當前位置: 首頁>>代碼示例>>Java>>正文


Java UserGroupInformation.setAuthenticationMethod方法代碼示例

本文整理匯總了Java中org.apache.hadoop.security.UserGroupInformation.setAuthenticationMethod方法的典型用法代碼示例。如果您正苦於以下問題:Java UserGroupInformation.setAuthenticationMethod方法的具體用法?Java UserGroupInformation.setAuthenticationMethod怎麽用?Java UserGroupInformation.setAuthenticationMethod使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在org.apache.hadoop.security.UserGroupInformation的用法示例。


在下文中一共展示了UserGroupInformation.setAuthenticationMethod方法的6個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: getUser

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
/**
 * Get the username encoded in the token identifier
 * 
 * @return the username or owner
 */
@Override
public UserGroupInformation getUser() {
  if ( (owner == null) || (owner.toString().isEmpty())) {
    return null;
  }
  final UserGroupInformation realUgi;
  final UserGroupInformation ugi;
  if ((realUser == null) || (realUser.toString().isEmpty())
      || realUser.equals(owner)) {
    ugi = realUgi = UserGroupInformation.createRemoteUser(owner.toString());
  } else {
    realUgi = UserGroupInformation.createRemoteUser(realUser.toString());
    ugi = UserGroupInformation.createProxyUser(owner.toString(), realUgi);
  }
  realUgi.setAuthenticationMethod(AuthenticationMethod.TOKEN);
  return ugi;
}
 
開發者ID:nucypher,項目名稱:hadoop-oss,代碼行數:23,代碼來源:AbstractDelegationTokenIdentifier.java

示例2: testGetUserGroupInformationSecure

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
@Test
public void testGetUserGroupInformationSecure() throws IOException {
  String userName = "user1";
  String currentUser = "test-user";


  NfsConfiguration conf = new NfsConfiguration();
  UserGroupInformation currentUserUgi
          = UserGroupInformation.createRemoteUser(currentUser);
  currentUserUgi.setAuthenticationMethod(KERBEROS);
  UserGroupInformation.setLoginUser(currentUserUgi);

  DFSClientCache cache = new DFSClientCache(conf);
  UserGroupInformation ugiResult
          = cache.getUserGroupInformation(userName, currentUserUgi);

  assertThat(ugiResult.getUserName(), is(userName));
  assertThat(ugiResult.getRealUser(), is(currentUserUgi));
  assertThat(
          ugiResult.getAuthenticationMethod(),
          is(UserGroupInformation.AuthenticationMethod.PROXY));
}
 
開發者ID:naver,項目名稱:hadoop,代碼行數:23,代碼來源:TestDFSClientCache.java

示例3: getAuthorizedUgi

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
private UserGroupInformation getAuthorizedUgi(String authorizedId)
    throws IOException {
  UserGroupInformation authorizedUgi;
  if (authMethod == AuthMethod.DIGEST) {
    TokenIdentifier tokenId = HBaseSaslRpcServer.getIdentifier(authorizedId,
        secretManager);
    authorizedUgi = tokenId.getUser();
    if (authorizedUgi == null) {
      throw new AccessDeniedException(
          "Can't retrieve username from tokenIdentifier.");
    }
    authorizedUgi.addTokenIdentifier(tokenId);
  } else {
    authorizedUgi = UserGroupInformation.createRemoteUser(authorizedId);
  }
  authorizedUgi.setAuthenticationMethod(authMethod.authenticationMethod.getAuthMethod());
  return authorizedUgi;
}
 
開發者ID:fengchen8086,項目名稱:ditb,代碼行數:19,代碼來源:RpcServer.java

示例4: testTokenAuthentication

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
@Test
public void testTokenAuthentication() throws Exception {
  UserGroupInformation testuser =
      UserGroupInformation.createUserForTesting("testuser", new String[]{"testgroup"});

  testuser.setAuthenticationMethod(
      UserGroupInformation.AuthenticationMethod.TOKEN);
  final Configuration conf = TEST_UTIL.getConfiguration();
  UserGroupInformation.setConfiguration(conf);
  Token<AuthenticationTokenIdentifier> token =
      secretManager.generateToken("testuser");
  LOG.debug("Got token: " + token.toString());
  testuser.addToken(token);

  // verify the server authenticates us as this token user
  testuser.doAs(new PrivilegedExceptionAction<Object>() {
    public Object run() throws Exception {
      Configuration c = server.getConfiguration();
      RpcClient rpcClient = RpcClientFactory.createClient(c, clusterId.toString());
      ServerName sn =
          ServerName.valueOf(server.getAddress().getHostName(), server.getAddress().getPort(),
              System.currentTimeMillis());
      try {
        BlockingRpcChannel channel = rpcClient.createBlockingRpcChannel(sn,
            User.getCurrent(), HConstants.DEFAULT_HBASE_RPC_TIMEOUT);
        AuthenticationProtos.AuthenticationService.BlockingInterface stub =
            AuthenticationProtos.AuthenticationService.newBlockingStub(channel);
        AuthenticationProtos.WhoAmIResponse response =
            stub.whoAmI(null, AuthenticationProtos.WhoAmIRequest.getDefaultInstance());
        String myname = response.getUsername();
        assertEquals("testuser", myname);
        String authMethod = response.getAuthMethod();
        assertEquals("TOKEN", authMethod);
      } finally {
        rpcClient.close();
      }
      return null;
    }
  });
}
 
開發者ID:fengchen8086,項目名稱:ditb,代碼行數:41,代碼來源:TestTokenAuthentication.java

示例5: getUGI

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
/**
 * Get {@link UserGroupInformation} and possibly the delegation token out of
 * the request.
 * @param context the ServletContext that is serving this request.
 * @param request the http request
 * @param conf configuration
 * @param secureAuthMethod the AuthenticationMethod used in secure mode.
 * @param tryUgiParameter Should it try the ugi parameter?
 * @return a new user from the request
 * @throws AccessControlException if the request has no token
 */
public static UserGroupInformation getUGI(ServletContext context,
    HttpServletRequest request, Configuration conf,
    final AuthenticationMethod secureAuthMethod,
    final boolean tryUgiParameter) throws IOException {
  UserGroupInformation ugi = null;
  final String usernameFromQuery = getUsernameFromQuery(request, tryUgiParameter);
  final String doAsUserFromQuery = request.getParameter(DoAsParam.NAME);
  final String remoteUser;
 
  if (UserGroupInformation.isSecurityEnabled()) {
    remoteUser = request.getRemoteUser();
    final String tokenString = request.getParameter(DELEGATION_PARAMETER_NAME);
    if (tokenString != null) {
      // Token-based connections need only verify the effective user, and
      // disallow proxying to different user.  Proxy authorization checks
      // are not required since the checks apply to issuing a token.
      ugi = getTokenUGI(context, request, tokenString, conf);
      checkUsername(ugi.getShortUserName(), usernameFromQuery);
      checkUsername(ugi.getShortUserName(), doAsUserFromQuery);
    } else if (remoteUser == null) {
      throw new IOException(
          "Security enabled but user not authenticated by filter");
    }
  } else {
    // Security's not on, pull from url or use default web user
    remoteUser = (usernameFromQuery == null)
        ? getDefaultWebUserName(conf) // not specified in request
        : usernameFromQuery;
  }

  if (ugi == null) { // security is off, or there's no token
    ugi = UserGroupInformation.createRemoteUser(remoteUser);
    checkUsername(ugi.getShortUserName(), usernameFromQuery);
    if (UserGroupInformation.isSecurityEnabled()) {
      // This is not necessarily true, could have been auth'ed by user-facing
      // filter
      ugi.setAuthenticationMethod(secureAuthMethod);
    }
    if (doAsUserFromQuery != null) {
      // create and attempt to authorize a proxy user
      ugi = UserGroupInformation.createProxyUser(doAsUserFromQuery, ugi);
      ProxyUsers.authorize(ugi, getRemoteAddr(request));
    }
  }
  
  if(LOG.isDebugEnabled())
    LOG.debug("getUGI is returning: " + ugi.getShortUserName());
  return ugi;
}
 
開發者ID:naver,項目名稱:hadoop,代碼行數:61,代碼來源:JspHelper.java

示例6: testSecureAuthParamsInUrl

import org.apache.hadoop.security.UserGroupInformation; //導入方法依賴的package包/類
@Test(timeout=60000)
public void testSecureAuthParamsInUrl() throws IOException {
  Configuration conf = new Configuration();
  // fake turning on security so api thinks it should use tokens
  SecurityUtil.setAuthenticationMethod(KERBEROS, conf);
  UserGroupInformation.setConfiguration(conf);

  UserGroupInformation ugi =
      UserGroupInformation.createRemoteUser("test-user");
  ugi.setAuthenticationMethod(KERBEROS);
  UserGroupInformation.setLoginUser(ugi);

  WebHdfsFileSystem webhdfs = getWebHdfsFileSystem(ugi, conf);
  Path fsPath = new Path("/");
  String tokenString = webhdfs.getDelegationToken().encodeToUrlString();

  // send user
  URL getTokenUrl = webhdfs.toUrl(GetOpParam.Op.GETDELEGATIONTOKEN, fsPath);
  checkQueryParams(
      new String[]{
          GetOpParam.Op.GETDELEGATIONTOKEN.toQueryString(),
          new UserParam(ugi.getShortUserName()).toString()
      },
      getTokenUrl);

  // send user
  URL renewTokenUrl = webhdfs.toUrl(PutOpParam.Op.RENEWDELEGATIONTOKEN,
      fsPath, new TokenArgumentParam(tokenString));
  checkQueryParams(
      new String[]{
          PutOpParam.Op.RENEWDELEGATIONTOKEN.toQueryString(),
          new UserParam(ugi.getShortUserName()).toString(),
          new TokenArgumentParam(tokenString).toString(),
      },
      renewTokenUrl);

  // send token
  URL cancelTokenUrl = webhdfs.toUrl(PutOpParam.Op.CANCELDELEGATIONTOKEN,
      fsPath, new TokenArgumentParam(tokenString));
  checkQueryParams(
      new String[]{
          PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
          new UserParam(ugi.getShortUserName()).toString(),
          new TokenArgumentParam(tokenString).toString(),
      },
      cancelTokenUrl);
  
  // send token
  URL fileStatusUrl = webhdfs.toUrl(GetOpParam.Op.GETFILESTATUS, fsPath);
  checkQueryParams(
      new String[]{
          GetOpParam.Op.GETFILESTATUS.toQueryString(),
          new DelegationParam(tokenString).toString()
      },
      fileStatusUrl);

  // wipe out internal token to simulate auth always required
  webhdfs.setDelegationToken(null);

  // send user
  cancelTokenUrl = webhdfs.toUrl(PutOpParam.Op.CANCELDELEGATIONTOKEN,
      fsPath, new TokenArgumentParam(tokenString));
  checkQueryParams(
      new String[]{
          PutOpParam.Op.CANCELDELEGATIONTOKEN.toQueryString(),
          new UserParam(ugi.getShortUserName()).toString(),
          new TokenArgumentParam(tokenString).toString(),
      },
      cancelTokenUrl);

  // send user
  fileStatusUrl = webhdfs.toUrl(GetOpParam.Op.GETFILESTATUS, fsPath);
  checkQueryParams(
      new String[]{
          GetOpParam.Op.GETFILESTATUS.toQueryString(),
          new UserParam(ugi.getShortUserName()).toString()
      },
      fileStatusUrl);    
}
 
開發者ID:naver,項目名稱:hadoop,代碼行數:80,代碼來源:TestWebHdfsUrl.java


注:本文中的org.apache.hadoop.security.UserGroupInformation.setAuthenticationMethod方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。