Java 类org.apache.hadoop.hbase.ipc.RequestContext 实例源码

项目：pbase 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.GetAuthenticationTokenResponse getAuthenticationToken(
    RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request)
  throws ServiceException {
  LOG.debug("Authentication token request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse>();
  getAuthenticationToken(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：pbase 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.WhoAmIResponse whoAmI(
    RpcController controller, AuthenticationProtos.WhoAmIRequest request)
  throws ServiceException {
  LOG.debug("whoAmI() request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse>();
  whoAmI(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：HIndex 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.GetAuthenticationTokenResponse getAuthenticationToken(
    RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request)
  throws ServiceException {
  LOG.debug("Authentication token request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse>();
  getAuthenticationToken(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：HIndex 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.WhoAmIResponse whoAmI(
    RpcController controller, AuthenticationProtos.WhoAmIRequest request)
  throws ServiceException {
  LOG.debug("whoAmI() request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse>();
  whoAmI(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：IRIndex 文件：TokenProvider.java

@Override
public Token<AuthenticationTokenIdentifier> getAuthenticationToken()
    throws IOException {
  if (secretManager == null) {
    throw new IOException(
        "No secret manager configured for token authentication");
  }

  User currentUser = RequestContext.getRequestUser();
  UserGroupInformation ugi = null;
  if (currentUser != null) {
    ugi = currentUser.getUGI();
  }
  if (currentUser == null) {
    throw new AccessDeniedException("No authenticated user for request!");
  } else if (!isAllowedDelegationTokenOp(ugi)) {
    LOG.warn("Token generation denied for user="+currentUser.getName()
        +", authMethod="+ugi.getAuthenticationMethod());
    throw new AccessDeniedException(
        "Token generation only allowed for Kerberos authenticated clients");
  }

  return secretManager.generateToken(currentUser.getName());
}

项目：PyroDB 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.GetAuthenticationTokenResponse getAuthenticationToken(
    RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request)
  throws ServiceException {
  LOG.debug("Authentication token request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse>();
  getAuthenticationToken(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：PyroDB 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.WhoAmIResponse whoAmI(
    RpcController controller, AuthenticationProtos.WhoAmIRequest request)
  throws ServiceException {
  LOG.debug("whoAmI() request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse>();
  whoAmI(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：c5 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.GetAuthenticationTokenResponse getAuthenticationToken(
    RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request)
  throws ServiceException {
  LOG.debug("Authentication token request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse>();
  getAuthenticationToken(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：c5 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.WhoAmIResponse whoAmI(
    RpcController controller, AuthenticationProtos.WhoAmIRequest request)
  throws ServiceException {
  LOG.debug("whoAmI() request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse>();
  whoAmI(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：HBase-Research 文件：TokenProvider.java

@Override
public Token<AuthenticationTokenIdentifier> getAuthenticationToken()
    throws IOException {
  if (secretManager == null) {
    throw new IOException(
        "No secret manager configured for token authentication");
  }

  User currentUser = RequestContext.getRequestUser();
  UserGroupInformation ugi = null;
  if (currentUser != null) {
    ugi = currentUser.getUGI();
  }
  if (currentUser == null) {
    throw new AccessDeniedException("No authenticated user for request!");
  } else if (!isAllowedDelegationTokenOp(ugi)) {
    LOG.warn("Token generation denied for user="+currentUser.getName()
        +", authMethod="+ugi.getAuthenticationMethod());
    throw new AccessDeniedException(
        "Token generation only allowed for Kerberos authenticated clients");
  }

  return secretManager.generateToken(currentUser.getName());
}

项目：hbase-0.94.8-qod 文件：TokenProvider.java

@Override
public Token<AuthenticationTokenIdentifier> getAuthenticationToken()
    throws IOException {
  if (secretManager == null) {
    throw new IOException(
        "No secret manager configured for token authentication");
  }

  User currentUser = RequestContext.getRequestUser();
  UserGroupInformation ugi = null;
  if (currentUser != null) {
    ugi = currentUser.getUGI();
  }
  if (currentUser == null) {
    throw new AccessDeniedException("No authenticated user for request!");
  } else if (!isAllowedDelegationTokenOp(ugi)) {
    LOG.warn("Token generation denied for user="+currentUser.getName()
        +", authMethod="+ugi.getAuthenticationMethod());
    throw new AccessDeniedException(
        "Token generation only allowed for Kerberos authenticated clients");
  }

  return secretManager.generateToken(currentUser.getName());
}

项目：hbase-0.94.8-qod 文件：TokenProvider.java

@Override
public Token<AuthenticationTokenIdentifier> getAuthenticationToken()
    throws IOException {
  if (secretManager == null) {
    throw new IOException(
        "No secret manager configured for token authentication");
  }

