You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@slider.apache.org by st...@apache.org on 2014/07/02 18:00:35 UTC
[06/26] git commit: SLIDER-192: use hadoop.security.authentication
type as indicate whether to use security or not.
SLIDER-192: use hadoop.security.authentication type as indicate whether to use security or not.
Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/8fe71f06
Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/8fe71f06
Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/8fe71f06
Branch: refs/heads/feature/SLIDER-151_Implement_full_slider_API_in_REST_and_switch_client_to_it
Commit: 8fe71f06738321525501b7c13a50046bf85e43fb
Parents: 31d22b8
Author: Steve Loughran <st...@apache.org>
Authored: Tue Jul 1 15:24:58 2014 +0100
Committer: Steve Loughran <st...@apache.org>
Committed: Tue Jul 1 15:24:58 2014 +0100
----------------------------------------------------------------------
.../java/org/apache/slider/client/SliderClient.java | 4 +++-
.../org/apache/slider/common/SliderXmlConfKeys.java | 4 ++--
.../org/apache/slider/common/tools/SliderUtils.java | 15 ++++++++-------
3 files changed, 13 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/client/SliderClient.java b/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
index 95c120c..a337533 100644
--- a/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
+++ b/slider-core/src/main/java/org/apache/slider/client/SliderClient.java
@@ -894,7 +894,9 @@ public class SliderClient extends AbstractSliderLaunchedService implements RunSe
if (clusterSecure) {
// if the cluster is secure, make sure that
// the relevant security settings go over
- addConfOptionToCLI(commandLine, config, KEY_SECURITY_ENABLED);
+/*
+ addConfOptionToCLI(commandLine, config, KEY_SECURITY);
+*/
addConfOptionToCLI(commandLine,
config,
DFSConfigKeys.DFS_NAMENODE_USER_NAME_KEY);
http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java b/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
index 272ae6a..c7b8ea5 100644
--- a/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
+++ b/slider-core/src/main/java/org/apache/slider/common/SliderXmlConfKeys.java
@@ -93,8 +93,8 @@ public interface SliderXmlConfKeys {
* Flag which is set to indicate that security should be enabled
* when talking to this cluster.
*/
- String KEY_SECURITY_ENABLED =
- CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION;
+ String KEY_SECURITY =
+ CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION;
/**
* queue name
http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/8fe71f06/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
----------------------------------------------------------------------
diff --git a/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java b/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
index b97ff63..5479b54 100644
--- a/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
+++ b/slider-core/src/main/java/org/apache/slider/common/tools/SliderUtils.java
@@ -904,7 +904,8 @@ public final class SliderUtils {
* @return true if the slider client/service should be in secure mode
*/
public static boolean isHadoopClusterSecure(Configuration conf) {
- return conf.getBoolean(SliderXmlConfKeys.KEY_SECURITY_ENABLED, false);
+ return SecurityUtil.getAuthenticationMethod(conf) !=
+ UserGroupInformation.AuthenticationMethod.SIMPLE;
}
/**
@@ -953,22 +954,22 @@ public final class SliderUtils {
conf.get(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION));
log.debug("hadoop.security.authorization={}",
conf.get(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHORIZATION));
- SecurityUtil.setAuthenticationMethod(
- UserGroupInformation.AuthenticationMethod.KERBEROS, conf);
+/* SecurityUtil.setAuthenticationMethod(
+ UserGroupInformation.AuthenticationMethod.KERBEROS, conf);*/
UserGroupInformation.setConfiguration(conf);
UserGroupInformation authUser = UserGroupInformation.getCurrentUser();
log.debug("Authenticating as " + authUser.toString());
log.debug("Login user is {}", UserGroupInformation.getLoginUser());
if (!UserGroupInformation.isSecurityEnabled()) {
throw new BadConfigException("Although secure mode is enabled," +
- "the application has already set up its user as an insecure entity %s",
- authUser);
+ "the application has already set up its user as an insecure entity %s",
+ authUser);
}
if (authUser.getAuthenticationMethod() ==
UserGroupInformation.AuthenticationMethod.SIMPLE) {
throw new BadConfigException("Auth User is not Kerberized %s" +
- " -security has already been set up with the wrong authentication method",
- authUser);
+ " -security has already been set up with the wrong authentication method",
+ authUser);
}