sqoop-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "richard zhou" <richard.z...@intel.com>
Subject Re: Review Request 28795: SQOOP-1776: Delegation Token support for Authentication
Date Fri, 12 Dec 2014 06:33:10 GMT


> On Dec. 12, 2014, 5:56 a.m., Jerry Chen wrote:
> > For the sqoop client code, the only change is to use DelegationTokenAuthenticatedURL
instead of AuthenticatedURL.
> > But how the user to get a delegatiion token for use from the client?

Thanks for your question. What do you mean about getting delegation token?
Actually, there is no need to handle token, which is the delegation token support is for.
If you are asking about how the Sqoop server to get the client user from the request and to
do as client user. The answer is that this function is not in this JIRA. I will uploaded it
into following JIRA SQOOP-1528 (doAs function). The partial code is showed below, I rewrite
it according to the refactor of KMS Delegation Token Support (HADOOP-10770). I just seperate
it to two part: change normal AuthenticiationURI etc. to DelegationAuthenticationURL etc.
AND doAs function.

In MapreduceSubmissionEngine.java.

      UserGroupInformation user = HttpUserGroupInformation.get();
      // If we're in local mode than wait on completion. Local job runner do not
      // seems to be exposing API to get previously submitted job which makes
      // other methods of the submission engine quite useless.
      if (isLocal()) {
        user.doAs(
                new PrivilegedExceptionAction<Void>() {
                  @Override
                  public Void run() throws Exception {
                    job.waitForCompletion(true);
                    return null;
                  }
                });
      } else {
        user.doAs(
                new PrivilegedExceptionAction<Void>() {
                  @Override
                  public Void run() throws Exception {
                    job.submit();
                    return null;
                  }
                });
      }


- richard


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/28795/#review64872
-----------------------------------------------------------


On Dec. 8, 2014, 1:55 a.m., richard zhou wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/28795/
> -----------------------------------------------------------
> 
> (Updated Dec. 8, 2014, 1:55 a.m.)
> 
> 
> Review request for Sqoop.
> 
> 
> Repository: sqoop-sqoop2
> 
> 
> Description
> -------
> 
> Delegation Token support for Authentication.
> It depends on Hadoop 2.6.0+. Currently, Sqoop depends on Hadoop 2.5.1. Not sure whether
there is plan to upgrade Hadoop version from 2.5.1 to 2.6. Anyway, sooner or Later, it will
happen.
> Initial patch with manual test. Integration test will be in another JIRA SQOOP-1633
> 
> 
> Diffs
> -----
> 
>   client/pom.xml b53c9d3d74b7eeb8ff2a64bee1c8f7ec5144c281 
>   client/src/main/java/org/apache/sqoop/client/request/ResourceRequest.java 6be1db87f94e1712399f724c740da1416389ba3b

>   common/src/main/java/org/apache/sqoop/common/MapContext.java 2229889ca6fa45f70c938a04576b4c16999f4088

>   dist/src/main/server/conf/sqoop.properties fe4dfb62f74215b1521699cd7612c45d307365c2

>   pom.xml e6ffc78cc332efa36b2a76c609bf37a57aeba1a7 
>   server/src/main/java/org/apache/sqoop/filter/SqoopAuthenticationFilter.java bb6629047f1eaa89b42a3f99384e0f61a51a6b9a

> 
> Diff: https://reviews.apache.org/r/28795/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> richard zhou
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message