【API访问实例】使用hyperbase API访问启用Kerberos的服务demo
如果需使用API来进行权限的管理,可考虑如下实例:
使用Java API访问启用Kerberos的服务示例
环境准备:
配置Kerberos客户端
配置默认路径:/etc/krb5.conf (Linux) 或者 C://Windows/krb5.ini (Windows)
或者
添加Java程序启动参数 -Djava.security.krb5.conf=<your_krb5_conf_path> 来指定Kerberos客户端配置
文件路径
确保客户端时间与集群时间同步
NOTE: client的机器时间和集群时间的时间差需在5分钟之内。
1. 程序的 Classpath 中加入配置文件目录(hbase-site.xml, core-site.xml)时,使用UserGroupInformation.loginUserFromKeytab 登录:
Example 1. 访问Hyperbase示例
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.security.UserGroupInformation;
public class HBaseSecureTest {
public static void main(String[] args) throws IOException {
UserGroupInformation.loginUserFromKeytab(“hbase/tw-node2125”,
“/etc/hyperbase1/hbase.keytab”);①
Configuration conf = HBaseConfiguration.create();
HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
hBaseAdmin.createTable(new HTableDescriptor(“t1”));
}
}
① "/etc/hyperbase1/hbase.keytab"表示客户端的加密文件所在地址,而非服务端的,所以需要根据具体
的客户端地址加以修改;“hbase/tw-node2125”中前者表示用户名,后者表示集群的任意一台机器,
可以不写。
2.当 Classpath 中没有加入配置文件目录(hbase-site.xml, core-site.xml)时,需要按如下方式在代码里设置一些配置项。
Example 2. 访问Hyperbase示例
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.security.UserGroupInformation;
public class HBaseSecureTest {
public static void main(String[] args) throws IOException {
Configuration HBASE_CONFIG = new Configuration();
HBASE_CONFIG.set(“hbase.zookeeper.quorum”,
“172.16.2.125,172.16.2.126,172.16.2.127”); ①
HBASE_CONFIG.set(“hbase.master.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.regionserver.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“hadoop.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“zookeeper.znode.parent”, “/hyperbase1”);
Configuration conf = HBaseConfiguration.create(HBASE_CONFIG);
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(“hbase/tw-node2125”,
“/etc/hyperbase1/hbase.keytab”);
HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
hBaseAdmin.createTable(new HTableDescriptor(“t1”));
}
}
① 以下四条命令中的参数都是固定写法。
3.使用不同的 UserGroupInformation 对象执行不同的代码段
UserGroupInformation ugi1 =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(principal1,
keytab1);
UserGroupInformation ugi2 =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(principal2,
keytab2);
ugi1.doAs(new PrivilegeExceptionAction {
override T run() {
action1;
return T;
}
);
ugi2.doAs(new PrivilegeExceptionAction {
override T run() {
action2;
return T;
}
);
4.Hyperbase 操作
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.;
import org.apache.hadoop.hbase.client.;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
/**
- Created by gordon on 2015/6/16.
*/
public class HyperbaseSecureTest {
private static Configuration conf = null;
static {
Configuration HBASE_CONFIG = new Configuration();
HBASE_CONFIG.set(“hbase.zookeeper.quorum”, “transwarpnode5,
transwarp-node6,transwarp-node7”);
HBASE_CONFIG.set(“hbase.master.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.regionserver.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“zookeeper.znode.parent”, “/hyperbase1”);
HBASE_CONFIG.set(“hadoop.security.authentication”, “kerberos”);
conf = HBaseConfiguration.create(HBASE_CONFIG);
}
/**
- 创建一张表
/
public static void creatTable(String tableName, String[] familys)
throws Exception {
HBaseAdmin admin = new HBaseAdmin(conf);
if (admin.tableExists(tableName)) {
System.out.println(“table already exists!”);
} else {
HTableDescriptor tableDesc = new HTableDescriptor(tableName);
for(int i=0; i<familys.length; i++){
tableDesc.addFamily(new HColumnDescriptor(familys[i]));
}
admin.createTable(tableDesc);
System.out.println(“create table " + tableName + " ok.”);
}
}
/* - 删除表
/
public static void deleteTable(String tableName) throws Exception {
try {
HBaseAdmin admin = new HBaseAdmin(conf);
admin.disableTable(tableName);
admin.deleteTable(tableName);
System.out.println(“delete table " + tableName + " ok.”);
} catch (MasterNotRunningException e) {
e.printStackTrace();
} catch (ZooKeeperConnectionException e) {
e.printStackTrace();
}
}
/* - 插入一行记录
/
public static void addRecord (String tableName, String rowKey, String
family, String qualifier, String value)
throws Exception{
try {
HTable table = new HTable(conf, tableName);
Put put = new Put(Bytes.toBytes(rowKey));
put.add(Bytes.toBytes(family),Bytes.toBytes(qualifier),Bytes.toBytes(value
));
table.put(put);
System.out.println(“insert recored " + rowKey + " to table " +
tableName +” ok.");
} catch (IOException e) {
e.printStackTrace();
}
}
/* - 删除一行记录
*/
public static void delRecord (String tableName, String rowKey) throws
IOException{
HTable table = new HTable(conf, tableName);
List list = new ArrayList();
Delete del = new Delete(rowKey.getBytes());
list.add(del);
table.delete(list);
System.out.println(“del recored " + rowKey + " ok.”);
}
/**
- 查找一行记录
/
public static void getOneRecord (String tableName, String rowKey)
throws IOException{
HTable table = new HTable(conf, tableName);
Get get = new Get(rowKey.getBytes());
Result rs = table.get(get);
for(KeyValue kv : rs.raw()){
System.out.print(new String(kv.getRow()) + " " );
System.out.print(new String(kv.getFamily()) + “:” );
System.out.print(new String(kv.getQualifier()) + " " );
System.out.print(kv.getTimestamp() + " " );
System.out.println(new String(kv.getValue()));
}
}
/* - 显示所有数据
*/
public static void getAllRecord (String tableName) {
try{
HTable table = new HTable(conf, tableName);
Scan s = new Scan();
ResultScanner ss = table.getScanner(s);
for(Result r:ss){
for(KeyValue kv : r.raw()){
System.out.print(new String(kv.getRow()) + " “);
System.out.print(new String(kv.getFamily()) + “:”);
System.out.print(new String(kv.getQualifier()) + " “);
System.out.print(kv.getTimestamp() + " “);
System.out.println(new String(kv.getValue()));
}
}
} catch (IOException e){
e.printStackTrace();
}
}
public static void main(String[] args) throws IOException {
try {
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(“hbase/transwarpnode5”,
“/etc/hyperbase1/hbase.keytab”);
// HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
// hBaseAdmin.createTable(new HTableDescriptor(“gordon2”));
String tablename = “scores”;
String[] familys = {“grade”, “course”};
[header]
Preface | 5
HyperbaseSecureTest.creatTable(tablename, familys);
//add record zkb
HyperbaseSecureTest.addRecord(tablename,“zkb”,“grade”,””,“5”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,”",“90”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,“math”,“97”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,“art”,“87”);
//add record baoniu
HyperbaseSecureTest.addRecord(tablename,“baoniu”,“grade”,"",“4”);
HyperbaseSecureTest.addRecord(tablename,“baoniu”,“course”,“math”,“89”);
System.out.println("===========get one record========");
HyperbaseSecureTest.getOneRecord(tablename, “zkb”);
System.out.println("===========show all record========");
HyperbaseSecureTest.getAllRecord(tablename);
System.out.println("===========del one record========");
HyperbaseSecureTest.delRecord(tablename, “baoniu”);
HyperbaseSecureTest.getAllRecord(tablename);
System.out.println("===========show all record========");
HyperbaseSecureTest.getAllRecord(tablename);
} catch (Exception e) {
e.printStackTrace();
}
}
}
HBase权限管理API示例(Hyperbase authorization api demo)
// Hyperbase提供了AccessControlClient这个类用来操作Hyperbase的权限管理。
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos;
import org.apache.hadoop.hbase.security.access.AccessControlClient;
import org.apache.hadoop.hbase.security.access.UserPermission;
import org.apache.hadoop.security.UserGroupInformation;
import java.security.PrivilegedAction;
import java.util.List;
public class HyperbaseAuthorization {
public static void main(String[] args) throws Exception {
String zkquorum = “baogang1”;
String znode = “/hyperbase1”;
final String targetTableName = “zhaoliu:zhaoliu_table”;
Configuration config = new Configuration();
config.set(“hbase.zookeeper.quorum”, zkquorum);
config.set(“zookeeper.znode.parent”, znode);
config.set(“hbase.master.kerberos.principal”, “hbase/_HOST@TDH”);
config.set(“hbase.regionserver.kerberos.principal”, “hbase/_HOST@TDH”);
config.set(“hbase.security.authentication”, “kerberos”);
config.set(“hadoop.security.authentication”, “kerberos”);
final Configuration conf = HBaseConfiguration.create(config);
