SLIDER_1035 basic JAAS: is any specified file there?
Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/c2ef1cf6 Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/c2ef1cf6 Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/c2ef1cf6 Branch: refs/heads/develop Commit: c2ef1cf65e398f8306b9d80f2cda84cf436ad3e3 Parents: 97746a6 Author: Steve Loughran <ste...@apache.org> Authored: Fri Jan 8 14:50:04 2016 +0000 Committer: Steve Loughran <ste...@apache.org> Committed: Fri Jan 8 14:50:04 2016 +0000 ---------------------------------------------------------------------- .../org/apache/hadoop/security/KerberosDiags.java | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/c2ef1cf6/slider-core/src/main/java/org/apache/hadoop/security/KerberosDiags.java ---------------------------------------------------------------------- diff --git a/slider-core/src/main/java/org/apache/hadoop/security/KerberosDiags.java b/slider-core/src/main/java/org/apache/hadoop/security/KerberosDiags.java index 4b64e9c..2a8344d 100644 --- a/slider-core/src/main/java/org/apache/hadoop/security/KerberosDiags.java +++ b/slider-core/src/main/java/org/apache/hadoop/security/KerberosDiags.java @@ -65,6 +65,8 @@ public class KerberosDiags implements Closeable { = "sun.security.krb5.debug"; public static final String SUN_SECURITY_SPNEGO_DEBUG = "sun.security.spnego.debug"; + public static final String SUN_SECURITY_JAAS_FILE + = "java.security.auth.login.config"; public static final String KERBEROS_KINIT_COMMAND = "hadoop.kerberos.kinit.command"; @@ -124,6 +126,7 @@ public class KerberosDiags implements Closeable { JAVA_SECURITY_KRB5_REALM, SUN_SECURITY_KRB5_DEBUG, SUN_SECURITY_SPNEGO_DEBUG, + SUN_SECURITY_JAAS_FILE }) { printSysprop(prop); } @@ -159,10 +162,11 @@ public class KerberosDiags implements Closeable { validateSasl(HADOOP_SECURITY_SASL_PROPS_RESOLVER_CLASS); validateSasl("dfs.data.transfer.saslproperties.resolver.class"); validateKinit(); + validateJAAS(); + // now the big test: login, then try again boolean krb5Debug = getAndSet(SUN_SECURITY_KRB5_DEBUG); boolean spnegoDebug = getAndSet(SUN_SECURITY_SPNEGO_DEBUG); - try { title("Logging in"); UserGroupInformation loginUser = getLoginUser(); @@ -306,6 +310,18 @@ public class KerberosDiags implements Closeable { } } + private void validateJAAS() { + String jaasFilename = System.getProperty(SUN_SECURITY_JAAS_FILE); + if (jaasFilename!=null) { + title("JAAS"); + File jaasFile = new File(jaasFilename); + println("JAAS file is defined in %s: %s", + SUN_SECURITY_JAAS_FILE, jaasFile); + failif(!jaasFile.exists(), "JAAS file does not exist: %s", jaasFile); + failif(!jaasFile.isFile(), "JAAS file is not a file: %s", jaasFile); + } + } + public void dumpTokens(UserGroupInformation user) { Collection<Token<? extends TokenIdentifier>> tokens = user.getCredentials().getAllTokens();