/** * Authorize the incoming client connection. * @param user client user * @param connection incoming connection * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ public void authorize(UserGroupInformation user, ConnectionHeader connection, InetAddress addr) throws AuthorizationException { if (authorize) { Class<?> c = getServiceInterface(services, connection.getServiceName()); synchronized (authManager) { authManager.authorize(user, c, getConf(), addr); } } }
/** * Authorize the incoming client connection. * * @param user client user * @param protocolName - the protocol * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ private void authorize(UserGroupInformation user, String protocolName, InetAddress addr) throws AuthorizationException { if (authorize) { if (protocolName == null) { throw new AuthorizationException("Null protocol not authorized"); } Class<?> protocol = null; try { protocol = getProtocolClass(protocolName, getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + protocolName); } serviceAuthorizationManager.authorize(user, protocol, getConf(), addr); } }
/** * Authorize the incoming client connection. * * @param user client user * @param connection incoming connection * @param addr InetAddress of incoming connection * @throws org.apache.hadoop.security.authorize.AuthorizationException * when the client isn't authorized to talk the protocol */ public synchronized void authorize(UserGroupInformation user, ConnectionHeader connection, InetAddress addr) throws AuthorizationException { if (authorize) { Class<?> c = getServiceInterface(services, connection.getServiceName()); this.authManager.authorize(user != null ? user : null, c, getConf(), addr); } }
@Override public void authorize(Subject user, ConnectionHeader connection) throws AuthorizationException { if (authorize) { Class<?> protocol = null; try { protocol = getProtocolClass(connection.getProtocol(), getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + connection.getProtocol()); } ServiceAuthorizationManager.authorize(user, protocol); } } }
/** * Authorize the incoming client connection. * * @param user client user * @param protocolName - the protocol * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ private void authorize(UserGroupInformation user, String protocolName, InetAddress addr) throws AuthorizationException { if (authorize) { if (protocolName == null) { throw new AuthorizationException("Null protocol not authorized"); } Class<?> protocol = null; try { protocol = getProtocolClass(protocolName, getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + protocolName); } serviceAuthorizationManager.authorize(user, protocol, getConf(), addr); } }
/** * Authorize the incoming client connection. * * @param user client user * @param protocolName - the protocol * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ private void authorize(UserGroupInformation user, String protocolName, InetAddress addr) throws AuthorizationException { if (authorize) { if (protocolName == null) { throw new AuthorizationException("Null protocol not authorized"); } Class<?> protocol = null; try { protocol = getProtocolClass(protocolName, getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + protocolName); } serviceAuthorizationManager.authorize(user, protocol, getConf(), addr); } }
/** * Authorize the incoming client connection. * * @param user client user * @param protocolName - the protocol * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ private void authorize(UserGroupInformation user, String protocolName, InetAddress addr) throws AuthorizationException { if (authorize) { if (protocolName == null) { throw new AuthorizationException("Null protocol not authorized"); } Class<?> protocol = null; try { protocol = getProtocolClass(protocolName, getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + protocolName); } serviceAuthorizationManager.authorize(user, protocol, getConf(), addr); } }
/** * Authorize the incoming client connection. * * @param user client user * @param protocolName - the protocol * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the protocol */ private void authorize(UserGroupInformation user, String protocolName, InetAddress addr) throws AuthorizationException { if (authorize) { if (protocolName == null) { throw new AuthorizationException("Null protocol not authorized"); } Class<?> protocol = null; try { protocol = getProtocolClass(protocolName, getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + protocolName); } serviceAuthorizationManager.authorize(user, protocol, getConf(), addr); } }
@Test public void testMachineList() throws UnknownHostException { UserGroupInformation drwho = UserGroupInformation.createUserForTesting("drwho@EXAMPLE.COM", new String[] { "group1", "group2" }); ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); conf.set(HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(AUTHORIZED_IP)); } catch (AuthorizationException e) { fail(); } try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); } catch (AuthorizationException e) { // expects Exception } }
@Test public void testMachineList() throws UnknownHostException { UserGroupInformation drwho = UserGroupInformation.createUserForTesting("drwho@EXAMPLE.COM", new String[] { "group1", "group2" }); ServiceAuthorizationManager serviceAuthorizationManager = new ServiceAuthorizationManager(); Configuration conf = new Configuration (); conf.set(HOST_CONFIG, "1.2.3.4"); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(AUTHORIZED_IP)); } catch (AuthorizationException e) { fail(); } try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); } catch (AuthorizationException e) { // expects Exception } }
serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); } catch (AuthorizationException e) { serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) {
serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("1.2.3.4")); fail(); serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("1.2.3.4")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("10.222.0.0")); fail();
serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("1.2.3.4")); fail(); serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("1.2.3.4")); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName("10.222.0.0")); fail();
serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName(ADDRESS)); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(ADDRESS)); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName(ADDRESS)); fail();
serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName(ADDRESS)); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(ADDRESS)); } catch (AuthorizationException e) { serviceAuthorizationManager.authorize(drwho, TestProtocol1.class, conf, InetAddress.getByName(ADDRESS)); fail();
serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); } catch (AuthorizationException e) { serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName(UNAUTHORIZED_IP)); fail(); serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) {
serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); fail(); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) {
serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) { serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); fail(); serviceAuthorizationManager.refresh(conf, new TestPolicyProvider()); try { serviceAuthorizationManager.authorize(drwho, TestProtocol.class, conf, InetAddress.getByName("10.222.0.0")); } catch (AuthorizationException e) {
/** * Authorize the incoming client connection. * * @param user client user * @param connection incoming connection * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the * protocol */ @SuppressWarnings("static-access") public void authorize(UserGroupInformation user, ConnectionHeader connection, InetAddress addr) throws AuthorizationException { if (authorize) { Class<?> protocol = null; try { protocol = getProtocolClass(connection.getProtocol(), getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + connection.getProtocol()); } ServiceAuthorizationManager authManager = new ServiceAuthorizationManager(); authManager.authorize(user, protocol, getConf(), addr); } }
/** * Authorize the incoming client connection. * * @param user client user * @param connection incoming connection * @param addr InetAddress of incoming connection * @throws AuthorizationException when the client isn't authorized to talk the * protocol */ @SuppressWarnings("static-access") public void authorize(UserGroupInformation user, ConnectionHeader connection, InetAddress addr) throws AuthorizationException { if (authorize) { Class<?> protocol = null; try { protocol = getProtocolClass(connection.getProtocol(), getConf()); } catch (ClassNotFoundException cfne) { throw new AuthorizationException("Unknown protocol: " + connection.getProtocol()); } ServiceAuthorizationManager authManager = new ServiceAuthorizationManager(); authManager.authorize(user, protocol, getConf(), addr); } }