org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator Java Examples
The following examples show how to use
org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: HttpFSFileSystem.java From hadoop with Apache License 2.0 | 6 votes |
/** * Called after a new FileSystem instance is constructed. * * @param name a uri whose authority section names the host, port, etc. for this FileSystem * @param conf the configuration */ @Override public void initialize(URI name, Configuration conf) throws IOException { UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); //the real use is the one that has the Kerberos credentials needed for //SPNEGO to work realUser = ugi.getRealUser(); if (realUser == null) { realUser = UserGroupInformation.getLoginUser(); } super.initialize(name, conf); try { uri = new URI(name.getScheme() + "://" + name.getAuthority()); } catch (URISyntaxException ex) { throw new IOException(ex); } Class<? extends DelegationTokenAuthenticator> klass = getConf().getClass("httpfs.authenticator.class", KerberosDelegationTokenAuthenticator.class, DelegationTokenAuthenticator.class); DelegationTokenAuthenticator authenticator = ReflectionUtils.newInstance(klass, getConf()); authURL = new DelegationTokenAuthenticatedURL(authenticator); }
Example #2
Source File: HttpFSFileSystem.java From big-c with Apache License 2.0 | 6 votes |
/** * Called after a new FileSystem instance is constructed. * * @param name a uri whose authority section names the host, port, etc. for this FileSystem * @param conf the configuration */ @Override public void initialize(URI name, Configuration conf) throws IOException { UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); //the real use is the one that has the Kerberos credentials needed for //SPNEGO to work realUser = ugi.getRealUser(); if (realUser == null) { realUser = UserGroupInformation.getLoginUser(); } super.initialize(name, conf); try { uri = new URI(name.getScheme() + "://" + name.getAuthority()); } catch (URISyntaxException ex) { throw new IOException(ex); } Class<? extends DelegationTokenAuthenticator> klass = getConf().getClass("httpfs.authenticator.class", KerberosDelegationTokenAuthenticator.class, DelegationTokenAuthenticator.class); DelegationTokenAuthenticator authenticator = ReflectionUtils.newInstance(klass, getConf()); authURL = new DelegationTokenAuthenticatedURL(authenticator); }
Example #3
Source File: TimelineClientImpl.java From hadoop with Apache License 2.0 | 4 votes |
protected void serviceInit(Configuration conf) throws Exception { UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); UserGroupInformation realUgi = ugi.getRealUser(); if (realUgi != null) { authUgi = realUgi; doAsUser = ugi.getShortUserName(); } else { authUgi = ugi; doAsUser = null; } ClientConfig cc = new DefaultClientConfig(); cc.getClasses().add(YarnJacksonJaxbJsonProvider.class); connConfigurator = newConnConfigurator(conf); if (UserGroupInformation.isSecurityEnabled()) { authenticator = new KerberosDelegationTokenAuthenticator(); } else { authenticator = new PseudoDelegationTokenAuthenticator(); } authenticator.setConnectionConfigurator(connConfigurator); token = new DelegationTokenAuthenticatedURL.Token(); connectionRetry = new TimelineClientConnectionRetry(conf); client = new Client(new URLConnectionClientHandler( new TimelineURLConnectionFactory()), cc); TimelineJerseyRetryFilter retryFilter = new TimelineJerseyRetryFilter(); client.addFilter(retryFilter); if (YarnConfiguration.useHttps(conf)) { resURI = URI .create(JOINER.join("https://", conf.get( YarnConfiguration.TIMELINE_SERVICE_WEBAPP_HTTPS_ADDRESS, YarnConfiguration.DEFAULT_TIMELINE_SERVICE_WEBAPP_HTTPS_ADDRESS), RESOURCE_URI_STR)); } else { resURI = URI.create(JOINER.join("http://", conf.get( YarnConfiguration.TIMELINE_SERVICE_WEBAPP_ADDRESS, YarnConfiguration.DEFAULT_TIMELINE_SERVICE_WEBAPP_ADDRESS), RESOURCE_URI_STR)); } LOG.info("Timeline service address: " + resURI); super.serviceInit(conf); }
Example #4
Source File: TimelineClientImpl.java From big-c with Apache License 2.0 | 4 votes |
protected void serviceInit(Configuration conf) throws Exception { UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); UserGroupInformation realUgi = ugi.getRealUser(); if (realUgi != null) { authUgi = realUgi; doAsUser = ugi.getShortUserName(); } else { authUgi = ugi; doAsUser = null; } ClientConfig cc = new DefaultClientConfig(); cc.getClasses().add(YarnJacksonJaxbJsonProvider.class); connConfigurator = newConnConfigurator(conf); if (UserGroupInformation.isSecurityEnabled()) { authenticator = new KerberosDelegationTokenAuthenticator(); } else { authenticator = new PseudoDelegationTokenAuthenticator(); } authenticator.setConnectionConfigurator(connConfigurator); token = new DelegationTokenAuthenticatedURL.Token(); connectionRetry = new TimelineClientConnectionRetry(conf); client = new Client(new URLConnectionClientHandler( new TimelineURLConnectionFactory()), cc); TimelineJerseyRetryFilter retryFilter = new TimelineJerseyRetryFilter(); client.addFilter(retryFilter); if (YarnConfiguration.useHttps(conf)) { resURI = URI .create(JOINER.join("https://", conf.get( YarnConfiguration.TIMELINE_SERVICE_WEBAPP_HTTPS_ADDRESS, YarnConfiguration.DEFAULT_TIMELINE_SERVICE_WEBAPP_HTTPS_ADDRESS), RESOURCE_URI_STR)); } else { resURI = URI.create(JOINER.join("http://", conf.get( YarnConfiguration.TIMELINE_SERVICE_WEBAPP_ADDRESS, YarnConfiguration.DEFAULT_TIMELINE_SERVICE_WEBAPP_ADDRESS), RESOURCE_URI_STR)); } LOG.info("Timeline service address: " + resURI); super.serviceInit(conf); }