List of usage examples for org.apache.hadoop.security UserGroupInformation isLoginKeytabBased
@InterfaceAudience.Public @InterfaceStability.Evolving public static boolean isLoginKeytabBased() throws IOException
From source file:org.apache.zeppelin.jdbc.JDBCInterpreter.java
License:Apache License
@Override protected boolean runKerberosLogin() { try {/*from w w w .j ava 2s .com*/ if (UserGroupInformation.isLoginKeytabBased()) { UserGroupInformation.getLoginUser().reloginFromKeytab(); return true; } else if (UserGroupInformation.isLoginTicketBased()) { UserGroupInformation.getLoginUser().reloginFromTicketCache(); return true; } } catch (Exception e) { logger.error("Unable to run kinit for zeppelin", e); } return false; }
From source file:org.apache.zeppelin.jdbc.security.JDBCSecurityImpl.java
License:Apache License
/*** * @param properties// w w w . j av a2s . com */ public static void createSecureConfiguration(Properties properties, AuthenticationMethod authType) { switch (authType) { case KERBEROS: Configuration conf = new org.apache.hadoop.conf.Configuration(); conf.set("hadoop.security.authentication", KERBEROS.toString()); UserGroupInformation.setConfiguration(conf); try { // Check TGT before calling login // Ref: https://github.com/apache/hadoop/blob/release-3.0.1-RC1/hadoop-common-project/ // hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L1232 if (!UserGroupInformation.isSecurityEnabled() || UserGroupInformation.getCurrentUser().getAuthenticationMethod() != KERBEROS || !UserGroupInformation.isLoginKeytabBased()) { UserGroupInformation.loginUserFromKeytab(properties.getProperty("zeppelin.jdbc.principal"), properties.getProperty("zeppelin.jdbc.keytab.location")); } else { LOGGER.info( "The user has already logged in using Keytab and principal, " + "no action required"); } } catch (IOException e) { LOGGER.error("Failed to get either keytab location or principal name in the " + "interpreter", e); } } }
From source file:ruciotools.WebRucioGrep.java
License:Apache License
/** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) *///www. j av a 2 s . com protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { final PrintWriter out = response.getWriter(); Enumeration<String> parameterNames = request.getParameterNames(); List<String> params = new ArrayList<String>(); while (parameterNames.hasMoreElements()) { String paramName = parameterNames.nextElement(); for (String v : request.getParameterValues(paramName)) { params.add("-" + paramName); params.add(v); } } final String[] args = new String[params.size()]; params.toArray(args); FileSystem fs = DistributedFileSystem.get(new Configuration()); FSDataOutputStream of1 = fs.create(new Path("/user/rucio01/log/test-MR-before.ralph")); of1.write(new String("ralph").getBytes()); of1.close(); System.out.println("--------------status---:" + UserGroupInformation.isLoginKeytabBased()); System.out.println("--------------current user---:" + UserGroupInformation.getCurrentUser()); UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); boolean isKeyTab = false; //ugi.isFromKeytab(); if (isKeyTab) { ugi.checkTGTAndReloginFromKeytab(); } else { UserGroupInformation.loginUserFromKeytab("rucio01", "/etc/hadoop/conf/rucio01.keytab"); isKeyTab = UserGroupInformation.isLoginKeytabBased(); if (isKeyTab) { ugi = UserGroupInformation.getCurrentUser(); } } System.out.println("---------AFTER LOGIN-----:"); System.out.println("--------------status---:" + UserGroupInformation.isLoginKeytabBased()); System.out.println("--------------current user---:" + UserGroupInformation.getCurrentUser()); //FileSystem fs = DistributedFileSystem.get(new Configuration()); FSDataOutputStream of = fs.create(new Path("/user/rucio01/log/test-MR-outer.ralph")); of.write(new String("ralph").getBytes()); of.close(); try { ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { FileSystem fs = DistributedFileSystem.get(new Configuration()); FSDataOutputStream of = fs.create(new Path("/user/rucio01/log/test-MR-inner.ralph")); of.write(new String("ralph").getBytes()); of.close(); // Verify input parameters Map<String, Object> settings = Grep.parseCommandLineArguments(args); if ((Boolean) settings.get("printUsage")) { out.println((String) settings.get("errorMessage")); out.println(Grep.printUsage()); return null; } // Derive tmp dir for job output settings.put("tempDir", new Path("rucio-grep-" + Integer.toString(new Random().nextInt(Integer.MAX_VALUE)))); // Execute MR job try { if (!Grep.runJob(settings)) { out.println("Something went wrong :-(\n"); out.println( "Hints: (1) do not redirect stderr to /dev/null (2) consider setting -excludeTmpFiles in case of IOExceptions\n"); } } catch (Exception e) { out.println(e); return null; } try { out.println(Grep.getResults(settings)); } catch (Exception e) { out.println("No job output found in " + settings.get("tempDir").toString()); out.println(e); } return null; } }); } catch (Exception e) { System.out.println(e); } }