private void verifyServiceACLsRefresh(
     ServiceAuthorizationManager manager, Class<?> protocol, String aclString) {
   for (Class<?> protocolClass : manager.getProtocolsWithAcls()) {
     AccessControlList accessList = manager.getProtocolsAcls(protocolClass);
     if (protocolClass == protocol) {
       Assert.assertEquals(accessList.getAclString(), aclString);
     } else {
       Assert.assertEquals(accessList.getAclString(), "*");
     }
   }
 }
Example #2
0
 public static void init(Configuration conf, ServiceAuthorizationManager authManager) {
   // set service-level authorization security policy
   System.setProperty("hadoop.policy.file", "hbase-policy.xml");
   if (conf.getBoolean(ServiceAuthorizationManager.SERVICE_AUTHORIZATION_CONFIG, false)) {
     authManager.refresh(conf, new HBasePolicyProvider());
     ProxyUsers.refreshSuperUserGroupsConfiguration(conf);
   }
 }
Example #3
0
 @Override
 public void authorize(Subject user, ConnectionHeader connection) throws AuthorizationException {
   if (authorize) {
     Class<?> protocol = null;
     try {
       protocol = getProtocolClass(connection.getProtocol(), getConf());
     } catch (ClassNotFoundException cfne) {
       throw new AuthorizationException("Unknown protocol: " + connection.getProtocol());
     }
     ServiceAuthorizationManager.authorize(user, protocol);
   }
 }