public static void initCredentials(JobConf job) throws IOException { UserProvider userProvider = UserProvider.instantiate(job); if (userProvider.isHadoopSecurityEnabled()) { // propagate delegation related props from launcher job to MR job if (System.getenv("HADOOP_TOKEN_FILE_LOCATION") != null) { job.set("mapreduce.job.credentials.binary", System.getenv("HADOOP_TOKEN_FILE_LOCATION")); } } if (userProvider.isHBaseSecurityEnabled()) { try { // login the server principal (if using secure Hadoop) User user = userProvider.getCurrent(); Token<AuthenticationTokenIdentifier> authToken = getAuthToken(job, user); if (authToken == null) { user.obtainAuthTokenForJob(job); } else { job.getCredentials().addToken(authToken.getService(), authToken); } } catch (InterruptedException ie) { ie.printStackTrace(); Thread.currentThread().interrupt(); } } }
public static void main(String[] args) throws IOException, InterruptedException { Configuration conf = HBaseConfiguration.create(); Connection connection = ConnectionFactory.createConnection(conf); // vv TokenExample Token<AuthenticationTokenIdentifier> token = TokenUtil.obtainToken(connection); String urlString = token.encodeToUrlString(); File temp = new File(FileUtils.getTempDirectory(), "token"); FileUtils.writeStringToFile(temp, urlString); System.out.println("Encoded Token: " + urlString); String strToken = FileUtils.readFileToString(new File("token")); Token token2 = new Token(); token2.decodeFromUrlString(strToken); UserGroupInformation.getCurrentUser().addToken(token2); // ^^ TokenExample connection.close(); }
public static void initCredentials(JobConf job) throws IOException { UserProvider userProvider = UserProvider.instantiate(job); if (userProvider.isHadoopSecurityEnabled()) { // propagate delegation related props from launcher job to MR job if (System.getenv("HADOOP_TOKEN_FILE_LOCATION") != null) { job.set("mapreduce.job.credentials.binary", System.getenv("HADOOP_TOKEN_FILE_LOCATION")); } } if (userProvider.isHBaseSecurityEnabled()) { try { // login the server principal (if using secure Hadoop) User user = userProvider.getCurrent(); Token<AuthenticationTokenIdentifier> authToken = getAuthToken(job, user); if (authToken == null) { user.obtainAuthTokenForJob(job); } else { job.getCredentials().addToken(authToken.getService(), authToken); } } catch (InterruptedException ie) { ie.printStackTrace(); Thread.interrupted(); } } }
/** * Converts a Token instance (with embedded identifier) to the protobuf representation. * * @param token the Token instance to copy * @return the protobuf Token message */ public static AuthenticationProtos.Token toToken(Token<AuthenticationTokenIdentifier> token) { AuthenticationProtos.Token.Builder builder = AuthenticationProtos.Token.newBuilder(); builder.setIdentifier(ByteStringer.wrap(token.getIdentifier())); builder.setPassword(ByteStringer.wrap(token.getPassword())); if (token.getService() != null) { builder.setService(ByteString.copyFromUtf8(token.getService().toString())); } return builder.build(); }
/** * Converts a protobuf Token message back into a Token instance. * * @param proto the protobuf Token message * @return the Token instance */ public static Token<AuthenticationTokenIdentifier> toToken(AuthenticationProtos.Token proto) { return new Token<AuthenticationTokenIdentifier>( proto.hasIdentifier() ? proto.getIdentifier().toByteArray() : null, proto.hasPassword() ? proto.getPassword().toByteArray() : null, AuthenticationTokenIdentifier.AUTH_TOKEN_TYPE, proto.hasService() ? new Text(proto.getService().toStringUtf8()) : null); }
/** * Get the authentication token of the user for the cluster specified in the configuration * @return null if the user does not have the token, otherwise the auth token for the cluster. */ private static Token<AuthenticationTokenIdentifier> getAuthToken(Configuration conf, User user) throws IOException, InterruptedException { ZooKeeperWatcher zkw = new ZooKeeperWatcher(conf, "mr-init-credentials", null); try { String clusterId = ZKClusterId.readClusterIdZNode(zkw); return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getUGI().getTokens()); } catch (KeeperException e) { throw new IOException(e); } finally { zkw.close(); } }
private static void obtainAuthTokenForJob(Job job, Configuration conf, User user) throws IOException, InterruptedException { Token<AuthenticationTokenIdentifier> authToken = getAuthToken(conf, user); if (authToken == null) { user.obtainAuthTokenForJob(conf, job); } else { job.getCredentials().addToken(authToken.getService(), authToken); } }
/** * Converts a Token instance (with embedded identifier) to the protobuf representation. * * @param token the Token instance to copy * @return the protobuf Token message */ public static AuthenticationProtos.Token toToken(Token<AuthenticationTokenIdentifier> token) { AuthenticationProtos.Token.Builder builder = AuthenticationProtos.Token.newBuilder(); builder.setIdentifier(HBaseZeroCopyByteString.wrap(token.getIdentifier())); builder.setPassword(HBaseZeroCopyByteString.wrap(token.getPassword())); if (token.getService() != null) { builder.setService(ByteString.copyFromUtf8(token.getService().toString())); } return builder.build(); }
/** * Converts a Token instance (with embedded identifier) to the protobuf representation. * * @param token the Token instance to copy * @return the protobuf Token message */ public static AuthenticationProtos.Token toToken(Token<AuthenticationTokenIdentifier> token) { AuthenticationProtos.Token.Builder builder = AuthenticationProtos.Token.newBuilder(); builder.setIdentifier(ZeroCopyLiteralByteString.wrap(token.getIdentifier())); builder.setPassword(ZeroCopyLiteralByteString.wrap(token.getPassword())); if (token.getService() != null) { builder.setService(ByteString.copyFromUtf8(token.getService().toString())); } return builder.build(); }
/** * Converts a Token instance (with embedded identifier) to the protobuf representation. * * @param token the Token instance to copy * @return the protobuf Token message */ public static AuthenticationProtos.Token toToken(Token<AuthenticationTokenIdentifier> token) { AuthenticationProtos.Token.Builder builder = AuthenticationProtos.Token.newBuilder(); builder.setIdentifier(ByteString.copyFrom(token.getIdentifier())); builder.setPassword(ByteString.copyFrom(token.getPassword())); if (token.getService() != null) { builder.setService(ByteString.copyFromUtf8(token.getService().toString())); } return builder.build(); }