List of usage examples for org.apache.hadoop.security.authentication.server AuthenticationFilter COOKIE_PATH
String COOKIE_PATH
To view the source code for org.apache.hadoop.security.authentication.server AuthenticationFilter COOKIE_PATH.
Click Source Link
From source file:com.trendmicro.hdfs.webdav.AuthFilter.java
License:Apache License
/** * Return an Alfredo configuration from the webdav authentication conf * properties/*from w ww . j a v a 2s . co m*/ */ @Override protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) { Properties props = new Properties(); props.setProperty(AuthenticationFilter.COOKIE_PATH, "/"); for (Map.Entry<String, String> e : conf) { String name = e.getKey(); if (name.startsWith(CONF_PREFIX)) { String value = conf.get(name); name = name.substring(CONF_PREFIX.length()); props.setProperty(name, value); } } return props; }
From source file:org.apache.atlas.web.filters.AtlasAuthenticationFilter.java
License:Apache License
@Override protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) throws ServletException { Configuration configuration;//from w w w.j a v a2 s. co m try { configuration = ApplicationProperties.get(); } catch (Exception e) { throw new ServletException(e); } // transfer atlas-application.properties config items starting with defined prefix Configuration subConfiguration = ApplicationProperties.getSubsetConfiguration(configuration, PREFIX); Properties config = ConfigurationConverter.getProperties(subConfiguration); config.put(AuthenticationFilter.COOKIE_PATH, "/"); // add any config passed in as init parameters Enumeration<String> enumeration = filterConfig.getInitParameterNames(); while (enumeration.hasMoreElements()) { String name = enumeration.nextElement(); config.put(name, filterConfig.getInitParameter(name)); } //Resolve _HOST into bind address String bindAddress = configuration.getString(SecurityProperties.BIND_ADDRESS); if (bindAddress == null) { LOG.info("No host name configured. Defaulting to local host name."); try { bindAddress = InetAddress.getLocalHost().getHostName(); } catch (UnknownHostException e) { throw new ServletException("Unable to obtain host name", e); } } String principal = config.getProperty(KerberosAuthenticationHandler.PRINCIPAL); if (principal != null) { try { principal = SecurityUtil.getServerPrincipal(principal, bindAddress); } catch (IOException ex) { throw new RuntimeException("Could not resolve Kerberos principal name: " + ex.toString(), ex); } config.put(KerberosAuthenticationHandler.PRINCIPAL, principal); } LOG.info("AuthenticationFilterConfig: {}", config); return config; }
From source file:org.apache.falcon.security.BasicAuthFilter.java
License:Apache License
/** * Returns the configuration from Oozie configuration to be used by the authentication filter. * <p/>// w w w .ja v a 2 s . c om * All properties from Oozie configuration which name starts with {@link #FALCON_PREFIX} will * be returned. The keys of the returned properties are trimmed from the {@link #FALCON_PREFIX} * prefix, for example the Oozie configuration property name 'oozie.authentication.type' will * be just 'type'. * * @param configPrefix configuration prefix, this parameter is ignored by this implementation. * @param filterConfig filter configuration, this parameter is ignored by this implementation. * @return all Oozie configuration properties prefixed with {@link #FALCON_PREFIX}, without the * prefix. */ @Override protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) { Properties authProperties = new Properties(); Properties configProperties = StartupProperties.get(); // setting the cookie path to root '/' so it is used for all resources. authProperties.setProperty(AuthenticationFilter.COOKIE_PATH, "/"); for (Map.Entry entry : configProperties.entrySet()) { String name = (String) entry.getKey(); if (name.startsWith(FALCON_PREFIX)) { String value = (String) entry.getValue(); name = name.substring(FALCON_PREFIX.length()); authProperties.setProperty(name, value); } } if (UserGroupInformation.isSecurityEnabled()) { // replace _HOST in principal String principal = getKerberosPrincipalWithSubstitutedHost(configProperties); // principal cannot be null in secure mode, is validated in submission authProperties.setProperty(KerberosAuthenticationHandler.PRINCIPAL, principal); } return authProperties; }
From source file:org.apache.oozie.servlet.AuthFilter.java
License:Apache License
/** * Returns the configuration from Oozie configuration to be used by the authentication filter. * <p>// w ww .j av a 2 s . com * All properties from Oozie configuration which name starts with {@link #OOZIE_PREFIX} will * be returned. The keys of the returned properties are trimmed from the {@link #OOZIE_PREFIX} * prefix, for example the Oozie configuration property name 'oozie.authentication.type' will * be just 'type'. * * @param configPrefix configuration prefix, this parameter is ignored by this implementation. * @param filterConfig filter configuration, this parameter is ignored by this implementation. * @return all Oozie configuration properties prefixed with {@link #OOZIE_PREFIX}, without the * prefix. */ @Override protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) { Properties props = new Properties(); Configuration conf = Services.get().getConf(); //setting the cookie path to root '/' so it is used for all resources. props.setProperty(AuthenticationFilter.COOKIE_PATH, "/"); for (Map.Entry<String, String> entry : conf) { String name = entry.getKey(); if (name.startsWith(OOZIE_PREFIX)) { String value = conf.get(name); name = name.substring(OOZIE_PREFIX.length()); if (name.equals(KERBEROS_PRINCIPAL_CONFIG)) { String hostName = "localhost"; String principal = value; try { hostName = InetAddress.getLocalHost().getCanonicalHostName(); principal = SecurityUtil.getServerPrincipal(value, hostName); } catch (IOException ioe) { // ignore. } props.setProperty(name, principal); } else { props.setProperty(name, value); } } } // If using HA, we need to set some extra configs for the ZKSignerSecretProvider. No need to bother the user with these // details, so we'll set them for the user (unless the user really wants to set them) if (Services.get().get(JobsConcurrencyService.class).isHighlyAvailableMode()) { if (!props.containsKey("signer.secret.provider")) { props.setProperty("signer.secret.provider", "zookeeper"); } if (!props.containsKey("signer.secret.provider.zookeeper.path")) { props.setProperty("signer.secret.provider.zookeeper.path", ZKUtils.ZK_BASE_SERVICES_PATH + "/signersecrets"); } props.setProperty("signer.secret.provider.zookeeper.disconnect.on.shutdown", "false"); } return props; }