Search in sources :

Example 1 with AccessController

use of org.apache.hadoop.hbase.security.access.AccessController in project hbase by apache.

the class MasterRpcServices method getSecurityCapabilities.

/**
   * Returns the security capabilities in effect on the cluster
   */
@Override
public SecurityCapabilitiesResponse getSecurityCapabilities(RpcController controller, SecurityCapabilitiesRequest request) throws ServiceException {
    SecurityCapabilitiesResponse.Builder response = SecurityCapabilitiesResponse.newBuilder();
    try {
        master.checkInitialized();
        Set<Capability> capabilities = new HashSet<>();
        // Authentication
        if (User.isHBaseSecurityEnabled(master.getConfiguration())) {
            capabilities.add(Capability.SECURE_AUTHENTICATION);
        } else {
            capabilities.add(Capability.SIMPLE_AUTHENTICATION);
        }
        // The AccessController can provide AUTHORIZATION and CELL_AUTHORIZATION
        if (master.cpHost != null && master.cpHost.findCoprocessor(AccessController.class.getName()) != null) {
            if (AccessController.isAuthorizationSupported(master.getConfiguration())) {
                capabilities.add(Capability.AUTHORIZATION);
            }
            if (AccessController.isCellAuthorizationSupported(master.getConfiguration())) {
                capabilities.add(Capability.CELL_AUTHORIZATION);
            }
        }
        // The VisibilityController can provide CELL_VISIBILITY
        if (master.cpHost != null && master.cpHost.findCoprocessor(VisibilityController.class.getName()) != null) {
            if (VisibilityController.isCellAuthorizationSupported(master.getConfiguration())) {
                capabilities.add(Capability.CELL_VISIBILITY);
            }
        }
        response.addAllCapabilities(capabilities);
    } catch (IOException e) {
        throw new ServiceException(e);
    }
    return response.build();
}
Also used : AccessController(org.apache.hadoop.hbase.security.access.AccessController) Capability(org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos.SecurityCapabilitiesResponse.Capability) ServiceException(org.apache.hadoop.hbase.shaded.com.google.protobuf.ServiceException) SecurityCapabilitiesResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos.SecurityCapabilitiesResponse) IOException(java.io.IOException) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) VisibilityController(org.apache.hadoop.hbase.security.visibility.VisibilityController) HashSet(java.util.HashSet)

Aggregations

IOException (java.io.IOException)1 HashSet (java.util.HashSet)1 DoNotRetryIOException (org.apache.hadoop.hbase.DoNotRetryIOException)1 AccessController (org.apache.hadoop.hbase.security.access.AccessController)1 VisibilityController (org.apache.hadoop.hbase.security.visibility.VisibilityController)1 ServiceException (org.apache.hadoop.hbase.shaded.com.google.protobuf.ServiceException)1 SecurityCapabilitiesResponse (org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos.SecurityCapabilitiesResponse)1 Capability (org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos.SecurityCapabilitiesResponse.Capability)1