@InterfaceAudience.Public @InterfaceStability.Stable public abstract class User extends java.lang.Object
This class provides a common interface for interacting with user and group
information across changing APIs in different versions of Hadoop. It only
provides access to the common set of functionality in
org.apache.hadoop.security.UserGroupInformation
currently needed by
HBase, but can be extended as needs change.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
HBASE_SECURITY_AUTHORIZATION_CONF_KEY |
static java.lang.String |
HBASE_SECURITY_CONF_KEY |
protected UserGroupInformation |
ugi |
Constructor and Description |
---|
User() |
Modifier and Type | Method and Description |
---|---|
void |
addToken(<any> token)
Adds the given Token to the user's credentials.
|
static User |
create(UserGroupInformation ugi)
Wraps an underlying
UserGroupInformation instance. |
static User |
createUserForTesting(Configuration conf,
java.lang.String name,
java.lang.String[] groups)
Generates a new
User instance specifically for use in test code. |
boolean |
equals(java.lang.Object o) |
static User |
getCurrent()
Returns the
User instance within current execution context. |
java.lang.String[] |
getGroupNames()
Returns the list of groups of which this user is a member.
|
java.lang.String |
getName()
Returns the full user name.
|
abstract java.lang.String |
getShortName()
Returns the shortened version of the user name -- the portion that maps
to an operating system user name.
|
<any> |
getToken(java.lang.String kind,
java.lang.String service)
Returns the Token of the specified kind associated with this user,
or null if the Token is not present.
|
java.util.Collection<<any>> |
getTokens()
Returns all the tokens stored in the user's credentials.
|
UserGroupInformation |
getUGI() |
int |
hashCode() |
static boolean |
isHBaseSecurityEnabled(Configuration conf)
Returns whether or not secure authentication is enabled for HBase.
|
static boolean |
isSecurityEnabled()
Returns whether or not Kerberos authentication is configured for Hadoop.
|
static void |
login(Configuration conf,
java.lang.String fileConfKey,
java.lang.String principalConfKey,
java.lang.String localhost)
Log in the current process using the given configuration keys for the
credential file and login principal.
|
abstract void |
obtainAuthTokenForJob(Configuration conf,
Job job)
Deprecated.
Use
TokenUtil.obtainAuthTokenForJob(Connection,User,Job)
instead. |
abstract void |
obtainAuthTokenForJob(JobConf job)
Deprecated.
Use
TokenUtil.obtainAuthTokenForJob(Connection,JobConf,User)
instead. |
abstract <T> T |
runAs(java.security.PrivilegedAction<T> action)
Executes the given action within the context of this user.
|
abstract <T> T |
runAs(java.security.PrivilegedExceptionAction<T> action)
Executes the given action within the context of this user.
|
static <T> T |
runAsLoginUser(java.security.PrivilegedExceptionAction<T> action)
Executes the given action as the login user
|
java.lang.String |
toString() |
public static final java.lang.String HBASE_SECURITY_CONF_KEY
public static final java.lang.String HBASE_SECURITY_AUTHORIZATION_CONF_KEY
protected UserGroupInformation ugi
public UserGroupInformation getUGI()
public java.lang.String getName()
public java.lang.String[] getGroupNames()
public abstract java.lang.String getShortName()
public abstract <T> T runAs(java.security.PrivilegedAction<T> action)
public abstract <T> T runAs(java.security.PrivilegedExceptionAction<T> action) throws java.io.IOException, java.lang.InterruptedException
java.io.IOException
java.lang.InterruptedException
@Deprecated public abstract void obtainAuthTokenForJob(Configuration conf, Job job) throws java.io.IOException, java.lang.InterruptedException
TokenUtil.obtainAuthTokenForJob(Connection,User,Job)
instead.java.io.IOException
java.lang.InterruptedException
@Deprecated public abstract void obtainAuthTokenForJob(JobConf job) throws java.io.IOException, java.lang.InterruptedException
TokenUtil.obtainAuthTokenForJob(Connection,JobConf,User)
instead.java.io.IOException
java.lang.InterruptedException
public <any> getToken(java.lang.String kind, java.lang.String service) throws java.io.IOException
kind
- the kind of tokenservice
- service on which the token is supposed to be usedjava.io.IOException
public java.util.Collection<<any>> getTokens()
public void addToken(<any> token)
token
- the token to addpublic boolean equals(java.lang.Object o)
equals
in class java.lang.Object
public int hashCode()
hashCode
in class java.lang.Object
public java.lang.String toString()
toString
in class java.lang.Object
public static User getCurrent() throws java.io.IOException
User
instance within current execution context.java.io.IOException
public static <T> T runAsLoginUser(java.security.PrivilegedExceptionAction<T> action) throws java.io.IOException
action
- java.io.IOException
java.lang.InterruptedException
public static User create(UserGroupInformation ugi)
UserGroupInformation
instance.ugi
- The base Hadoop userpublic static User createUserForTesting(Configuration conf, java.lang.String name, java.lang.String[] groups)
User
instance specifically for use in test code.name
- the full usernamegroups
- the group names to which the test user will belongUser
instancepublic static void login(Configuration conf, java.lang.String fileConfKey, java.lang.String principalConfKey, java.lang.String localhost) throws java.io.IOException
This is only applicable when running on secure Hadoop -- see org.apache.hadoop.security.SecurityUtil#login(Configuration,String,String,String). On regular Hadoop (without security features), this will safely be ignored.
conf
- The configuration data to usefileConfKey
- Property key used to configure path to the credential fileprincipalConfKey
- Property key used to configure login principallocalhost
- Current hostname to use in any credentialsjava.io.IOException
- underlying exception from SecurityUtil.login() callpublic static boolean isSecurityEnabled()
false
.
For secure Hadoop, it will return the value from
UserGroupInformation.isSecurityEnabled()
.public static boolean isHBaseSecurityEnabled(Configuration conf)