requireNonNull(credential); if (!isHadoopCredentialProviderAvailable()) { log.warn("Hadoop CredentialProvider is not available"); return; List<Object> providers = getCredentialProviders(conf); if (providers == null) { throw new IOException( createEntryInProvider(provider, name, credential);
/** * Attempt to extract all aliases from any configured CredentialsProviders. * * @param conf * Configuration for the CredentialProvider * @return A list of aliases. An empty list if no CredentialProviders are configured, or the * providers are empty. */ public static List<String> getKeys(Configuration conf) { requireNonNull(conf); if (isHadoopCredentialProviderAvailable()) { log.trace("Hadoop CredentialProvider is available, attempting to extract all aliases"); return getAliasesFromHadoopCredentialProvider(conf); } return Collections.emptyList(); }
/** * Attempt to extract the password from any configured CredentialsProviders for the given alias. * If no providers or credential is found, null is returned. * * @param conf * Configuration for CredentialProvider * @param alias * Name of CredentialEntry key * @return The credential if found, null otherwise */ public static char[] getValueFromCredentialProvider(Configuration conf, String alias) { requireNonNull(conf); requireNonNull(alias); if (isHadoopCredentialProviderAvailable()) { log.trace("Hadoop CredentialProvider is available, attempting to extract value for {}", alias); return getFromHadoopCredentialProvider(conf, alias); } return null; }
if (!CredentialProviderFactoryShim.isHadoopCredentialProviderAvailable()) { throw new RuntimeException("Cannot use CredentialProvider when" + " implementation is not available. Be sure to use >=Hadoop-2.6.0"); Configuration conf = CredentialProviderFactoryShim.getConfiguration(keystoreUri); CredentialProviderFactoryShim.createEntry(conf, entry.getKey(), entry.getValue().toCharArray()); } catch (IOException e) {
for (String key : CredentialProviderFactoryShim.getKeys(hadoopConf)) { if (!Property.isValidPropertyKey(key) || !Property.isSensitive(key)) { continue; .getValueFromCredentialProvider(hadoopConf, key); if (value != null) { props.put(key, new String(value));
requireNonNull(credential); if (!isHadoopCredentialProviderAvailable()) { log.warn("Hadoop CredentialProvider is not available"); return;
/** * Create a Hadoop {@link Configuration} with the appropriate members to access * CredentialProviders * * @param credentialProviders * Comma-separated list of CredentialProvider URLs * @return Configuration to be used for CredentialProvider */ public static Configuration getConfiguration(String credentialProviders) { requireNonNull(credentialProviders); return getConfiguration(new Configuration(CachedConfiguration.getInstance()), credentialProviders); }
protected void setWithCredentialProviders(String name, String credentialProviders) throws IOException { this.name = name; this.credentialProviders = credentialProviders; final Configuration conf = new Configuration(); conf.set(CredentialProviderFactoryShim.CREDENTIAL_PROVIDER_PATH, credentialProviders); char[] password = CredentialProviderFactoryShim.getValueFromCredentialProvider(conf, name); if (password == null) { throw new IOException( "No password could be extracted from CredentialProvider(s) with " + name); } setPassword(CharBuffer.wrap(password)); }
protected static char[] getFromHadoopCredentialProvider(Configuration conf, String alias) { List<Object> providerObjList = getCredentialProviders(conf); if (providerObjList == null) { return null; } for (Object providerObj : providerObjList) { try { // Invoke CredentialProvider.getCredentialEntry(String) Object credEntryObj = getCredentialEntryMethod.invoke(providerObj, alias); if (credEntryObj == null) { continue; } // Then, CredentialEntry.getCredential() Object credential = getCredentialMethod.invoke(credEntryObj); return (char[]) credential; } catch (IllegalArgumentException | InvocationTargetException | IllegalAccessException e) { log.warn("Failed to get credential for {} from {}", alias, providerObj, e); continue; } } // If we didn't find it, this isn't an error, it just wasn't set in the CredentialProvider log.trace("Could not extract credential for {} from providers", alias); return null; }
@Override public void getProperties(Map<String,String> props, Predicate<String> filter) { parent.getProperties(props, filter); for (Entry<String,String> entry : getXmlConfig()) if (filter.apply(entry.getKey())) props.put(entry.getKey(), entry.getValue()); // CredentialProvider should take precedence over site Configuration hadoopConf = getHadoopConfiguration(); if (null != hadoopConf) { try { for (String key : CredentialProviderFactoryShim.getKeys(hadoopConf)) { if (!Property.isValidPropertyKey(key) || !Property.isSensitive(key)) { continue; } if (filter.apply(key)) { char[] value = CredentialProviderFactoryShim.getValueFromCredentialProvider(hadoopConf, key); if (null != value) { props.put(key, new String(value)); } } } } catch (IOException e) { log.warn("Failed to extract sensitive properties from Hadoop" + " CredentialProvider, falling back to accumulo-site.xml", e); } } }
requireNonNull(credential); if (!isHadoopCredentialProviderAvailable()) { log.warn("Hadoop CredentialProvider is not available"); return;
for (Property property : Property.values()) { if (property.isSensitive()) { char[] value = CredentialProviderFactoryShim.getValueFromCredentialProvider(hadoopConf, property.getKey()); if (value != null) {
@SuppressWarnings("unchecked") protected static List<String> getAliasesFromHadoopCredentialProvider(Configuration conf) { List<Object> providerObjList = getCredentialProviders(conf);
requireNonNull(credential); if (!isHadoopCredentialProviderAvailable()) { log.warn("Hadoop CredentialProvider is not available"); return; List<Object> providers = getCredentialProviders(conf); if (null == providers) { throw new IOException( createEntryInProvider(provider, name, credential);
/** * Attempt to extract all aliases from any configured CredentialsProviders. * * @param conf * Configuration for the CredentialProvider * @return A list of aliases. An empty list if no CredentialProviders are configured, or the * providers are empty. * @throws IOException * On errors reading a CredentialProvider */ public static List<String> getKeys(Configuration conf) throws IOException { requireNonNull(conf); if (isHadoopCredentialProviderAvailable()) { log.trace("Hadoop CredentialProvider is available, attempting to extract all aliases"); return getAliasesFromHadoopCredentialProvider(conf); } return Collections.emptyList(); }
/** * Attempt to extract the password from any configured CredentialsProviders for the given alias. * If no providers or credential is found, null is returned. * * @param conf * Configuration for CredentialProvider * @param alias * Name of CredentialEntry key * @return The credential if found, null otherwise * @throws IOException * On errors reading a CredentialProvider */ public static char[] getValueFromCredentialProvider(Configuration conf, String alias) throws IOException { requireNonNull(conf); requireNonNull(alias); if (isHadoopCredentialProviderAvailable()) { log.trace("Hadoop CredentialProvider is available, attempting to extract value for {}", alias); return getFromHadoopCredentialProvider(conf, alias); } return null; }
if (null != hadoopConf) { try { for (String key : CredentialProviderFactoryShim.getKeys(hadoopConf)) { if (!Property.isValidPropertyKey(key) || !Property.isSensitive(key)) { continue; .getValueFromCredentialProvider(hadoopConf, key); if (null != value) { props.put(key, new String(value));
org.apache.hadoop.conf.Configuration hadoopConf = getHadoopConfiguration(); if (hadoopConf != null) { char[] value = CredentialProviderFactoryShim.getValueFromCredentialProvider(hadoopConf, key); if (value != null) {
protected static char[] getFromHadoopCredentialProvider(Configuration conf, String alias) { List<Object> providerObjList = getCredentialProviders(conf); if (null == providerObjList) { return null; } for (Object providerObj : providerObjList) { try { // Invoke CredentialProvider.getCredentialEntry(String) Object credEntryObj = getCredentialEntryMethod.invoke(providerObj, alias); if (null == credEntryObj) { continue; } // Then, CredentialEntry.getCredential() Object credential = getCredentialMethod.invoke(credEntryObj); return (char[]) credential; } catch (IllegalArgumentException e) { log.warn("Failed to get credential for {} from {}", alias, providerObj, e); continue; } catch (IllegalAccessException e) { log.warn("Failed to get credential for {} from {}", alias, providerObj, e); continue; } catch (InvocationTargetException e) { log.warn("Failed to get credential for {} from {}", alias, providerObj, e); continue; } } // If we didn't find it, this isn't an error, it just wasn't set in the CredentialProvider log.trace("Could not extract credential for {} from providers", alias); return null; }
protected void setWithCredentialProviders(String name, String credentialProviders) throws IOException { final Configuration conf = new Configuration(CachedConfiguration.getInstance()); conf.set(CredentialProviderFactoryShim.CREDENTIAL_PROVIDER_PATH, credentialProviders); char[] password = CredentialProviderFactoryShim.getValueFromCredentialProvider(conf, name); if (null == password) { throw new IOException( "No password could be extracted from CredentialProvider(s) with " + name); } setPassword(CharBuffer.wrap(password)); }