Permalink
Browse files

Merge remote branch 'jghoman/security'

  • Loading branch information...
2 parents 1c8c712 + 2be9072 commit f0ef1dd931cc3a58694ac1472cbd91c5cb707906 @rbpark committed Mar 19, 2012
@@ -18,8 +18,6 @@
import azkaban.common.utils.Props;
import azkaban.util.SecurityUtils;
import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
import org.apache.log4j.ConsoleAppender;
import org.apache.log4j.Layout;
import org.apache.log4j.Logger;
@@ -137,7 +135,7 @@ public void run() {
}
private void runMethodAsProxyUser(Properties prop, final Object obj, final String runMethod) throws IOException, InterruptedException {
- SecurityUtils.getProxiedUser(prop, _logger).doAs(new PrivilegedExceptionAction<Void>() {
+ SecurityUtils.getProxiedUser(prop, _logger, new Configuration()).doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
runMethod(obj, runMethod);
@@ -15,29 +15,23 @@
*/
package azkaban.jobs.builtin;
+import org.apache.hadoop.conf.Configuration;
import org.apache.log4j.Logger;
import org.apache.pig.Main;
import java.io.IOException;
import java.security.PrivilegedExceptionAction;
import java.util.Properties;
-import static azkaban.util.SecurityUtils.PROXY_KEYTAB_LOCATION;
-import static azkaban.util.SecurityUtils.PROXY_USER;
-import static azkaban.util.SecurityUtils.TO_PROXY;
import static azkaban.util.SecurityUtils.getProxiedUser;
-import static azkaban.util.SecurityUtils.verifySecureProperty;
public class SecurePigWrapper {
public static void main(final String[] args) throws IOException, InterruptedException {
Logger logger = Logger.getRootLogger();
Properties p = new Properties();
- // No need to check if we should should.proxy - if we're called, we should.
- for(String s : new String [] {PROXY_KEYTAB_LOCATION, PROXY_USER, TO_PROXY}) {
- p.put(s, verifySecureProperty(System.getProperties(), s, logger));
- }
+ Configuration conf = new Configuration();
- getProxiedUser(p, logger).doAs(new PrivilegedExceptionAction<Void>() {
+ getProxiedUser(p, logger, conf).doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
Main.main(args);
@@ -36,19 +36,22 @@
* Create a proxied user based on the explicit user name, taking other parameters
* necessary from properties file.
*/
- public static synchronized UserGroupInformation getProxiedUser(String toProxy, Properties prop, Logger log) throws IOException {
+ public static synchronized UserGroupInformation getProxiedUser(String toProxy, Properties prop, Logger log, Configuration conf) throws IOException {
if(toProxy == null) {
throw new IllegalArgumentException("toProxy can't be null");
}
+ if(conf == null) {
+ throw new IllegalAccessError("conf can't be null");
+ }
if (loginUser == null) {
log.info("No login user. Creating login user");
String keytab = verifySecureProperty(prop, PROXY_KEYTAB_LOCATION, log);
String proxyUser = verifySecureProperty(prop, PROXY_USER, log);
- UserGroupInformation.setConfiguration(new Configuration());
+ UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(proxyUser, keytab);
- log.info("Logged in with user " + loginUser);
loginUser = UserGroupInformation.getLoginUser();
+ log.info("Logged in with user " + loginUser);
} else {
log.info("loginUser (" + loginUser + ") already created, refreshing tgt.");
loginUser.checkTGTAndReloginFromKeytab();
@@ -61,9 +64,9 @@ public static synchronized UserGroupInformation getProxiedUser(String toProxy, P
* Create a proxied user, taking all parameters, including which user to proxy
* from provided Properties.
*/
- public static UserGroupInformation getProxiedUser(Properties prop, Logger log) throws IOException {
+ public static UserGroupInformation getProxiedUser(Properties prop, Logger log, Configuration conf) throws IOException {
String toProxy = verifySecureProperty(prop, TO_PROXY, log);
- return getProxiedUser(toProxy, prop, log);
+ return getProxiedUser(toProxy, prop, log, conf);
}
public static String verifySecureProperty(Properties properties, String s, Logger l) throws IOException {

0 comments on commit f0ef1dd

Please sign in to comment.