Package org.apache.hadoop.security.authorize

Examples of org.apache.hadoop.security.authorize.AccessControlList

289
290
291
292
293
294
295
296
297
298
299
    MyGroupsProvider.mapping.put("userC", Arrays.asList("groupC"));
    MyGroupsProvider.mapping.put("userD", Arrays.asList("groupD"));
    MyGroupsProvider.mapping.put("userE", Arrays.asList("groupE"));

    HttpServer myServer = new HttpServer("test", "0.0.0.0", 0, true, conf,
        new AccessControlList("userA,userB groupC,groupD"));
    myServer.setAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE, conf);
    myServer.start();
    int port = myServer.getPort();
    String serverURL = "http://localhost:" + port + "/";
    for (String servlet : new String[] { "logs", "stacks", "logLevel" }) {
View Full Code Here
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
    String remoteUser = request.getRemoteUser();
    if (remoteUser == null) {
      return true;
    }
    AccessControlList adminsAcl = (AccessControlList) servletContext
        .getAttribute(ADMINS_ACL);
    UserGroupInformation remoteUserUGI =
        UserGroupInformation.createRemoteUser(remoteUser);
    if (adminsAcl != null) {
      if (!adminsAcl.isUserAllowed(remoteUserUGI)) {
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "User "
            + remoteUser + " is unauthorized to access this page. "
            + "AccessControlList for accessing this page : "
            + adminsAcl.toString());
        return false;
      }
    }
    return true;
  }
View Full Code Here
263
264
265
266
267
268
269
270
271
272
273
274
275
   * @return AccessControlList instance
   */
  public static AccessControlList getAdminAcls(Configuration conf,
      String configKey) {
    try {
      AccessControlList adminAcl =
        new AccessControlList(conf.get(configKey, " "));
      adminAcl.addUser(UserGroupInformation.getCurrentUser().
                       getShortUserName());
      return adminAcl;
    } catch (Exception ex) {
      throw new RuntimeException(ex);
    }
View Full Code Here
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
    String remoteUser = request.getRemoteUser();
    if (remoteUser == null) {
      return true;
    }
    AccessControlList adminsAcl = (AccessControlList) servletContext
        .getAttribute(ADMINS_ACL);
    UserGroupInformation remoteUserUGI =
        UserGroupInformation.createRemoteUser(remoteUser);
    if (adminsAcl != null) {
      if (!adminsAcl.isUserAllowed(remoteUserUGI)) {
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "User "
            + remoteUser + " is unauthorized to access this page. "
            + "AccessControlList for accessing this page : "
            + adminsAcl.toString());
        return false;
      }
    }
    return true;
  }
View Full Code Here
368
369
370
371
372
373
374
375
376
377
378
    MyGroupsProvider.mapping.put("userC", Arrays.asList("groupC"));
    MyGroupsProvider.mapping.put("userD", Arrays.asList("groupD"));
    MyGroupsProvider.mapping.put("userE", Arrays.asList("groupE"));

    HttpServer myServer = new HttpServer("test", "0.0.0.0", 0, true, conf,
        new AccessControlList("userA,userB groupC,groupD"));
    myServer.setAttribute(HttpServer.CONF_CONTEXT_ATTRIBUTE, conf);
    myServer.start();
    int port = myServer.getPort();
    String serverURL = "http://localhost:" + port + "/";
    for (String servlet : new String[] { "conf", "logs", "stacks",
View Full Code Here
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
    validateTaskAttemptLevelKeyValues(mr, job, jobInfo);
   
    // Also JobACLs should be correct
    if (mr.getJobTrackerRunner().getJobTracker()
        .areACLsEnabled()) {
      AccessControlList acl = new AccessControlList(
          conf.get(JobACL.VIEW_JOB.getAclName(), " "));
      assertTrue("VIEW_JOB ACL is not properly logged to history file.",
          acl.toString().equals(
          jobInfo.getJobACLs().get(JobACL.VIEW_JOB).toString()));
      acl = new AccessControlList(
          conf.get(JobACL.MODIFY_JOB.getAclName(), " "));
      assertTrue("MODIFY_JOB ACL is not properly logged to history file.",
          acl.toString().equals(
          jobInfo.getJobACLs().get(JobACL.MODIFY_JOB).toString()));
    }
   
    // Validate the job queue name
    assertTrue(jobInfo.getJobQueueName().equals(conf.getQueueName()));
View Full Code Here
469
470
471
472
473
474
475
476
477
478
479
  }

  @Override
  public boolean checkAccess(UserGroupInformation callerUGI,
      JobACL jobOperation) {
    AccessControlList jobACL = jobACLs.get(jobOperation);
    if (jobACL == null) {
      return true;
    }
    return aclsManager.checkAccess(callerUGI, jobOperation, username, jobACL);
  }
View Full Code Here
540
541
542
543
544
545
546
    return clientCache.getClient(arg0.getJobID()).killTask(arg0, arg1);
  }

  @Override
  public AccessControlList getQueueAdmins(String arg0) throws IOException {
    return new AccessControlList("*");
  }
View Full Code Here
441
442
443
444
445
446
447
448
449
450
451
  }

  @Override
  public boolean checkAccess(UserGroupInformation callerUGI,
      JobACL jobOperation) {
    AccessControlList jobACL = jobACLs.get(jobOperation);
    if (jobACL == null) {
      return true;
    }
    return aclsManager.checkAccess(callerUGI, jobOperation, username, jobACL);
  }
View Full Code Here
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
  /**
   * @see org.apache.hadoop.mapred.JobSubmissionProtocol#getQueueAdmins(String)
   */
  public AccessControlList getQueueAdmins(String queueName) throws IOException {
    AccessControlList acl =
        queueManager.getQueueACL(queueName, QueueACL.ADMINISTER_JOBS);
    if (acl == null) {
      acl = new AccessControlList(" ");
    }
    return acl;
  }
View Full Code Here
TOP

Related Classes of org.apache.hadoop.security.authorize.AccessControlList

  • org.apache.hadoop.conf.Configuration
  • org.apache.hadoop.hbase.http.HttpServer
  • org.apache.hadoop.hbase.http.TestHttpServer
  • org.apache.hadoop.hdfs.DFSUtil
  • org.apache.hadoop.hdfs.qjournal.server.JournalNodeHttpServer
  • org.apache.hadoop.hdfs.server.datanode.DataNode
  • org.apache.hadoop.hdfs.server.namenode.NameNode
  • org.apache.hadoop.hdfs.server.namenode.NameNodeHttpServer
  • org.apache.hadoop.hdfs.server.namenode.SecondaryNameNode
  • org.apache.hadoop.hdfs.server.namenode.TestGetImageServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.