Examples of org.apache.hadoop.security.UserGroupInformation

org.apache.hadoop.security.UserGroupInformation
User and group information for Hadoop. This class wraps around a JAAS Subject and provides methods to determine the user's username and groups. It supports both the Windows, Unix and Kerberos login modules.

      JobConf conf, final boolean shouldSucceed)
      throws IOException, InterruptedException {
    setUpCluster(conf);
    try {
      // submit job as current user.
      UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
      String[] groups = ugi.getGroupNames();
      String userInfo = ugi.getShortUserName() + "," +
                        groups[groups.length - 1];
      final RunningJob rjob = submitSleepJob(1, 1, 1000, 1000, false, userInfo);
      assertFalse(rjob.isComplete());
      
      conf.set("mapred.job.tracker", "localhost:"

View Full Code Here

                                    String queueName) 
                                      throws IOException, InterruptedException {
    JobConf clientConf = new JobConf();
    clientConf.set("mapred.job.tracker", "localhost:"
        + miniMRCluster.getJobTrackerPort());
    UserGroupInformation ugi;
    SleepJob job = new SleepJob();
    job.setConf(clientConf);
    clientConf = job.setupJobConf(numMappers, numReducers, 
        mapSleepTime, (int)mapSleepTime/100,
        reduceSleepTime, (int)reduceSleepTime/100);
    if (queueName != null) {
      clientConf.setQueueName(queueName);
    }
    final JobConf jc = new JobConf(clientConf);
    if (userInfo != null) {
      String[] splits = userInfo.split(",");
      String[] groups = new String[splits.length - 1];
      System.arraycopy(splits, 1, groups, 0, splits.length - 1);
      ugi = UserGroupInformation.createUserForTesting(splits[0], groups);
    } else {
      ugi = UserGroupInformation.getCurrentUser();
    }
    RunningJob rJob = ugi.doAs(new PrivilegedExceptionAction<RunningJob>() {
      public RunningJob run() throws IOException {
        if (shouldComplete) {
          return JobClient.runJob(jc);  
        } else {
          // Job should be submitted as 'userInfo'. So both the client as well as

View Full Code Here

    cluster.getJTClient().verifyJobHistory(rJob.getID());
  }


  //@Test
  public void testFileStatus() throws Exception {
    UserGroupInformation ugi =
        UserGroupInformation.createRemoteUser(cluster
            .getJTClient().getProxy().getDaemonUser());
    ugi.doAs(new PrivilegedExceptionAction<Void>() {
      @Override
      public Void run() throws Exception {
        MRCluster myCluster = null;
        try {
          myCluster = MRCluster.createCluster(cluster.getConf());

View Full Code Here

    if(dtSecretManager == null || !dtSecretManager.isRunning()) {
      LOG.warn("trying to get DT with no secret manager running");
      return null;
    }
    
    UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
    String user = ugi.getUserName();
    Text owner = new Text(user);
    Text realUser = null;
    if (ugi.getRealUser() != null) {
      realUser = new Text(ugi.getRealUser().getUserName());
    }
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(owner,
        renewer, realUser);
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);

View Full Code Here

   * @return AuthenticationMethod used to establish connection
   * @throws IOException
   */
  private AuthenticationMethod getConnectionAuthenticationMethod()
      throws IOException {
    UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
    AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
    if (authMethod == AuthenticationMethod.PROXY) {
      authMethod = ugi.getRealUser().getAuthenticationMethod();
    }
    return authMethod;
  }

View Full Code Here

    final JobInProgress job = jt.getJob(jobid);
    JobWithViewAccessCheck myJob = new JobWithViewAccessCheck(job);


    String user = request.getRemoteUser();
    if (user != null && job != null && jt.areACLsEnabled()) {
      final UserGroupInformation ugi =
        UserGroupInformation.createRemoteUser(user);
      try {
        ugi.doAs(new PrivilegedExceptionAction<Void>() {
          public Void run() throws IOException, ServletException {


            // checks job view permission
            jt.getACLsManager().checkAccess(job, ugi,
                Operation.VIEW_JOB_DETAILS);
            return null;
          }
        });
      } catch (AccessControlException e) {
        String errMsg = "User " + ugi.getShortUserName() +
            " failed to view " + jobid + "!<br><br>" + e.getMessage() +
            "<hr><a href=\"jobtracker.jsp\">Go back to JobTracker</a><br>";
        JSPUtil.setErrorAndForward(errMsg, request, response);
        myJob.setViewAccess(false);
      } catch (InterruptedException e) {

