Java Code Examples for org.apache.hadoop.security.UserGroupInformation#isLoginKeytabBased()
The following examples show how to use
org.apache.hadoop.security.UserGroupInformation#isLoginKeytabBased() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: HadoopSecurity.java From dr-elephant with Apache License 2.0 | 6 votes |
|
public void checkLogin() throws IOException {
if (_loginUser == null) {
logger.info("No login user. Creating login user");
logger.info("Logging with " + _keytabUser + " and " + _keytabLocation);
UserGroupInformation.loginUserFromKeytab(_keytabUser, _keytabLocation);
_loginUser = UserGroupInformation.getLoginUser();
logger.info("Logged in with user " + _loginUser);
if(UserGroupInformation.isLoginKeytabBased()) {
logger.info("Login is keytab based");
} else {
logger.info("Login is not keytab based");
}
} else {
_loginUser.checkTGTAndReloginFromKeytab();
}
}
Example 2
| Source File: KafkaNotification.java From atlas with Apache License 2.0 | 5 votes |
|
@VisibleForTesting
boolean isLoginKeytabBased() {
boolean ret = false;
try {
ret = UserGroupInformation.isLoginKeytabBased();
} catch (Exception excp) {
LOG.warn("Error in determining keytab for KafkaClient-JAAS config", excp);
}
return ret;
}
Example 3
| Source File: AtlasHook.java From incubator-atlas with Apache License 2.0 | 5 votes |
|
private static boolean isLoginKeytabBased() {
boolean ret = false;
try {
ret = UserGroupInformation.isLoginKeytabBased();
} catch (Exception excp) {
LOG.warn("Error in determining keytab for KafkaClient-JAAS config", excp);
}
return ret;
}
Example 4
| Source File: JDBCSecurityImpl.java From zeppelin with Apache License 2.0 | 5 votes |
|
/***
* @param properties
*/
public static void createSecureConfiguration(Properties properties,
AuthenticationMethod authType) {
switch (authType) {
case KERBEROS:
Configuration conf = new
org.apache.hadoop.conf.Configuration();
conf.set("hadoop.security.authentication", KERBEROS.toString());
UserGroupInformation.setConfiguration(conf);
try {
// Check TGT before calling login
// Ref: https://github.com/apache/hadoop/blob/release-3.0.1-RC1/hadoop-common-project/
// hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L1232
if (!UserGroupInformation.isSecurityEnabled()
|| UserGroupInformation.getCurrentUser().getAuthenticationMethod() != KERBEROS
|| !UserGroupInformation.isLoginKeytabBased()) {
UserGroupInformation.loginUserFromKeytab(
properties.getProperty("zeppelin.jdbc.principal"),
properties.getProperty("zeppelin.jdbc.keytab.location"));
} else {
LOGGER.info("The user has already logged in using Keytab and principal, " +
"no action required");
}
} catch (IOException e) {
LOGGER.error("Failed to get either keytab location or principal name in the " +
"interpreter", e);
}
}
}
Example 5
| Source File: JDBCInterpreter.java From zeppelin with Apache License 2.0 | 5 votes |
|
@Override
protected boolean runKerberosLogin() {
try {
if (UserGroupInformation.isLoginKeytabBased()) {
UserGroupInformation.getLoginUser().reloginFromKeytab();
return true;
} else if (UserGroupInformation.isLoginTicketBased()) {
UserGroupInformation.getLoginUser().reloginFromTicketCache();
return true;
}
} catch (Exception e) {
LOGGER.error("Unable to run kinit for zeppelin", e);
}
return false;
}
Example 6
| Source File: GssSaslClientAuthenticationProvider.java From hbase with Apache License 2.0 | 5 votes |
|
@Override
public void relogin() throws IOException {
// Check if UGI thinks we need to do another login
if (UserGroupInformation.isLoginKeytabBased()) {
UserGroupInformation.getLoginUser().reloginFromKeytab();
} else {
UserGroupInformation.getLoginUser().reloginFromTicketCache();
}
}
