List of usage examples for org.apache.hadoop.security.authorize AccessControlList isUserAllowed
public boolean isUserAllowed(UserGroupInformation ugi)
From source file:org.apache.hive.http.HttpServer.java
License:Apache License
/** * Get the admin ACLs from the given ServletContext and check if the given * user is in the ACL./*from w ww .j a v a 2 s . c o m*/ * * @param servletContext the context containing the admin ACL. * @param remoteUser the remote user to check for. * @return true if the user is present in the ACL, false if no ACL is set or * the user is not present */ static boolean userHasAdministratorAccess(ServletContext servletContext, String remoteUser) { AccessControlList adminsAcl = (AccessControlList) servletContext.getAttribute(ADMINS_ACL); UserGroupInformation remoteUserUGI = UserGroupInformation.createRemoteUser(remoteUser); return adminsAcl != null && adminsAcl.isUserAllowed(remoteUserUGI); }
From source file:probos.TestStaticMethods.java
License:Open Source License
@Test public void testPolicy() throws Exception { Configuration c = new Configuration(); ServiceAuthorizationManager sam = new ServiceAuthorizationManager(); System.setProperty("hadoop.policy.file", "probos-policy.xml"); sam.refreshWithLoadedConfiguration(c, new ControllerPolicyProvider()); AccessControlList acl = sam.getProtocolsAcls(PBSClient.class); assertNotNull(acl);//from ww w . j a v a 2 s .c om assertEquals("*", acl.getAclString()); assertTrue(acl .isUserAllowed(UserGroupInformation.createUserForTesting("testUser", new String[] { "mygroup" }))); sam.authorize(UserGroupInformation.getCurrentUser(), PBSClient.class, c, InetAddress.getLocalHost()); }