org.apache.hadoop.security.authentication.util.KerberosName.getShortName()方法的使用及代码示例

x33g5p2x  于2022-01-23 转载在 其他  
字(9.9k)|赞(0)|评价(0)|浏览(160)

本文整理了Java中org.apache.hadoop.security.authentication.util.KerberosName.getShortName()方法的一些代码示例,展示了KerberosName.getShortName()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KerberosName.getShortName()方法的具体详情如下:
包路径:org.apache.hadoop.security.authentication.util.KerberosName
类名称:KerberosName
方法名:getShortName

KerberosName.getShortName介绍

[英]Get the translation of the principal name into an operating system user name.
[中]获取主体名称到操作系统用户名的翻译。

代码示例

代码示例来源:origin: apache/hive

@Override
 public String getShortName() throws IOException {
  return kerberosName.getShortName();
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

/**
 * Verify whether auth_to_local rules transform a principal name
 * <p>
 * Having a local user name "bar@foo.com" may be harmless, so it is noted at
 * info. However if what was intended is a transformation to "bar"
 * it can be difficult to debug, hence this check.
 */
protected void validateShortName() {
 failif(principal == null, CAT_KERBEROS, "No principal defined");
 try {
  KerberosName kn = new KerberosName(principal);
  String result = kn.getShortName();
  if (nonSimplePattern.matcher(result).find()) {
   warn(CAT_KERBEROS, principal + " short name: " + result +
       " still contains @ or /");
  }
 } catch (IOException e) {
  throw new KerberosDiagsFailure(CAT_KERBEROS, e,
      "Failed to get short name for " + principal, e);
 } catch (IllegalArgumentException e) {
  error(CAT_KERBEROS, "KerberosName(" + principal + ") failed: %s\n%s",
      e, StringUtils.stringifyException(e));
 }
}

代码示例来源:origin: apache/incubator-druid

String clientPrincipal = gssContext.getSrcName().toString();
KerberosName kerberosName = new KerberosName(clientPrincipal);
String userName = kerberosName.getShortName();
token = new AuthenticationToken(userName, clientPrincipal, getType());
response.setStatus(HttpServletResponse.SC_OK);

代码示例来源:origin: org.apache.hadoop/hadoop-hdfs

/**
 * Expected user name should be a short name.
 */
public static void checkUsername(final String expected, final String name
  ) throws IOException {
 if (expected == null && name != null) {
  throw new IOException("Usernames not matched: expecting null but name="
    + name);
 }
 if (name == null) { //name is optional, null is okay
  return;
 }
 KerberosName u = new KerberosName(name);
 String shortName = u.getShortName();
 if (!shortName.equals(expected)) {
  throw new IOException("Usernames not matched: name=" + shortName
    + " != expected=" + expected);
 }
}

代码示例来源:origin: org.apache.hive.shims/hive-shims-0.23

@Override
 public String getShortName() throws IOException {
  return kerberosName.getShortName();
 }
}

代码示例来源:origin: com.facebook.presto.hive/hive-apache

@Override
 public String getShortName() throws IOException {
  return kerberosName.getShortName();
 }
}

代码示例来源:origin: com.github.hyukjinkwon.shims/hive-shims-0.23

@Override
 public String getShortName() throws IOException {
  return kerberosName.getShortName();
 }
}

代码示例来源:origin: org.spark-project.hive.shims/hive-shims-0.23

@Override
 public String getShortName() throws IOException {
  return kerberosName.getShortName();
 }
}

代码示例来源:origin: ch.cern.hadoop/hadoop-hdfs

/**
 * Expected user name should be a short name.
 */
public static void checkUsername(final String expected, final String name
  ) throws IOException {
 if (expected == null && name != null) {
  throw new IOException("Usernames not matched: expecting null but name="
    + name);
 }
 if (name == null) { //name is optional, null is okay
  return;
 }
 KerberosName u = new KerberosName(name);
 String shortName = u.getShortName();
 if (!shortName.equals(expected)) {
  throw new IOException("Usernames not matched: name=" + shortName
    + " != expected=" + expected);
 }
}