  User currentUser = RequestContext.getRequestUser();
  UserGroupInformation ugi = null;
  if (currentUser != null) {
    ugi = currentUser.getUGI();
  }
  if (currentUser == null) {
    throw new AccessDeniedException("No authenticated user for request!");
  } else if (!isAllowedDelegationTokenOp(ugi)) {
    LOG.warn("Token generation denied for user="+currentUser.getName()
        +", authMethod="+ugi.getAuthenticationMethod());
    throw new AccessDeniedException(
        "Token generation only allowed for Kerberos authenticated clients");
  }

  return secretManager.generateToken(currentUser.getName());
}

项目：DominoHBase 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.TokenResponse getAuthenticationToken(
    RpcController controller, AuthenticationProtos.TokenRequest request)
  throws ServiceException {
  LOG.debug("Authentication token request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.TokenResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.TokenResponse>();
  getAuthenticationToken(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：DominoHBase 文件：TestTokenAuthentication.java

@Override
public AuthenticationProtos.WhoAmIResponse whoami(
    RpcController controller, AuthenticationProtos.WhoAmIRequest request)
  throws ServiceException {
  LOG.debug("whoami() request from "+RequestContext.getRequestUserName());
  // ignore passed in controller -- it's always null
  ServerRpcController serverController = new ServerRpcController();
  BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse> callback =
      new BlockingRpcCallback<AuthenticationProtos.WhoAmIResponse>();
  whoami(serverController, request, callback);
  try {
    serverController.checkFailed();
    return callback.get();
  } catch (IOException ioe) {
    throw new ServiceException(ioe);
  }
}

项目：hindex 文件：TokenProvider.java

@Override
public Token<AuthenticationTokenIdentifier> getAuthenticationToken()
    throws IOException {
  if (secretManager == null) {
    throw new IOException(
        "No secret manager configured for token authentication");
  }

  User currentUser = RequestContext.getRequestUser();
  UserGroupInformation ugi = null;
  if (currentUser != null) {
    ugi = currentUser.getUGI();
  }
  if (currentUser == null) {
    throw new AccessDeniedException("No authenticated user for request!");
  } else if (!isAllowedDelegationTokenOp(ugi)) {
    LOG.warn("Token generation denied for user="+currentUser.getName()
        +", authMethod="+ugi.getAuthenticationMethod());
    throw new AccessDeniedException(
        "Token generation only allowed for Kerberos authenticated clients");
  }

  return secretManager.generateToken(currentUser.getName());
}

项目：pbase 文件：VisibilityController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner. If so, we assume that
 * access control is correctly enforced based on the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUName)) {
      throw new AccessDeniedException("User '" + requestUName + "' is not the scanner owner!");
    }
  }
}

项目：pbase 文件：VisibilityController.java

private void logResult(boolean isAllowed, String request, String reason, byte[] user,
    List<byte[]> labelAuths, String regex) {
  if (AUDITLOG.isTraceEnabled()) {
    RequestContext ctx = RequestContext.get();
    InetAddress remoteAddr = null;
    if (ctx != null) {
      remoteAddr = ctx.getRemoteAddress();
    }

    List<String> labelAuthsStr = new ArrayList<>();
    if (labelAuths != null) {
      int labelAuthsSize = labelAuths.size();
      labelAuthsStr = new ArrayList<>(labelAuthsSize);
      for (int i = 0; i < labelAuthsSize; i++) {
        labelAuthsStr.add(Bytes.toString(labelAuths.get(i)));
      }
    }

    User requestingUser = null;
    try {
      requestingUser = VisibilityUtils.getActiveUser();
    } catch (IOException e) {
      LOG.warn("Failed to get active system user.");
      LOG.debug("Details on failure to get active system user.", e);
    }
    AUDITLOG.trace("Access " + (isAllowed ? "allowed" : "denied") + " for user "
        + (requestingUser != null ? requestingUser.getShortName() : "UNKNOWN") + "; reason: "
        + reason + "; remote address: " + (remoteAddr != null ? remoteAddr : "") + "; request: "
        + request + "; user: " + (user != null ? Bytes.toShort(user) : "null") + "; labels: "
        + labelAuthsStr + "; regex: " + regex);
  }
}

