private HttpResponse executeRequest(ImpersonationRequest impersonationRequest) throws IOException { HttpRequest request = remoteClient.requestBuilder(HttpMethod.POST, "impersonation/credentials") .withBody(GSON.toJson(impersonationRequest)) .build(); HttpResponse response = remoteClient.execute(request); if (response.getResponseCode() == HttpURLConnection.HTTP_OK) { return response; } throw new IOException(String.format("%s Response: %s.", createErrorMessage(request.getURL()), response)); }
discoveryService.register(new Discoverable(Constants.Service.APP_FABRIC_HTTP, httpService.getBindAddress())); RemoteUGIProvider ugiProvider = new RemoteUGIProvider(cConf, discoveryService, locationFactory, ownerAdmin); UGIWithPrincipal aliceUGIWithPrincipal = ugiProvider.getConfiguredUGI(aliceImpRequest); Assert.assertSame(aliceUGIWithPrincipal, ugiProvider.getConfiguredUGI(aliceImpRequest)); ugiProvider.invalidCache(); Assert.assertNotSame(aliceUGIWithPrincipal, ugiProvider.getConfiguredUGI(aliceImpRequest)); } finally { httpService.stop();
@Override protected UGIWithPrincipal createUGI(ImpersonationRequest impersonationRequest) throws IOException { ImpersonationRequest jsonRequest = new ImpersonationRequest(impersonationRequest.getEntityId(), impersonationRequest.getImpersonatedOpType(), impersonationRequest.getPrincipal()); PrincipalCredentials principalCredentials = GSON.fromJson(executeRequest(jsonRequest).getResponseBodyAsString(), PrincipalCredentials.class); LOG.debug("Received response: {}", principalCredentials); Location location = locationFactory.create(URI.create(principalCredentials.getCredentialsPath())); try { String user = principalCredentials.getPrincipal(); if (impersonationRequest.getImpersonatedOpType() == ImpersonatedOpType.EXPLORE) { // For explore operations, we use the short name in UserGroupInformation, to avoid an incorrect // check in Hive. See CDAP-12930 user = new KerberosName(user).getShortName(); } UserGroupInformation impersonatedUGI = UserGroupInformation.createRemoteUser(user); impersonatedUGI.addCredentials(readCredentials(location)); return new UGIWithPrincipal(principalCredentials.getPrincipal(), impersonatedUGI); } finally { try { if (!location.delete()) { LOG.warn("Failed to delete location: {}", location); } } catch (IOException e) { LOG.warn("Exception raised when deleting location {}", location, e); } } }