代码示例来源:origin: io.prestosql.hadoop/hadoop-apache

/**
 * Expected user name should be a short name.
 */
public static void checkUsername(final String expected, final String name
  ) throws IOException {
 if (expected == null && name != null) {
  throw new IOException("Usernames not matched: expecting null but name="
    + name);
 }
 if (name == null) { //name is optional, null is okay
  return;
 }
 KerberosName u = new KerberosName(name);
 String shortName = u.getShortName();
 if (!shortName.equals(expected)) {
  throw new IOException("Usernames not matched: name=" + shortName
    + " != expected=" + expected);
 }
}

代码示例来源:origin: cdapio/cdap

/**
 * @param principal The principal whose KeytabURI is being looked up
 * @param cConf To lookup the configured path for the keytabs
 * @return The location of the keytab
 * @throws IOException If the principal is not a valid kerberos principal
 */
static String getKeytabURIforPrincipal(String principal, CConfiguration cConf) throws IOException {
 String confPath = cConf.getRaw(Constants.Security.KEYTAB_PATH);
 Preconditions.checkNotNull(confPath, String.format("Failed to get a valid keytab path. " +
                            "Please ensure that you have specified %s in cdap-site.xml",
                           Constants.Security.KEYTAB_PATH));
 String name = new KerberosName(principal).getShortName();
 return confPath.replace(Constants.USER_NAME_SPECIFIER, name);
}

代码示例来源:origin: cdapio/cdap

@Inject
@VisibleForTesting
public DefaultImpersonator(CConfiguration cConf, UGIProvider ugiProvider) {
 this.ugiProvider = ugiProvider;
 this.kerberosEnabled = SecurityUtil.isKerberosEnabled(cConf);
 // on kerberos disabled cluster the master principal will be null
 String masterPrincipal = SecurityUtil.getMasterPrincipal(cConf);
 try {
  masterShortUsername = masterPrincipal == null ? null : new KerberosName(masterPrincipal).getShortName();
 } catch (IOException e) {
  Throwables.propagate(e);
 }
}

代码示例来源:origin: cdapio/cdap

/**
  * Get the effective master user, if it is specified in the {@link CConfiguration}, use it. Otherwise, use the
  * current login user. If security is not enabled, null is returned.
  */
 @Nullable
 public static String getEffectiveMasterUser(CConfiguration cConf) {
  String masterPrincipal = cConf.get(Constants.Security.CFG_CDAP_MASTER_KRB_PRINCIPAL);
  try {
   if (isSecurityAuthorizationEnabled(cConf)) {
    masterPrincipal = masterPrincipal == null ? UserGroupInformation.getLoginUser().getShortUserName() :
     new KerberosName(masterPrincipal).getShortName();
   } else {
    masterPrincipal = null;
   }
  } catch (IOException e) {
   throw new RuntimeException(String.format("Failed to translate the principal name %s to an operating system " +
                         "user name.", masterPrincipal), e);
  }
  return masterPrincipal;
 }
}

代码示例来源:origin: io.hops/hadoop-auth

private void checkTranslation(String from, String to) throws Exception {
 System.out.println("Translate " + from);
 KerberosName nm = new KerberosName(from);
 String simple = nm.getShortName();
 System.out.println("to " + simple);
 Assert.assertEquals("short name incorrect", to, simple);
}

代码示例来源:origin: hopshadoop/hops

private void checkTranslation(String from, String to) throws Exception {
 System.out.println("Translate " + from);
 KerberosName nm = new KerberosName(from);
 String simple = nm.getShortName();
 System.out.println("to " + simple);
 Assert.assertEquals("short name incorrect", to, simple);
}

