if (moduleOpt.isPresent()) { HadoopModule hadoopModule = (HadoopModule) moduleOpt.get(); assertEquals("testuser1@domain", hadoopModule.getSecurityConfig().getPrincipal()); assertEquals(resourceDirPath + "/" + Utils.KEYTAB_FILE_NAME, hadoopModule.getSecurityConfig().getKeytab()); } else { fail("Can not find HadoopModule!");
Collections.singletonList(securityConfig1 -> { return new HadoopModule(securityConfig1, YARN_CONFIGURATION); }));
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new JaasModule(securityConfig); } }
@Override public void install() throws SecurityInstallException { // ensure that a config file is always defined, for compatibility with // ZK and Kafka which check for the system property and existence of the file priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null); if (priorConfigFile == null) { File configFile = generateDefaultConfigFile(); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath()); } // read the JAAS configuration file priorConfig = javax.security.auth.login.Configuration.getConfiguration(); // construct a dynamic JAAS configuration currentConfig = new DynamicConfiguration(priorConfig); // wire up the configured JAAS login contexts to use the krb5 entries AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig); if (krb5Entries != null) { for (String app : securityConfig.getLoginContextNames()) { currentConfig.addAppConfigurationEntry(app, krb5Entries); } } javax.security.auth.login.Configuration.setConfiguration(currentConfig); }
static void uninstall() { if (installedModules != null) { // uninstall them in reverse order for (int i = installedModules.size() - 1; i >= 0; i--) { SecurityModule module = installedModules.get(i); try { module.uninstall(); } catch (UnsupportedOperationException ignored) { } catch (SecurityModule.SecurityInstallException e) { LOG.warn("unable to uninstall a security module", e); } } installedModules = null; } installedContext = new NoOpSecurityContext(); }
try { for (SecurityModuleFactory moduleFactory : config.getSecurityModuleFactories()) { SecurityModule module = moduleFactory.createModule(config); module.install(); modules.add(module);
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new ZooKeeperModule(securityConfig); } }
@Override public void install() throws SecurityInstallException { // ensure that a config file is always defined, for compatibility with // ZK and Kafka which check for the system property and existence of the file priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null); if (priorConfigFile == null) { File configFile = generateDefaultConfigFile(); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath()); } // read the JAAS configuration file priorConfig = javax.security.auth.login.Configuration.getConfiguration(); // construct a dynamic JAAS configuration currentConfig = new DynamicConfiguration(priorConfig); // wire up the configured JAAS login contexts to use the krb5 entries AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig); if (krb5Entries != null) { for (String app : securityConfig.getLoginContextNames()) { currentConfig.addAppConfigurationEntry(app, krb5Entries); } } javax.security.auth.login.Configuration.setConfiguration(currentConfig); }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { // First check if we have Hadoop in the ClassPath. If not, we simply don't do anything. try { Class.forName( "org.apache.hadoop.conf.Configuration", false, HadoopModule.class.getClassLoader()); } catch (ClassNotFoundException e) { LOG.info("Cannot create Hadoop Security Module because Hadoop cannot be found in the Classpath."); return null; } try { Configuration hadoopConfiguration = HadoopUtils.getHadoopConfiguration(securityConfig.getFlinkConfig()); return new HadoopModule(securityConfig, hadoopConfiguration); } catch (LinkageError e) { LOG.error("Cannot create Hadoop Security Module.", e); return null; } } }
static void uninstall() { if (installedModules != null) { // uninstall them in reverse order for (int i = installedModules.size() - 1; i >= 0; i--) { SecurityModule module = installedModules.get(i); try { module.uninstall(); } catch (UnsupportedOperationException ignored) { } catch (SecurityModule.SecurityInstallException e) { LOG.warn("unable to uninstall a security module", e); } } installedModules = null; } installedContext = new NoOpSecurityContext(); }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new JaasModule(securityConfig); } }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new ZooKeeperModule(securityConfig); } }
