public static SecurityContext installSecurityContext( Configuration configuration, String workingDirectory) throws Exception { SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc); return SecurityUtils.getInstalledContext(); }
public static void install(SecurityConfiguration config, Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap) throws Exception { SecurityUtils.install(config); // install dynamic JAAS entries for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) { if (factory instanceof JaasModuleFactory) { DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration(); for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) { AppConfigurationEntry entry = KerberosUtils.keytabEntry( e.getValue().getKeytab(), e.getValue().getPrincipal()); jaasConf.addAppConfigurationEntry(e.getKey(), entry); } break; } } }
public static void main(String[] args) throws IOException { YarnTaskManagerRunnerFactory.Runner tmRunner = YarnTaskManagerRunnerFactory.create( args, TestingYarnTaskManager.class, System.getenv()); try { SecurityUtils.getInstalledContext().runSecured(tmRunner); } catch (Exception e) { throw new RuntimeException(e); } } }
public static void main(final String[] args) { final String configurationDirectory = CliFrontend.getConfigurationDirectoryFromEnv(); final Configuration flinkConfiguration = GlobalConfiguration.loadConfiguration(); int retCode; try { final FlinkYarnSessionCli cli = new FlinkYarnSessionCli( flinkConfiguration, configurationDirectory, "", ""); // no prefix for the YARN session SecurityUtils.install(new SecurityConfiguration(flinkConfiguration)); retCode = SecurityUtils.getInstalledContext().runSecured(() -> cli.run(args)); } catch (CliArgsException e) { retCode = handleCliArgsException(e); } catch (Throwable t) { final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class); retCode = handleError(strippedThrowable); } System.exit(retCode); }
new SecurityConfiguration( flinkConfig, Collections.singletonList(securityConfig1 -> { return new HadoopModule(securityConfig1, YARN_CONFIGURATION); })); TestingSecurityContext.install(securityConfig, SecureTestEnvironment.getClientSecurityConfigurationMap()); SecurityUtils.getInstalledContext().runSecured(new Callable<Object>() { @Override public Integer call() {
SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc);
private static AppConfigurationEntry[] getAppConfigurationEntries(SecurityConfiguration securityConfig) { AppConfigurationEntry userKerberosAce = null; if (securityConfig.useTicketCache()) { userKerberosAce = KerberosUtils.ticketCacheEntry(); } AppConfigurationEntry keytabKerberosAce = null; if (securityConfig.getKeytab() != null) { keytabKerberosAce = KerberosUtils.keytabEntry(securityConfig.getKeytab(), securityConfig.getPrincipal()); } AppConfigurationEntry[] appConfigurationEntry; if (userKerberosAce != null && keytabKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce, userKerberosAce}; } else if (keytabKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce}; } else if (userKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{userKerberosAce}; } else { return null; } return appConfigurationEntry; }
flinkConfig.setString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL, testPrincipal); flinkConfig.setString(SecurityOptions.KERBEROS_LOGIN_CONTEXTS, "Client,KafkaClient"); SecurityConfiguration ctx = new SecurityConfiguration(flinkConfig); TestingSecurityContext.install(ctx, getClientSecurityConfigurationMap());
private static AppConfigurationEntry[] getAppConfigurationEntries(SecurityUtils.SecurityConfiguration securityConfig) { AppConfigurationEntry userKerberosAce = null; if (securityConfig.useTicketCache()) { userKerberosAce = KerberosUtils.ticketCacheEntry(); } AppConfigurationEntry keytabKerberosAce = null; if (securityConfig.getKeytab() != null) { keytabKerberosAce = KerberosUtils.keytabEntry(securityConfig.getKeytab(), securityConfig.getPrincipal()); } AppConfigurationEntry[] appConfigurationEntry; if (userKerberosAce != null && keytabKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce, userKerberosAce}; } else if (keytabKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce}; } else if (userKerberosAce != null) { appConfigurationEntry = new AppConfigurationEntry[]{userKerberosAce}; } else { return null; } return appConfigurationEntry; }