代码示例来源:origin: apache/hadoop-common

private void checkTranslation(String from, String to) throws Exception {
 System.out.println("Translate " + from);
 KerberosName nm = new KerberosName(from);
 String simple = nm.getShortName();
 System.out.println("to " + simple);
 Assert.assertEquals("short name incorrect", to, simple);
}

代码示例来源:origin: apache/hadoop-common

private void checkBadTranslation(String from) {
 System.out.println("Checking bad translation for " + from);
 KerberosName nm = new KerberosName(from);
 try {
  nm.getShortName();
  Assert.fail("didn't get exception for " + from);
 } catch (IOException ie) {
  // PASS
 }
}

代码示例来源:origin: cdapio/cdap

/**
 * Helper function to get the authorizing user for app deployment, the authorzing user will be the app owner if it
 * is present. If not, it will be the namespace owner. If that is also not present, it will be the user who is making
 * the request
 */
public static String getAppAuthorizingUser(OwnerAdmin ownerAdmin, AuthenticationContext authenticationContext,
                      ApplicationId applicationId,
                      @Nullable KerberosPrincipalId appOwner) throws IOException {
 KerberosPrincipalId effectiveOwner =
  SecurityUtil.getEffectiveOwner(ownerAdmin, applicationId.getNamespaceId(),
                  appOwner == null ? null : appOwner.getPrincipal());
 // CDAP-13154 If impersonation is configured for either the application or namespace the effective owner will be
 // a kerberos principal which can have different form
 // (refer: https://docs.oracle.com/cd/E21455_01/common/tutorials/kerberos_principal.html). For example it can be
 // a complete principal name (alice/somehost.net@someREALM). For authorization we need the enforcement to happen
 // on the username and not the complete principal. The user name is the shortname of the principal so return the
 // shortname as authorizing user.
 String appAuthorizingUser = effectiveOwner != null ?
  new KerberosName(effectiveOwner.getPrincipal()).getShortName() : authenticationContext.getPrincipal().getName();
 LOG.trace("Returning {} as authorizing app user for {}", appAuthorizingUser, applicationId);
 return appAuthorizingUser;
}

代码示例来源:origin: io.hops/hadoop-auth

@Test(timeout=60000)
public void testNameRules() throws Exception {
 KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal());
 Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm());
 //destroy handler created in setUp()
 handler.destroy();
 KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT");
 
 handler = getNewAuthenticationHandler();
 Properties props = getDefaultProperties();
 props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT");
 try {
  handler.init(props);
 } catch (Exception ex) {
 }
 kn = new KerberosName("bar@BAR");
 Assert.assertEquals("bar", kn.getShortName());
 kn = new KerberosName("bar@FOO");
 Assert.assertEquals("bar@FOO", kn.getShortName());
}

代码示例来源:origin: hopshadoop/hops

@Test(timeout=60000)
public void testNameRules() throws Exception {
 KerberosName kn = new KerberosName(KerberosTestUtils.getServerPrincipal());
 Assert.assertEquals(KerberosTestUtils.getRealm(), kn.getRealm());
 //destroy handler created in setUp()
 handler.destroy();
 KerberosName.setRules("RULE:[1:$1@$0](.*@FOO)s/@.*//\nDEFAULT");
 
 handler = getNewAuthenticationHandler();
 Properties props = getDefaultProperties();
 props.setProperty(KerberosAuthenticationHandler.NAME_RULES, "RULE:[1:$1@$0](.*@BAR)s/@.*//\nDEFAULT");
 try {
  handler.init(props);
 } catch (Exception ex) {
 }
 kn = new KerberosName("bar@BAR");
 Assert.assertEquals("bar", kn.getShortName());
 kn = new KerberosName("bar@FOO");
 Assert.assertEquals("bar@FOO", kn.getShortName());
}

内容来源于网络,如有侵权,请联系作者删除!

KerberosName

相关文章

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com