Repository: atlas Updated Branches: refs/heads/master 50c3adf15 -> b02238491
ATLAS-2793: updated AtlasClient approach of determining if kerberos authentication is enabled or not Project: http://git-wip-us.apache.org/repos/asf/atlas/repo Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/b0223849 Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/b0223849 Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/b0223849 Branch: refs/heads/master Commit: b02238491e451bda71e399725ea4a4d021ec766f Parents: 50c3adf Author: Madhan Neethiraj <[email protected]> Authored: Sun Jul 29 08:39:15 2018 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Sun Jul 29 08:39:15 2018 -0700 ---------------------------------------------------------------------- .../java/org/apache/atlas/AtlasBaseClient.java | 4 +++- .../apache/atlas/utils/AuthenticationUtil.java | 19 +++++++++++++++---- 2 files changed, 18 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/atlas/blob/b0223849/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java ---------------------------------------------------------------------- diff --git a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java index f8e78ee..4464ade 100644 --- a/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java +++ b/client/common/src/main/java/org/apache/atlas/AtlasBaseClient.java @@ -266,7 +266,9 @@ public abstract class AtlasBaseClient { final URLConnectionClientHandler handler; - if ((AuthenticationUtil.isKerberosAuthenticationEnabled())) { + boolean isKerberosEnabled = AuthenticationUtil.isKerberosAuthenticationEnabled(ugi); + + if (isKerberosEnabled) { handler = SecureClientUtils.getClientConnectionHandler(config, configuration, doAsUser, ugi); } else { if (configuration.getBoolean(TLS_ENABLED, false)) { http://git-wip-us.apache.org/repos/asf/atlas/blob/b0223849/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java ---------------------------------------------------------------------- diff --git a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java index 99b58fe..cf2b38f 100644 --- a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java +++ b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java @@ -20,6 +20,7 @@ package org.apache.atlas.utils; import org.apache.atlas.ApplicationProperties; import org.apache.atlas.AtlasException; import org.apache.commons.configuration.Configuration; +import org.apache.hadoop.security.UserGroupInformation; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.Console; @@ -34,17 +35,27 @@ public final class AuthenticationUtil { } public static boolean isKerberosAuthenticationEnabled() { - boolean isKerberosAuthenticationEnabled = false; + return isKerberosAuthenticationEnabled((UserGroupInformation) null); + } + + public static boolean isKerberosAuthenticationEnabled(UserGroupInformation ugi) { + boolean defaultValue = ugi != null && ugi.hasKerberosCredentials(); + try { - isKerberosAuthenticationEnabled = isKerberosAuthenticationEnabled(ApplicationProperties.get()); + return isKerberosAuthenticationEnabled(ApplicationProperties.get(), defaultValue); } catch (AtlasException e) { LOG.error("Error while isKerberosAuthenticationEnabled ", e); } - return isKerberosAuthenticationEnabled; + + return defaultValue; } public static boolean isKerberosAuthenticationEnabled(Configuration atlasConf) { - return atlasConf.getBoolean("atlas.authentication.method.kerberos", false); + return isKerberosAuthenticationEnabled(atlasConf, false); + } + + public static boolean isKerberosAuthenticationEnabled(Configuration atlasConf, boolean defaultValue) { + return atlasConf.getBoolean("atlas.authentication.method.kerberos", defaultValue); } public static boolean includeHadoopGroups(){
