@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } return ugi.equals(((User) o).ugi); }
@Override public boolean equals(Object o) { if (this == o) { return true; } else if (o == null || getClass() != o.getClass()) { return false; } else { return realUser.equals(((RealUser) o).realUser); } }
private boolean isCurrentUserOwner() throws HiveException { try { return owner == null || owner.equals(UserGroupInformation.getCurrentUser()); } catch(IOException e) { throw new HiveException("Error getting current user: " + e.getMessage(), e); } }
private boolean isCurrentUserOwner() throws HiveException { try { return owner == null || owner.equals(UserGroupInformation.getCurrentUser()); } catch(IOException e) { throw new HiveException("Error getting current user: " + e.getMessage(), e); } }
protected boolean shouldAuthenticateOverKrb() throws IOException { UserGroupInformation loginUser = UserGroupInformation.getLoginUser(); UserGroupInformation currentUser = UserGroupInformation.getCurrentUser(); UserGroupInformation realUser = currentUser.getRealUser(); return authMethod == AuthMethod.KERBEROS && loginUser != null && // Make sure user logged in using Kerberos either keytab or TGT loginUser.hasKerberosCredentials() && // relogin only in case it is the login user (e.g. JT) // or superuser (like oozie). (loginUser.equals(currentUser) || loginUser.equals(realUser)); }
private synchronized boolean shouldAuthenticateOverKrb() throws IOException { UserGroupInformation loginUser = UserGroupInformation.getLoginUser(); UserGroupInformation currentUser = UserGroupInformation.getCurrentUser(); UserGroupInformation realUser = currentUser.getRealUser(); if (authMethod == AuthMethod.KERBEROS && loginUser != null && // Make sure user logged in using Kerberos either keytab or TGT loginUser.hasKerberosCredentials() && // relogin only in case it is the login user (e.g. JT) // or superuser (like oozie). (loginUser.equals(currentUser) || loginUser.equals(realUser))) { return true; } return false; }
synchronized void closeAll(UserGroupInformation ugi) throws IOException { List<FileSystem> targetFSList = new ArrayList<>(map.entrySet().size()); //Make a pass over the list and collect the FileSystems to close //we cannot close inline since close() removes the entry from the Map for (Map.Entry<Key, FileSystem> entry : map.entrySet()) { final Key key = entry.getKey(); final FileSystem fs = entry.getValue(); if (ugi.equals(key.ugi) && fs != null) { targetFSList.add(fs); } } List<IOException> exceptions = new ArrayList<>(); //now make a pass over the target list and close each for (FileSystem fs : targetFSList) { try { fs.close(); } catch(IOException ioe) { exceptions.add(ioe); } } if (!exceptions.isEmpty()) { throw MultipleIOException.createIOException(exceptions); } }
public void cleanupBulkLoad(final HRegion region, final CleanupBulkLoadRequest request) throws IOException { try { region.getCoprocessorHost().preCleanupBulkLoad(getActiveUser()); Path path = new Path(request.getBulkToken()); if (!fs.delete(path, true)) { if (fs.exists(path)) { throw new IOException("Failed to clean up " + path); } } LOG.info("Cleaned up " + path + " successfully."); } finally { UserGroupInformation ugi = getActiveUser().getUGI(); try { if (!UserGroupInformation.getLoginUser().equals(ugi) && !isUserReferenced(ugi)) { FileSystem.closeAllForUGI(ugi); } } catch (IOException e) { LOG.error("Failed to close FileSystem for: " + ugi, e); } } }
/** * test login with security enabled configuration To run this test, we must specify the following * system properties: * <p> * <b> hbase.regionserver.kerberos.principal </b> * <p> * <b> hbase.regionserver.keytab.file </b> * @throws IOException */ @Test public void testUserLoginInSecureHadoop() throws Exception { // Default login is system user. UserGroupInformation defaultLogin = UserGroupInformation.getCurrentUser(); String nnKeyTab = getKeytabFileForTesting(); String dnPrincipal = getPrincipalForTesting(); assertNotNull("KerberosKeytab was not specified", nnKeyTab); assertNotNull("KerberosPrincipal was not specified", dnPrincipal); Configuration conf = getSecuredConfiguration(); UserGroupInformation.setConfiguration(conf); User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE, HBaseKerberosUtils.KRB_PRINCIPAL, "localhost"); UserGroupInformation successLogin = UserGroupInformation.getLoginUser(); assertFalse("ugi should be different in in case success login", defaultLogin.equals(successLogin)); }
protected boolean shouldAuthenticateOverKrb() throws IOException { UserGroupInformation loginUser = UserGroupInformation.getLoginUser(); UserGroupInformation currentUser = UserGroupInformation.getCurrentUser(); UserGroupInformation realUser = currentUser.getRealUser(); return authMethod == AuthMethod.KERBEROS && loginUser != null && // Make sure user logged in using Kerberos either keytab or TGT loginUser.hasKerberosCredentials() && // relogin only in case it is the login user (e.g. JT) // or superuser (like oozie). (loginUser.equals(currentUser) || loginUser.equals(realUser)); }
@Override public boolean equals(Object obj) { if (obj == this) { return true; } if (obj != null && obj instanceof Key) { final Key that = (Key)obj; return this.authority.equals(that.authority) && this.ugi.equals(that.ugi); } return false; }
@Override public boolean equals(Object obj) { if (obj == this) { return true; } if (obj != null && obj instanceof Key) { final Key that = (Key)obj; return this.authority.equals(that.authority) && this.ugi.equals(that.ugi); } return false; }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } return ugi.equals(((User) o).ugi); }
@Override public boolean equals(Object o) { if (this == o) { return true; } else if (o == null || getClass() != o.getClass()) { return false; } else { return realUser.equals(((RealUser) o).realUser); } }
@Override public boolean equals(Object o) { if (this == o) { return true; } else if (o == null || getClass() != o.getClass()) { return false; } else { return realUser.equals(((RealUser) o).realUser); } }
@Override public boolean equals(Object o) { if (this == o) { return true; } else if (o == null || getClass() != o.getClass()) { return false; } else { return realUser.equals(((RealUser) o).realUser); } }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } return ugi.equals(((User) o).ugi); }
@Override public Object run() throws IOException { UserGroupInformation current = UserGroupInformation.getCurrentUser(); assertFalse(current.equals(login)); assertEquals(current, fakeUser); assertEquals(0, current.getGroupNames().length); return null; }}); }
@Test (timeout = 30000) public void testEqualsWithRealUser() throws Exception { UserGroupInformation realUgi1 = UserGroupInformation.createUserForTesting( "RealUser", GROUP_NAMES); UserGroupInformation proxyUgi1 = UserGroupInformation.createProxyUser( USER_NAME, realUgi1); UserGroupInformation proxyUgi2 = new UserGroupInformation( proxyUgi1.getSubject()); UserGroupInformation remoteUgi = UserGroupInformation.createRemoteUser(USER_NAME); assertEquals(proxyUgi1, proxyUgi2); assertFalse(remoteUgi.equals(proxyUgi1)); }