Examples of Groups


Examples of org.apache.hadoop.lib.service.Groups

          if (!path.value().equals("/")) {
            throw new UnsupportedOperationException(
              MessageFormat.format("Invalid path for {0}={1}, must be '/'",
                                   GetOpParam.NAME, HttpFSFileSystem.GetOpValues.INSTRUMENTATION));
          }
          Groups groups = HttpFSServerWebApp.get().get(Groups.class);
          List<String> userGroups = groups.getGroups(user.getName());
          if (!userGroups.contains(HttpFSServerWebApp.get().getAdminGroup())) {
            throw new AccessControlException("User not in HttpFSServer admin group");
          }
          Instrumentation instrumentation = HttpFSServerWebApp.get().get(Instrumentation.class);
          Map snapshot = instrumentation.getSnapshot();
View Full Code Here

Examples of org.apache.hadoop.lib.service.Groups

        response = Response.ok(json).type(MediaType.APPLICATION_JSON).build();
        break;
      }
      case INSTRUMENTATION: {
        enforceRootPath(op.value(), path);
        Groups groups = HttpFSServerWebApp.get().get(Groups.class);
        List<String> userGroups = groups.getGroups(user.getName());
        if (!userGroups.contains(HttpFSServerWebApp.get().getAdminGroup())) {
          throw new AccessControlException(
            "User not in HttpFSServer admin group");
        }
        Instrumentation instrumentation =
View Full Code Here

Examples of org.apache.hadoop.lib.service.Groups

          if (!path.value().equals("/")) {
            throw new UnsupportedOperationException(
              MessageFormat.format("Invalid path for {0}={1}, must be '/'",
                                   GetOpParam.NAME, HttpFSFileSystem.GetOpValues.INSTRUMENTATION));
          }
          Groups groups = HttpFSServerWebApp.get().get(Groups.class);
          List<String> userGroups = groups.getGroups(user.getName());
          if (!userGroups.contains(HttpFSServerWebApp.get().getAdminGroup())) {
            throw new AccessControlException("User not in HttpFSServer admin group");
          }
          Instrumentation instrumentation = HttpFSServerWebApp.get().get(Instrumentation.class);
          Map snapshot = instrumentation.getSnapshot();
View Full Code Here

Examples of org.apache.hadoop.security.Groups

      throw new AllocationConfigurationException(
          "Could get past last queue placement rule without assigning");
    }
    this.rules = rules;
    this.configuredQueues = configuredQueues;
    groups = new Groups(conf);
  }
View Full Code Here

Examples of org.apache.hadoop.security.Groups

    conf.set(
        DefaultImpersonationProvider.getProxySuperuserIpConfKey(REAL_USER_NAME),
        PROXY_IP);
   
    ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
    Groups groups = Groups.getUserToGroupsMappingService(conf);

    // try proxying a group that's allowed
    UserGroupInformation realUserUgi = UserGroupInformation
    .createRemoteUser(REAL_USER_NAME);

    UserGroupInformation proxyUserUgi = UserGroupInformation.createProxyUserForTesting(
        PROXY_USER_NAME, realUserUgi, groups.getGroups(PROXY_USER_NAME).toArray(
            new String[groups.getGroups(PROXY_USER_NAME).size()]));

    assertAuthorized(proxyUserUgi, PROXY_IP);
  }
View Full Code Here

Examples of org.apache.hadoop.security.Groups

    Configuration conf = new Configuration();
    conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_GROUP_MAPPING,
      groupMappingClassName);

    Groups groups = Groups.getUserToGroupsMappingService(conf);

    AccessControlList acl;

    // create these ACLs to populate groups cache
    acl = new AccessControlList("ja my"); // plain
    acl = new AccessControlList("sinatra ratpack,@lasVegas"); // netgroup
    acl = new AccessControlList(" somegroup,@someNetgroup"); // no user

    // this ACL will be used for testing ACLs
    acl = new AccessControlList("carlPerkins ratpack,@lasVegas");
    acl.addGroup("@memphis");

    // validate the netgroups before and after rehresh to make
    // sure refresh works correctly
    validateNetgroups(groups, acl);
    groups.refresh();
    validateNetgroups(groups, acl);

  }
View Full Code Here

Examples of org.apache.hadoop.security.Groups

  @Test
  public void testRefreshUserToGroupsMappings() throws Exception {

    String[] args = new String[] { "-refreshUserToGroupsMappings" };
    Groups groups = Groups.getUserToGroupsMappingService(conf);
    String user = UserGroupInformation.getCurrentUser().getUserName();
    System.out.println("first attempt:");
    List<String> g1 = groups.getGroups(user);
    String[] str_groups = new String[g1.size()];
    g1.toArray(str_groups);
    System.out.println(Arrays.toString(str_groups));

    // Now groups of this user has changed but getGroups returns from the
    // cache,so we would see same groups as before
    System.out.println("second attempt, should be same:");
    List<String> g2 = groups.getGroups(user);
    g2.toArray(str_groups);
    System.out.println(Arrays.toString(str_groups));
    for (int i = 0; i < g2.size(); i++) {
      assertEquals("Should be same group ", g1.get(i), g2.get(i));
    }
    // run the command,which clears the cache
    hsAdminClient.run(args);
    System.out
        .println("third attempt(after refresh command), should be different:");
    // Now get groups should return new groups
    List<String> g3 = groups.getGroups(user);
    g3.toArray(str_groups);
    System.out.println(Arrays.toString(str_groups));
    for (int i = 0; i < g3.size(); i++) {
      assertFalse(
          "Should be different group: " + g1.get(i) + " and " + g3.get(i), g1
View Full Code Here

Examples of org.apache.hadoop.security.Groups

      throw new NotAuthorizedException(
          MessageFormat.format(
            "Unauthorized proxyuser [{0}] for doAsUser [{1}], not in proxyuser groups",
            proxyUser, doAsUser));
    }
    Groups groupsInfo = new Groups(Main.getAppConfigInstance());
    try {
      List<String> userGroups = groupsInfo.getGroups(doAsUser);
      for (String g : validGroups) {
        if (userGroups.contains(g)) {
          return;
        }
      }
View Full Code Here

Examples of org.apache.hadoop.security.Groups

    // ShellBasedUnixGroupsMappingTestWrapper
    Configuration conf = new Configuration();
    conf.set("hadoop.security.group.mapping",
      "org.apache.hadoop.security.ShellBasedUnixGroupsNetgroupMappingTestWrapper");

    Groups groups = Groups.getUserToGroupsMappingService(conf);

    AccessControlList acl;

    // create these ACLs to populate groups cache
    acl = new AccessControlList("ja my"); // plain
    acl = new AccessControlList("sinatra ratpack,@lasVegas"); // netgroup
    acl = new AccessControlList(" somegroups,@somenetgroup"); // no user

    // check that the netgroups are working
    List<String> elvisGroups = groups.getGroups("elvis");
    assertTrue(elvisGroups.contains("@lasVegas"));

    // refresh cache - not testing this directly but if the results are ok
    // after the refresh that means it worked fine (very likely)
    groups.refresh();

    // create an ACL with netgroups (@xxx)
    acl = new AccessControlList("ja ratpack,@lasVegas");
    // elvis is in @lasVegas
    UserGroupInformation elvis =
View Full Code Here

Examples of org.apache.hadoop.security.Groups

    }
  }

  @Test
  public void testGroupsCaching() throws Exception {
    Groups groups = new Groups(conf);
    groups.cacheGroupsAdd(Arrays.asList(myGroups));
    groups.refresh();
    FakeGroupMapping.clearBlackList();
    FakeGroupMapping.addToBlackList("user1");

    // regular entry
    assertTrue(groups.getGroups("me").size() == 2);

    // this must be cached. blacklisting should have no effect.
    FakeGroupMapping.addToBlackList("me");
    assertTrue(groups.getGroups("me").size() == 2);

    // ask for a negative entry
    try {
      LOG.error("We are not supposed to get here." + groups.getGroups("user1").toString());
      fail();
    } catch (IOException ioe) {
      if(!ioe.getMessage().startsWith("No groups found")) {
        LOG.error("Got unexpected exception: " + ioe.getMessage());
        fail();
      }
    }

    // this shouldn't be cached. remove from the black list and retry.
    FakeGroupMapping.clearBlackList();
    assertTrue(groups.getGroups("user1").size() == 2);
  }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.