Package org.apache.hadoop.security

Examples of org.apache.hadoop.security.AccessControlException

367
368
369
370
371
372
373
374
    // if this user is the file owner, return
    if(inode.getUserName(snapshotId).equals(user)) {
      return;
    }

    throw new AccessControlException("Permission denied by sticky bit setting:" +
      " user=" + user + ", inode=" + inode);
  }
View Full Code Here
395
396
397
398
399
400
401
402
403
      return;
    }
    if (mode.getOtherAction().implies(access)) {
      return;
    }
    throw new AccessControlException("Permission denied while accessing pool "
        + pool.getPoolName() + ": user " + user + " does not have "
        + access.toString() + " permissions.");
  }
View Full Code Here
470
471
472
473
474
475
476
    List<String> groups = Arrays.asList(callerUgi.getGroupNames());
    if (groups.contains(supergroup)) {
      return;
    }
    // Not a superuser.
    throw new AccessControlException();
  }
View Full Code Here
1096
1097
1098
1099
1100
1101
1102
1103
1104
    if (!UserGroupInformation.isSecurityEnabled()) {
      return;
    }
    if (UserGroupInformation.getCurrentUser().getAuthenticationMethod() !=
        AuthenticationMethod.KERBEROS) {
      throw new AccessControlException("Error in " + msg
          + "Only kerberos based authentication is allowed.");
    }
  }
View Full Code Here
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
 
  private void checkBlockLocalPathAccess() throws IOException {
    checkKerberosAuthMethod("getBlockLocalPathInfo()");
    String currentUser = UserGroupInformation.getCurrentUser().getShortUserName();
    if (!usersWithLocalPathAccess.contains(currentUser)) {
      throw new AccessControlException(
          "Can't continue with getBlockLocalPathInfo() "
              + "authorization. The user " + currentUser
              + " is not allowed to call getBlockLocalPathInfo");
    }
  }
View Full Code Here
185
186
187
188
189
190
191
      return;
    }
    String msg = "Disallowed RPC access from " + ugi + " at " +
        Server.getRemoteAddress() + ". Not listed in " + DFSConfigKeys.DFS_ADMIN;
    LOG.warn(msg);
    throw new AccessControlException(msg);
  }
View Full Code Here
444
445
446
447
448
449
450
451
452
453
454
        case 416: // invalid range
          result = new EOFException(FSExceptionMessages.CANNOT_SEEK_PAST_EOF
                                    +": " + filename);
          break;
        case 403: //forbidden
          result = new AccessControlException("Permission denied"
                                    +": " + filename);
          break;
        default:
          result = new IOException(text);
      }
View Full Code Here
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
    boolean autoHaEnabled = conf.getBoolean(DFS_HA_AUTO_FAILOVER_ENABLED_KEY,
        DFS_HA_AUTO_FAILOVER_ENABLED_DEFAULT);
    switch (req.getSource()) {
    case REQUEST_BY_USER:
      if (autoHaEnabled) {
        throw new AccessControlException(
            "Manual HA control for this NameNode is disallowed, because " +
            "automatic HA is enabled.");
      }
      break;
    case REQUEST_BY_USER_FORCED:
      if (autoHaEnabled) {
        LOG.warn("Allowing manual HA control from " +
            Server.getRemoteAddress() +
            " even though automatic HA is enabled, because the user " +
            "specified the force flag");
      }
      break;
    case REQUEST_BY_ZKFC:
      if (!autoHaEnabled) {
        throw new AccessControlException(
            "Request from ZK failover controller at " +
            Server.getRemoteAddress() + " denied since automatic HA " +
            "is not enabled");
      }
      break;
View Full Code Here
56
57
58
59
60
61
62
63
    if (xAttr.getNameSpace() == XAttr.NameSpace.USER ||
        (xAttr.getNameSpace() == XAttr.NameSpace.TRUSTED &&
        pc.isSuperUser())) {
      return;
    }
    throw new AccessControlException("User doesn't have permission for xattr: "
        + XAttrHelper.getPrefixName(xAttr));
  }
View Full Code Here
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
        }
        try {
          FileStatus systemDirStatus = fs.getFileStatus(systemDir);
          if (!systemDirStatus.getOwner().equals(
              getMROwner().getShortUserName())) {
            throw new AccessControlException("The systemdir " + systemDir +
                " is not owned by " + getMROwner().getShortUserName());
          }
          if (!systemDirStatus.getPermission().equals(SYSTEM_DIR_PERMISSION)) {
            LOG.warn("Incorrect permissions on " + systemDir +
                ". Setting it to " + SYSTEM_DIR_PERMISSION);
View Full Code Here
TOP

Related Classes of org.apache.hadoop.security.AccessControlException

  • org.apache.hadoop.fs.s3native.Jets3tNativeFileSystemStore
  • org.apache.hadoop.fs.viewfs.ViewFileSystem
  • org.apache.hadoop.fs.viewfs.ViewFs
  • org.apache.hadoop.ha.TestFailoverController
  • org.apache.hadoop.hbase.ipc.HBaseServer$Connection
  • org.apache.hadoop.hbase.ipc.RpcServer$Connection
  • org.apache.hadoop.hbase.ipc.SecureServer$SecureConnection
  • org.apache.hadoop.hbase.util.FSUtils
  • org.apache.hadoop.hbase.util.HBaseFsck
  • org.apache.hadoop.hdfs.server.datanode.DataNode
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.