[
https://issues.apache.org/jira/browse/HADOOP-10342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13900017#comment-13900017
]
Hadoop QA commented on HADOOP-10342:
------------------------------------
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12628640/10342.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. There were no new javadoc warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-common-project/hadoop-common.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3564//testReport/
Console output:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3564//console
This message is automatically generated.
> Extend UserGroupInformation to return a UGI given a preauthenticated kerberos
> Subject
> -------------------------------------------------------------------------------------
>
> Key: HADOOP-10342
> URL: https://issues.apache.org/jira/browse/HADOOP-10342
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Larry McCay
> Assignee: Larry McCay
> Attachments: 10342.patch
>
>
> We need the ability to use a Subject that was created inside an embedding
> application through a kerberos authentication. For example, an application
> that uses JAAS to authenticate to a KDC should be able to provide the
> resulting Subject and get a UGI instance to call doAs on.
> Example:
> {code}
> UserGroupInformation.setConfiguration(conf);
> LoginContext context = new
> LoginContext("com.sun.security.jgss.login", new
> UserNamePasswordCallbackHandler(userName, password));
> context.login();
>
> Subject subject = context.getSubject();
> final UserGroupInformation ugi2 =
> UserGroupInformation.getUGIFromSubject(subject);
> ugi2.doAs(new PrivilegedExceptionAction<Object>() {
> @Override
> public Object run() throws Exception {
> final FileSystem fs = FileSystem.get(conf);
> int i=0;
> for (FileStatus status : fs.listStatus(new Path("/user"))) {
> System.out.println(status.getPath());
> System.out.println(status);
> if (i++ > 10) {
> System.out.println("only first 10 showed...");
> break;
> }
> }
> return null;
> }
> });
> {code}
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
