Package org.apache.hadoop.security.authentication.util

Examples of org.apache.hadoop.security.authentication.util.KerberosName


    if (confPrincipal == null || confPrincipal.isEmpty()) {
      throw new IllegalArgumentException(
          "Failed to specify server's Kerberos principal name");
    }
    // ensure it looks like a host-based service principal
    KerberosName name = new KerberosName(confPrincipal);
    if (name.getHostName() == null) {
      throw new IllegalArgumentException(
          "Kerberos principal name does NOT have the expected hostname part: "
              + confPrincipal);
    }
    // check that the server advertised principal matches our conf
View Full Code Here


      }
      case KERBEROS: {
        String fullName = UserGroupInformation.getCurrentUser().getUserName();
        if (LOG.isDebugEnabled())
          LOG.debug("Kerberos principal name is " + fullName);
        KerberosName krbName = new KerberosName(fullName);
        serverId = krbName.getHostName();
        if (serverId == null) {
          serverId = "";
        }
        protocol = krbName.getServiceName();
        break;
      }
      default:
        // we should never be able to get here
        throw new AccessControlException(
View Full Code Here

          + name);
    }
    if (name == null) { //name is optional, null is okay
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }
View Full Code Here

          + name);
    }
    if (name == null) { //name is optional, null is okay
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }
View Full Code Here

          conf.get(serverKey), serverAddr.getAddress());
      if (confPrincipal == null || confPrincipal.isEmpty()) {
        throw new IllegalArgumentException(
            "Failed to specify server's Kerberos principal name");
      }
      KerberosName name = new KerberosName(confPrincipal);
      if (name.getHostName() == null) {
        throw new IllegalArgumentException(
            "Kerberos principal name does NOT have the expected hostname part: "
                + confPrincipal);
      }
      isPrincipalValid = serverPrincipal.equals(confPrincipal);
View Full Code Here

          + name);
    }
    if (name == null) { //name is optional, null is okay
      return;
    }
    KerberosName u = new KerberosName(name);
    String shortName = u.getShortName();
    if (!shortName.equals(expected)) {
      throw new IOException("Usernames not matched: name=" + shortName
          + " != expected=" + expected);
    }
  }
View Full Code Here

              if (!gssContext.isEstablished()) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                LOG.trace("SPNEGO in progress");
              } else {
                String clientPrincipal = gssContext.getSrcName().toString();
                KerberosName kerberosName = new KerberosName(clientPrincipal);
                String userName = kerberosName.getShortName();
                token = new AuthenticationToken(userName, clientPrincipal, getType());
                response.setStatus(HttpServletResponse.SC_OK);
                LOG.trace("SPNEGO completed for principal [{}]", clientPrincipal);
              }
            } finally {
View Full Code Here

    }
    super.tearDown();
  }

  public void testNameRules() throws Exception {
    KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal());
    assertEquals(KerberosTestUtils.getRealm(), kn.getRealm());

    //destroy handler created in setUp()
    handler.destroy();

    KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT");
   
    handler = getNewAuthenticationHandler();
    Properties props = getDefaultProperties();
    props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT");
    try {
      handler.init(props);
    } catch (Exception ex) {
    }
    kn = new KerberosName("bar@BAR");
    assertEquals("bar", kn.getShortName());
    kn = new KerberosName("bar@FOO");
    try {
      kn.getShortName();
      fail();
    }
    catch (Exception ex) {     
    }
  }
View Full Code Here

      case KERBEROS: {
        if (serverPrincipal == null || serverPrincipal.isEmpty()) {
          throw new IOException(
              "Failed to specify server's Kerberos principal name");
        }
        KerberosName name = new KerberosName(serverPrincipal);
        saslProtocol = name.getServiceName();
        saslServerName = name.getHostName();
        if (saslServerName == null) {
          throw new IOException(
              "Kerberos principal name does NOT have the expected hostname part: "
                  + serverPrincipal);
        }
View Full Code Here

        }
        case KERBEROS: {
          String fullName = UserGroupInformation.getCurrentUser().getUserName();
          if (LOG.isDebugEnabled())
            LOG.debug("Kerberos principal name is " + fullName);
          KerberosName krbName = new KerberosName(fullName);
          hostname = krbName.getHostName();
          if (hostname == null) {
            throw new AccessControlException(
                "Kerberos principal name does NOT have the expected "
                    + "hostname part: " + fullName);
          }
          saslProtocol = krbName.getServiceName();
          saslCallback = new SaslGssCallbackHandler();
          break;
        }
        default:
          // we should never be able to get here
View Full Code Here

TOP

Related Classes of org.apache.hadoop.security.authentication.util.KerberosName

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.