> On Dec. 12, 2014, 5:56 a.m., Jerry Chen wrote:
> > For the sqoop client code, the only change is to use
> > DelegationTokenAuthenticatedURL instead of AuthenticatedURL.
> > But how the user to get a delegatiion token for use from the client?
Thanks for your question. What do you mean about getting delegation token?
Actually, there is no need to handle token, which is the delegation token
support is for.
If you are asking about how the Sqoop server to get the client user from the
request and to do as client user. The answer is that this function is not in
this JIRA. I will uploaded it into following JIRA SQOOP-1528 (doAs function).
The partial code is showed below, I rewrite it according to the refactor of KMS
Delegation Token Support (HADOOP-10770). I just seperate it to two part: change
normal AuthenticiationURI etc. to DelegationAuthenticationURL etc. AND doAs
function.
In MapreduceSubmissionEngine.java.
UserGroupInformation user = HttpUserGroupInformation.get();
// If we're in local mode than wait on completion. Local job runner do not
// seems to be exposing API to get previously submitted job which makes
// other methods of the submission engine quite useless.
if (isLocal()) {
user.doAs(
new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
job.waitForCompletion(true);
return null;
}
});
} else {
user.doAs(
new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
job.submit();
return null;
}
});
}
- richard
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/28795/#review64872
-----------------------------------------------------------
On Dec. 8, 2014, 1:55 a.m., richard zhou wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/28795/
> -----------------------------------------------------------
>
> (Updated Dec. 8, 2014, 1:55 a.m.)
>
>
> Review request for Sqoop.
>
>
> Repository: sqoop-sqoop2
>
>
> Description
> -------
>
> Delegation Token support for Authentication.
> It depends on Hadoop 2.6.0+. Currently, Sqoop depends on Hadoop 2.5.1. Not
> sure whether there is plan to upgrade Hadoop version from 2.5.1 to 2.6.
> Anyway, sooner or Later, it will happen.
> Initial patch with manual test. Integration test will be in another JIRA
> SQOOP-1633
>
>
> Diffs
> -----
>
> client/pom.xml b53c9d3d74b7eeb8ff2a64bee1c8f7ec5144c281
> client/src/main/java/org/apache/sqoop/client/request/ResourceRequest.java
> 6be1db87f94e1712399f724c740da1416389ba3b
> common/src/main/java/org/apache/sqoop/common/MapContext.java
> 2229889ca6fa45f70c938a04576b4c16999f4088
> dist/src/main/server/conf/sqoop.properties
> fe4dfb62f74215b1521699cd7612c45d307365c2
> pom.xml e6ffc78cc332efa36b2a76c609bf37a57aeba1a7
> server/src/main/java/org/apache/sqoop/filter/SqoopAuthenticationFilter.java
> bb6629047f1eaa89b42a3f99384e0f61a51a6b9a
>
> Diff: https://reviews.apache.org/r/28795/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> richard zhou
>
>
