Package org.apache.hadoop.security

Examples of org.apache.hadoop.security.UserGroupInformation

346
347
348
349
350
351
352
353
   * talking to a server at the named address. */
  public static VersionedProtocol getProxy(
      Class<? extends VersionedProtocol> protocol,
      long clientVersion, InetSocketAddress addr, Configuration conf,
      SocketFactory factory) throws IOException {
    UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
    return getProxy(protocol, clientVersion, addr, ugi, conf, factory);
  }
View Full Code Here
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
  private Set<Path> deleteOnExit = new TreeSet<Path>();

  public static FileSystem get(final URI uri, final Configuration conf,
      final String user)
  throws IOException, InterruptedException {
    UserGroupInformation ugi;
    if (user == null) {
      ugi = UserGroupInformation.getCurrentUser();
    } else {
      ugi = UserGroupInformation.createRemoteUser(user);
    }
    return ugi.doAs(new PrivilegedExceptionAction<FileSystem>() {
      public FileSystem run() throws IOException {
        return get(uri, conf);
      }
    });
  }
View Full Code Here
655
656
657
658
659
660
661
662
663
664
665
    if (remoteUser == null) {
      return true;
    }
    AccessControlList adminsAcl = (AccessControlList) servletContext
        .getAttribute(ADMINS_ACL);
    UserGroupInformation remoteUserUGI =
        UserGroupInformation.createRemoteUser(remoteUser);
    if (adminsAcl != null) {
      if (!adminsAcl.isUserAllowed(remoteUserUGI)) {
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "User "
            + remoteUser + " is unauthorized to access this page. "
View Full Code Here
34
35
36
37
38
39
40
41
42
43
44
45
46
public class TestQueueManagerForJobKillAndJobPriority extends TestQueueManager {

  public void testOwnerAllowedForJobKill()
  throws IOException, InterruptedException {
    try {
      final UserGroupInformation ugi = createNecessaryUsers();
   
      ugi.doAs(new PrivilegedExceptionAction<Object>() {

                 @Override
                   public Object run() throws Exception {

                   JobConf conf
View Full Code Here
56
57
58
59
60
61
62
63
64
65
66
67
68
  }
 
  public void testUserDisabledACLForJobKill()
  throws IOException, InterruptedException {
    try {
      UserGroupInformation ugi = createNecessaryUsers();
      // create other user who will try to kill the job of ugi.
      final UserGroupInformation otherUGI = UserGroupInformation.
        createUserForTesting("user1", new String [] {"group1"});

      ugi.doAs(new PrivilegedExceptionAction<Object>() {

                 @Override
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
  }
 
  public void testUserEnabledACLForJobKill()
  throws IOException, LoginException, InterruptedException {
    try {
      UserGroupInformation ugi = createNecessaryUsers();
      // create other user who will try to kill the job of ugi.
      final UserGroupInformation otherUGI = UserGroupInformation.
        createUserForTesting("user1", new String [] {"group1"});

      ugi.doAs(new PrivilegedExceptionAction<Object>() {
                 @Override
                   public Object run() throws Exception {
                   UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
                   JobConf conf
                     = setupConf(QueueManager.toFullPropertyName
                                 ("default", adminAcl), "user1");
                   // user1 should be able to kill the job
                   verifyJobKill(otherUGI, conf, true);
View Full Code Here
108
109
110
111
112
113
114
115
116
117
118
119
120
  }

  public void testUserDisabledForJobPriorityChange()
  throws IOException, InterruptedException {
    try {
      UserGroupInformation ugi = createNecessaryUsers();
      // create other user who will try to change priority of the job of ugi.
      final UserGroupInformation otherUGI = UserGroupInformation.
        createUserForTesting("user1", new String [] {"group1"});

      ugi.doAs(new PrivilegedExceptionAction<Object>() {

                 @Override
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
        UtilsForTests.setUpConfigFile(queueConfProps, queueConfigFile);
     
        //Create a new configuration to be used with QueueManager
        JobConf conf = new JobConf();
        QueueManager queueManager = new QueueManager(conf);
        UserGroupInformation ugi = UserGroupInformation.
          createUserForTesting("user1", new String [] {"group1"});

        //Job Submission should fail because ugi to be used is set to blank.
        assertFalse("User Job Submission Succeeded before refresh.",
                    queueManager.hasAccess("default", QueueACL.SUBMIT_JOB, ugi));
        assertFalse("User Job Submission Succeeded before refresh.",
                    queueManager.hasAccess("q1", QueueACL.SUBMIT_JOB, ugi));
        assertFalse("User Job Submission Succeeded before refresh.",
                    queueManager.hasAccess("q2", QueueACL.SUBMIT_JOB, ugi));
     
        //Test job submission as alternate user.
        UserGroupInformation alternateUgi =
          UserGroupInformation.createUserForTesting("u1", new String[]{"user"});
        assertTrue("Alternate User Job Submission failed before refresh.",
                   queueManager.hasAccess("q2", QueueACL.SUBMIT_JOB, alternateUgi));
     
        //Set acl for user1.
View Full Code Here
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
        hadoopConfProps.put(JobConf.MR_ACLS_ENABLED, "true");
        UtilsForTests.setUpConfigFile(hadoopConfProps, hadoopConfigFile);
     
        //properties for mapred-queue-acls.xml
        Properties queueConfProps = new Properties();
        UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
        queueConfProps.put(QueueManager.toFullPropertyName
                           ("default", submitAcl), ugi.getShortUserName());
        queueConfProps.put(QueueManager.toFullPropertyName
                           ("q1", submitAcl), ugi.getShortUserName());
        queueConfProps.put(QueueManager.toFullPropertyName
                           ("q2", submitAcl), ugi.getShortUserName());
        UtilsForTests.setUpConfigFile(queueConfProps, queueConfigFile);
     
        Configuration conf = new JobConf();
        QueueManager queueManager = new QueueManager(conf);
        //Testing access to queue.
View Full Code Here
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
  public void testGroupsEnabledACLForJobSubmission()
  throws IOException, LoginException, InterruptedException {
    try {
      // login as self, get one group, and add in allowed list.
      UserGroupInformation ugi = createNecessaryUsers();

      String[] groups = ugi.getGroupNames();
      JobConf conf
        = setupConf(QueueManager.toFullPropertyName
                    ("default", submitAcl), "3698-junk-user1,3698-junk-user2 "
                    + groups[groups.length-1]
                    + ",3698-junk-group");
      verifyJobSubmissionToDefaultQueue
        (conf, true, ugi.getShortUserName()+","+groups[groups.length-1]);
    } finally {
      tearDownCluster();
    }
  }
View Full Code Here
TOP

Related Classes of org.apache.hadoop.security.UserGroupInformation

  • com.cloudera.lib.service.hadoop.HadoopService
  • com.dianping.cosmos.hive.server.queryengine.jdbc.HiveJdbcClient
  • org.apache.flink.yarn.appMaster.ApplicationMaster
  • org.apache.flume.sink.hdfs.HDFSEventSink
  • org.apache.hadoop.conf.Configuration
  • org.apache.hadoop.fs.FileSystem
  • org.apache.hadoop.fs.Path
  • org.apache.hadoop.fs.TestFileSystem
  • org.apache.hadoop.hbase.ipc.HBaseClient$Connection
  • org.apache.hadoop.hbase.ipc.HBaseServer$Connection
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.