Source code

001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *      http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019package org.apache.oozie.action.hadoop;
020
021import java.util.HashMap;
022
023import org.apache.hadoop.conf.Configuration;
024import org.apache.hadoop.security.Credentials;
025import org.apache.oozie.ErrorCode;
026import org.apache.oozie.action.ActionExecutor.Context;
027import org.apache.oozie.service.HCatAccessorService;
028import org.apache.oozie.service.Services;
029import org.apache.oozie.util.XLog;
030
031/**
032 * Credentials implementation to store in jobConf, HCat-specific properties such as Principal and Uri
033 * User specifies these credential properties along with the action configuration
034 * The jobConf is used further to pass credentials to the tasks while running
035 * Oozie server should be configured to use this Credentials class by including it via property
036 * 'oozie.credentials.credentialclasses'
037 * User can extend the parent class to implement own class as well
038 * for handling custom token-based credentials and add to the above server property
039 */
040public class HCatCredentials implements CredentialsProvider {
041
042    private static final String HCAT_METASTORE_PRINCIPAL = "hcat.metastore.principal";
043    private static final String HCAT_METASTORE_URI = "hcat.metastore.uri";
044    private static final String HIVE_METASTORE_PRINCIPAL = "hive.metastore.kerberos.principal";
045    private static final String HIVE_METASTORE_URI = "hive.metastore.uris";
046    private final static Configuration hiveConf = new Configuration(false);
047    static {
048        hiveConf.addResource("hive-site.xml");
049    }
050
051    /* (non-Javadoc)
052     * @see org.apache.oozie.action.hadoop.Credentials#addtoJobConf(org.apache.hadoop.mapred.JobConf,
053     * org.apache.oozie.action.hadoop.CredentialsProperties, org.apache.oozie.action.ActionExecutor.Context)
054     */
055    @Override
056    public void updateCredentials(Credentials credentials, Configuration config, CredentialsProperties props,
057            Context context) throws Exception {
058        try {
059
060            String principal = getProperty(props.getProperties(), HCAT_METASTORE_PRINCIPAL, HIVE_METASTORE_PRINCIPAL);
061            if (principal == null || principal.isEmpty()) {
062                throw new CredentialException(ErrorCode.E0510,
063                        HCAT_METASTORE_PRINCIPAL + " is required to get hcat credential");
064            }
065
066            String server = getProperty(props.getProperties(), HCAT_METASTORE_URI, HIVE_METASTORE_URI);
067            if (server == null || server.isEmpty()) {
068                throw new CredentialException(ErrorCode.E0510,
069                        HCAT_METASTORE_URI + " is required to get hcat credential");
070            }
071            HCatCredentialHelper hcch = new HCatCredentialHelper();
072            hcch.set(credentials, config, principal, server);
073        }
074        catch (Exception e) {
075            XLog.getLog(getClass()).warn("Exception in updateCredentials", e);
076            throw e;
077        }
078    }
079
080    /**
081     * Returns the value for the oozieConfName if its present in prop map else
082     * value of hiveConfName. It will also check HCatAccessorService and
083     * HiveConf for hiveConfName.
084     *
085     * @param prop
086     * @param oozieConfName
087     * @param hiveConfName
088     * @return value for the oozieConfName if its present else value of
089     *         hiveConfName. If both are absent then returns null.
090     */
091    private String getProperty(HashMap<String, String> prop, String oozieConfName, String hiveConfName) {
092        String value = prop.get(oozieConfName) == null ? prop.get(hiveConfName) : prop.get(oozieConfName);
093        if (value == null || value.isEmpty()) {
094            HCatAccessorService hCatService = Services.get().get(HCatAccessorService.class);
095            Configuration hCatConf = hCatService.getHCatConf();
096            if (hCatConf != null) {
097                value = hCatConf.get(hiveConfName);
098            }
099        }
100        if (value == null || value.isEmpty()) {
101            value = hiveConf.get(hiveConfName);
102        }
103        return value;
104    }
105
106
107}