org.apache.hadoop.classification.InterfaceStability Java Examples

The following examples show how to use org.apache.hadoop.classification.InterfaceStability. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: COSInputStream.java    From stocator with Apache License 2.0 6 votes vote down vote up
/**
 * String value includes statistics as well as stream state.
 * <b>Important: there are no guarantees as to the stability
 * of this value.</b>
 * @return a string value for printing in logs/diagnostics
 */
@Override
@InterfaceStability.Unstable
public String toString() {
  synchronized (this) {
    final StringBuilder sb = new StringBuilder(
        "COSInputStream{");
    sb.append(uri);
    sb.append(" wrappedStream=")
        .append(wrappedStream != null ? "open" : "closed");
    sb.append(" read policy=").append(inputPolicy);
    sb.append(" pos=").append(pos);
    sb.append(" nextReadPos=").append(nextReadPos);
    sb.append(" contentLength=").append(contentLength);
    sb.append(" contentRangeStart=").append(contentRangeStart);
    sb.append(" contentRangeFinish=").append(contentRangeFinish);
    sb.append(" remainingInCurrentRequest=")
        .append(remainingInCurrentRequest());
    sb.append('\n');
    sb.append('}');
    return sb.toString();
  }
}
 
Example #2
Source File: UserGroupInformation.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Create a proxy user using username of the effective user and the ugi of the
 * real user.
 * @param user
 * @param realUser
 * @return proxyUser ugi
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static UserGroupInformation createProxyUser(String user,
    UserGroupInformation realUser) {
  if (user == null || user.isEmpty()) {
    throw new IllegalArgumentException("Null user");
  }
  if (realUser == null) {
    throw new IllegalArgumentException("Null real user");
  }
  Subject subject = new Subject();
  Set<Principal> principals = subject.getPrincipals();
  principals.add(new User(user));
  principals.add(new RealUser(realUser));
  UserGroupInformation result =new UserGroupInformation(subject);
  result.setAuthenticationMethod(AuthenticationMethod.PROXY);
  return result;
}
 
Example #3
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Create a proxy user using username of the effective user and the ugi of the
 * real user.
 * @param user
 * @param realUser
 * @return proxyUser ugi
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static UserGroupInformation createProxyUser(String user,
    UserGroupInformation realUser) {
  if (user == null || user.isEmpty()) {
    throw new IllegalArgumentException("Null user");
  }
  if (realUser == null) {
    throw new IllegalArgumentException("Null real user");
  }
  Subject subject = new Subject();
  Set<Principal> principals = subject.getPrincipals();
  principals.add(new User(user));
  principals.add(new RealUser(realUser));
  UserGroupInformation result =new UserGroupInformation(subject);
  result.setAuthenticationMethod(AuthenticationMethod.PROXY);
  return result;
}
 
Example #4
Source File: Configuration.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the 
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise, 
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
  if (properties == null) {
    // If properties is null, it means a resource was newly added
    // but the props were cleared so as to load it upon future
    // requests. So lets force a load by asking a properties list.
    getProps();
  }
  // Return a null right away if our properties still
  // haven't loaded or the resource mapping isn't defined
  if (properties == null || updatingResource == null) {
    return null;
  } else {
    String[] source = updatingResource.get(name);
    if(source == null) {
      return null;
    } else {
      return Arrays.copyOf(source, source.length);
    }
  }
}
 
Example #5
Source File: SecurityUtil.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Login as a principal specified in config. Substitute $host in user's Kerberos principal 
 * name with hostname. If non-secure mode - return. If no keytab available -
 * bail out with an exception
 * 
 * @param conf
 *          conf to use
 * @param keytabFileKey
 *          the key to look for keytab file in conf
 * @param userNameKey
 *          the key to look for user's Kerberos principal name in conf
 * @param hostname
 *          hostname to use for substitution
 * @throws IOException if the config doesn't specify a keytab
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static void login(final Configuration conf,
    final String keytabFileKey, final String userNameKey, String hostname)
    throws IOException {
  
  if(! UserGroupInformation.isSecurityEnabled()) 
    return;
  
  String keytabFilename = conf.get(keytabFileKey);
  if (keytabFilename == null || keytabFilename.length() == 0) {
    throw new IOException("Running in secure mode, but config doesn't have a keytab");
  }

  String principalConfig = conf.get(userNameKey, System
      .getProperty("user.name"));
  String principalName = SecurityUtil.getServerPrincipal(principalConfig,
      hostname);
  UserGroupInformation.loginUserFromKeytab(principalName, keytabFilename);
}
 
Example #6
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Run the given action as the user, potentially throwing an exception.
 * @param <T> the return type of the run method
 * @param action the method to execute
 * @return the value from the run method
 * @throws IOException if the action throws an IOException
 * @throws Error if the action throws an Error
 * @throws RuntimeException if the action throws a RuntimeException
 * @throws InterruptedException if the action throws an InterruptedException
 * @throws UndeclaredThrowableException if the action throws something else
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public <T> T doAs(PrivilegedExceptionAction<T> action
                  ) throws IOException, InterruptedException {
  try {
    logPrivilegedAction(subject, action);
    return Subject.doAs(subject, action);
  } catch (PrivilegedActionException pae) {
    Throwable cause = pae.getCause();
    if (LOG.isDebugEnabled()) {
      LOG.debug("PrivilegedActionException as:" + this + " cause:" + cause);
    }
    if (cause instanceof IOException) {
      throw (IOException) cause;
    } else if (cause instanceof Error) {
      throw (Error) cause;
    } else if (cause instanceof RuntimeException) {
      throw (RuntimeException) cause;
    } else if (cause instanceof InterruptedException) {
      throw (InterruptedException) cause;
    } else {
      throw new UndeclaredThrowableException(cause);
    }
  }
}
 
Example #7
Source File: SecurityUtil.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Convert Kerberos principal name pattern to valid Kerberos principal names.
 * This method is similar to {@link #getServerPrincipal(String, String)},
 * except 1) the reverse DNS lookup from addr to hostname is done only when
 * necessary, 2) param addr can't be null (no default behavior of using local
 * hostname when addr is null).
 * 
 * @param principalConfig
 *          Kerberos principal name pattern to convert
 * @param addr
 *          InetAddress of the host used for substitution
 * @return converted Kerberos principal name
 * @throws IOException if the client address cannot be determined
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static String getServerPrincipal(String principalConfig,
    InetAddress addr) throws IOException {
  String[] components = getComponents(principalConfig);
  if (components == null || components.length != 3
      || !components[1].equals(HOSTNAME_PATTERN)) {
    return principalConfig;
  } else {
    if (addr == null) {
      throw new IOException("Can't replace " + HOSTNAME_PATTERN
          + " pattern since client address is null");
    }
    return replacePattern(components, addr.getCanonicalHostName());
  }
}
 
Example #8
Source File: SecurityUtil.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Login as a principal specified in config. Substitute $host in user's Kerberos principal 
 * name with hostname. If non-secure mode - return. If no keytab available -
 * bail out with an exception
 * 
 * @param conf
 *          conf to use
 * @param keytabFileKey
 *          the key to look for keytab file in conf
 * @param userNameKey
 *          the key to look for user's Kerberos principal name in conf
 * @param hostname
 *          hostname to use for substitution
 * @throws IOException if the config doesn't specify a keytab
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static void login(final Configuration conf,
    final String keytabFileKey, final String userNameKey, String hostname)
    throws IOException {
  
  if(! UserGroupInformation.isSecurityEnabled()) 
    return;
  
  String keytabFilename = conf.get(keytabFileKey);
  if (keytabFilename == null || keytabFilename.length() == 0) {
    throw new IOException("Running in secure mode, but config doesn't have a keytab");
  }

  String principalConfig = conf.get(userNameKey, System
      .getProperty("user.name"));
  String principalName = SecurityUtil.getServerPrincipal(principalConfig,
      hostname);
  UserGroupInformation.loginUserFromKeytab(principalName, keytabFilename);
}
 
Example #9
Source File: Configuration.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the 
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise, 
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
  if (properties == null) {
    // If properties is null, it means a resource was newly added
    // but the props were cleared so as to load it upon future
    // requests. So lets force a load by asking a properties list.
    getProps();
  }
  // Return a null right away if our properties still
  // haven't loaded or the resource mapping isn't defined
  if (properties == null || updatingResource == null) {
    return null;
  } else {
    String[] source = updatingResource.get(name);
    if(source == null) {
      return null;
    } else {
      return Arrays.copyOf(source, source.length);
    }
  }
}
 
Example #10
Source File: SecurityUtil.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Convert Kerberos principal name pattern to valid Kerberos principal names.
 * This method is similar to {@link #getServerPrincipal(String, String)},
 * except 1) the reverse DNS lookup from addr to hostname is done only when
 * necessary, 2) param addr can't be null (no default behavior of using local
 * hostname when addr is null).
 * 
 * @param principalConfig
 *          Kerberos principal name pattern to convert
 * @param addr
 *          InetAddress of the host used for substitution
 * @return converted Kerberos principal name
 * @throws IOException if the client address cannot be determined
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static String getServerPrincipal(String principalConfig,
    InetAddress addr) throws IOException {
  String[] components = getComponents(principalConfig);
  if (components == null || components.length != 3
      || !components[1].equals(HOSTNAME_PATTERN)) {
    return principalConfig;
  } else {
    if (addr == null) {
      throw new IOException("Can't replace " + HOSTNAME_PATTERN
          + " pattern since client address is null");
    }
    return replacePattern(components, addr.getCanonicalHostName());
  }
}
 
Example #11
Source File: UserGroupInformation.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Run the given action as the user, potentially throwing an exception.
 * @param <T> the return type of the run method
 * @param action the method to execute
 * @return the value from the run method
 * @throws IOException if the action throws an IOException
 * @throws Error if the action throws an Error
 * @throws RuntimeException if the action throws a RuntimeException
 * @throws InterruptedException if the action throws an InterruptedException
 * @throws UndeclaredThrowableException if the action throws something else
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public <T> T doAs(PrivilegedExceptionAction<T> action
                  ) throws IOException, InterruptedException {
  try {
    logPrivilegedAction(subject, action);
    return Subject.doAs(subject, action);
  } catch (PrivilegedActionException pae) {
    Throwable cause = pae.getCause();
    if (LOG.isDebugEnabled()) {
      LOG.debug("PrivilegedActionException as:" + this + " cause:" + cause);
    }
    if (cause instanceof IOException) {
      throw (IOException) cause;
    } else if (cause instanceof Error) {
      throw (Error) cause;
    } else if (cause instanceof RuntimeException) {
      throw (RuntimeException) cause;
    } else if (cause instanceof InterruptedException) {
      throw (InterruptedException) cause;
    } else {
      throw new UndeclaredThrowableException(cause);
    }
  }
}
 
Example #12
Source File: Configuration.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programmatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise,
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
	if (properties == null) {
		// If properties is null, it means a resource was newly added
		// but the props were cleared so as to load it upon future
		// requests. So lets force a load by asking a properties list.
		getProps();
	}
	// Return a null right away if our properties still
	// haven't loaded or the resource mapping isn't defined
	if (properties == null || updatingResource == null) {
		return null;
	} else {
		String[] source = updatingResource.get(name);
		if(source == null) {
			return null;
		} else {
			return Arrays.copyOf(source, source.length);
		}
	}
}
 
Example #13
Source File: Configuration.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise,
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
  if (properties == null) {
    // If properties is null, it means a resource was newly added
    // but the props were cleared so as to load it upon future
    // requests. So lets force a load by asking a properties list.
    getProps();
  }
  // Return a null right away if our properties still
  // haven't loaded or the resource mapping isn't defined
  if (properties == null || updatingResource == null) {
    return null;
  } else {
    String[] source = updatingResource.get(name);
    if(source == null) {
      return null;
    } else {
      return Arrays.copyOf(source, source.length);
    }
  }
}
 
Example #14
Source File: Configuration.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programmatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise,
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
	if (properties == null) {
		// If properties is null, it means a resource was newly added
		// but the props were cleared so as to load it upon future
		// requests. So lets force a load by asking a properties list.
		getProps();
	}
	// Return a null right away if our properties still
	// haven't loaded or the resource mapping isn't defined
	if (properties == null || updatingResource == null) {
		return null;
	} else {
		String[] source = updatingResource.get(name);
		if(source == null) {
			return null;
		} else {
			return Arrays.copyOf(source, source.length);
		}
	}
}
 
Example #15
Source File: Configuration.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
/**
 * Gets information about why a property was set.  Typically this is the
 * path to the resource objects (file, URL, etc.) the property came from, but
 * it can also indicate that it was set programatically, or because of the
 * command line.
 *
 * @param name - The property name to get the source of.
 * @return null - If the property or its source wasn't found. Otherwise,
 * returns a list of the sources of the resource.  The older sources are
 * the first ones in the list.  So for example if a configuration is set from
 * the command line, and then written out to a file that is read back in the
 * first entry would indicate that it was set from the command line, while
 * the second one would indicate the file that the new configuration was read
 * in from.
 */
@InterfaceStability.Unstable
public synchronized String[] getPropertySources(String name) {
  if (properties == null) {
    // If properties is null, it means a resource was newly added
    // but the props were cleared so as to load it upon future
    // requests. So lets force a load by asking a properties list.
    getProps();
  }
  // Return a null right away if our properties still
  // haven't loaded or the resource mapping isn't defined
  if (properties == null || updatingResource == null) {
    return null;
  } else {
    String[] source = updatingResource.get(name);
    if(source == null) {
      return null;
    } else {
      return Arrays.copyOf(source, source.length);
    }
  }
}
 
Example #16
Source File: ProtobufRpcEngine.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@VisibleForTesting
@InterfaceAudience.Private
@InterfaceStability.Unstable
static Client getClient(Configuration conf) {
  return CLIENTS.getClient(conf, SocketFactory.getDefault(),
      RpcResponseWrapper.class);
}
 
Example #17
Source File: SaslRpcServer.java    From big-c with Apache License 2.0 5 votes vote down vote up
@InterfaceAudience.Private
@InterfaceStability.Unstable
public SaslRpcServer(AuthMethod authMethod) throws IOException {
  this.authMethod = authMethod;
  mechanism = authMethod.getMechanismName();    
  switch (authMethod) {
    case SIMPLE: {
      return; // no sasl for simple
    }
    case TOKEN: {
      protocol = "";
      serverId = SaslRpcServer.SASL_DEFAULT_REALM;
      break;
    }
    case KERBEROS: {
      String fullName = UserGroupInformation.getCurrentUser().getUserName();
      if (LOG.isDebugEnabled())
        LOG.debug("Kerberos principal name is " + fullName);
      // don't use KerberosName because we don't want auth_to_local
      String[] parts = fullName.split("[/@]", 3);
      protocol = parts[0];
      // should verify service host is present here rather than in create()
      // but lazy tests are using a UGI that isn't a SPN...
      serverId = (parts.length < 2) ? "" : parts[1];
      break;
    }
    default:
      // we should never be able to get here
      throw new AccessControlException(
          "Server does not support SASL " + authMethod);
  }
}
 
Example #18
Source File: UserGroupInformation.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Log a user in from a keytab file. Loads a user identity from a keytab
 * file and logs them in. They become the currently logged-in user.
 * @param user the principal name to load from the keytab
 * @param path the path to the keytab file
 * @throws IOException if the keytab file can't be read
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public synchronized
static void loginUserFromKeytab(String user,
                                String path
                                ) throws IOException {
  if (!isSecurityEnabled())
    return;

  keytabFile = path;
  keytabPrincipal = user;
  Subject subject = new Subject();
  LoginContext login; 
  long start = 0;
  try {
    login = newLoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME,
          subject, new HadoopConfiguration());
    start = Time.now();
    login.login();
    metrics.loginSuccess.add(Time.now() - start);
    loginUser = new UserGroupInformation(subject);
    loginUser.setLogin(login);
    loginUser.setAuthenticationMethod(AuthenticationMethod.KERBEROS);
  } catch (LoginException le) {
    if (start > 0) {
      metrics.loginFailure.add(Time.now() - start);
    }
    throw new IOException("Login failure for " + user + " from keytab " + 
                          path+ ": " + le, le);
  }
  LOG.info("Login successful for user " + keytabPrincipal
      + " using keytab file " + keytabFile);
}
 
Example #19
Source File: Client.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@InterfaceAudience.Private
@InterfaceStability.Unstable
Set<ConnectionId> getConnectionIds() {
  synchronized (connections) {
    return connections.keySet();
  }
}
 
Example #20
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Return the current user, including any doAs in the current stack.
 * @return the current user
 * @throws IOException if login fails
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public synchronized
static UserGroupInformation getCurrentUser() throws IOException {
  AccessControlContext context = AccessController.getContext();
  Subject subject = Subject.getSubject(context);
  if (subject == null || subject.getPrincipals(User.class).isEmpty()) {
    return getLoginUser();
  } else {
    return new UserGroupInformation(subject);
  }
}
 
Example #21
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Get the currently logged in user.
 * @return the logged in user
 * @throws IOException if login fails
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public synchronized 
static UserGroupInformation getLoginUser() throws IOException {
  if (loginUser == null) {
    loginUserFromSubject(null);
  }
  return loginUser;
}
 
Example #22
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
@InterfaceAudience.Private
@InterfaceStability.Unstable
@VisibleForTesting
public synchronized static void setLoginUser(UserGroupInformation ugi) {
  // if this is to become stable, should probably logout the currently
  // logged in ugi if it's different
  loginUser = ugi;
}
 
