/** * This has the logic to construct an impersonation info as follows: * <ul> * <li>If the ownerAdmin has an owner and a keytab URI, return this information</li> * <li>Else the ownerAdmin does not have an owner for this entity. * Return the master impersonation info as found in the cConf</li> * </ul> */ public static ImpersonationInfo createImpersonationInfo(OwnerAdmin ownerAdmin, CConfiguration cConf, NamespacedEntityId entityId) throws IOException { ImpersonationInfo impersonationInfo = ownerAdmin.getImpersonationInfo(entityId); if (impersonationInfo == null) { return new ImpersonationInfo(getMasterPrincipal(cConf), getMasterKeytabURI(cConf)); } return impersonationInfo; }
@Nullable @Override public ImpersonationInfo getImpersonationInfo(NamespacedEntityId entityId) throws IOException { entityId = getEffectiveEntity(entityId); if (!entityId.getEntityType().equals(EntityType.NAMESPACE)) { KerberosPrincipalId effectiveOwner = ownerStore.getOwner(entityId); if (effectiveOwner != null) { return new ImpersonationInfo(effectiveOwner.getPrincipal(), SecurityUtil.getKeytabURIforPrincipal(effectiveOwner.getPrincipal(), cConf)); } } // (CDAP-8176) Since no owner was found for the entity return namespace principal if present. NamespaceConfig nsConfig = getNamespaceConfig(entityId.getNamespaceId()); return nsConfig.getPrincipal() == null ? null : new ImpersonationInfo(nsConfig.getPrincipal(), nsConfig.getKeytabURI()); }