|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.hadoop.security.SecurityUtil
public class SecurityUtil
Field Summary | |
---|---|
static String |
HOSTNAME_PATTERN
|
static org.apache.commons.logging.Log |
LOG
|
Constructor Summary | |
---|---|
SecurityUtil()
|
Method Summary | |
---|---|
static String |
buildDTServiceName(URI uri,
int defPort)
create service name for Delegation token ip:port |
static void |
fetchServiceTicket(URL remoteHost)
Explicitly pull the service ticket for the specified host. |
static AccessControlList |
getAdminAcls(Configuration conf,
String configKey)
Get the ACL object representing the cluster administrators The user who starts the daemon is automatically added as an admin |
static String |
getHostFromPrincipal(String principalName)
Get the host name from the principal name of format |
static String |
getServerPrincipal(String principalConfig,
InetAddress addr)
Convert Kerberos principal name pattern to valid Kerberos principal names. |
static String |
getServerPrincipal(String principalConfig,
String hostname)
Convert Kerberos principal name pattern to valid Kerberos principal names. |
protected static boolean |
isOriginalTGT(String name)
|
static void |
login(Configuration conf,
String keytabFileKey,
String userNameKey)
If a keytab has been provided, login as that user. |
static void |
login(Configuration conf,
String keytabFileKey,
String userNameKey,
String hostname)
If a keytab has been provided, login as that user. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final org.apache.commons.logging.Log LOG
public static final String HOSTNAME_PATTERN
Constructor Detail |
---|
public SecurityUtil()
Method Detail |
---|
protected static boolean isOriginalTGT(String name)
public static void fetchServiceTicket(URL remoteHost) throws IOException
remoteHost
- Target URL the krb-https client will access
IOException
public static String getServerPrincipal(String principalConfig, String hostname) throws IOException
principalConfig
- the Kerberos principal name conf value to converthostname
- the fully-qualified domain name used for substitution
IOException
public static String getServerPrincipal(String principalConfig, InetAddress addr) throws IOException
getServerPrincipal(String, String)
,
except 1) the reverse DNS lookup from addr to hostname is done only when
necessary, 2) param addr can't be null (no default behavior of using local
hostname when addr is null).
principalConfig
- Kerberos principal name pattern to convertaddr
- InetAddress of the host used for substitution
IOException
public static void login(Configuration conf, String keytabFileKey, String userNameKey) throws IOException
conf
- conf to usekeytabFileKey
- the key to look for keytab file in confuserNameKey
- the key to look for user's Kerberos principal name in conf
IOException
public static void login(Configuration conf, String keytabFileKey, String userNameKey, String hostname) throws IOException
conf
- conf to usekeytabFileKey
- the key to look for keytab file in confuserNameKey
- the key to look for user's Kerberos principal name in confhostname
- hostname to use for substitution
IOException
public static String buildDTServiceName(URI uri, int defPort)
uri
-
public static AccessControlList getAdminAcls(Configuration conf, String configKey)
conf
- configKey
- the key that holds the ACL string in its value
public static String getHostFromPrincipal(String principalName)
principalName
- principal name of format as described above
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |