You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@slider.apache.org by st...@apache.org on 2014/07/02 18:00:35 UTC

[06/26] git commit: SLIDER-192: use hadoop.security.authentication type as indicate whether to use security or not.

SLIDER-192: use hadoop.security.authentication type as indicate whether to use security or not.


Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/8fe71f06
Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/8fe71f06
Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/8fe71f06

Branch: refs/heads/feature/SLIDER-151_Implement_full_slider_API_in_REST_and_switch_client_to_it
Commit: 8fe71f06738321525501b7c13a50046bf85e43fb
Parents: 31d22b8
Author: Steve Loughran <st...@apache.org>
Authored: Tue Jul 1 15:24:58 2014 +0100
Committer: Steve Loughran <st...@apache.org>
Committed: Tue Jul 1 15:24:58 2014 +0100

----------------------------------------------------------------------
 .../java/org/apache/slider/client/SliderClient.java  |  4 +++-
 .../org/apache/slider/common/SliderXmlConfKeys.java  |  4 ++--
 .../org/apache/slider/common/tools/SliderUtils.java  | 15 ++++++++-------
 3 files changed, 13 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/client/SliderClient.java b/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
index 95c120c..a337533 100644
--- a/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
+++ b/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
@@ -894,7 +894,9 @@ public class SliderClient extends AbstractSliderLaunchedService implements RunSe
     if (clusterSecure) {
       // if the cluster is secure, make sure that
       // the relevant security settings go over
-      addConfOptionToCLI(commandLine, config, KEY_SECURITY_ENABLED);
+/*
+      addConfOptionToCLI(commandLine, config, KEY_SECURITY);
+*/
       addConfOptionToCLI(commandLine,
           config,
           DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY);

http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java b/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
index 272ae6a..c7b8ea5 100644
--- a/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
+++ b/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
@@ -93,8 +93,8 @@ public interface SliderXmlConfKeys {
    * Flag which is set to indicate that security should be enabled
    * when talking to this cluster.
    */
-  String KEY_SECURITY_ENABLED =
-      CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION;
+  String KEY_SECURITY =
+      CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION;
 
   /**
    * queue name

http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java b/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
index b97ff63..5479b54 100644
--- a/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
+++ b/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
@@ -904,7 +904,8 @@ public final class SliderUtils {
    * @return true if the slider client/service should be in secure mode
    */
   public static boolean isHadoopClusterSecure(Configuration conf) {
-    return conf.getBoolean(SliderXmlConfKeys.KEY_SECURITY_ENABLED, false);
+    return SecurityUtil.getAuthenticationMethod(conf) !=
+           UserGroupInformation.AuthenticationMethod.SIMPLE;
   }
 
   /**
@@ -953,22 +954,22 @@ public final class SliderUtils {
         conf.get(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION));
     log.debug("hadoop.security.authorization={}",
         conf.get(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION));
-    SecurityUtil.setAuthenticationMethod(
-        UserGroupInformation.AuthenticationMethod.KERBEROS, conf);
+/*    SecurityUtil.setAuthenticationMethod(
+        UserGroupInformation.AuthenticationMethod.KERBEROS, conf);*/
     UserGroupInformation.setConfiguration(conf);
     UserGroupInformation authUser = UserGroupInformation.getCurrentUser();
     log.debug("Authenticating as " + authUser.toString());
     log.debug("Login user is {}", UserGroupInformation.getLoginUser());
     if (!UserGroupInformation.isSecurityEnabled()) {
       throw new BadConfigException("Although secure mode is enabled," +
-                                   "the application has already set up its user as an insecure entity %s",
-                                   authUser);
+               "the application has already set up its user as an insecure entity %s",
+               authUser);
     }
     if (authUser.getAuthenticationMethod() ==
         UserGroupInformation.AuthenticationMethod.SIMPLE) {
       throw new BadConfigException("Auth User is not Kerberized %s" +
-                   " -security has already been set up with the wrong authentication method",
-                                   authUser);
+       " -security has already been set up with the wrong authentication method",
+                       authUser);
 
     }