Examples with PolicyProvider org.apache.hadoop.security.authorize.PolicyProvider used on opensource projects

Search in sources :

Example 1 with PolicyProvider

use of org.apache.hadoop.security.authorize.PolicyProvider in project hadoop by apache.

the class AdminService method refreshServiceAcls.

private void refreshServiceAcls() throws IOException, YarnException {
    PolicyProvider policyProvider = RMPolicyProvider.getInstance();
    Configuration conf = getConfiguration(new Configuration(false), YarnConfiguration.HADOOP_POLICY_CONFIGURATION_FILE);
    refreshServiceAcls(conf, policyProvider);
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DynamicResourceConfiguration(org.apache.hadoop.yarn.server.resourcemanager.resource.DynamicResourceConfiguration) YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration) PolicyProvider(org.apache.hadoop.security.authorize.PolicyProvider) RMPolicyProvider(org.apache.hadoop.yarn.server.resourcemanager.security.authorize.RMPolicyProvider)

Example 2 with PolicyProvider

use of org.apache.hadoop.security.authorize.PolicyProvider in project apex-core by apache.

the class StreamingContainerParent method startRpcServer.

protected void startRpcServer() {
    Configuration conf = getConfig();
    LOG.info("Config: " + conf);
    LOG.info("Listener thread count " + listenerThreadCount);
    try {
        server = new RPC.Builder(conf).setProtocol(StreamingContainerUmbilicalProtocol.class).setInstance(this).setBindAddress("0.0.0.0").setPort(0).setNumHandlers(listenerThreadCount).setSecretManager(tokenSecretManager).setVerbose(false).build();
        // Enable service authorization?
        if (conf.getBoolean(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION, false)) {
            //refreshServiceAcls(conf, new MRAMPolicyProvider());
            server.refreshServiceAcl(conf, new PolicyProvider() {

                @Override
                public Service[] getServices() {
                    return (new Service[] { new Service(StreamingContainerUmbilicalProtocol.class.getName(), StreamingContainerUmbilicalProtocol.class) });
                }
            });
        }
        server.start();
        this.address = NetUtils.getConnectAddress(server);
        LOG.info("Container callback server listening at " + this.address);
    } catch (IOException e) {
        throw new YarnRuntimeException(e);
    }
}
Also used : YarnRuntimeException(org.apache.hadoop.yarn.exceptions.YarnRuntimeException) Configuration(org.apache.hadoop.conf.Configuration) RPC(org.apache.hadoop.ipc.RPC) PolicyProvider(org.apache.hadoop.security.authorize.PolicyProvider) Service(org.apache.hadoop.security.authorize.Service) StreamingContainerUmbilicalProtocol(com.datatorrent.stram.api.StreamingContainerUmbilicalProtocol) IOException(java.io.IOException)

Example 3 with PolicyProvider

use of org.apache.hadoop.security.authorize.PolicyProvider in project hbase by apache.

the class TestTokenAuthentication method setupBeforeClass.

@BeforeClass
public static void setupBeforeClass() throws Exception {
    TEST_UTIL = new HBaseTestingUtility();
    TEST_UTIL.startMiniZKCluster();
    // register token type for protocol
    SecurityInfo.addInfo(AuthenticationProtos.AuthenticationService.getDescriptor().getName(), new SecurityInfo("hbase.test.kerberos.principal", AuthenticationProtos.TokenIdentifier.Kind.HBASE_AUTH_TOKEN));
    // security settings only added after startup so that ZK does not require SASL
    Configuration conf = TEST_UTIL.getConfiguration();
    conf.set("hadoop.security.authentication", "kerberos");
    conf.set("hbase.security.authentication", "kerberos");
    conf.setBoolean(HADOOP_SECURITY_AUTHORIZATION, true);
    server = new TokenServer(conf);
    serverThread = new Thread(server);
    Threads.setDaemonThreadRunning(serverThread, "TokenServer:" + server.getServerName().toString());
    // wait for startup
    while (!server.isStarted() && !server.isStopped()) {
        Thread.sleep(10);
    }
    server.rpcServer.refreshAuthManager(new PolicyProvider() {

        @Override
        public Service[] getServices() {
            return new Service[] { new Service("security.client.protocol.acl", AuthenticationProtos.AuthenticationService.BlockingInterface.class) };
        }
    });
    ZKClusterId.setClusterId(server.getZooKeeper(), clusterId);
    secretManager = (AuthenticationTokenSecretManager) server.getSecretManager();
    while (secretManager.getCurrentKey() == null) {
        Thread.sleep(1);
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HBaseTestingUtility(org.apache.hadoop.hbase.HBaseTestingUtility) AuthenticationProtos(org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos) PolicyProvider(org.apache.hadoop.security.authorize.PolicyProvider) Service(org.apache.hadoop.security.authorize.Service) BlockingService(com.google.protobuf.BlockingService) ChoreService(org.apache.hadoop.hbase.ChoreService) ExecutorService(java.util.concurrent.ExecutorService) SecurityInfo(org.apache.hadoop.hbase.security.SecurityInfo) BeforeClass(org.junit.BeforeClass)

Example 4 with PolicyProvider

use of org.apache.hadoop.security.authorize.PolicyProvider in project hadoop by apache.

the class AdminService method refreshActiveServicesAcls.

private void refreshActiveServicesAcls() throws IOException, YarnException {
    PolicyProvider policyProvider = RMPolicyProvider.getInstance();
    Configuration conf = getConfiguration(new Configuration(false), YarnConfiguration.HADOOP_POLICY_CONFIGURATION_FILE);
    rmContext.getClientRMService().refreshServiceAcls(conf, policyProvider);
    rmContext.getApplicationMasterService().refreshServiceAcls(conf, policyProvider);
    rmContext.getResourceTrackerService().refreshServiceAcls(conf, policyProvider);
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DynamicResourceConfiguration(org.apache.hadoop.yarn.server.resourcemanager.resource.DynamicResourceConfiguration) YarnConfiguration(org.apache.hadoop.yarn.conf.YarnConfiguration) PolicyProvider(org.apache.hadoop.security.authorize.PolicyProvider) RMPolicyProvider(org.apache.hadoop.yarn.server.resourcemanager.security.authorize.RMPolicyProvider)

Aggregations

Configuration (org.apache.hadoop.conf.Configuration)4 PolicyProvider (org.apache.hadoop.security.authorize.PolicyProvider)4 Service (org.apache.hadoop.security.authorize.Service)2 YarnConfiguration (org.apache.hadoop.yarn.conf.YarnConfiguration)2 DynamicResourceConfiguration (org.apache.hadoop.yarn.server.resourcemanager.resource.DynamicResourceConfiguration)2 RMPolicyProvider (org.apache.hadoop.yarn.server.resourcemanager.security.authorize.RMPolicyProvider)2 StreamingContainerUmbilicalProtocol (com.datatorrent.stram.api.StreamingContainerUmbilicalProtocol)1 BlockingService (com.google.protobuf.BlockingService)1 IOException (java.io.IOException)1 ExecutorService (java.util.concurrent.ExecutorService)1 ChoreService (org.apache.hadoop.hbase.ChoreService)1 HBaseTestingUtility (org.apache.hadoop.hbase.HBaseTestingUtility)1 AuthenticationProtos (org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos)1 SecurityInfo (org.apache.hadoop.hbase.security.SecurityInfo)1 RPC (org.apache.hadoop.ipc.RPC)1 YarnRuntimeException (org.apache.hadoop.yarn.exceptions.YarnRuntimeException)1 BeforeClass (org.junit.BeforeClass)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial