public class UserGroupInformation extends Object
限定符和类型 | 类和说明 |
---|---|
static class |
UserGroupInformation.AuthenticationMethod
existing types of authentications' methods
|
static class |
UserGroupInformation.HadoopLoginModule
A login module that looks at the Kerberos, Unix, or Windows principal and
adds the corresponding UserName.
|
限定符和类型 | 字段和说明 |
---|---|
static String |
HADOOP_TOKEN_FILE_LOCATION
Environment variable pointing to the token cache file
|
限定符和类型 | 方法和说明 |
---|---|
boolean |
addToken(Token<? extends TokenIdentifier> token)
Add a token to this UGI
|
boolean |
addTokenIdentifier(TokenIdentifier tokenId)
Add a TokenIdentifier to this UGI.
|
void |
checkTGTAndReloginFromKeytab()
Re-login a user from keytab if TGT is expired or is close to expiry.
|
static UserGroupInformation |
createProxyUser(String user,
UserGroupInformation realUser)
Create a proxy user using username of the effective user and the ugi of the
real user.
|
static UserGroupInformation |
createProxyUserForTesting(String user,
UserGroupInformation realUser,
String[] userGroups)
Create a proxy user UGI for testing HDFS and MapReduce
|
static UserGroupInformation |
createRemoteUser(String user)
Create a user from a login name.
|
static UserGroupInformation |
createUserForTesting(String user,
String[] userGroups)
Create a UGI for testing HDFS and MapReduce
|
<T> T |
doAs(PrivilegedAction<T> action)
Run the given action as the user.
|
<T> T |
doAs(PrivilegedExceptionAction<T> action)
Run the given action as the user, potentially throwing an exception.
|
boolean |
equals(Object o)
Compare the subjects to see if they are equal to each other.
|
UserGroupInformation.AuthenticationMethod |
getAuthenticationMethod()
Get the authentication method from the subject
|
static UserGroupInformation |
getCurrentUser()
Return the current user, including any doAs in the current stack.
|
String[] |
getGroupNames()
Get the group names for this user.
|
static UserGroupInformation |
getLoginUser()
Get the currently logged in user.
|
UserGroupInformation |
getRealUser()
get RealUser (vs.
|
String |
getShortUserName()
Get the user's login name.
|
protected Subject |
getSubject()
Get the underlying subject from this ugi.
|
Set<TokenIdentifier> |
getTokenIdentifiers()
Get the set of TokenIdentifiers belonging to this UGI
|
Collection<Token<? extends TokenIdentifier>> |
getTokens()
Obtain the collection of tokens associated with this user.
|
String |
getUserName()
Get the user's full principal name.
|
int |
hashCode()
Return the hash of the subject.
|
boolean |
hasKerberosCredentials()
checks if logged in using kerberos
|
boolean |
isFromKeytab()
Is this user logged in from a keytab file?
|
static boolean |
isLoginKeytabBased()
Did the login happen via keytab
|
static boolean |
isSecurityEnabled()
Determine if UserGroupInformation is using Kerberos to determine
user identities or is relying on simple authentication
|
static void |
loginUserFromKeytab(String user,
String path)
Log a user in from a keytab file.
|
static UserGroupInformation |
loginUserFromKeytabAndReturnUGI(String user,
String path)
Log a user in from a keytab file.
|
static void |
main(String[] args)
A test method to print out the current user's UGI.
|
void |
reloginFromKeytab()
Re-Login a user in from a keytab file.
|
void |
reloginFromTicketCache()
Re-Login a user in from the ticket cache.
|
void |
setAuthenticationMethod(UserGroupInformation.AuthenticationMethod authMethod)
Sets the authentication method in the subject
|
static void |
setConfiguration(Configuration conf)
Set the static configuration for UGI.
|
String |
toString()
Return the username.
|
public static void setConfiguration(Configuration conf)
conf
- the configuration to usepublic static boolean isSecurityEnabled()
public boolean hasKerberosCredentials()
public static UserGroupInformation getCurrentUser() throws IOException
IOException
- if login failspublic static UserGroupInformation getLoginUser() throws IOException
IOException
- if login failspublic boolean isFromKeytab()
public static void loginUserFromKeytab(String user, String path) throws IOException
user
- the principal name to load from the keytabpath
- the path to the keytab fileIOException
- if the keytab file can't be readpublic void reloginFromTicketCache() throws IOException
IOException
- on a failurepublic static UserGroupInformation loginUserFromKeytabAndReturnUGI(String user, String path) throws IOException
user
- the principal name to load from the keytabpath
- the path to the keytab fileIOException
- if the keytab file can't be readpublic void checkTGTAndReloginFromKeytab() throws IOException
IOException
public void reloginFromKeytab() throws IOException
loginUserFromKeytab(String, String)
had
happened already.
The Subject field of this UserGroupInformation object is updated to have
the new credentials.IOException
- on a failurepublic static boolean isLoginKeytabBased() throws IOException
IOException
public static UserGroupInformation createRemoteUser(String user)
user
- the full user principal name, must not be empty or nullpublic static UserGroupInformation createProxyUser(String user, UserGroupInformation realUser)
user
- realUser
- public UserGroupInformation getRealUser()
public static UserGroupInformation createUserForTesting(String user, String[] userGroups)
user
- the full user principal nameuserGroups
- the names of the groups that the user belongs topublic static UserGroupInformation createProxyUserForTesting(String user, UserGroupInformation realUser, String[] userGroups)
user
- the full user principal name for effective userrealUser
- UGI of the real useruserGroups
- the names of the groups that the user belongs topublic String getShortUserName()
public String getUserName()
public boolean addTokenIdentifier(TokenIdentifier tokenId)
tokenId
- tokenIdentifier to be addedpublic Set<TokenIdentifier> getTokenIdentifiers()
public boolean addToken(Token<? extends TokenIdentifier> token)
token
- Token to be addedpublic Collection<Token<? extends TokenIdentifier>> getTokens()
public String[] getGroupNames()
public void setAuthenticationMethod(UserGroupInformation.AuthenticationMethod authMethod)
authMethod
- public UserGroupInformation.AuthenticationMethod getAuthenticationMethod()
public boolean equals(Object o)
protected Subject getSubject()
public <T> T doAs(PrivilegedAction<T> action)
T
- the return type of the run methodaction
- the method to executepublic <T> T doAs(PrivilegedExceptionAction<T> action) throws IOException, InterruptedException
T
- the return type of the run methodaction
- the method to executeIOException
- if the action throws an IOExceptionError
- if the action throws an ErrorRuntimeException
- if the action throws a RuntimeExceptionInterruptedException
- if the action throws an InterruptedExceptionUndeclaredThrowableException
- if the action throws something elseCopyright © 2009 The Apache Software Foundation