HBASE-21843 RegionGroupingProvider breaks the meta wal file name pattern which may...
[hbase.git] / hbase-server / src / main / java / org / apache / hadoop / hbase / security / HBasePolicyProvider.java
blob72e36a8fe4746db0a15fca3af333425515fcef11
1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
18 package org.apache.hadoop.hbase.security;
20 import org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos;
21 import org.apache.hadoop.conf.Configuration;
22 import org.apache.hadoop.hbase.shaded.protobuf.generated.AdminProtos.AdminService;
23 import org.apache.hadoop.hbase.shaded.protobuf.generated.ClientProtos.ClientService;
24 import org.apache.hadoop.hbase.shaded.protobuf.generated.MasterProtos.MasterService;
25 import org.apache.hadoop.hbase.shaded.protobuf.generated.RegionServerStatusProtos.RegionServerStatusService;
26 import org.apache.hadoop.security.authorize.PolicyProvider;
27 import org.apache.hadoop.security.authorize.ProxyUsers;
28 import org.apache.hadoop.security.authorize.Service;
29 import org.apache.hadoop.security.authorize.ServiceAuthorizationManager;
30 import org.apache.yetus.audience.InterfaceAudience;
32 /**
33 * Implementation of secure Hadoop policy provider for mapping
34 * protocol interfaces to hbase-policy.xml entries.
36 @InterfaceAudience.Private
37 public class HBasePolicyProvider extends PolicyProvider {
38 protected final static Service[] services = {
39 new Service("security.client.protocol.acl", ClientService.BlockingInterface.class),
40 new Service("security.client.protocol.acl", AdminService.BlockingInterface.class),
41 new Service("security.client.protocol.acl",
42 MasterProtos.HbckService.BlockingInterface.class),
43 new Service("security.admin.protocol.acl", MasterService.BlockingInterface.class),
44 new Service("security.masterregion.protocol.acl",
45 RegionServerStatusService.BlockingInterface.class)
48 @Override
49 public Service[] getServices() {
50 return services;
53 public static void init(Configuration conf, ServiceAuthorizationManager authManager) {
54 // set service-level authorization security policy
55 System.setProperty("hadoop.policy.file", "hbase-policy.xml");
56 if (conf.getBoolean(ServiceAuthorizationManager.SERVICE_AUTHORIZATION_CONFIG, false)) {
57 authManager.refresh(conf, new HBasePolicyProvider());
58 ProxyUsers.refreshSuperUserGroupsConfiguration(conf);