org.apache.hadoop.hbase.zookeeper.ZKUtil.isSecureZooKeeper()方法的使用及代码示例

x33g5p2x  于2022-02-05 转载在 其他  
字(8.7k)|赞(0)|评价(0)|浏览(115)

本文整理了Java中org.apache.hadoop.hbase.zookeeper.ZKUtil.isSecureZooKeeper()方法的一些代码示例,展示了ZKUtil.isSecureZooKeeper()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ZKUtil.isSecureZooKeeper()方法的具体详情如下:
包路径:org.apache.hadoop.hbase.zookeeper.ZKUtil
类名称:ZKUtil
方法名:isSecureZooKeeper

ZKUtil.isSecureZooKeeper介绍

[英]Returns whether or not secure authentication is enabled (whether hbase.security.authentication is set to kerberos.
[中]返回是否启用了安全身份验证(是否将hbase.security.authentication设置为kerberos

代码示例

代码示例来源:origin: apache/hbase

private static ArrayList<ACL> createACL(ZKWatcher zkw, String node) {
 return createACL(zkw, node, isSecureZooKeeper(zkw.getConfiguration()));
}

代码示例来源:origin: apache/hbase

String loginContextProperty, String loginContextName)
 throws IOException {
if (!isSecureZooKeeper(conf)) {
 return;

代码示例来源:origin: apache/hbase

/**
 * On master start, we check the znode ACLs under the root directory and set the ACLs properly
 * if needed. If the cluster goes from an unsecure setup to a secure setup, this step is needed
 * so that the existing znodes created with open permissions are now changed with restrictive
 * perms.
 */
public void checkAndSetZNodeAcls() {
 if (!ZKUtil.isSecureZooKeeper(getConfiguration())) {
  LOG.info("not a secure deployment, proceeding");
  return;
 }
 // Check the base znodes permission first. Only do the recursion if base znode's perms are not
 // correct.
 try {
  List<ACL> actualAcls = recoverableZooKeeper.getAcl(znodePaths.baseZNode, new Stat());
  if (!isBaseZnodeAclSetup(actualAcls)) {
   LOG.info("setting znode ACLs");
   setZnodeAclsRecursive(znodePaths.baseZNode);
  }
 } catch(KeeperException.NoNodeException nne) {
  return;
 } catch(InterruptedException ie) {
  interruptedExceptionNoThrow(ie, false);
 } catch (IOException|KeeperException e) {
  LOG.warn("Received exception while checking and setting zookeeper ACLs", e);
 }
}

代码示例来源:origin: apache/hbase

/**
 * Check if ZooKeeper JaasConfiguration is valid.
 */
@Test
public void testIsZooKeeperSecure() throws Exception {
 boolean testJaasConfig =
   ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
 assertEquals(testJaasConfig, secureZKAvailable);
 // Define Jaas configuration without ZooKeeper Jaas config
 File saslConfFile = File.createTempFile("tmp", "fakeJaas.conf");
 FileWriter fwriter = new FileWriter(saslConfFile);
 fwriter.write("");
 fwriter.close();
 System.setProperty("java.security.auth.login.config",
   saslConfFile.getAbsolutePath());
 testJaasConfig = ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
 assertFalse(testJaasConfig);
 saslConfFile.delete();
}

代码示例来源:origin: apache/hbase

/**
 * Check if Programmatic way of setting zookeeper security settings is valid.
 */
@Test
public void testIsZooKeeperSecureWithProgrammaticConfig() throws Exception {
 javax.security.auth.login.Configuration.setConfiguration(new DummySecurityConfiguration());
 Configuration config = new Configuration(HBaseConfiguration.create());
 boolean testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertFalse(testJaasConfig);
 // Now set authentication scheme to Kerberos still it should return false
 // because no configuration set
 config.set("hbase.security.authentication", "kerberos");
 testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertFalse(testJaasConfig);
 // Now set programmatic options related to security
 config.set(HConstants.ZK_CLIENT_KEYTAB_FILE, "/dummy/file");
 config.set(HConstants.ZK_CLIENT_KERBEROS_PRINCIPAL, "dummy");
 config.set(HConstants.ZK_SERVER_KEYTAB_FILE, "/dummy/file");
 config.set(HConstants.ZK_SERVER_KERBEROS_PRINCIPAL, "dummy");
 testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertTrue(testJaasConfig);
}

代码示例来源:origin: co.cask.hbase/hbase

private static ArrayList<ACL> createACL(ZooKeeperWatcher zkw, String node) {
 if (isSecureZooKeeper(zkw.getConfiguration())) {
  // Certain znodes are accessed directly by the client,
  // so they must be readable by non-authenticated clients
  if ((node.equals(zkw.baseZNode) == true) ||
    (node.equals(zkw.rootServerZNode) == true) ||
    (node.equals(zkw.masterAddressZNode) == true) ||
    (node.equals(zkw.clusterIdZNode) == true) ||
    (node.equals(zkw.rsZNode) == true) ||
    (node.equals(zkw.backupMasterAddressesZNode) == true) ||
    (node.startsWith(zkw.masterTableZNode) == true) ||
    (node.startsWith(zkw.masterTableZNode92) == true)) {
   return ZooKeeperWatcher.CREATOR_ALL_AND_WORLD_READABLE;
  }
  return Ids.CREATOR_ALL_ACL;
 } else {
  return Ids.OPEN_ACL_UNSAFE;
 }
}

代码示例来源:origin: org.apache.hbase/hbase-zookeeper

private static ArrayList<ACL> createACL(ZKWatcher zkw, String node) {
 return createACL(zkw, node, isSecureZooKeeper(zkw.getConfiguration()));
}

代码示例来源:origin: harbby/presto-connectors

private static ArrayList<ACL> createACL(ZooKeeperWatcher zkw, String node) {
 return createACL(zkw, node, isSecureZooKeeper(zkw.getConfiguration()));
}

代码示例来源:origin: co.cask.hbase/hbase

String loginContextProperty, String loginContextName)
 throws IOException {
if (!isSecureZooKeeper(conf))
 return;

代码示例来源:origin: org.apache.hbase/hbase-zookeeper

String loginContextProperty, String loginContextName)
 throws IOException {
if (!isSecureZooKeeper(conf)) {
 return;

代码示例来源:origin: org.apache.hbase/hbase-zookeeper

/**
 * On master start, we check the znode ACLs under the root directory and set the ACLs properly
 * if needed. If the cluster goes from an unsecure setup to a secure setup, this step is needed
 * so that the existing znodes created with open permissions are now changed with restrictive
 * perms.
 */
public void checkAndSetZNodeAcls() {
 if (!ZKUtil.isSecureZooKeeper(getConfiguration())) {
  LOG.info("not a secure deployment, proceeding");
  return;
 }
 // Check the base znodes permission first. Only do the recursion if base znode's perms are not
 // correct.
 try {
  List<ACL> actualAcls = recoverableZooKeeper.getAcl(znodePaths.baseZNode, new Stat());
  if (!isBaseZnodeAclSetup(actualAcls)) {
   LOG.info("setting znode ACLs");
   setZnodeAclsRecursive(znodePaths.baseZNode);
  }
 } catch(KeeperException.NoNodeException nne) {
  return;
 } catch(InterruptedException ie) {
  interruptedExceptionNoThrow(ie, false);
 } catch (IOException|KeeperException e) {
  LOG.warn("Received exception while checking and setting zookeeper ACLs", e);
 }
}

代码示例来源:origin: harbby/presto-connectors

String loginContextProperty, String loginContextName)
 throws IOException {
if (!isSecureZooKeeper(conf))
 return;

代码示例来源:origin: org.apache.hbase/hbase-server

/**
 * Check if ZooKeeper JaasConfiguration is valid.
 */
@Test
public void testIsZooKeeperSecure() throws Exception {
 boolean testJaasConfig =
   ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
 assertEquals(testJaasConfig, secureZKAvailable);
 // Define Jaas configuration without ZooKeeper Jaas config
 File saslConfFile = File.createTempFile("tmp", "fakeJaas.conf");
 FileWriter fwriter = new FileWriter(saslConfFile);
 fwriter.write("");
 fwriter.close();
 System.setProperty("java.security.auth.login.config",
   saslConfFile.getAbsolutePath());
 testJaasConfig = ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
 assertFalse(testJaasConfig);
 saslConfFile.delete();
}

代码示例来源:origin: org.apache.hbase/hbase-server

/**
 * Check if Programmatic way of setting zookeeper security settings is valid.
 */
@Test
public void testIsZooKeeperSecureWithProgrammaticConfig() throws Exception {
 javax.security.auth.login.Configuration.setConfiguration(new DummySecurityConfiguration());
 Configuration config = new Configuration(HBaseConfiguration.create());
 boolean testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertFalse(testJaasConfig);
 // Now set authentication scheme to Kerberos still it should return false
 // because no configuration set
 config.set("hbase.security.authentication", "kerberos");
 testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertFalse(testJaasConfig);
 // Now set programmatic options related to security
 config.set(HConstants.ZK_CLIENT_KEYTAB_FILE, "/dummy/file");
 config.set(HConstants.ZK_CLIENT_KERBEROS_PRINCIPAL, "dummy");
 config.set(HConstants.ZK_SERVER_KEYTAB_FILE, "/dummy/file");
 config.set(HConstants.ZK_SERVER_KERBEROS_PRINCIPAL, "dummy");
 testJaasConfig = ZKUtil.isSecureZooKeeper(config);
 assertTrue(testJaasConfig);
}

代码示例来源:origin: harbby/presto-connectors

/**
 * On master start, we check the znode ACLs under the root directory and set the ACLs properly
 * if needed. If the cluster goes from an unsecure setup to a secure setup, this step is needed
 * so that the existing znodes created with open permissions are now changed with restrictive
 * perms.
 */
public void checkAndSetZNodeAcls() {
 if (!ZKUtil.isSecureZooKeeper(getConfiguration())) {
  LOG.info("not a secure deployment, proceeding");
  return;
 }
 // Check the base znodes permission first. Only do the recursion if base znode's perms are not
 // correct.
 try {
  List<ACL> actualAcls = recoverableZooKeeper.getAcl(baseZNode, new Stat());
  if (!isBaseZnodeAclSetup(actualAcls)) {
   LOG.info("setting znode ACLs");
   setZnodeAclsRecursive(baseZNode);
  }
 } catch(KeeperException.NoNodeException nne) {
  return;
 } catch(InterruptedException ie) {
  interruptedException(ie);
 } catch (IOException|KeeperException e) {
  LOG.warn("Received exception while checking and setting zookeeper ACLs", e);
 }
}

内容来源于网络,如有侵权,请联系作者删除!

ZKUtil

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多

    ZKUtil类方法

    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com