Examples with RegistrySecurity org.apache.hadoop.registry.client.impl.zk.RegistrySecurity used on opensource projects

Example 1 with RegistrySecurity

use of org.apache.hadoop.registry.client.impl.zk.RegistrySecurity in project hadoop by apache.

the class RegistryAdminService method aclsForUser.

/**
   * Set up the ACL for the user.
   * <b>Important: this must run client-side as it needs
   * to know the id:pass tuple for a user</b>
   * @param username user name
   * @param perms permissions
   * @return an ACL list
   * @throws IOException ACL creation/parsing problems
   */
public List<ACL> aclsForUser(String username, int perms) throws IOException {
    List<ACL> clientACLs = getClientAcls();
    RegistrySecurity security = getRegistrySecurity();
    if (security.isSecureRegistry()) {
        clientACLs.add(security.createACLfromUsername(username, perms));
    }
    return clientACLs;
}

Example 2 with RegistrySecurity

use of org.apache.hadoop.registry.client.impl.zk.RegistrySecurity in project hadoop by apache.

the class TestRegistrySecurityHelper method testSecurityImpliesKerberos.

@Test
public void testSecurityImpliesKerberos() throws Throwable {
    Configuration conf = new Configuration();
    conf.setBoolean("hadoop.security.authentication", true);
    conf.setBoolean(KEY_REGISTRY_SECURE, true);
    conf.set(KEY_REGISTRY_KERBEROS_REALM, "KERBEROS");
    RegistrySecurity security = new RegistrySecurity("registry security");
    try {
        security.init(conf);
    } catch (Exception e) {
        assertTrue("did not find " + RegistrySecurity.E_NO_KERBEROS + " in " + e, e.toString().contains(RegistrySecurity.E_NO_KERBEROS));
    }
}

Example 3 with RegistrySecurity

use of org.apache.hadoop.registry.client.impl.zk.RegistrySecurity in project hadoop by apache.

the class RegistryAdminService method serviceInit.

/**
   * Init operation sets up the system ACLs.
   * @param conf configuration of the service
   * @throws Exception
   */
@Override
protected void serviceInit(Configuration conf) throws Exception {
    super.serviceInit(conf);
    RegistrySecurity registrySecurity = getRegistrySecurity();
    if (registrySecurity.isSecureRegistry()) {
        ACL sasl = registrySecurity.createSaslACLFromCurrentUser(ZooDefs.Perms.ALL);
        registrySecurity.addSystemACL(sasl);
        LOG.info("Registry System ACLs:", RegistrySecurity.aclsToString(registrySecurity.getSystemACLs()));
    }
}

Example 4 with RegistrySecurity

use of org.apache.hadoop.registry.client.impl.zk.RegistrySecurity in project hadoop by apache.

the class AbstractSecureRegistryTest method beforeSecureRegistryTestClass.

/**
   * All class initialization for this test class
   * @throws Exception
   */
@BeforeClass
public static void beforeSecureRegistryTestClass() throws Exception {
    registrySecurity = new RegistrySecurity("registrySecurity");
    registrySecurity.init(CONF);
    setupKDCAndPrincipals();
    RegistrySecurity.clearJaasSystemProperties();
    RegistrySecurity.bindJVMtoJAASFile(jaasFile);
    initHadoopSecurity();
}

Example 5 with RegistrySecurity

use of org.apache.hadoop.registry.client.impl.zk.RegistrySecurity in project hadoop by apache.

the class TestRegistrySecurityHelper method setupTestRegistrySecurityHelper.

@BeforeClass
public static void setupTestRegistrySecurityHelper() throws IOException {
    Configuration conf = new Configuration();
    conf.setBoolean(KEY_REGISTRY_SECURE, true);
    conf.set(KEY_REGISTRY_KERBEROS_REALM, "KERBEROS");
    registrySecurity = new RegistrySecurity("");
    // init the ACLs OUTSIDE A KERBEROS CLUSTER
    registrySecurity.init(conf);
}