Java Code Examples for org.apache.hadoop.security.UserGroupInformation.getAuthenticationMethod()

The following are Jave code examples for showing how to use getAuthenticationMethod() of the org.apache.hadoop.security.UserGroupInformation class. You can vote up the examples you like. Your votes will be used in our system to get more good examples.
+ Save this method
Example 1
Project: hadoop-oss   File: TestWebDelegationToken.java   View Source Code Vote up 6 votes
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
  UserGroupInformation ugi = HttpUserGroupInformation.get();
  if (ugi != null) {
    String ret = "remoteuser=" + req.getRemoteUser() + ":ugi=" +
        ugi.getShortUserName();
    if (ugi.getAuthenticationMethod() ==
        UserGroupInformation.AuthenticationMethod.PROXY) {
      ret = "realugi=" + ugi.getRealUser().getShortUserName() + ":" + ret;
    }
    resp.setStatus(HttpServletResponse.SC_OK);
    resp.getWriter().write(ret);
  } else {
    resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
  }
}
 
Example 2
Project: hadoop   File: TestWebDelegationToken.java   View Source Code Vote up 6 votes
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
  UserGroupInformation ugi = HttpUserGroupInformation.get();
  if (ugi != null) {
    String ret = "remoteuser=" + req.getRemoteUser() + ":ugi=" +
        ugi.getShortUserName();
    if (ugi.getAuthenticationMethod() ==
        UserGroupInformation.AuthenticationMethod.PROXY) {
      ret = "realugi=" + ugi.getRealUser().getShortUserName() + ":" + ret;
    }
    resp.setStatus(HttpServletResponse.SC_OK);
    resp.getWriter().write(ret);
  } else {
    resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
  }
}
 
Example 3
Project: flume-release-1.7.0   File: KerberosAuthenticator.java   View Source Code Vote up 5 votes
private void printUGI(UserGroupInformation ugi) {
  if (ugi != null) {
    // dump login information
    AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
    LOG.info("\n{} \nUser: {} \nAuth method: {} \nKeytab: {} \n",
        new Object[] {
          authMethod.equals(AuthenticationMethod.PROXY) ? "Proxy as: " : "Logged as: ",
          ugi.getUserName(), authMethod, ugi.isFromKeytab()
        }
    );
  }
}
 
Example 4
Project: hadoop   File: FSNamesystem.java   View Source Code Vote up 5 votes
/**
 * Returns authentication method used to establish the connection
 * @return AuthenticationMethod used to establish connection
 * @throws IOException
 */
private AuthenticationMethod getConnectionAuthenticationMethod()
    throws IOException {
  UserGroupInformation ugi = getRemoteUser();
  AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
  if (authMethod == AuthenticationMethod.PROXY) {
    authMethod = ugi.getRealUser().getAuthenticationMethod();
  }
  return authMethod;
}
 
Example 5
Project: ditb   File: TokenProvider.java   View Source Code Vote up 5 votes
/**
 * @param ugi A user group information.
 * @return true if delegation token operation is allowed
 */
private boolean isAllowedDelegationTokenOp(UserGroupInformation ugi) throws IOException {
  AuthenticationMethod authMethod = ugi.getAuthenticationMethod();
  if (authMethod == AuthenticationMethod.PROXY) {
    authMethod = ugi.getRealUser().getAuthenticationMethod();
  }
  if (authMethod != AuthenticationMethod.KERBEROS
      && authMethod != AuthenticationMethod.KERBEROS_SSL
      && authMethod != AuthenticationMethod.CERTIFICATE) {
    return false;
  }
  return true;
}
 
Example 6
Project: hadoop   File: FSNamesystem.java   View Source Code Vote up 4 votes
@Override
public void logAuditEvent(boolean succeeded, String userName,
    InetAddress addr, String cmd, String src, String dst,
    FileStatus status, UserGroupInformation ugi,
    DelegationTokenSecretManager dtSecretManager) {
  if (auditLog.isInfoEnabled()) {
    final StringBuilder sb = auditBuffer.get();
    sb.setLength(0);
    sb.append("allowed=").append(succeeded).append("\t");
    sb.append("ugi=").append(userName).append("\t");
    sb.append("ip=").append(addr).append("\t");
    sb.append("cmd=").append(cmd).append("\t");
    sb.append("src=").append(src).append("\t");
    sb.append("dst=").append(dst).append("\t");
    if (null == status) {
      sb.append("perm=null");
    } else {
      sb.append("perm=");
      sb.append(status.getOwner()).append(":");
      sb.append(status.getGroup()).append(":");
      sb.append(status.getPermission());
    }
    if (logTokenTrackingId) {
      sb.append("\t").append("trackingId=");
      String trackingId = null;
      if (ugi != null && dtSecretManager != null
          && ugi.getAuthenticationMethod() == AuthenticationMethod.TOKEN) {
        for (TokenIdentifier tid: ugi.getTokenIdentifiers()) {
          if (tid instanceof DelegationTokenIdentifier) {
            DelegationTokenIdentifier dtid =
                (DelegationTokenIdentifier)tid;
            trackingId = dtSecretManager.getTokenTrackingId(dtid);
            break;
          }
        }
      }
      sb.append(trackingId);
    }
    sb.append("\t").append("proto=");
    sb.append(NamenodeWebHdfsMethods.isWebHdfsInvocation() ? "webhdfs" : "rpc");
    logAuditMessage(sb.toString());
  }
}