UserGroupInformation.setConfiguration(conf);
// hbase user has global permissions
UserGroupInformation ugi =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(“hbase”,
“/home/zhaoliu/data/baogan*ase-baogang.keytab”);
ugi.doAs(new PrivilegedAction() {
@Override
public Void run() {
try {
if (AccessControlClient.isAccessControllerRunning(conf)) {
List permissions =
AccessControlClient.getUserPermissions(conf, targetTableName);
AccessControlProtos.GrantResponse grantResponse =
AccessControlClient.grant(conf, TableName.valueOf(targetTableName), “zhu”,
“f”.getBytes(), null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf,
targetTableName);
AccessControlProtos.RevokeResponse revokeResponse =
AccessControlClient.revoke(conf, “zhu”,
TableName.valueOf(targetTableName), “f”.getBytes(), null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf,
targetTableName);
// Global permissions
String global = “hbase:acl”;
grantResponse = AccessControlClient.grant(conf,
TableName.valueOf(global), “zhu”, null, null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf, global);
revokeResponse = AccessControlClient.revoke(conf, “zhu”,
TableName.valueOf(global), null, null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf, global);
} else {
System.out.println(“Hbase access controller is not running.”);
}
} catch (Throwable e) {
e.printStackTrace();
}
return null;
}
});
}
}
具体参考文档下载:链接:http://pan.baidu.com/s/1i5K* 56 密码:mbdy
如果需使用API来进行权限的管理,可考虑如下实例:
使用Java API访问启用Kerberos的服务示例
环境准备:
配置Kerberos客户端
配置默认路径:/etc/krb5.conf (Linux) 或者 C://Windows/krb5.ini (Windows)
或者
添加Java程序启动参数 -Djava.security.krb5.conf=<your_krb5_conf_path> 来指定Kerberos客户端配置
文件路径
确保客户端时间与集群时间同步
NOTE: client的机器时间和集群时间的时间差需在5分钟之内。
1. 程序的 Classpath 中加入配置文件目录(hbase-site.xml, core-site.xml)时,使用UserGroupInformation.loginUserFromKeytab 登录:
Example 1. 访问Hyperbase示例
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.security.UserGroupInformation;
public class HBaseSecureTest {
public static void main(String[] args) throws IOException {
UserGroupInformation.loginUserFromKeytab(“hbase/tw-node2125”,
“/etc/hyperbase1/hbase.keytab”);①
Configuration conf = HBaseConfiguration.create();
HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
hBaseAdmin.createTable(new HTableDescriptor(“t1”));
}
}
① "/etc/hyperbase1/hbase.keytab"表示客户端的加密文件所在地址,而非服务端的,所以需要根据具体
的客户端地址加以修改;“hbase/tw-node2125”中前者表示用户名,后者表示集群的任意一台机器,
可以不写。
2.当 Classpath 中没有加入配置文件目录(hbase-site.xml, core-site.xml)时,需要按如下方式在代码里设置一些配置项。
Example 2. 访问Hyperbase示例
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HTableDescriptor;
import org.apache.hadoop.hbase.client.HBaseAdmin;
import org.apache.hadoop.security.UserGroupInformation;
public class HBaseSecureTest {
public static void main(String[] args) throws IOException {
Configuration HBASE_CONFIG = new Configuration();
HBASE_CONFIG.set(“hbase.zookeeper.quorum”,
“172.16.2.125,172.16.2.126,172.16.2.127”); ①
HBASE_CONFIG.set(“hbase.master.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.regionserver.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“hadoop.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“zookeeper.znode.parent”, “/hyperbase1”);
Configuration conf = HBaseConfiguration.create(HBASE_CONFIG);
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(“hbase/tw-node2125”,
“/etc/hyperbase1/hbase.keytab”);
HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
hBaseAdmin.createTable(new HTableDescriptor(“t1”));
}
}
① 以下四条命令中的参数都是固定写法。
3.使用不同的 UserGroupInformation 对象执行不同的代码段
UserGroupInformation ugi1 =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(principal1,
keytab1);
UserGroupInformation ugi2 =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(principal2,
keytab2);
ugi1.doAs(new PrivilegeExceptionAction {
override T run() {
action1;
return T;
}
);
ugi2.doAs(new PrivilegeExceptionAction {
override T run() {
action2;
return T;
}
);
4.Hyperbase 操作
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.;
import org.apache.hadoop.hbase.client.;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
/**
- Created by gordon on 2015/6/16.