View Full Code Here

          String errMsg = "User " + user
              + " failed to kill the following job(s)!<br><br>";
          for (String job : jobs) {
            final JobID jobId = JobID.forName(job);
            if (user != null) {
              UserGroupInformation ugi =
                UserGroupInformation.createRemoteUser(user);
              try {
                ugi.doAs(new PrivilegedExceptionAction<Void>() {
                  public Void run() throws IOException{


                    tracker.killJob(jobId);// checks job modify permission
                    return null;
                  }
                });
              } catch(AccessControlException e) {
                errMsg = errMsg.concat("<br>" + e.getMessage());
                notAuthorized = true;
                // We don't return right away so that we can try killing other
                // jobs that are requested to be killed.
                continue;
              }
            }
            else {// no authorization needed
              tracker.killJob(jobId);
            }
          }
          if (notAuthorized) {// user is not authorized to kill some/all of jobs
            errMsg = errMsg.concat(
              "<br><hr><a href=\"jobtracker.jsp\">Go back to JobTracker</a><br>");
            setErrorAndForward(errMsg, request, response);
            return;
          }
        }
      }


    if (privateActionsAllowed(tracker.conf) && 
          request.getParameter("changeJobPriority") != null) {
        String[] jobs = request.getParameterValues("jobCheckBox");
        if (jobs != null) {
          final JobPriority jobPri = JobPriority.valueOf(request
              .getParameter("setJobPriority"));
          boolean notAuthorized = false;
          String errMsg = "User " + user
              + " failed to set priority for the following job(s)!<br><br>";


          for (String job : jobs) {
            final JobID jobId = JobID.forName(job);
            if (user != null) {
              UserGroupInformation ugi = UserGroupInformation.
                  createRemoteUser(user);
              try {
                ugi.doAs(new PrivilegedExceptionAction<Void>() {
                  public Void run() throws IOException{


                    // checks job modify permission
                    tracker.setJobPriority(jobId, jobPri);
                    return null;

View Full Code Here

        it.remove();
        LOG.info("Job History file removed form cache "+removeJobId);
      }
    }


    UserGroupInformation currentUser;
    if (user == null) {
      currentUser = UserGroupInformation.getCurrentUser();
    } else {
      currentUser = UserGroupInformation.createRemoteUser(user);
    }

View Full Code Here

  public void doGet(final HttpServletRequest request,
                    final HttpServletResponse response)
    throws IOException {
    Configuration conf =
  (Configuration) getServletContext().getAttribute(JspHelper.CURRENT_CONF);
    final UserGroupInformation ugi = getUGI(request, conf);


    try {
      ugi.doAs(new PrivilegedExceptionAction<Void>() {
            @Override
            public Void run() throws IOException {
              ClientProtocol nn = createNameNodeProxy();
              final String path = 
                request.getPathInfo() != null ? request.getPathInfo() : "/";

View Full Code Here

   * the JobTracker alone.
   */
  public JobStatus submitJob(JobID jobId, String jobSubmitDir, Credentials ts)
      throws IOException {
    JobInfo jobInfo = null;
    UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
    synchronized (this) {
      if (jobs.containsKey(jobId)) {
        // job already running, don't start twice
        return jobs.get(jobId).getStatus();
      }
      jobInfo = new JobInfo(jobId, new Text(ugi.getShortUserName()),
          new Path(jobSubmitDir));
    }
    // Create the JobInProgress, do not lock the JobTracker since
    // we are about to copy job.xml from HDFS
    JobInProgress job = null;

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.hadoop.security.UserGroupInformation

com.cloudera.lib.service.hadoop.HadoopService

com.dianping.cosmos.hive.server.queryengine.jdbc.HiveJdbcClient

org.apache.flink.yarn.appMaster.ApplicationMaster

org.apache.flume.sink.hdfs.HDFSEventSink

org.apache.hadoop.conf.Configuration

org.apache.hadoop.fs.FileSystem

org.apache.hadoop.fs.Path

org.apache.hadoop.fs.TestFileSystem

org.apache.hadoop.hbase.ipc.HBaseClient$Connection

org.apache.hadoop.hbase.ipc.HBaseServer$Connection

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.