本文整理汇总了Java中org.apache.hadoop.security.UserGroupInformation.createProxyUser方法的典型用法代码示例。如果您正苦于以下问题:Java UserGroupInformation.createProxyUser方法的具体用法?Java UserGroupInformation.createProxyUser怎么用?Java UserGroupInformation.createProxyUser使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.hadoop.security.UserGroupInformation的用法示例。
在下文中一共展示了UserGroupInformation.createProxyUser方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
/**
* Get the username encoded in the token identifier
*
* @return the username or owner
*/
@Override
public UserGroupInformation getUser() {
if ( (owner == null) || (owner.toString().isEmpty())) {
return null;
}
final UserGroupInformation realUgi;
final UserGroupInformation ugi;
if ((realUser == null) || (realUser.toString().isEmpty())
|| realUser.equals(owner)) {
ugi = realUgi = UserGroupInformation.createRemoteUser(owner.toString());
} else {
realUgi = UserGroupInformation.createRemoteUser(realUser.toString());
ugi = UserGroupInformation.createProxyUser(owner.toString(), realUgi);
}
realUgi.setAuthenticationMethod(AuthenticationMethod.TOKEN);
return ugi;
}
示例2: getUgi
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
public static UserGroupInformation getUgi(UserInformationProto userInfo) {
UserGroupInformation ugi = null;
String effectiveUser = userInfo.hasEffectiveUser() ? userInfo
.getEffectiveUser() : null;
String realUser = userInfo.hasRealUser() ? userInfo.getRealUser() : null;
if (effectiveUser != null) {
if (realUser != null) {
UserGroupInformation realUserUgi = UserGroupInformation
.createRemoteUser(realUser);
ugi = UserGroupInformation
.createProxyUser(effectiveUser, realUserUgi);
} else {
ugi = org.apache.hadoop.security.UserGroupInformation
.createRemoteUser(effectiveUser);
}
}
return ugi;
}
示例3: getCurrentConnection
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
/**
* Get the cached connection for the current user.
* If none or timed out, create a new one.
*/
ConnectionInfo getCurrentConnection() throws IOException {
String userName = getEffectiveUser();
ConnectionInfo connInfo = connections.get(userName);
if (connInfo == null || !connInfo.updateAccessTime()) {
Lock lock = locker.acquireLock(userName);
try {
connInfo = connections.get(userName);
if (connInfo == null) {
UserGroupInformation ugi = realUser;
if (!userName.equals(realUserName)) {
ugi = UserGroupInformation.createProxyUser(userName, realUser);
}
User user = userProvider.create(ugi);
Connection conn = ConnectionFactory.createConnection(conf, user);
connInfo = new ConnectionInfo(conn, userName);
connections.put(userName, connInfo);
}
} finally {
lock.unlock();
}
}
return connInfo;
}
示例4: createProxyUgi
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
/**
* Create and return proxy user {@link org.apache.hadoop.security.UserGroupInformation} for give user name.
*
* TODO: we may want to cache the {@link org.apache.hadoop.security.UserGroupInformation} instances as we try to
* create different instances for the same user which is an unnecessary overhead.
*
* @param proxyUserName Proxy user name (must be valid)
* @return
*/
public static UserGroupInformation createProxyUgi(String proxyUserName) {
try {
if (Strings.isNullOrEmpty(proxyUserName)) {
throw new DrillRuntimeException("Invalid value for proxy user name");
}
// If the request proxy user is same as process user name, return the process UGI.
if (proxyUserName.equals(getProcessUserName())) {
return getProcessUserUGI();
}
return UserGroupInformation.createProxyUser(proxyUserName, UserGroupInformation.getLoginUser());
} catch(IOException e) {
final String errMsg = "Failed to create proxy user UserGroupInformation object: " + e.getMessage();
logger.error(errMsg, e);
throw new DrillRuntimeException(errMsg, e);
}
}
示例5: obtainSystemTokensForUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
@VisibleForTesting
protected Token<?>[] obtainSystemTokensForUser(String user,
final Credentials credentials) throws IOException, InterruptedException {
// Get new hdfs tokens on behalf of this user
UserGroupInformation proxyUser =
UserGroupInformation.createProxyUser(user,
UserGroupInformation.getLoginUser());
Token<?>[] newTokens =
proxyUser.doAs(new PrivilegedExceptionAction<Token<?>[]>() {
@Override
public Token<?>[] run() throws Exception {
FileSystem fs = FileSystem.get(getConfig());
try {
return fs.addDelegationTokens(
UserGroupInformation.getLoginUser().getUserName(),
credentials);
} finally {
// Close the FileSystem created by the new proxy user,
// So that we don't leave an entry in the FileSystem cache
fs.close();
}
}
});
return newTokens;
}
示例6: testProxyUserConfiguration
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
@Test
public void testProxyUserConfiguration() throws Exception {
MockRM rm = null;
try {
rm = new MockRM(conf);
rm.start();
// wait for web server starting
Thread.sleep(10000);
UserGroupInformation proxyUser =
UserGroupInformation.createProxyUser(
BAR_USER.getShortUserName(), FOO_USER);
try {
ProxyUsers.getDefaultImpersonationProvider().authorize(proxyUser,
ipAddress);
} catch (AuthorizationException e) {
// Exception is not expected
Assert.fail();
}
} finally {
if (rm != null) {
rm.stop();
rm.close();
}
}
}
示例7: testOperationDoAs
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
@Test
@TestDir
@TestJetty
@TestHdfs
public void testOperationDoAs() throws Exception {
createHttpFSServer();
UserGroupInformation ugi = UserGroupInformation.createProxyUser(HadoopUsersConfTestHelper.getHadoopUsers()[0],
