subject:"atlas git commit\: ATLAS\-2557\: updated groups lookup for logged in user with an option to include groups from Hadoop config"

atlas git commit: ATLAS-2557: updated groups lookup for logged in user with an option to include groups from Hadoop config

2018-04-13 Thread madhan

Repository: atlas
Updated Branches:
  refs/heads/branch-0.8 e50509255 -> 394a19fbd


ATLAS-2557: updated groups lookup for logged in user with an option to include 
groups from Hadoop config

Signed-off-by: Madhan Neethiraj 
(cherry picked from commit 7515915f6b52cdfd0f7e5e32a17f6f6cfae6b37d)


Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/394a19fb
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/394a19fb
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/394a19fb

Branch: refs/heads/branch-0.8
Commit: 394a19fbda54a86671bde0dcdd390c470557ff3f
Parents: e505092
Author: nixonrodrigues 
Authored: Fri Apr 13 01:24:35 2018 +0530
Committer: Madhan Neethiraj 
Committed: Fri Apr 13 09:05:53 2018 -0700

--
 .../apache/atlas/utils/AuthenticationUtil.java  | 14 ++
 .../AtlasAbstractAuthenticationProvider.java| 51 ++--
 2 files changed, 51 insertions(+), 14 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/atlas/blob/394a19fb/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
--
diff --git a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java 
b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
index 09d8085..af32afc 100644
--- a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
+++ b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
@@ -47,6 +47,20 @@ public final class AuthenticationUtil {
 return atlasConf.getBoolean("atlas.authentication.method.kerberos", 
false);
 }
 
+public static boolean includeHadoopGroups(){
+boolean includeHadoopGroups = false;
+
+try {
+Configuration configuration = ApplicationProperties.get();
+
+includeHadoopGroups = 
configuration.getBoolean("atlas.authentication.ugi-groups.include-hadoop-groups",
 includeHadoopGroups);
+} catch (AtlasException e) {
+LOG.error("AuthenticationUtil::includeHadoopGroups(). Error while 
loading atlas application properties ", e);
+}
+
+return includeHadoopGroups;
+}
+
 public static String[] getBasicAuthenticationInput() {
 String username = null;
 String password = null;

http://git-wip-us.apache.org/repos/asf/atlas/blob/394a19fb/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
--
diff --git 
a/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
 
b/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
index f77cb01..d4f9a0f 100644
--- 
a/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
+++ 
b/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
@@ -19,6 +19,7 @@
 
 package org.apache.atlas.web.security;
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.Groups;
 import org.apache.hadoop.security.UserGroupInformation;
@@ -33,7 +34,11 @@ import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
+
+import org.apache.atlas.utils.AuthenticationUtil;
 
 public abstract class AtlasAbstractAuthenticationProvider implements 
AuthenticationProvider {
 private static final Logger LOG = 
LoggerFactory.getLogger(AtlasAbstractAuthenticationProvider.class);
@@ -94,33 +99,51 @@ public abstract class AtlasAbstractAuthenticationProvider 
implements Authenticat
 }
 
 public static List getAuthoritiesFromUGI(String 
userName) {
-List grantedAuths = new 
ArrayList();
+Set  userGroups = new HashSet<>();
+UserGroupInformation ugi= 
UserGroupInformation.createRemoteUser(userName);
 
-UserGroupInformation ugi = 
UserGroupInformation.createRemoteUser(userName);
 if (ugi != null) {
-String[] userGroups = ugi.getGroupNames();
-if (userGroups != null) {
-for (String group : userGroups) {
-grantedAuths.add(new SimpleGrantedAuthority(group));
+String[] groups = ugi.getGroupNames();
+
+if(LOG.isDebugEnabled()) {
+LOG.debug("UserGroupInformation userGroups=" + groups);
+}
+
+if (groups != null) {
+for (String group : groups) {
+userGroups.add(group);
 }
 }

atlas git commit: ATLAS-2557: updated groups lookup for logged in user with an option to include groups from Hadoop config

