You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hudi.apache.org by yi...@apache.org on 2022/09/26 14:11:22 UTC
[hudi] branch master updated: [HUDI-4718] Add Kerberos kinit command support. (#6719)
This is an automated email from the ASF dual-hosted git repository.
yihua pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hudi.git
The following commit(s) were added to refs/heads/master by this push:
new 5e58421f1b [HUDI-4718] Add Kerberos kinit command support. (#6719)
5e58421f1b is described below
commit 5e58421f1b61a8cc07a0901f2bf7a7c1943fcdda
Author: Paul Zhang <xz...@126.com>
AuthorDate: Mon Sep 26 22:11:10 2022 +0800
[HUDI-4718] Add Kerberos kinit command support. (#6719)
---
.../commands/KerberosAuthenticationCommand.java | 60 ++++++++++++++++++++++
1 file changed, 60 insertions(+)
diff --git a/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java b/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java
new file mode 100644
index 0000000000..d79279a315
--- /dev/null
+++ b/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hudi.cli.commands;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.springframework.shell.standard.ShellComponent;
+import org.springframework.shell.standard.ShellMethod;
+import org.springframework.shell.standard.ShellOption;
+
+import java.io.IOException;
+
+/**
+ * CLI command to perform Kerberos authentication.
+ */
+@ShellComponent
+public class KerberosAuthenticationCommand {
+
+ @ShellMethod(key = "kerberos kinit", value = "Perform Kerberos authentication")
+ public String performKerberosAuthentication(
+ @ShellOption(value = "--krb5conf", help = "Path to krb5.conf", defaultValue = "/etc/krb5.conf") String krb5ConfPath,
+ @ShellOption(value = "--principal", help = "Kerberos principal") String principal,
+ @ShellOption(value = "--keytab", help = "Path to keytab") String keytabPath) throws IOException {
+
+ System.out.println("Perform Kerberos authentication");
+ System.out.println("Parameters:");
+ System.out.println("--krb5conf: " + krb5ConfPath);
+ System.out.println("--principal: " + principal);
+ System.out.println("--keytab: " + keytabPath);
+
+ System.setProperty("java.security.krb5.conf", krb5ConfPath);
+ Configuration conf = new Configuration();
+ conf.set("hadoop.security.authentication", "kerberos");
+ conf.set("keytab.file", keytabPath);
+ conf.set("kerberos.principal", principal);
+ UserGroupInformation.setConfiguration(conf);
+ UserGroupInformation.loginUserFromKeytab(principal, keytabPath);
+
+ System.out.println("Kerberos current user: " + UserGroupInformation.getCurrentUser());
+ System.out.println("Kerberos login user: " + UserGroupInformation.getLoginUser());
+
+ return "Kerberos authentication success";
+ }
+}