项目：pbase 文件：VisibilityUtils.java

/**
 * @return User who called RPC method. For non-RPC handling, falls back to system user
 * @throws IOException When there is IOE in getting the system user (During non-RPC handling).
 */
public static User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    user = User.getCurrent();
  }
  if (LOG.isTraceEnabled()) {
    LOG.trace("Current active user name is " + user.getShortName());
  }
  return user;
}

项目：pbase 文件：TokenProvider.java

@Override
public void getAuthenticationToken(RpcController controller,
                                   AuthenticationProtos.GetAuthenticationTokenRequest request,
                                   RpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> done) {
  AuthenticationProtos.GetAuthenticationTokenResponse.Builder response =
      AuthenticationProtos.GetAuthenticationTokenResponse.newBuilder();

  try {
    if (secretManager == null) {
      throw new IOException(
          "No secret manager configured for token authentication");
    }

    User currentUser = RequestContext.getRequestUser();
    UserGroupInformation ugi = null;
    if (currentUser != null) {
      ugi = currentUser.getUGI();
    }
    if (currentUser == null) {
      throw new AccessDeniedException("No authenticated user for request!");
    } else if (!isAllowedDelegationTokenOp(ugi)) {
      LOG.warn("Token generation denied for user="+currentUser.getName()
          +", authMethod="+ugi.getAuthenticationMethod());
      throw new AccessDeniedException(
          "Token generation only allowed for Kerberos authenticated clients");
    }

    Token<AuthenticationTokenIdentifier> token =
        secretManager.generateToken(currentUser.getName());
    response.setToken(ProtobufUtil.toToken(token)).build();
  } catch (IOException ioe) {
    ResponseConverter.setControllerException(controller, ioe);
  }
  done.run(response.build());
}

项目：pbase 文件：TokenProvider.java

@Override
public void whoAmI(RpcController controller, AuthenticationProtos.WhoAmIRequest request,
                   RpcCallback<AuthenticationProtos.WhoAmIResponse> done) {
  User requestUser = RequestContext.getRequestUser();
  AuthenticationProtos.WhoAmIResponse.Builder response =
      AuthenticationProtos.WhoAmIResponse.newBuilder();
  if (requestUser != null) {
    response.setUsername(requestUser.getShortName());
    AuthenticationMethod method = requestUser.getUGI().getAuthenticationMethod();
    if (method != null) {
      response.setAuthMethod(method.name());
    }
  }
  done.run(response.build());
}

项目：pbase 文件：AccessController.java

private void logResult(AuthResult result) {
  if (AUDITLOG.isTraceEnabled()) {
    RequestContext ctx = RequestContext.get();
    InetAddress remoteAddr = null;
    if (ctx != null) {
      remoteAddr = ctx.getRemoteAddress();
    }
    AUDITLOG.trace("Access " + (result.isAllowed() ? "allowed" : "denied") +
        " for user " + (result.getUser() != null ? result.getUser().getShortName() : "UNKNOWN") +
        "; reason: " + result.getReason() +
        "; remote address: " + (remoteAddr != null ? remoteAddr : "") +
        "; request: " + result.getRequest() +
        "; context: " + result.toContextString());
  }
}

项目：pbase 文件：AccessController.java

/**
 * Returns the active user to which authorization checks should be applied.
 * If we are in the context of an RPC call, the remote user is used,
 * otherwise the currently logged in user is used.
 */
private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    // for non-rpc handling, fallback to system user
    user = userProvider.getCurrent();
  }
  return user;
}

项目：pbase 文件：AccessController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner.
 * If so, we assume that access control is correctly enforced based on
 * the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s)
    throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUserName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUserName)) {
      throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!");
    }
  }
}

项目：pbase 文件：SecureBulkLoadEndpoint.java

private User getActiveUser() {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    return null;
  }