envs); final List<SecurityModule> modules = SecurityUtils.getInstalledModules(); Optional<SecurityModule> moduleOpt = modules.stream().filter(s -> s instanceof HadoopModule).findFirst(); if (moduleOpt.isPresent()) { HadoopModule hadoopModule = (HadoopModule) moduleOpt.get(); assertEquals("testuser1@domain", hadoopModule.getSecurityConfig().getPrincipal()); assertEquals(resourceDirPath + "/" + Utils.KEYTAB_FILE_NAME, hadoopModule.getSecurityConfig().getKeytab()); } else { fail("Can not find HadoopModule!");
public static void main(String[] args) throws Exception { ParameterTool pt = ParameterTool.fromArgs(args); String configDir = pt.getRequired("configDir"); LOG.info("Loading configuration from {}", configDir); final Configuration flinkConfig = GlobalConfiguration.loadConfiguration(configDir); try { FileSystem.initialize(flinkConfig); } catch (IOException e) { throw new Exception("Error while setting the default filesystem scheme from configuration.", e); } // run the history server SecurityUtils.install(new SecurityConfiguration(flinkConfig)); try { SecurityUtils.getInstalledContext().runSecured(new Callable<Integer>() { @Override public Integer call() throws Exception { HistoryServer hs = new HistoryServer(flinkConfig); hs.run(); return 0; } }); System.exit(0); } catch (Throwable t) { final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class); LOG.error("Failed to run HistoryServer.", strippedThrowable); strippedThrowable.printStackTrace(); System.exit(1); } }
public static SecurityContext installSecurityContext( Configuration configuration, String workingDirectory) throws Exception { SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc); return SecurityUtils.getInstalledContext(); }
/** * Submits the job based on the arguments. */ public static void main(final String[] args) { EnvironmentInformation.logEnvironmentInfo(LOG, "Command Line Client", args); // 1. find the configuration directory final String configurationDirectory = getConfigurationDirectoryFromEnv(); // 2. load the global configuration final Configuration configuration = GlobalConfiguration.loadConfiguration(configurationDirectory); // 3. load the custom command lines final List<CustomCommandLine<?>> customCommandLines = loadCustomCommandLines( configuration, configurationDirectory); try { final CliFrontend cli = new CliFrontend( configuration, customCommandLines); SecurityUtils.install(new SecurityConfiguration(cli.configuration)); int retCode = SecurityUtils.getInstalledContext() .runSecured(() -> cli.parseParameters(args)); System.exit(retCode); } catch (Throwable t) { final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class); LOG.error("Fatal error while running command line interface.", strippedThrowable); strippedThrowable.printStackTrace(); System.exit(31); } }
public static SecurityContext installSecurityContext( Configuration configuration, String workingDirectory) throws Exception { SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc); return SecurityUtils.getInstalledContext(); }
SecurityConfiguration sc = new SecurityConfiguration(flinkConfig); SecurityUtils.install(sc); return SecurityUtils.getInstalledContext().runSecured(new Callable<Integer>() { @Override public Integer call() {
protected SecurityContext installSecurityContext(Configuration configuration) throws Exception { LOG.info("Install security context."); SecurityUtils.install(new SecurityConfiguration(configuration)); return SecurityUtils.getInstalledContext(); }
SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc); SecurityUtils.getInstalledContext().runSecured((Callable<Void>) () -> { TaskManagerRunner.runTaskManager(configuration, new ResourceID(containerId)); return null;
protected SecurityContext installSecurityContext(Configuration configuration) throws Exception { LOG.info("Install security context."); SecurityUtils.install(new SecurityConfiguration(configuration)); return SecurityUtils.getInstalledContext(); }
SecurityConfiguration sc = new SecurityConfiguration(configuration); SecurityUtils.install(sc); SecurityUtils.getInstalledContext().runSecured(() -> { TaskManagerRunner.runTaskManager(configuration, resourceId);
protected SecurityContext installSecurityContext(Configuration configuration) throws Exception { LOG.info("Install security context."); SecurityUtils.install(new SecurityConfiguration(configuration)); return SecurityUtils.getInstalledContext(); }