List of usage examples for org.apache.hadoop.security Groups getGroups
public List<String> getGroups(final String user) throws IOException
From source file:org.apache.atlas.web.security.AtlasAbstractAuthenticationProvider.java
License:Apache License
public static List<GrantedAuthority> getAuthoritiesFromUGI(String userName) { List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>(); UserGroupInformation ugi = UserGroupInformation.createRemoteUser(userName); if (ugi != null) { String[] userGroups = ugi.getGroupNames(); if (userGroups != null) { for (String group : userGroups) { grantedAuths.add(new SimpleGrantedAuthority(group)); }/*from w ww. ja v a2s.c o m*/ } } // if group empty take groups from UGI LDAP-based group mapping if (grantedAuths != null && grantedAuths.isEmpty()) { try { Configuration config = new Configuration(); Groups gp = new Groups(config); List<String> userGroups = gp.getGroups(userName); if (userGroups != null) { for (String group : userGroups) { grantedAuths.add(new SimpleGrantedAuthority(group)); } } } catch (java.io.IOException e) { LOG.error("Exception while fetching groups ", e); } } return grantedAuths; }
From source file:org.apache.hive.hcatalog.templeton.ProxyUserSupport.java
License:Apache License
private static void validateGroup(String proxyUser, String doAsUser) throws NotAuthorizedException { Set<String> validGroups = proxyUserGroups.get(proxyUser); if (validGroups == WILD_CARD) { return;//from ww w . ja v a2s . c o m } else if (validGroups == null || validGroups.isEmpty()) { throw new NotAuthorizedException( MessageFormat.format("Unauthorized proxyuser [{0}] for doAsUser [{1}], not in proxyuser groups", proxyUser, doAsUser)); } Groups groupsInfo = new Groups(Main.getAppConfigInstance()); try { List<String> userGroups = groupsInfo.getGroups(doAsUser); for (String g : validGroups) { if (userGroups.contains(g)) { return; } } } catch (IOException ex) {//thrown, for example, if there is no such user on the system LOG.warn(MessageFormat.format("Unable to get list of groups for doAsUser [{0}].", doAsUser), ex); } throw new NotAuthorizedException(MessageFormat.format( "Unauthorized proxyuser [{0}] for doAsUser [{1}], not in proxyuser groups", proxyUser, doAsUser)); }
From source file:org.apache.solr.cloud.TestSolrCloudWithSecureImpersonation.java
License:Apache License
private static String getUsersFirstGroup() throws Exception { String group = "*"; // accept any group if a group can't be found if (!Constants.WINDOWS) { // does not work on Windows! org.apache.hadoop.security.Groups hGroups = new org.apache.hadoop.security.Groups(new Configuration()); try {//from w w w. j a v a 2 s. c o m List<String> g = hGroups.getGroups(System.getProperty("user.name")); if (g != null && g.size() > 0) { group = g.get(0); } } catch (NullPointerException npe) { // if user/group doesn't exist on test box } } return group; }
From source file:org.apache.solr.security.hadoop.ImpersonationUtil.java
License:Apache License
static String getUsersFirstGroup() throws Exception { String group = "*"; // accept any group if a group can't be found if (!Constants.WINDOWS) { // does not work on Windows! org.apache.hadoop.security.Groups hGroups = new org.apache.hadoop.security.Groups(new Configuration()); try {/*from www . ja v a2s.c om*/ List<String> g = hGroups.getGroups(System.getProperty("user.name")); if (g != null && g.size() > 0) { group = g.get(0); } } catch (NullPointerException npe) { // if user/group doesn't exist on test box } } return group; }