UserGroupInformation.getCurrentUser());
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
operation(operation);
return null;
}
});
}
示例8: getUserGroupInformation
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
/**
* This method uses the currentUser, and real user to create a proxy
* @param effectiveUser The user who is being proxied by the real user
* @param realUser The actual user who does the command
* @return Proxy UserGroupInformation
* @throws IOException If proxying fails
*/
UserGroupInformation getUserGroupInformation(
String effectiveUser,
UserGroupInformation realUser)
throws IOException {
Preconditions.checkNotNull(effectiveUser);
Preconditions.checkNotNull(realUser);
realUser.checkTGTAndReloginFromKeytab();
UserGroupInformation ugi =
UserGroupInformation.createProxyUser(effectiveUser, realUser);
if (LOG.isDebugEnabled()){
LOG.debug(String.format("Created ugi:" +
" %s for username: %s", ugi, effectiveUser));
}
return ugi;
}
示例9: createUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
private UserGroupInformation createUser(ConnectionHeader head) {
UserGroupInformation ugi = null;
if (!head.hasUserInfo()) {
return null;
}
UserInformation userInfoProto = head.getUserInfo();
String effectiveUser = null;
if (userInfoProto.hasEffectiveUser()) {
effectiveUser = userInfoProto.getEffectiveUser();
}
String realUser = null;
if (userInfoProto.hasRealUser()) {
realUser = userInfoProto.getRealUser();
}
if (effectiveUser != null) {
if (realUser != null) {
UserGroupInformation realUserUgi =
UserGroupInformation.createRemoteUser(realUser);
ugi = UserGroupInformation.createProxyUser(effectiveUser, realUserUgi);
} else {
ugi = UserGroupInformation.createRemoteUser(effectiveUser);
}
}
return ugi;
}
示例10: getUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
@Override
public UserGroupInformation getUser() {
if (realUser.toString().isEmpty()) {
return UserGroupInformation.createRemoteUser(tokenid.toString());
} else {
UserGroupInformation realUgi = UserGroupInformation
.createRemoteUser(realUser.toString());
return UserGroupInformation
.createProxyUser(tokenid.toString(), realUgi);
}
}
示例11: proxyAs
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
@Override
public synchronized PrivilegedExecutor proxyAs(String proxyUserName) {
if (proxyUserName == null || proxyUserName.isEmpty()) {
return this;
}
if (proxyCache.get(proxyUserName) == null) {
UserGroupInformation proxyUgi;
proxyUgi = UserGroupInformation.createProxyUser(proxyUserName, ugi);
printUGI(proxyUgi);
proxyCache.put(proxyUserName, new UGIExecutor(proxyUgi));
}
return proxyCache.get(proxyUserName);
}
示例12: testValidProxyUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
public void testValidProxyUser() throws Exception {
UserGroupInformation ugi = UserGroupInformation.createProxyUser("u1", UserGroupInformation.getLoginUser());
ugi.doAs(new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
mrRun();
return null;
}
});
}
示例13: processConnectionContext
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
/** Reads the connection context following the connection header
* @param dis - DataInputStream from which to read the header
* @throws WrappedRpcServerException - if the header cannot be
* deserialized, or the user is not authorized
*/
private void processConnectionContext(DataInputStream dis)
throws WrappedRpcServerException {
// allow only one connection context during a session
if (connectionContextRead) {
throw new WrappedRpcServerException(
RpcErrorCodeProto.FATAL_INVALID_RPC_HEADER,
"Connection context already processed");
}
connectionContext = decodeProtobufFromStream(
IpcConnectionContextProto.newBuilder(), dis);
protocolName = connectionContext.hasProtocol() ? connectionContext
.getProtocol() : null;
UserGroupInformation protocolUser = ProtoUtil.getUgi(connectionContext);
if (saslServer == null) {
user = protocolUser;
} else {
// user is authenticated
user.setAuthenticationMethod(authMethod);
//Now we check if this is a proxy user case. If the protocol user is
//different from the 'user', it is a proxy user scenario. However,
//this is not allowed if user authenticated with DIGEST.
if ((protocolUser != null)
&& (!protocolUser.getUserName().equals(user.getUserName()))) {
if (authMethod == AuthMethod.TOKEN) {
// Not allowed to doAs if token authentication is used
throw new WrappedRpcServerException(
RpcErrorCodeProto.FATAL_UNAUTHORIZED,
new AccessControlException("Authenticated user (" + user
+ ") doesn't match what the client claims to be ("
+ protocolUser + ")"));
} else {
// Effective user can be different from authenticated user
// for simple auth or kerberos auth
// The user is the real user. Now we create a proxy user
UserGroupInformation realUser = user;
user = UserGroupInformation.createProxyUser(protocolUser
.getUserName(), realUser);
}
}
}
authorizeConnection();
// don't set until after authz because connection isn't established
connectionContextRead = true;
}
示例14: DrillUser
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
public DrillUser(String userName) throws IOException {
this.hadoopUser = UserGroupInformation.createProxyUser(userName, UserGroupInformation.getCurrentUser());
}
示例15: getUGI
import org.apache.hadoop.security.UserGroupInformation; //导入方法依赖的package包/类
protected UserGroupInformation getUGI(String user) throws IOException {
return UserGroupInformation.createProxyUser(user, UserGroupInformation.getLoginUser());
}