@Override public void install() throws SecurityInstallException { // ensure that a config file is always defined, for compatibility with // ZK and Kafka which check for the system property and existence of the file priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null); if (priorConfigFile == null) { File configFile = generateDefaultConfigFile(); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath()); } // read the JAAS configuration file priorConfig = javax.security.auth.login.Configuration.getConfiguration(); // construct a dynamic JAAS configuration currentConfig = new DynamicConfiguration(priorConfig); // wire up the configured JAAS login contexts to use the krb5 entries AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig); if (krb5Entries != null) { for (String app : securityConfig.getLoginContextNames()) { currentConfig.addAppConfigurationEntry(app, krb5Entries); } } javax.security.auth.login.Configuration.setConfiguration(currentConfig); }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { // First check if we have Hadoop in the ClassPath. If not, we simply don't do anything. try { Class.forName( "org.apache.hadoop.conf.Configuration", false, HadoopModule.class.getClassLoader()); } catch (ClassNotFoundException e) { LOG.info("Cannot create Hadoop Security Module because Hadoop cannot be found in the Classpath."); return null; } try { Configuration hadoopConfiguration = HadoopUtils.getHadoopConfiguration(securityConfig.getFlinkConfig()); return new HadoopModule(securityConfig, hadoopConfiguration); } catch (LinkageError e) { LOG.error("Cannot create Hadoop Security Module.", e); return null; } } }
static void uninstall() { if (installedModules != null) { // uninstall them in reverse order for (int i = installedModules.size() - 1; i >= 0; i--) { SecurityModule module = installedModules.get(i); try { module.uninstall(); } catch (UnsupportedOperationException ignored) { } catch (SecurityModule.SecurityInstallException e) { LOG.warn("unable to uninstall a security module", e); } } installedModules = null; } installedContext = new NoOpSecurityContext(); }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new JaasModule(securityConfig); } }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { return new ZooKeeperModule(securityConfig); } }
@Override public void install(SecurityUtils.SecurityConfiguration securityConfig) throws SecurityInstallException { // ensure that a config file is always defined, for compatibility with // ZK and Kafka which check for the system property and existence of the file priorConfigFile = System.getProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, null); if (priorConfigFile == null) { File configFile = generateDefaultConfigFile(); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, configFile.getAbsolutePath()); } // read the JAAS configuration file priorConfig = javax.security.auth.login.Configuration.getConfiguration(); // construct a dynamic JAAS configuration currentConfig = new DynamicConfiguration(priorConfig); // wire up the configured JAAS login contexts to use the krb5 entries AppConfigurationEntry[] krb5Entries = getAppConfigurationEntries(securityConfig); if(krb5Entries != null) { for (String app : securityConfig.getLoginContextNames()) { currentConfig.addAppConfigurationEntry(app, krb5Entries); } } javax.security.auth.login.Configuration.setConfiguration(currentConfig); }
@Override public SecurityModule createModule(SecurityConfiguration securityConfig) { // First check if we have Hadoop in the ClassPath. If not, we simply don't do anything. try { Class.forName( "org.apache.hadoop.conf.Configuration", false, HadoopModule.class.getClassLoader()); } catch (ClassNotFoundException e) { LOG.info("Cannot create Hadoop Security Module because Hadoop cannot be found in the Classpath."); return null; } try { Configuration hadoopConfiguration = HadoopUtils.getHadoopConfiguration(securityConfig.getFlinkConfig()); return new HadoopModule(securityConfig, hadoopConfiguration); } catch (LinkageError e) { LOG.error("Cannot create Hadoop Security Module.", e); return null; } } }
static void uninstall() { if(installedModules != null) { for (SecurityModule module : Lists.reverse(installedModules)) { try { module.uninstall(); } catch(UnsupportedOperationException ignored) { } catch(SecurityModule.SecurityInstallException e) { LOG.warn("unable to uninstall a security module", e); } } installedModules = null; } installedContext = new NoOpSecurityContext(); }