@Override public String getServiceName() { return kerberosName.getServiceName(); }
clientConf.setProperty( org.apache.accumulo.core.client.ClientConfiguration.ClientProperty.KERBEROS_SERVER_PRIMARY, krbName.getServiceName());
@Override public String getServiceName() { return kerberosName.getServiceName(); }
@Override public String getServiceName() { return kerberosName.getServiceName(); }
@Override public String getServiceName() { return kerberosName.getServiceName(); }
@Override public String getServiceName() { return kerberosName.getServiceName(); }
protected static Map<String,String> getProperties(AccumuloConfiguration conf) { final Map<String,String> clientProperties = new HashMap<>(); // Servers will only have the full principal in their configuration -- parse the // primary and realm from it. final String serverPrincipal = conf.get(Property.GENERAL_KERBEROS_PRINCIPAL); final KerberosName krbName; try { krbName = new KerberosName(serverPrincipal); clientProperties.put(ClientProperty.KERBEROS_SERVER_PRIMARY.getKey(), krbName.getServiceName()); } catch (Exception e) { // bad value or empty, assume we're not using kerberos } HashSet<String> clientKeys = new HashSet<>(); for (ClientProperty prop : ClientProperty.values()) { clientKeys.add(prop.getKey()); } String key; for (Entry<String,String> entry : conf) { key = entry.getKey(); if (clientKeys.contains(key)) { clientProperties.put(key, entry.getValue()); } } return clientProperties; }
KerberosName kerbName = new KerberosName(spnegoPrincipal); if (kerbName.getHostName() != null && kerbName.getServiceName() != null && kerbName.getServiceName().equals("HTTP")) { boolean added = serverPrincipalMap.put(kerbName.getHostName(), spnegoPrincipal);
KerberosName kerbName = new KerberosName(spnegoPrincipal); if (kerbName.getHostName() != null && kerbName.getServiceName() != null && kerbName.getServiceName().equals("HTTP")) { boolean added = serverPrincipalMap.put(kerbName.getHostName(), spnegoPrincipal);
/** * Executes a program without blocking until its completion. */ public void execute(final ProgramId id, Map<String, String> sysArgs, Map<String, String> userArgs) throws Exception { String originalUserId = SecurityRequestContext.getUserId(); try { // if the program has a namespace user configured then set that user in the security request context. // See: CDAP-7396 String nsPrincipal = namespaceQueryAdmin.get(id.getNamespaceId()).getConfig().getPrincipal(); if (nsPrincipal != null && SecurityUtil.isKerberosEnabled(cConf)) { SecurityRequestContext.setUserId(new KerberosName(nsPrincipal).getServiceName()); } lifecycleService.runInternal(id, userArgs, sysArgs, false); } catch (ProgramNotFoundException | ApplicationNotFoundException e) { throw new TaskExecutionException(String.format(UserMessages.getMessage(UserErrors.PROGRAM_NOT_FOUND), id), e, false); } finally { SecurityRequestContext.setUserId(originalUserId); } } }
/** * Executes a program without blocking until its completion. */ public void execute(final ProgramId id, Map<String, String> sysArgs, Map<String, String> userArgs) throws Exception { String originalUserId = SecurityRequestContext.getUserId(); try { // if the program has a namespace user configured then set that user in the security request context. // See: CDAP-7396 String nsPrincipal = namespaceQueryAdmin.get(id.getNamespaceId()).getConfig().getPrincipal(); if (nsPrincipal != null && SecurityUtil.isKerberosEnabled(cConf)) { SecurityRequestContext.setUserId(new KerberosName(nsPrincipal).getServiceName()); } lifecycleService.runInternal(id, userArgs, sysArgs, false); } catch (ProgramNotFoundException | ApplicationNotFoundException e) { throw new TaskExecutionException(String.format(UserMessages.getMessage(UserErrors.PROGRAM_NOT_FOUND), id), e, false); } finally { SecurityRequestContext.setUserId(originalUserId); } } }
@Test public void testParsing() throws Exception { final String principalNameFull = "HTTP/abc.com@EXAMPLE.COM"; final String principalNameWoRealm = "HTTP/abc.com"; final String principalNameWoHost = "HTTP@EXAMPLE.COM"; final KerberosName kerbNameFull = new KerberosName(principalNameFull); Assert.assertEquals("HTTP", kerbNameFull.getServiceName()); Assert.assertEquals("abc.com", kerbNameFull.getHostName()); Assert.assertEquals("EXAMPLE.COM", kerbNameFull.getRealm()); final KerberosName kerbNamewoRealm = new KerberosName(principalNameWoRealm); Assert.assertEquals("HTTP", kerbNamewoRealm.getServiceName()); Assert.assertEquals("abc.com", kerbNamewoRealm.getHostName()); Assert.assertEquals(null, kerbNamewoRealm.getRealm()); final KerberosName kerbNameWoHost = new KerberosName(principalNameWoHost); Assert.assertEquals("HTTP", kerbNameWoHost.getServiceName()); Assert.assertEquals(null, kerbNameWoHost.getHostName()); Assert.assertEquals("EXAMPLE.COM", kerbNameWoHost.getRealm()); }
@Test public void testParsing() throws Exception { final String principalNameFull = "HTTP/abc.com@EXAMPLE.COM"; final String principalNameWoRealm = "HTTP/abc.com"; final String principalNameWoHost = "HTTP@EXAMPLE.COM"; final KerberosName kerbNameFull = new KerberosName(principalNameFull); Assert.assertEquals("HTTP", kerbNameFull.getServiceName()); Assert.assertEquals("abc.com", kerbNameFull.getHostName()); Assert.assertEquals("EXAMPLE.COM", kerbNameFull.getRealm()); final KerberosName kerbNamewoRealm = new KerberosName(principalNameWoRealm); Assert.assertEquals("HTTP", kerbNamewoRealm.getServiceName()); Assert.assertEquals("abc.com", kerbNamewoRealm.getHostName()); Assert.assertEquals(null, kerbNamewoRealm.getRealm()); final KerberosName kerbNameWoHost = new KerberosName(principalNameWoHost); Assert.assertEquals("HTTP", kerbNameWoHost.getServiceName()); Assert.assertEquals(null, kerbNameWoHost.getHostName()); Assert.assertEquals("EXAMPLE.COM", kerbNameWoHost.getRealm()); }