HBASE-5062 Missing logons if security is enabled
git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1220829 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
818adb795b
commit
a46959a370
|
@ -31,7 +31,10 @@ import org.apache.commons.logging.LogFactory;
|
||||||
import org.apache.hadoop.conf.Configuration;
|
import org.apache.hadoop.conf.Configuration;
|
||||||
import org.apache.hadoop.hbase.HBaseConfiguration;
|
import org.apache.hadoop.hbase.HBaseConfiguration;
|
||||||
import org.apache.hadoop.hbase.rest.filter.GzipFilter;
|
import org.apache.hadoop.hbase.rest.filter.GzipFilter;
|
||||||
|
import org.apache.hadoop.hbase.security.User;
|
||||||
|
import org.apache.hadoop.hbase.util.Strings;
|
||||||
import org.apache.hadoop.hbase.util.VersionInfo;
|
import org.apache.hadoop.hbase.util.VersionInfo;
|
||||||
|
import org.apache.hadoop.net.DNS;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
@ -137,6 +140,16 @@ public class Main implements Constants {
|
||||||
context.addServlet(sh, "/*");
|
context.addServlet(sh, "/*");
|
||||||
context.addFilter(GzipFilter.class, "/*", 0);
|
context.addFilter(GzipFilter.class, "/*", 0);
|
||||||
|
|
||||||
|
// login the server principal (if using secure Hadoop)
|
||||||
|
if (User.isSecurityEnabled() && User.isHBaseSecurityEnabled(conf)) {
|
||||||
|
String machineName = Strings.domainNamePointerToHostName(
|
||||||
|
DNS.getDefaultHost(conf.get("hbase.rest.dns.interface", "default"),
|
||||||
|
conf.get("hbase.rest.dns.nameserver", "default")));
|
||||||
|
User.login(conf, "hbase.rest.keytab.file", "hbase.rest.kerberos.principal",
|
||||||
|
machineName);
|
||||||
|
}
|
||||||
|
|
||||||
|
// start server
|
||||||
server.start();
|
server.start();
|
||||||
server.join();
|
server.join();
|
||||||
}
|
}
|
||||||
|
|
|
@ -58,6 +58,9 @@ import org.apache.hadoop.hbase.client.ResultScanner;
|
||||||
import org.apache.hadoop.hbase.client.Scan;
|
import org.apache.hadoop.hbase.client.Scan;
|
||||||
import org.apache.hadoop.hbase.filter.Filter;
|
import org.apache.hadoop.hbase.filter.Filter;
|
||||||
import org.apache.hadoop.hbase.filter.ParseFilter;
|
import org.apache.hadoop.hbase.filter.ParseFilter;
|
||||||
|
import org.apache.hadoop.hbase.security.User;
|
||||||
|
import org.apache.hadoop.hbase.util.Strings;
|
||||||
|
import org.apache.hadoop.net.DNS;
|
||||||
import org.apache.hadoop.hbase.filter.PrefixFilter;
|
import org.apache.hadoop.hbase.filter.PrefixFilter;
|
||||||
import org.apache.hadoop.hbase.filter.WhileMatchFilter;
|
import org.apache.hadoop.hbase.filter.WhileMatchFilter;
|
||||||
import org.apache.hadoop.hbase.thrift.generated.AlreadyExists;
|
import org.apache.hadoop.hbase.thrift.generated.AlreadyExists;
|
||||||
|
@ -1241,6 +1244,16 @@ public class ThriftServer {
|
||||||
server.getClass().getName());
|
server.getClass().getName());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// login the server principal (if using secure Hadoop)
|
||||||
|
Configuration conf = handler.conf;
|
||||||
|
if (User.isSecurityEnabled() && User.isHBaseSecurityEnabled(conf)) {
|
||||||
|
String machineName = Strings.domainNamePointerToHostName(
|
||||||
|
DNS.getDefaultHost(conf.get("hbase.thrift.dns.interface", "default"),
|
||||||
|
conf.get("hbase.thrift.dns.nameserver", "default")));
|
||||||
|
User.login(conf, "hbase.thrift.keytab.file", "hbase.thrift.kerberos.principal",
|
||||||
|
machineName);
|
||||||
|
}
|
||||||
|
|
||||||
server.serve();
|
server.serve();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -58,4 +58,18 @@ public class Strings {
|
||||||
}
|
}
|
||||||
return sb.append(key).append(separator).append(value);
|
return sb.append(key).append(separator).append(value);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a PTR string generated via reverse DNS lookup, return everything
|
||||||
|
* except the trailing period. Example for host.example.com., return
|
||||||
|
* host.example.com
|
||||||
|
* @param dnPtr a domain name pointer (PTR) string.
|
||||||
|
* @return Sanitized hostname with last period stripped off.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public static String domainNamePointerToHostName(String dnPtr) {
|
||||||
|
if (dnPtr == null)
|
||||||
|
return null;
|
||||||
|
return dnPtr.endsWith(".") ? dnPtr.substring(0, dnPtr.length()-1) : dnPtr;
|
||||||
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue