You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by ma...@apache.org on 2018/07/30 16:48:45 UTC

atlas git commit: ATLAS-2793: updated AtlasClient approach of determining if kerberos authentication is enabled or not

Repository: atlas
Updated Branches:
  refs/heads/master 50c3adf15 -> b02238491


ATLAS-2793: updated AtlasClient approach of determining if kerberos authentication is enabled or not


Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/b0223849
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/b0223849
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/b0223849

Branch: refs/heads/master
Commit: b02238491e451bda71e399725ea4a4d021ec766f
Parents: 50c3adf
Author: Madhan Neethiraj <ma...@apache.org>
Authored: Sun Jul 29 08:39:15 2018 -0700
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Sun Jul 29 08:39:15 2018 -0700

----------------------------------------------------------------------
 .../java/org/apache/atlas/AtlasBaseClient.java   |  4 +++-
 .../apache/atlas/utils/AuthenticationUtil.java   | 19 +++++++++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/atlas/blob/b0223849/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
----------------------------------------------------------------------
diff --git a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
index f8e78ee..4464ade 100644
--- a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
+++ b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java
@@ -266,7 +266,9 @@ public abstract class AtlasBaseClient {
 
         final URLConnectionClientHandler handler;
 
-        if ((AuthenticationUtil.isKerberosAuthenticationEnabled())) {
+        boolean isKerberosEnabled = AuthenticationUtil.isKerberosAuthenticationEnabled(ugi);
+
+        if (isKerberosEnabled) {
             handler = SecureClientUtils.getClientConnectionHandler(config, configuration, doAsUser, ugi);
         } else {
             if (configuration.getBoolean(TLS_ENABLED, false)) {

http://git-wip-us.apache.org/repos/asf/atlas/blob/b0223849/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
----------------------------------------------------------------------
diff --git a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
index 99b58fe..cf2b38f 100644
--- a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
+++ b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
@@ -20,6 +20,7 @@ package org.apache.atlas.utils;
 import org.apache.atlas.ApplicationProperties;
 import org.apache.atlas.AtlasException;
 import org.apache.commons.configuration.Configuration;
+import org.apache.hadoop.security.UserGroupInformation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import java.io.Console;
@@ -34,17 +35,27 @@ public final class AuthenticationUtil {
     }
 
     public static boolean isKerberosAuthenticationEnabled() {
-        boolean isKerberosAuthenticationEnabled = false;
+        return isKerberosAuthenticationEnabled((UserGroupInformation) null);
+    }
+
+    public static boolean isKerberosAuthenticationEnabled(UserGroupInformation ugi) {
+        boolean defaultValue = ugi != null && ugi.hasKerberosCredentials();
+
         try {
-            isKerberosAuthenticationEnabled = isKerberosAuthenticationEnabled(ApplicationProperties.get());
+            return isKerberosAuthenticationEnabled(ApplicationProperties.get(), defaultValue);
         } catch (AtlasException e) {
             LOG.error("Error while isKerberosAuthenticationEnabled ", e);
         }
-        return isKerberosAuthenticationEnabled;
+
+        return defaultValue;
     }
 
     public static boolean isKerberosAuthenticationEnabled(Configuration atlasConf) {
-        return atlasConf.getBoolean("atlas.authentication.method.kerberos", false);
+        return isKerberosAuthenticationEnabled(atlasConf, false);
+    }
+
+    public static boolean isKerberosAuthenticationEnabled(Configuration atlasConf, boolean defaultValue) {
+        return atlasConf.getBoolean("atlas.authentication.method.kerberos", defaultValue);
     }
 
     public static boolean includeHadoopGroups(){