errors
if (out.checkError()) {
// In theory, this count may NOT be accurate as part of the messages may have been successfully written.
// However, in practice, since client does buffering, either all of none would succeed.
addDeferredCount(events.size());
out.close();
logWriter = null;
ostream = null;
return false;
}
} catch (Throwable t) {
addDeferredCount(events.size());
logError("Error writing to log file.", t);
return false;
} finally {
logger.info("Flushing HDFS audit. Event Size:" + events.size());
if (out != null) {
out.flush();
}
}
addSuccessCount(events.size());
return true;
}
use of java.security.PrivilegedExceptionAction in project ignite by apache.
the class ConcurrentLinkedDeque8 method unsafe.
/**
* @return Instance of Unsafe class.
*/
static Unsafe unsafe() {
try {
return Unsafe.getUnsafe();
} catch (SecurityException ignored) {
try {
return AccessController.doPrivileged(new PrivilegedExceptionAction<Unsafe>() {
@Override
public Unsafe run() throws Exception {
Field f = Unsafe.class.getDeclaredField("theUnsafe");
f.setAccessible(true);
return (Unsafe) f.get(null);
}
});
} catch (PrivilegedActionException e) {
throw new RuntimeException("Could not initialize intrinsics.", e.getCause());
}
}
}
Aggregations