2018-04-13 Thread madhan

Repository: atlas
Updated Branches:
  refs/heads/master b1907a332 -> 7515915f6


ATLAS-2557: updated groups lookup for logged in user with an option to include 
groups from Hadoop config

Signed-off-by: Madhan Neethiraj 


Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/7515915f
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/7515915f
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/7515915f

Branch: refs/heads/master
Commit: 7515915f6b52cdfd0f7e5e32a17f6f6cfae6b37d
Parents: b1907a3
Author: nixonrodrigues 
Authored: Fri Apr 13 01:24:35 2018 +0530
Committer: Madhan Neethiraj 
Committed: Fri Apr 13 09:04:56 2018 -0700

--
 .../apache/atlas/utils/AuthenticationUtil.java  | 14 ++
 .../AtlasAbstractAuthenticationProvider.java| 51 ++--
 2 files changed, 51 insertions(+), 14 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/atlas/blob/7515915f/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
--
diff --git a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java 
b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
index 09d8085..af32afc 100644
--- a/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
+++ b/intg/src/main/java/org/apache/atlas/utils/AuthenticationUtil.java
@@ -47,6 +47,20 @@ public final class AuthenticationUtil {
 return atlasConf.getBoolean("atlas.authentication.method.kerberos", 
false);
 }
 
+public static boolean includeHadoopGroups(){
+boolean includeHadoopGroups = false;
+
+try {
+Configuration configuration = ApplicationProperties.get();
+
+includeHadoopGroups = 
configuration.getBoolean("atlas.authentication.ugi-groups.include-hadoop-groups",
 includeHadoopGroups);
+} catch (AtlasException e) {
+LOG.error("AuthenticationUtil::includeHadoopGroups(). Error while 
loading atlas application properties ", e);
+}
+
+return includeHadoopGroups;
+}
+
 public static String[] getBasicAuthenticationInput() {
 String username = null;
 String password = null;

http://git-wip-us.apache.org/repos/asf/atlas/blob/7515915f/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
--
diff --git 
a/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
 
b/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
index f77cb01..d4f9a0f 100644
--- 
a/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
+++ 
b/webapp/src/main/java/org/apache/atlas/web/security/AtlasAbstractAuthenticationProvider.java
@@ -19,6 +19,7 @@
 
 package org.apache.atlas.web.security;
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.security.Groups;
 import org.apache.hadoop.security.UserGroupInformation;
@@ -33,7 +34,11 @@ import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
+
+import org.apache.atlas.utils.AuthenticationUtil;
 
 public abstract class AtlasAbstractAuthenticationProvider implements 
AuthenticationProvider {
 private static final Logger LOG = 
LoggerFactory.getLogger(AtlasAbstractAuthenticationProvider.class);
@@ -94,33 +99,51 @@ public abstract class AtlasAbstractAuthenticationProvider 
implements Authenticat
 }
 
 public static List getAuthoritiesFromUGI(String 
userName) {
-List grantedAuths = new 
ArrayList();
+Set  userGroups = new HashSet<>();
+UserGroupInformation ugi= 
UserGroupInformation.createRemoteUser(userName);
 
-UserGroupInformation ugi = 
UserGroupInformation.createRemoteUser(userName);
 if (ugi != null) {
-String[] userGroups = ugi.getGroupNames();
-if (userGroups != null) {
-for (String group : userGroups) {
-grantedAuths.add(new SimpleGrantedAuthority(group));
+String[] groups = ugi.getGroupNames();
+
+if(LOG.isDebugEnabled()) {
+LOG.debug("UserGroupInformation userGroups=" + groups);
+}
+
+if (groups != null) {
+for (String group : groups) {
+userGroups.add(group);
 }
 }
 }
-// if group empty take groups from UGI LDAP-based group

atlas git commit: ATLAS-2557: updated groups lookup for logged in user with an option to include groups from Hadoop config

atlas git commit: ATLAS-2557: updated groups lookup for logged in user with an option to include groups from Hadoop config

2 matches

Site Navigation

Mail list logo

Footer information