|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.hadoop.security.SecurityUtil
public class SecurityUtil
Field Summary | |
---|---|
static String |
HOSTNAME_PATTERN
|
static org.apache.commons.logging.Log |
LOG
|
Constructor Summary | |
---|---|
SecurityUtil()
|
Method Summary | |
---|---|
static String |
buildDTServiceName(URI uri,
int defPort)
create service name for Delegation token ip:port |
static void |
fetchServiceTicket(URL remoteHost)
Explicitly pull the service ticket for the specified host. |
static AccessControlList |
getAdminAcls(Configuration conf,
String configKey)
Get the ACL object representing the cluster administrators The user who starts the daemon is automatically added as an admin |
static String |
getServerPrincipal(String principalConfig,
String hostname)
Convert Kerberos principal name conf values to valid Kerberos principal names. |
protected static boolean |
isOriginalTGT(String name)
|
static void |
login(Configuration conf,
String keytabFileKey,
String userNameKey)
If a keytab has been provided, login as that user. |
static void |
login(Configuration conf,
String keytabFileKey,
String userNameKey,
String hostname)
If a keytab has been provided, login as that user. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final org.apache.commons.logging.Log LOG
public static final String HOSTNAME_PATTERN
Constructor Detail |
---|
public SecurityUtil()
Method Detail |
---|
protected static boolean isOriginalTGT(String name)
public static void fetchServiceTicket(URL remoteHost) throws IOException
remoteHost
- Target URL the krb-https client will access
IOException
public static String getServerPrincipal(String principalConfig, String hostname) throws IOException
principalConfig
- the Kerberos principal name conf value to converthostname
- the fully-qualified domain name used for substitution
IOException
public static void login(Configuration conf, String keytabFileKey, String userNameKey) throws IOException
conf
- conf to usekeytabFileKey
- the key to look for keytab file in confuserNameKey
- the key to look for user's Kerberos principal name in conf
IOException
public static void login(Configuration conf, String keytabFileKey, String userNameKey, String hostname) throws IOException
conf
- conf to usekeytabFileKey
- the key to look for keytab file in confuserNameKey
- the key to look for user's Kerberos principal name in confhostname
- hostname to use for substitution
IOException
public static String buildDTServiceName(URI uri, int defPort)
uri
-
public static AccessControlList getAdminAcls(Configuration conf, String configKey)
conf
- configKey
- the key that holds the ACL string in its value
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |