org.apache.hadoop.gateway.hive.HiveHttpClientDispatch.java Source code

Java tutorial

Introduction

Here is the source code for org.apache.hadoop.gateway.hive.HiveHttpClientDispatch.java

Source

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.hadoop.gateway.hive;

import org.apache.hadoop.gateway.dispatch.HttpClientDispatch;
import org.apache.hadoop.gateway.security.PrimaryPrincipal;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.params.AuthPolicy;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.SPNegoSchemeFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHeader;

import javax.security.auth.Subject;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;

import java.io.IOException;
import java.security.AccessController;
import java.security.Principal;

/**
 * This specialized dispatch provides Hive specific features to the
 * default HttpClientDispatch.
 */
public class HiveHttpClientDispatch extends HttpClientDispatch {
    private static final String BASIC_AUTH_PREEMPTIVE_PARAM = "basicAuthPreemptive";
    private static final String PASSWORD_PLACEHOLDER = "*";
    private boolean basicAuthPreemptive = false;
    private static final EmptyJaasCredentials EMPTY_JAAS_CREDENTIALS = new EmptyJaasCredentials();

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        String basicAuthPreemptiveString = filterConfig.getInitParameter(BASIC_AUTH_PREEMPTIVE_PARAM);
        if (basicAuthPreemptiveString != null) {
            setBasicAuthPreemptive(Boolean.parseBoolean(basicAuthPreemptiveString));
        }
    }

    protected Principal getPrimaryPrincipal() {
        Principal principal = null;
        Subject subject = Subject.getSubject(AccessController.getContext());
        if (subject != null) {
            principal = (Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0];
        }
        return principal;
    }

    protected void addCredentialsToRequest(HttpUriRequest request) {
        if (isBasicAuthPreemptive()) {
            Principal principal = getPrimaryPrincipal();
            if (principal != null) {

                UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(principal.getName(),
                        PASSWORD_PLACEHOLDER);

                request.addHeader(BasicScheme.authenticate(credentials, "US-ASCII", false));
            }
        }
    }

    public void setBasicAuthPreemptive(boolean basicAuthPreemptive) {
        this.basicAuthPreemptive = basicAuthPreemptive;
    }

    public boolean isBasicAuthPreemptive() {
        return basicAuthPreemptive;
    }

    protected HttpResponse executeKerberosDispatch(HttpUriRequest outboundRequest, DefaultHttpClient client)
            throws IOException, ClientProtocolException {
        //DefaultHttpClient client = new DefaultHttpClient();
        SPNegoSchemeFactory spNegoSF = new SPNegoSchemeFactory(/* stripPort */true);
        // spNegoSF.setSpengoGenerator(new BouncySpnegoTokenGenerator());
        client.getAuthSchemes().register(AuthPolicy.SPNEGO, spNegoSF);
        client.getCredentialsProvider().setCredentials(new AuthScope(/* host */null, /* port */-1, /* realm */null),
                EMPTY_JAAS_CREDENTIALS);
        return client.execute(outboundRequest);
    }

    private static class EmptyJaasCredentials implements Credentials {

        public String getPassword() {
            return null;
        }

        public Principal getUserPrincipal() {
            return null;
        }

    }

}