Example 6 with AuthenticationMethod
use of org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod in project hbase by apache.
the class TokenProvider method whoAmI.
@Override
public void whoAmI(RpcController controller, AuthenticationProtos.WhoAmIRequest request, RpcCallback<AuthenticationProtos.WhoAmIResponse> done) {
User requestUser = RpcServer.getRequestUser();
AuthenticationProtos.WhoAmIResponse.Builder response = AuthenticationProtos.WhoAmIResponse.newBuilder();
if (requestUser != null) {
response.setUsername(requestUser.getShortName());
AuthenticationMethod method = requestUser.getUGI().getAuthenticationMethod();
if (method != null) {
response.setAuthMethod(method.name());
}
}
done.run(response.build());
}
Also used :
User(org.apache.hadoop.hbase.security.User)
AuthenticationMethod(org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)
Example 7 with AuthenticationMethod
use of org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod in project hadoop by apache.
the class TestRMAppTransitions method setUp.
@Before
public void setUp() throws Exception {
conf = new YarnConfiguration();
AuthenticationMethod authMethod = AuthenticationMethod.SIMPLE;
if (isSecurityEnabled) {
authMethod = AuthenticationMethod.KERBEROS;
}
SecurityUtil.setAuthenticationMethod(authMethod, conf);
UserGroupInformation.setConfiguration(conf);
rmDispatcher = new DrainDispatcher();
ContainerAllocationExpirer containerAllocationExpirer = mock(ContainerAllocationExpirer.class);
AMLivelinessMonitor amLivelinessMonitor = mock(AMLivelinessMonitor.class);
AMLivelinessMonitor amFinishingMonitor = mock(AMLivelinessMonitor.class);
store = mock(RMStateStore.class);
writer = mock(RMApplicationHistoryWriter.class);
DelegationTokenRenewer renewer = mock(DelegationTokenRenewer.class);
RMContext realRMContext = new RMContextImpl(rmDispatcher, containerAllocationExpirer, amLivelinessMonitor, amFinishingMonitor, renewer, new AMRMTokenSecretManager(conf, this.rmContext), new RMContainerTokenSecretManager(conf), new NMTokenSecretManagerInRM(conf), new ClientToAMTokenSecretManagerInRM());
((RMContextImpl) realRMContext).setStateStore(store);
publisher = mock(SystemMetricsPublisher.class);
realRMContext.setSystemMetricsPublisher(publisher);
realRMContext.setRMApplicationHistoryWriter(writer);
this.rmContext = spy(realRMContext);
ResourceScheduler resourceScheduler = mock(ResourceScheduler.class);
doReturn(null).when(resourceScheduler).getAppResourceUsageReport((ApplicationAttemptId) Matchers.any());
doReturn(resourceScheduler).when(rmContext).getScheduler();
doReturn(mock(RMTimelineCollectorManager.class)).when(rmContext).getRMTimelineCollectorManager();
rmDispatcher.register(RMAppAttemptEventType.class, new TestApplicationAttemptEventDispatcher(this.rmContext));
rmDispatcher.register(RMAppEventType.class, new TestApplicationEventDispatcher(rmContext));
rmDispatcher.register(RMAppManagerEventType.class, new TestApplicationManagerEventDispatcher());
schedulerDispatcher = new TestSchedulerEventDispatcher();
rmDispatcher.register(SchedulerEventType.class, schedulerDispatcher);
rmDispatcher.init(conf);
rmDispatcher.start();
}
Also used :
DrainDispatcher(org.apache.hadoop.yarn.event.DrainDispatcher)
RMContext(org.apache.hadoop.yarn.server.resourcemanager.RMContext)
RMStateStore(org.apache.hadoop.yarn.server.resourcemanager.recovery.RMStateStore)
ClientToAMTokenSecretManagerInRM(org.apache.hadoop.yarn.server.resourcemanager.security.ClientToAMTokenSecretManagerInRM)
ContainerAllocationExpirer(org.apache.hadoop.yarn.server.resourcemanager.rmcontainer.ContainerAllocationExpirer)
RMApplicationHistoryWriter(org.apache.hadoop.yarn.server.resourcemanager.ahs.RMApplicationHistoryWriter)
AuthenticationMethod(org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)
AMRMTokenSecretManager(org.apache.hadoop.yarn.server.resourcemanager.security.AMRMTokenSecretManager)
NMTokenSecretManagerInRM(org.apache.hadoop.yarn.server.resourcemanager.security.NMTokenSecretManagerInRM)
DelegationTokenRenewer(org.apache.hadoop.yarn.server.resourcemanager.security.DelegationTokenRenewer)
RMTimelineCollectorManager(org.apache.hadoop.yarn.server.resourcemanager.timelineservice.RMTimelineCollectorManager)
YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration)
SystemMetricsPublisher(org.apache.hadoop.yarn.server.resourcemanager.metrics.SystemMetricsPublisher)
AMLivelinessMonitor(org.apache.hadoop.yarn.server.resourcemanager.rmapp.attempt.AMLivelinessMonitor)
ResourceScheduler(org.apache.hadoop.yarn.server.resourcemanager.scheduler.ResourceScheduler)
RMContainerTokenSecretManager(org.apache.hadoop.yarn.server.resourcemanager.security.RMContainerTokenSecretManager)
RMContextImpl(org.apache.hadoop.yarn.server.resourcemanager.RMContextImpl)
Before(org.junit.Before)
Example 8 with AuthenticationMethod
use of org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod in project zeppelin by apache.
the class JDBCSecurityImpl method createSecureConfiguration.