Example #23
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Log a user in from a keytab file. Loads a user identity from a keytab
 * file and logs them in. They become the currently logged-in user.
 * @param user the principal name to load from the keytab
 * @param path the path to the keytab file
 * @throws IOException if the keytab file can't be read
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public synchronized
static void loginUserFromKeytab(String user,
                                String path
                                ) throws IOException {
  if (!isSecurityEnabled())
    return;

  keytabFile = path;
  keytabPrincipal = user;
  Subject subject = new Subject();
  LoginContext login; 
  long start = 0;
  try {
    login = newLoginContext(HadoopConfiguration.KEYTAB_KERBEROS_CONFIG_NAME,
          subject, new HadoopConfiguration());
    start = Time.now();
    login.login();
    metrics.loginSuccess.add(Time.now() - start);
    loginUser = new UserGroupInformation(subject);
    loginUser.setLogin(login);
    loginUser.setAuthenticationMethod(AuthenticationMethod.KERBEROS);
  } catch (LoginException le) {
    if (start > 0) {
      metrics.loginFailure.add(Time.now() - start);
    }
    throw new IOException("Login failure for " + user + " from keytab " + 
                          path+ ": " + le, le);
  }
  LOG.info("Login successful for user " + keytabPrincipal
      + " using keytab file " + keytabFile);
}
 
Example #24
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a user from a login name. It is intended to be used for remote
 * users in RPC, since it won't have any credentials.
 * @param user the full user principal name, must not be empty or null
 * @return the UserGroupInformation for the remote user.
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static UserGroupInformation createRemoteUser(String user, AuthMethod authMethod) {
  if (user == null || user.isEmpty()) {
    throw new IllegalArgumentException("Null user");
  }
  Subject subject = new Subject();
  subject.getPrincipals().add(new User(user));
  UserGroupInformation result = new UserGroupInformation(subject);
  result.setAuthenticationMethod(authMethod);
  return result;
}
 
Example #25
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * get RealUser (vs. EffectiveUser)
 * @return realUser running over proxy user
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public UserGroupInformation getRealUser() {
  for (RealUser p: subject.getPrincipals(RealUser.class)) {
    return p.getRealUser();
  }
  return null;
}
 
Example #26
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a UGI for testing HDFS and MapReduce
 * @param user the full user principal name
 * @param userGroups the names of the groups that the user belongs to
 * @return a fake user for running unit tests
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public static UserGroupInformation createUserForTesting(String user, 
                                                        String[] userGroups) {
  ensureInitialized();
  UserGroupInformation ugi = createRemoteUser(user);
  // make sure that the testing object is setup
  if (!(groups instanceof TestingGroups)) {
    groups = new TestingGroups(groups);
  }
  // add the user groups
  ((TestingGroups) groups).setUserGroups(ugi.getShortUserName(), userGroups);
  return ugi;
}
 
Example #27
Source File: UserGroupInformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Run the given action as the user.
 * @param <T> the return type of the run method
 * @param action the method to execute
 * @return the value from the run method
 */
@InterfaceAudience.Public
@InterfaceStability.Evolving
public <T> T doAs(PrivilegedAction<T> action) {
  logPrivilegedAction(subject, action);
  return Subject.doAs(subject, action);
}
 
Example #28
Source File: ProtobufRpcEngine.java    From big-c with Apache License 2.0 5 votes vote down vote up
@VisibleForTesting
@InterfaceAudience.Private
@InterfaceStability.Unstable
static Client getClient(Configuration conf) {
  return CLIENTS.getClient(conf, SocketFactory.getDefault(),
      RpcResponseWrapper.class);
}
 
Example #29
Source File: Client.java    From big-c with Apache License 2.0 5 votes vote down vote up
@InterfaceAudience.Private
@InterfaceStability.Unstable
Set<ConnectionId> getConnectionIds() {
  synchronized (connections) {
    return connections.keySet();
  }
}
 
Example #30
Source File: COSInputStream.java    From stocator with Apache License 2.0 5 votes vote down vote up
/**
 * Forcibly reset the stream, by aborting the connection. The next
 * {@code read()} operation will trigger the opening of a new HTTPS
 * connection.
 *
 * This is potentially very inefficient, and should only be invoked
 * in extreme circumstances. It logs at info for this reason.
 * @return true if the connection was actually reset
 * @throws IOException if invoked on a closed stream
 */
@InterfaceStability.Unstable
public synchronized boolean resetConnection() throws IOException {
  checkNotClosed();
  boolean connectionOpen = wrappedStream != null;
  if (connectionOpen) {
    LOG.info("Forced reset of connection to {}", uri);
    closeStream("reset()", contentRangeFinish, true);
  }
  return connectionOpen;
}