Java Code Examples for org.apache.hadoop.security.UserGroupInformation#isLoginKeytabBased()

The following examples show how to use org.apache.hadoop.security.UserGroupInformation#isLoginKeytabBased() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: HadoopSecurity.java    From dr-elephant with Apache License 2.0 6 votes vote down vote up
public void checkLogin() throws IOException {

    if (_loginUser == null) {
      logger.info("No login user. Creating login user");
      logger.info("Logging with " + _keytabUser + " and " + _keytabLocation);
      UserGroupInformation.loginUserFromKeytab(_keytabUser, _keytabLocation);
      _loginUser = UserGroupInformation.getLoginUser();
      logger.info("Logged in with user " + _loginUser);
      if(UserGroupInformation.isLoginKeytabBased()) {
        logger.info("Login is keytab based");
      } else {
        logger.info("Login is not keytab based");
      }
    } else {
      _loginUser.checkTGTAndReloginFromKeytab();
    }

  }
 
Example 2
Source File: KafkaNotification.java    From atlas with Apache License 2.0 5 votes vote down vote up
@VisibleForTesting
boolean isLoginKeytabBased() {
    boolean ret = false;

    try {
        ret = UserGroupInformation.isLoginKeytabBased();
    } catch (Exception excp) {
        LOG.warn("Error in determining keytab for KafkaClient-JAAS config", excp);
    }

    return ret;
}
 
Example 3
Source File: AtlasHook.java    From incubator-atlas with Apache License 2.0 5 votes vote down vote up
private static boolean isLoginKeytabBased() {
    boolean ret = false;

    try {
        ret = UserGroupInformation.isLoginKeytabBased();
    } catch (Exception excp) {
        LOG.warn("Error in determining keytab for KafkaClient-JAAS config", excp);
    }

    return ret;
}
 
Example 4
Source File: JDBCSecurityImpl.java    From zeppelin with Apache License 2.0 5 votes vote down vote up
/***
 * @param properties
 */
public static void createSecureConfiguration(Properties properties,
    AuthenticationMethod authType) {
  switch (authType) {
    case KERBEROS:
      Configuration conf = new
          org.apache.hadoop.conf.Configuration();
      conf.set("hadoop.security.authentication", KERBEROS.toString());
      UserGroupInformation.setConfiguration(conf);
      try {
        // Check TGT before calling login
        // Ref: https://github.com/apache/hadoop/blob/release-3.0.1-RC1/hadoop-common-project/
        // hadoop-common/src/main/java/org/apache/hadoop/security/UserGroupInformation.java#L1232
        if (!UserGroupInformation.isSecurityEnabled()
            || UserGroupInformation.getCurrentUser().getAuthenticationMethod() != KERBEROS
            || !UserGroupInformation.isLoginKeytabBased()) {
          UserGroupInformation.loginUserFromKeytab(
              properties.getProperty("zeppelin.jdbc.principal"),
              properties.getProperty("zeppelin.jdbc.keytab.location"));
        } else {
          LOGGER.info("The user has already logged in using Keytab and principal, " +
              "no action required");
        }
      } catch (IOException e) {
        LOGGER.error("Failed to get either keytab location or principal name in the " +
            "interpreter", e);
      }
  }
}
 
Example 5
Source File: JDBCInterpreter.java    From zeppelin with Apache License 2.0 5 votes vote down vote up
@Override
protected boolean runKerberosLogin() {
  try {
    if (UserGroupInformation.isLoginKeytabBased()) {
      UserGroupInformation.getLoginUser().reloginFromKeytab();
      return true;
    } else if (UserGroupInformation.isLoginTicketBased()) {
      UserGroupInformation.getLoginUser().reloginFromTicketCache();
      return true;
    }
  } catch (Exception e) {
    LOGGER.error("Unable to run kinit for zeppelin", e);
  }
  return false;
}
 
Example 6
Source File: GssSaslClientAuthenticationProvider.java    From hbase with Apache License 2.0 5 votes vote down vote up
@Override
public void relogin() throws IOException {
  // Check if UGI thinks we need to do another login
  if (UserGroupInformation.isLoginKeytabBased()) {
    UserGroupInformation.getLoginUser().reloginFromKeytab();
  } else {
    UserGroupInformation.getLoginUser().reloginFromTicketCache();
  }
}