/***
* @param properties
*/
public static void createSecureConfiguration(Properties properties) {
AuthenticationMethod authType = getAuthtype(properties);
switch(authType) {
case KERBEROS:
Configuration conf = new org.apache.hadoop.conf.Configuration();
conf.set("hadoop.security.authentication", KERBEROS.toString());
UserGroupInformation.setConfiguration(conf);
try {
UserGroupInformation.loginUserFromKeytab(properties.getProperty("zeppelin.jdbc.principal"), properties.getProperty("zeppelin.jdbc.keytab.location"));
} catch (IOException e) {
LOGGER.error("Failed to get either keytab location or principal name in the " + "interpreter", e);
}
}
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
AuthenticationMethod(org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)
IOException(java.io.IOException)
Example 9 with AuthenticationMethod
use of org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod in project hive by apache.
the class HadoopThriftAuthBridge method loginUserHasCurrentAuthMethod.
/**
* Return true if the current login user is already using the given authMethod.
*
* Used above to ensure we do not create a new Configuration object and as such
* lose other settings such as the cluster to which the JVM is connected. Required
* for oozie since it does not have a core-site.xml see HIVE-7682
*/
private boolean loginUserHasCurrentAuthMethod(UserGroupInformation ugi, String sAuthMethod) {
AuthenticationMethod authMethod;
try {
// based on SecurityUtil.getAuthenticationMethod()
authMethod = Enum.valueOf(AuthenticationMethod.class, sAuthMethod.toUpperCase(Locale.ENGLISH));
} catch (IllegalArgumentException iae) {
throw new IllegalArgumentException("Invalid attribute value for " + HADOOP_SECURITY_AUTHENTICATION + " of " + sAuthMethod, iae);
}
LOG.debug("Current authMethod = " + ugi.getAuthenticationMethod());
return ugi.getAuthenticationMethod().equals(authMethod);
}
Also used :
AuthenticationMethod(org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)
Example 10 with AuthenticationMethod
use of org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod in project hadoop by apache.
the class FSNamesystem method getConnectionAuthenticationMethod.
/**
* Returns authentication method used to establish the connection
* @return AuthenticationMethod used to establish connection
* @throws IOException
*/
private AuthenticationMethod getConnectionAuthenticationMethod() throws IOException {
UserGroupInformation ugi = getRemoteUser();
AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
if (authMethod == AuthenticationMethod.PROXY) {
authMethod = ugi.getRealUser().getAuthenticationMethod();
}
return authMethod;
}
Also used :
AuthenticationMethod(org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
Aggregations
AuthenticationMethod (org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod)10
IOException (java.io.IOException)3
Test (org.junit.Test)3
Configuration (org.apache.hadoop.conf.Configuration)2
YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)2
RMContextImpl (org.apache.hadoop.yarn.server.resourcemanager.RMContextImpl)2
RMApplicationHistoryWriter (org.apache.hadoop.yarn.server.resourcemanager.ahs.RMApplicationHistoryWriter)2
SystemMetricsPublisher (org.apache.hadoop.yarn.server.resourcemanager.metrics.SystemMetricsPublisher)2
RMStateStore (org.apache.hadoop.yarn.server.resourcemanager.recovery.RMStateStore)2
ContainerAllocationExpirer (org.apache.hadoop.yarn.server.resourcemanager.rmcontainer.ContainerAllocationExpirer)2
ResourceScheduler (org.apache.hadoop.yarn.server.resourcemanager.scheduler.ResourceScheduler)2
RMContainerTokenSecretManager (org.apache.hadoop.yarn.server.resourcemanager.security.RMContainerTokenSecretManager)2
Before (org.junit.Before)2
ArrayList (java.util.ArrayList)1
User (org.apache.hadoop.hbase.security.User)1
AuthMethod (org.apache.hadoop.security.SaslRpcServer.AuthMethod)1
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)1
ApplicationAttemptId (org.apache.hadoop.yarn.api.records.ApplicationAttemptId)1
ApplicationId (org.apache.hadoop.yarn.api.records.ApplicationId)1
ApplicationResourceUsageReport (org.apache.hadoop.yarn.api.records.ApplicationResourceUsageReport)1