*/
public class HyperbaseSecureTest {
private static Configuration conf = null;
static {
Configuration HBASE_CONFIG = new Configuration();
HBASE_CONFIG.set(“hbase.zookeeper.quorum”, “transwarpnode5,
transwarp-node6,transwarp-node7”);
HBASE_CONFIG.set(“hbase.master.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.regionserver.kerberos.principal”,
“hbase/_HOST@TDH”);
HBASE_CONFIG.set(“hbase.security.authentication”, “kerberos”);
HBASE_CONFIG.set(“zookeeper.znode.parent”, “/hyperbase1”);
HBASE_CONFIG.set(“hadoop.security.authentication”, “kerberos”);
conf = HBaseConfiguration.create(HBASE_CONFIG);
}
/**
- 创建一张表
/
public static void creatTable(String tableName, String[] familys)
throws Exception {
HBaseAdmin admin = new HBaseAdmin(conf);
if (admin.tableExists(tableName)) {
System.out.println(“table already exists!”);
} else {
HTableDescriptor tableDesc = new HTableDescriptor(tableName);
for(int i=0; i<familys.length; i++){
tableDesc.addFamily(new HColumnDescriptor(familys[i]));
}
admin.createTable(tableDesc);
System.out.println(“create table " + tableName + " ok.”);
}
}
/* - 删除表
/
public static void deleteTable(String tableName) throws Exception {
try {
HBaseAdmin admin = new HBaseAdmin(conf);
admin.disableTable(tableName);
admin.deleteTable(tableName);
System.out.println(“delete table " + tableName + " ok.”);
} catch (MasterNotRunningException e) {
e.printStackTrace();
} catch (ZooKeeperConnectionException e) {
e.printStackTrace();
}
}
/* - 插入一行记录
/
public static void addRecord (String tableName, String rowKey, String
family, String qualifier, String value)
throws Exception{
try {
HTable table = new HTable(conf, tableName);
Put put = new Put(Bytes.toBytes(rowKey));
put.add(Bytes.toBytes(family),Bytes.toBytes(qualifier),Bytes.toBytes(value
));
table.put(put);
System.out.println(“insert recored " + rowKey + " to table " +
tableName +” ok.");
} catch (IOException e) {
e.printStackTrace();
}
}
/* - 删除一行记录
*/
public static void delRecord (String tableName, String rowKey) throws
IOException{
HTable table = new HTable(conf, tableName);
List list = new ArrayList();
Delete del = new Delete(rowKey.getBytes());
list.add(del);
table.delete(list);
System.out.println(“del recored " + rowKey + " ok.”);
}
/**
- 查找一行记录
/
public static void getOneRecord (String tableName, String rowKey)
throws IOException{
HTable table = new HTable(conf, tableName);
Get get = new Get(rowKey.getBytes());
Result rs = table.get(get);
for(KeyValue kv : rs.raw()){
System.out.print(new String(kv.getRow()) + " " );
System.out.print(new String(kv.getFamily()) + “:” );
System.out.print(new String(kv.getQualifier()) + " " );
System.out.print(kv.getTimestamp() + " " );
System.out.println(new String(kv.getValue()));
}
}
/* - 显示所有数据
*/
public static void getAllRecord (String tableName) {
try{
HTable table = new HTable(conf, tableName);
Scan s = new Scan();
ResultScanner ss = table.getScanner(s);
for(Result r:ss){
for(KeyValue kv : r.raw()){
System.out.print(new String(kv.getRow()) + " “);
System.out.print(new String(kv.getFamily()) + “:”);
System.out.print(new String(kv.getQualifier()) + " “);
System.out.print(kv.getTimestamp() + " “);
System.out.println(new String(kv.getValue()));
}
}
} catch (IOException e){
e.printStackTrace();
}
}
public static void main(String[] args) throws IOException {
try {
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(“hbase/transwarpnode5”,
“/etc/hyperbase1/hbase.keytab”);
// HBaseAdmin hBaseAdmin = new HBaseAdmin(conf);
// hBaseAdmin.createTable(new HTableDescriptor(“gordon2”));
String tablename = “scores”;
String[] familys = {“grade”, “course”};
[header]
Preface | 5
