/** * Adds the given Token to the user's credentials. * * @param token the token to add */ public void addToken(Token<? extends TokenIdentifier> token) { ugi.addToken(token); }
public UserGroupInformation getUmbilicalUgi() { UserGroupInformation ugi; ugi = ugiPool.poll(); if (ugi == null) { ugi = UserGroupInformation.createRemoteUser(appTokenIdentifier); ugi.addToken(appToken); } return ugi; }
/** * Create a delegation token object for the given token string and service. Add the token to given * UGI * * @param ugi * @param tokenStr * @param tokenService * @throws IOException */ public static void setTokenStr(UserGroupInformation ugi, String tokenStr, String tokenService) throws IOException { Token<DelegationTokenIdentifier> delegationToken = createToken(tokenStr, tokenService); ugi.addToken(delegationToken); }
/** * Create a delegation token object for the given token string and service. Add the token to given * UGI * * @param ugi * @param tokenStr * @param tokenService * @throws IOException */ public static void setTokenStr(UserGroupInformation ugi, String tokenStr, String tokenService) throws IOException { Token<DelegationTokenIdentifier> delegationToken = createToken(tokenStr, tokenService); ugi.addToken(delegationToken); }
/** * Add a token to this UGI * * @param token Token to be added * @return true on successful add of new token */ public boolean addToken(Token<? extends TokenIdentifier> token) { return (token != null) ? addToken(token.getService(), token) : false; }
@VisibleForTesting void addDelegationTokens(Collection<Token<? extends TokenIdentifier>> tokens) throws IOException { for (Token<? extends TokenIdentifier> token : tokens) { if (!UserGroupInformation.getCurrentUser().addToken(token)) { LOGGER.error(String.format("Failed to add token %s to user %s", token.toString(), UserGroupInformation.getLoginUser().getShortUserName())); } } } }
UserGroupInformation.getCurrentUser().addToken(token); LOG.info("Added delegation tokens to UGI."); } catch (IOException e) {
/** * Create a {@link FileSystem} that can perform any operations allowed the by the specified userNameToProxyAs. The * method first proxies as userNameToProxyAs, and then adds the specified {@link Token} to the given * {@link UserGroupInformation} object. It then uses the {@link UserGroupInformation#doAs(PrivilegedExceptionAction)} * method to create a {@link FileSystem}. * * @param userNameToProxyAs The name of the user the super user should proxy as * @param userNameToken The {@link Token} to add to the proxied user's {@link UserGroupInformation}. * @param fsURI The {@link URI} for the {@link FileSystem} that should be created * @param conf The {@link Configuration} for the {@link FileSystem} that should be created * * @return a {@link FileSystem} that can execute commands on behalf of the specified userNameToProxyAs */ static FileSystem createProxiedFileSystemUsingToken(@NonNull String userNameToProxyAs, @NonNull Token<?> userNameToken, URI fsURI, Configuration conf) throws IOException, InterruptedException { UserGroupInformation ugi = UserGroupInformation.createProxyUser(userNameToProxyAs, UserGroupInformation.getLoginUser()); ugi.addToken(userNameToken); return ugi.doAs(new ProxiedFileSystem(fsURI, conf)); }
Token<DelegationTokenIdentifier> delegationTokenId = getDelegationToken(hcatConf, hiveMetaStorePrincipal, topologySubmitterUser); proxyUser.addToken(delegationTokenId); LOG.info("Obtained Hive tokens, adding to user credentials.");
ugi.addToken(token);
protected LlapTaskUmbilicalProtocol createUmbilical(final AMNodeInfo amNodeInfo) throws IOException, InterruptedException { final InetSocketAddress address = NetUtils.createSocketAddrForHost( amNodeInfo.amNodeId.getHostname(), amNodeInfo.amNodeId.getPort()); SecurityUtil.setTokenService(amNodeInfo.jobToken, address); UserGroupInformation ugi = UserGroupInformation.createRemoteUser(amNodeInfo.umbilicalUser); ugi.addToken(amNodeInfo.jobToken); return ugi.doAs(new PrivilegedExceptionAction<LlapTaskUmbilicalProtocol>() { @Override public LlapTaskUmbilicalProtocol run() throws Exception { return RPC .getProxy(LlapTaskUmbilicalProtocol.class, LlapTaskUmbilicalProtocol.versionID, address, UserGroupInformation.getCurrentUser(), amNodeInfo.conf, amNodeInfo.socketFactory, (int) (amNodeInfo.timeout)); } }); }
ugi.addToken(nodeToken); if (LOG.isDebugEnabled()) { LOG.debug("Creating a client for " + nodeId + "; the token is " + nodeToken);
fetchHcatToken(userToProxy, hiveConf, hiveConf.get(HiveConf.ConfVars.METASTOREURIS.varname), hiveClient); cred.addToken(hcatToken.getService(), hcatToken); ugi.addToken(hcatToken); hcatToken = fetchHcatToken(userToProxy, hiveConf, thriftUrl, hiveClient); cred.addToken(hcatToken.getService(), hcatToken); ugi.addToken(hcatToken);
Optional<Token<?>> proxyToken = getTokenFromSeqFile(authPath, proxyUserName); if (proxyToken.isPresent()) { proxyUser.addToken(proxyToken.get()); } else { LOG.warn("No delegation token found for the current proxy user.");
/** * Checks if an authentication tokens exists for the connected cluster, * obtaining one if needed and adding it to the user's credentials. * * @param conn The HBase cluster connection * @param user The user for whom to obtain the token * @throws IOException If making a remote call to the authentication service fails * @throws InterruptedException If executing as the given user is interrupted * @return true if the token was added, false if it already existed */ public static boolean addTokenIfMissing(Connection conn, User user) throws IOException, InterruptedException { Token<AuthenticationTokenIdentifier> token = getAuthToken(conn.getConfiguration(), user); if (token == null) { token = obtainToken(conn, user); user.getUGI().addToken(token.getService(), token); return true; } return false; }
@BeforeClass public static void setUp() throws Exception { // enable rpc encryption TEST_UTIL.getConfiguration().set("hbase.rpc.protection", "privacy"); SecureTestCluster.setUp(); try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration())) { Token<? extends TokenIdentifier> token = TokenUtil.obtainToken(conn); UserGroupInformation.getCurrentUser().addToken(token); } }
@BeforeClass public static void setUp() throws Exception { SecureTestCluster.setUp(); try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration())) { Token<? extends TokenIdentifier> token = TokenUtil.obtainToken(conn); UserGroupInformation.getCurrentUser().addToken(token); } }
taskOwner.addToken(jobToken); final InetSocketAddress address = NetUtils.createSocketAddrForHost(request.getAmHost(), request.getAmPort());
Token tok = TokenUtil.obtainToken(conn); if (tok != null) { boolean b = ugi.addToken(tok); LOG.debug("token added " + tok + " for user " + ugi + " return=" + b); ugi.addToken(userToken); } else if (userProvider.isHadoopSecurityEnabled()) { if (targetFsToken != null && (userToken == null || !targetFsToken.getService().equals(userToken.getService()))){ ugi.addToken(targetFsToken);
private UserGroupInformation tokenUGI(Token<DelegationTokenIdentifier> token) throws IOException { ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); DelegationTokenIdentifier id = new DelegationTokenIdentifier(); id.readFields(in); UserGroupInformation ugi = id.getUser(); ugi.addToken(token); return ugi; }