This is an automated email from the ASF dual-hosted git repository. yuzhaojing pushed a commit to branch release-0.12.1-rc1 in repository https://gitbox.apache.org/repos/asf/hudi.git
commit efedf5dd5fd0e93d84b7bffc8310713609f4a39e Author: Paul Zhang <[email protected]> AuthorDate: Mon Sep 26 22:11:10 2022 +0800 [HUDI-4718] Add Kerberos kinit command support. (#6719) --- .../commands/KerberosAuthenticationCommand.java | 60 ++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java b/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java new file mode 100644 index 0000000000..d79279a315 --- /dev/null +++ b/hudi-cli/src/main/java/org/apache/hudi/cli/commands/KerberosAuthenticationCommand.java @@ -0,0 +1,60 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.hudi.cli.commands; + +import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.security.UserGroupInformation; +import org.springframework.shell.standard.ShellComponent; +import org.springframework.shell.standard.ShellMethod; +import org.springframework.shell.standard.ShellOption; + +import java.io.IOException; + +/** + * CLI command to perform Kerberos authentication. + */ +@ShellComponent +public class KerberosAuthenticationCommand { + + @ShellMethod(key = "kerberos kinit", value = "Perform Kerberos authentication") + public String performKerberosAuthentication( + @ShellOption(value = "--krb5conf", help = "Path to krb5.conf", defaultValue = "/etc/krb5.conf") String krb5ConfPath, + @ShellOption(value = "--principal", help = "Kerberos principal") String principal, + @ShellOption(value = "--keytab", help = "Path to keytab") String keytabPath) throws IOException { + + System.out.println("Perform Kerberos authentication"); + System.out.println("Parameters:"); + System.out.println("--krb5conf: " + krb5ConfPath); + System.out.println("--principal: " + principal); + System.out.println("--keytab: " + keytabPath); + + System.setProperty("java.security.krb5.conf", krb5ConfPath); + Configuration conf = new Configuration(); + conf.set("hadoop.security.authentication", "kerberos"); + conf.set("keytab.file", keytabPath); + conf.set("kerberos.principal", principal); + UserGroupInformation.setConfiguration(conf); + UserGroupInformation.loginUserFromKeytab(principal, keytabPath); + + System.out.println("Kerberos current user: " + UserGroupInformation.getCurrentUser()); + System.out.println("Kerberos login user: " + UserGroupInformation.getLoginUser()); + + return "Kerberos authentication success"; + } +}