HyperbaseSecureTest.creatTable(tablename, familys);
//add record zkb
HyperbaseSecureTest.addRecord(tablename,“zkb”,“grade”,””,“5”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,”",“90”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,“math”,“97”);
HyperbaseSecureTest.addRecord(tablename,“zkb”,“course”,“art”,“87”);
//add record baoniu
HyperbaseSecureTest.addRecord(tablename,“baoniu”,“grade”,"",“4”);
HyperbaseSecureTest.addRecord(tablename,“baoniu”,“course”,“math”,“89”);
System.out.println("===========get one record========");
HyperbaseSecureTest.getOneRecord(tablename, “zkb”);
System.out.println("===========show all record========");
HyperbaseSecureTest.getAllRecord(tablename);
System.out.println("===========del one record========");
HyperbaseSecureTest.delRecord(tablename, “baoniu”);
HyperbaseSecureTest.getAllRecord(tablename);
System.out.println("===========show all record========");
HyperbaseSecureTest.getAllRecord(tablename);
} catch (Exception e) {
e.printStackTrace();
}
}
}
HBase权限管理API示例(Hyperbase authorization api demo)
// Hyperbase提供了AccessControlClient这个类用来操作Hyperbase的权限管理。
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos;
import org.apache.hadoop.hbase.security.access.AccessControlClient;
import org.apache.hadoop.hbase.security.access.UserPermission;
import org.apache.hadoop.security.UserGroupInformation;
import java.security.PrivilegedAction;
import java.util.List;
public class HyperbaseAuthorization {
public static void main(String[] args) throws Exception {
String zkquorum = “baogang1”;
String znode = “/hyperbase1”;
final String targetTableName = “zhaoliu:zhaoliu_table”;
Configuration config = new Configuration();
config.set(“hbase.zookeeper.quorum”, zkquorum);
config.set(“zookeeper.znode.parent”, znode);
config.set(“hbase.master.kerberos.principal”, “hbase/_HOST@TDH”);
config.set(“hbase.regionserver.kerberos.principal”, “hbase/_HOST@TDH”);
config.set(“hbase.security.authentication”, “kerberos”);
config.set(“hadoop.security.authentication”, “kerberos”);
final Configuration conf = HBaseConfiguration.create(config);
UserGroupInformation.setConfiguration(conf);
// hbase user has global permissions
UserGroupInformation ugi =
UserGroupInformation.loginUserFromKeytabAndReturnUGI(“hbase”,
“/home/zhaoliu/data/baogan*ase-baogang.keytab”);
ugi.doAs(new PrivilegedAction() {
@Override
public Void run() {
try {
if (AccessControlClient.isAccessControllerRunning(conf)) {
List permissions =
AccessControlClient.getUserPermissions(conf, targetTableName);
AccessControlProtos.GrantResponse grantResponse =
AccessControlClient.grant(conf, TableName.valueOf(targetTableName), “zhu”,
“f”.getBytes(), null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf,
targetTableName);
AccessControlProtos.RevokeResponse revokeResponse =
AccessControlClient.revoke(conf, “zhu”,
TableName.valueOf(targetTableName), “f”.getBytes(), null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf,
targetTableName);
// Global permissions
String global = “hbase:acl”;
grantResponse = AccessControlClient.grant(conf,
TableName.valueOf(global), “zhu”, null, null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf, global);
revokeResponse = AccessControlClient.revoke(conf, “zhu”,
TableName.valueOf(global), null, null,
AccessControlProtos.Permission.Action.READ,
AccessControlProtos.Permission.Action.WRITE);
permissions = AccessControlClient.getUserPermissions(conf, global);
} else {
System.out.println(“Hbase access controller is not running.”);
}
} catch (Throwable e) {
e.printStackTrace();
}
return null;
}
});
}
}
具体参考文档下载:链接:http://pan.baidu.com/s/1i5K* 56 密码:mbdy
登录后可评论
.jpg)
