-
Notifications
You must be signed in to change notification settings - Fork 1
/
HadoopUGI.java
71 lines (56 loc) · 2.38 KB
/
HadoopUGI.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package com.hwx.ranger;
import java.io.IOException;
import javax.naming.directory.InitialDirContext;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.security.UserGroupInformation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class HadoopUGI {
private static final Logger LOG = LoggerFactory.getLogger(HadoopUGI.class);
static InitialDirContext ctx = null;
public static String gcbaseDn = "";
static FileSystem fs = null;
static String type = null;
static boolean userFolder = false;
String userPrincipalName;
String keytabPath;
UserGroupInformation ugi = null;
static Configuration hdpConfig = new Configuration();
public HadoopUGI(String userPrincipalName, String keytabPath) {
this.userPrincipalName=userPrincipalName;
LOG.debug("Current User Before UGI init: "+userPrincipalName);
this.keytabPath=keytabPath;
this.initUGIAndFileSystem();
}
public void initUGIAndFileSystem() {
try {
hdpConfig.addResource(new Path("/etc/hadoop/conf/core-site.xml"));
hdpConfig.addResource(new Path("/etc/hive/conf/hive-site.xml"));
hdpConfig.addResource(new Path("/etc/hadoop/conf/hdfs-site.xml"));
ugi=null;
if (! this.keytabPath.equals(null) ) {
LOG.info("UseKeyTab is true");
UserGroupInformation.setConfiguration(hdpConfig);
ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(this.userPrincipalName,this.keytabPath);
LOG.info("UGI name:"+ ugi.getUserName());
UserGroupInformation.setLoginUser(ugi);
ugi.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS);
} else {
LOG.info("UserKeyTab is False");
ugi = UserGroupInformation.getCurrentUser();
ugi.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.SIMPLE);
}
LOG.debug("UserName UPN: "+ugi.getUserName());
//hdpConfig.set("hadoop.security.authentication", "kerberos");
LOG.info("Config hadoop.security.authentication: "+hdpConfig.get("hadoop.security.authentication"));
LOG.info("Config dfs.namenode.kerberos.principal: "+hdpConfig.get("dfs.namenode.kerberos.principal"));
LOG.info("Config fs.defaultFS: "+hdpConfig.get("fs.defaultFS"));
} catch (IOException e1) {
// TODO Auto-generated catch block
LOG.error(e1.getMessage());
}
//ugi.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS);
}
}