incubator-hcatalog-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From da...@apache.org
Subject svn commit: r1346630 - in /incubator/hcatalog/branches/branch-0.4: CHANGES.txt src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java
Date Tue, 05 Jun 2012 22:21:52 GMT
Author: daijy
Date: Tue Jun  5 22:21:52 2012
New Revision: 1346630

URL: http://svn.apache.org/viewvc?rev=1346630&view=rev
Log:
HCAT-410: support proxy user in hcat client

Modified:
    incubator/hcatalog/branches/branch-0.4/CHANGES.txt
    incubator/hcatalog/branches/branch-0.4/src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java

Modified: incubator/hcatalog/branches/branch-0.4/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/hcatalog/branches/branch-0.4/CHANGES.txt?rev=1346630&r1=1346629&r2=1346630&view=diff
==============================================================================
--- incubator/hcatalog/branches/branch-0.4/CHANGES.txt (original)
+++ incubator/hcatalog/branches/branch-0.4/CHANGES.txt Tue Jun  5 22:21:52 2012
@@ -43,6 +43,9 @@ Trunk (unreleased changes)
   OPTIMIZATIONS
 
   BUG FIXES
+
+  HCAT-410: support proxy user in hcat client (thejas via daijy)
+
   HCAT-406 The "toString" method in HCatFieldSchema class return only type information. (avandana)
 
   HCAT-421 Unit test failures in trunk build (avandana)

Modified: incubator/hcatalog/branches/branch-0.4/src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java
URL: http://svn.apache.org/viewvc/incubator/hcatalog/branches/branch-0.4/src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java?rev=1346630&r1=1346629&r2=1346630&view=diff
==============================================================================
--- incubator/hcatalog/branches/branch-0.4/src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java
(original)
+++ incubator/hcatalog/branches/branch-0.4/src/java/org/apache/hcatalog/security/HdfsAuthorizationProvider.java
Tue Jun  5 22:21:52 2012
@@ -49,12 +49,17 @@ import org.apache.hadoop.security.Access
 import org.apache.hadoop.security.UserGroupInformation;
 
 /** 
- * An AuthorizationProvider, which checks against the data access level permissions on HDFS.

+ * An AuthorizationProvider, which checks against the data access level permissions on HDFS.
+ * It makes sense to eventually move this class to Hive, so that all hive users can
+ * use this authorization model. 
  */
 public class HdfsAuthorizationProvider extends HiveAuthorizationProviderBase {
 
   protected Warehouse wh;
   
+  //Config variables : create an enum to store them if we have more
+  private static final String PROXY_USER_NAME = "proxy.user.name";
+
   public HdfsAuthorizationProvider() {
     super();
   }
@@ -234,17 +239,21 @@ public class HdfsAuthorizationProvider e
    * Checks the permissions for the given path and current user on Hadoop FS. If the given
path 
    * does not exists, it checks for it's parent folder.
    */
-  public static void checkPermissions(final Configuration conf, final Path path, 
+  protected static void checkPermissions(final Configuration conf, final Path path, 
       final EnumSet<FsAction> actions) throws IOException, LoginException {
 
     if (path == null) {
       throw new IllegalArgumentException("path is null");
     }
-    
-    final UserGroupInformation ugi;
-    
+
     HadoopShims shims = ShimLoader.getHadoopShims();
-    ugi = shims.getUGIForConf(conf);
+    final UserGroupInformation ugi;
+    if(conf.get(PROXY_USER_NAME) != null){
+        ugi = UserGroupInformation.createRemoteUser(conf.get(PROXY_USER_NAME));
+    }
+    else {
+        ugi = shims.getUGIForConf(conf);
+    }
     final String user = shims.getShortUserName(ugi);  
         
     final FileSystem fs = path.getFileSystem(conf);
@@ -270,7 +279,7 @@ public class HdfsAuthorizationProvider e
    * does not exists, it returns.
    */
   @SuppressWarnings("deprecation")
-  public static void checkPermissions(final FileSystem fs, final Path path,
+  protected static void checkPermissions(final FileSystem fs, final Path path,
       final EnumSet<FsAction> actions, String user, String[] groups) throws IOException,
       AccessControlException {
     



Mime
View raw message