Examples of org.apache.hadoop.security.KerberosName

org.apache.hadoop.security.KerberosName
This class implements parsing and handling of Kerberos principal names. In particular, it splits them apart and translates them down into local operating system names.

          + name);
    }
    if (name == null) { //name is optional, null is okay
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }

View Full Code Here

  static void obtainTokensForNamenodesInternal(Credentials credentials,
                                               Path [] ps, 
                                               Configuration conf
                                               ) throws IOException {
    // get jobtracker principal id (for the renewer)
    KerberosName jtKrbName = new KerberosName(conf.get(JobTracker.JT_USER_NAME, ""));
    String delegTokenRenewer = jtKrbName.getShortName();
    boolean readFile = true;
    for(Path p: ps) {
      FileSystem fs = FileSystem.get(p.toUri(), conf);
      String fsName = fs.getCanonicalServiceName();
      if (fsName == null) {

View Full Code Here

          + name);
    }
    if (name == null) { //name is optional, null is okay
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }

View Full Code Here

      this.owner = owner;
    }
    if (renewer == null) {
      this.renewer = new Text();
    } else {
      KerberosName renewerKrbName = new KerberosName(renewer.toString());
      try {
        this.renewer = new Text(renewerKrbName.getShortName());
      } catch (IOException e) {
        throw new RuntimeException(e);
      }
    }
    if (realUser == null) {

View Full Code Here

    if (id.getUser() == null) {
      throw new InvalidToken("Token with no owner");
    }
    String owner = id.getUser().getUserName();
    Text renewer = id.getRenewer();
    KerberosName cancelerKrbName = new KerberosName(canceller);
    String cancelerShortName = cancelerKrbName.getShortName();
    if (!canceller.equals(owner)
        && (renewer == null || "".equals(renewer.toString()) || !cancelerShortName
            .equals(renewer.toString()))) {
      throw new AccessControlException(canceller
          + " is not authorized to cancel the token");

View Full Code Here

  private static void checkUsername(final String expected, final String name
      ) throws IOException {
    if (name == null) {
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }

View Full Code Here

              if (!gssContext.isEstablished()) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                LOG.trace("SPNEGO in progress");
              } else {
                String clientPrincipal = gssContext.getSrcName().toString();
                KerberosName kerberosName = new KerberosName(clientPrincipal);
                String userName = kerberosName.getShortName();
                token = new AuthenticationToken(userName, clientPrincipal, TYPE);
                response.setStatus(HttpServletResponse.SC_OK);
                LOG.trace("SPNEGO completed for principal [{}]", clientPrincipal);
              }
            } finally {

View Full Code Here

    if (id.getUser() == null) {
      throw new InvalidToken("Token with no owner");
    }
    String owner = id.getUser().getUserName();
    Text renewer = id.getRenewer();
    KerberosName cancelerKrbName = new KerberosName(canceller);
    String cancelerShortName = cancelerKrbName.getShortName();
    if (!canceller.equals(owner)
        && (renewer == null || "".equals(renewer.toString()) || !cancelerShortName
            .equals(renewer.toString()))) {
      throw new AccessControlException(canceller
          + " is not authorized to cancel the token");

View Full Code Here

              if (!gssContext.isEstablished()) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                LOG.trace("SPNEGO in progress");
              } else {
                String clientPrincipal = gssContext.getSrcName().toString();
                KerberosName kerberosName = new KerberosName(clientPrincipal);
                String userName = kerberosName.getShortName();
                token = new AuthenticationToken(userName, clientPrincipal, TYPE);
                response.setStatus(HttpServletResponse.SC_OK);
                LOG.trace("SPNEGO completed for principal [{}]", clientPrincipal);
              }
            } finally {

View Full Code Here

  public class KerberosNameShim implements HadoopShimsSecure.KerberosNameShim {


    private KerberosName kerberosName;


    public KerberosNameShim(String name) {
      kerberosName = new KerberosName(name);
    }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.hadoop.security.KerberosName

org.apache.hadoop.conf.Configuration

org.apache.hadoop.hdfs.server.namenode.JspHelper

org.apache.hadoop.hive.shims.Hadoop20SShims$KerberosNameShim

org.apache.hadoop.mapreduce.security.TokenCache

org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler

org.apache.hadoop.security.authorize.ServiceAuthorizationManager

org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier

org.apache.hadoop.security.token.delegation.AbstractDelegationTokenSecretManager

java.util.regex.Matcher

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.