  //this is for testing
  if (userProvider.isHadoopSecurityEnabled()
      && "simple".equalsIgnoreCase(conf.get(User.HBASE_SECURITY_CONF_KEY))) {
    return User.createUserForTesting(conf, user.getShortName(), new String[]{});
  }

  return user;
}

项目：HIndex 文件：VisibilityController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner. If so, we assume that
 * access control is correctly enforced based on the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUName)) {
      throw new AccessDeniedException("User '" + requestUName + "' is not the scanner owner!");
    }
  }
}

项目：HIndex 文件：VisibilityController.java

private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    // for non-rpc handling, fallback to system user
    user = User.getCurrent();
  }
  if (LOG.isTraceEnabled()) {
    LOG.trace("Current active user name is "+user.getShortName());
  }
  return user;
}

项目：HIndex 文件：TokenProvider.java

@Override
public void getAuthenticationToken(RpcController controller,
                                   AuthenticationProtos.GetAuthenticationTokenRequest request,
                                   RpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> done) {
  AuthenticationProtos.GetAuthenticationTokenResponse.Builder response =
      AuthenticationProtos.GetAuthenticationTokenResponse.newBuilder();

  try {
    if (secretManager == null) {
      throw new IOException(
          "No secret manager configured for token authentication");
    }

    User currentUser = RequestContext.getRequestUser();
    UserGroupInformation ugi = null;
    if (currentUser != null) {
      ugi = currentUser.getUGI();
    }
    if (currentUser == null) {
      throw new AccessDeniedException("No authenticated user for request!");
    } else if (!isAllowedDelegationTokenOp(ugi)) {
      LOG.warn("Token generation denied for user="+currentUser.getName()
          +", authMethod="+ugi.getAuthenticationMethod());
      throw new AccessDeniedException(
          "Token generation only allowed for Kerberos authenticated clients");
    }

    Token<AuthenticationTokenIdentifier> token =
        secretManager.generateToken(currentUser.getName());
    response.setToken(ProtobufUtil.toToken(token)).build();
  } catch (IOException ioe) {
    ResponseConverter.setControllerException(controller, ioe);
  }
  done.run(response.build());
}

项目：HIndex 文件：TokenProvider.java

@Override
public void whoAmI(RpcController controller, AuthenticationProtos.WhoAmIRequest request,
                   RpcCallback<AuthenticationProtos.WhoAmIResponse> done) {
  User requestUser = RequestContext.getRequestUser();
  AuthenticationProtos.WhoAmIResponse.Builder response =
      AuthenticationProtos.WhoAmIResponse.newBuilder();
  if (requestUser != null) {
    response.setUsername(requestUser.getShortName());
    AuthenticationMethod method = requestUser.getUGI().getAuthenticationMethod();
    if (method != null) {
      response.setAuthMethod(method.name());
    }
  }
  done.run(response.build());
}

项目：HIndex 文件：AccessController.java

private void logResult(AuthResult result) {
  if (AUDITLOG.isTraceEnabled()) {
    RequestContext ctx = RequestContext.get();
    InetAddress remoteAddr = null;
    if (ctx != null) {
      remoteAddr = ctx.getRemoteAddress();
    }
    AUDITLOG.trace("Access " + (result.isAllowed() ? "allowed" : "denied") +
        " for user " + (result.getUser() != null ? result.getUser().getShortName() : "UNKNOWN") +
        "; reason: " + result.getReason() +
        "; remote address: " + (remoteAddr != null ? remoteAddr : "") +
        "; request: " + result.getRequest() +
        "; context: " + result.toContextString());
  }
}

项目：HIndex 文件：AccessController.java

/**
 * Returns the active user to which authorization checks should be applied.
 * If we are in the context of an RPC call, the remote user is used,
 * otherwise the currently logged in user is used.
 */
private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    // for non-rpc handling, fallback to system user
    user = userProvider.getCurrent();
  }
  return user;
}

项目：HIndex 文件：AccessController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner.
 * If so, we assume that access control is correctly enforced based on
 * the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s)
    throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUserName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUserName)) {
      throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!");
    }
  }
}

项目：HIndex 文件：SecureBulkLoadEndpoint.java

private User getActiveUser() {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    return null;
  }

  //this is for testing
  if("simple".equalsIgnoreCase(conf.get(User.HBASE_SECURITY_CONF_KEY))) {
    return User.createUserForTesting(conf, user.getShortName(), new String[]{});
  }

  return user;
}

项目：IRIndex 文件：AccessController.java

private void logResult(AuthResult result) {
  if (AUDITLOG.isTraceEnabled()) {
    InetAddress remoteAddr = null;
    RequestContext ctx = RequestContext.get();
    if (ctx != null) {
      remoteAddr = ctx.getRemoteAddress();
    }
    AUDITLOG.trace("Access " + (result.isAllowed() ? "allowed" : "denied") +
        " for user " + (result.getUser() != null ? result.getUser().getShortName() : "UNKNOWN") +
        "; reason: " + result.getReason() +
        "; remote address: " + (remoteAddr != null ? remoteAddr : "") +
        "; request: " + result.getRequest() +
        "; context: " + result.toContextString());
  }
}

项目：IRIndex 文件：AccessController.java

/**
 * Returns the active user to which authorization checks should be applied.
 * If we are in the context of an RPC call, the remote user is used,
 * otherwise the currently logged in user is used.
 */
private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    // for non-rpc handling, fallback to system user
    user = userProvider.getCurrent();
  }

  return user;
}

项目：IRIndex 文件：AccessController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner.
 * If so, we assume that access control is correctly enforced based on
 * the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s)
    throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUserName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUserName)) {
      throw new AccessDeniedException("User '"+ requestUserName +"' is not the scanner owner!");
    }
  }
}

项目：IRIndex 文件：SecureBulkLoadEndpoint.java

private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    throw new DoNotRetryIOException("Failed to get requesting user");
  }

  //this is for testing
  if("simple".equalsIgnoreCase(conf.get(User.HBASE_SECURITY_CONF_KEY))) {
    return User.createUserForTesting(conf, user.getShortName(), new String[]{});
  }

  return user;
}

项目：IRIndex 文件：TestTokenAuthentication.java

public String getAuthMethod() {
  UserGroupInformation ugi = null;
  User user = RequestContext.getRequestUser();
  if (user != null) {
    ugi = user.getUGI();
  }
  if (ugi != null) {
    return ugi.getAuthenticationMethod().toString();
  }
  return null;
}

项目：PyroDB 文件：VisibilityController.java

/**
 * Verify, when servicing an RPC, that the caller is the scanner owner. If so, we assume that
 * access control is correctly enforced based on the checks performed in preScannerOpen()
 */
private void requireScannerOwner(InternalScanner s) throws AccessDeniedException {
  if (RequestContext.isInRequestContext()) {
    String requestUName = RequestContext.getRequestUserName();
    String owner = scannerOwners.get(s);
    if (owner != null && !owner.equals(requestUName)) {
      throw new AccessDeniedException("User '" + requestUName + "' is not the scanner owner!");
    }
  }
}

项目：PyroDB 文件：VisibilityController.java

private User getActiveUser() throws IOException {
  User user = RequestContext.getRequestUser();
  if (!RequestContext.isInRequestContext()) {
    // for non-rpc handling, fallback to system user
    user = User.getCurrent();
  }
  if (LOG.isTraceEnabled()) {
    LOG.trace("Current active user name is "+user.getShortName());
  }
  return user;
}

项目：PyroDB 文件：TokenProvider.java

@Override
public void getAuthenticationToken(RpcController controller,
                                   AuthenticationProtos.GetAuthenticationTokenRequest request,
                                   RpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> done) {
  AuthenticationProtos.GetAuthenticationTokenResponse.Builder response =
      AuthenticationProtos.GetAuthenticationTokenResponse.newBuilder();

  try {
    if (secretManager == null) {
      throw new IOException(
          "No secret manager configured for token authentication");
    }

    User currentUser = RequestContext.getRequestUser();
    UserGroupInformation ugi = null;
    if (currentUser != null) {
      ugi = currentUser.getUGI();
    }
    if (currentUser == null) {
      throw new AccessDeniedException("No authenticated user for request!");
    } else if (!isAllowedDelegationTokenOp(ugi)) {
      LOG.warn("Token generation denied for user="+currentUser.getName()
          +", authMethod="+ugi.getAuthenticationMethod());
      throw new AccessDeniedException(
          "Token generation only allowed for Kerberos authenticated clients");
    }

    Token<AuthenticationTokenIdentifier> token =
        secretManager.generateToken(currentUser.getName());
    response.setToken(ProtobufUtil.toToken(token)).build();
  } catch (IOException ioe) {
    ResponseConverter.setControllerException(controller, ioe);
  }
  done.run(response.build());
}