Hbase之Java API遠程訪問Kerberos認證

HbaseConnKer.java

 1 package BigData.conn;
 2 
 3 import BigData.utils.resource.ResourcesUtils;
 4 import org.apache.hadoop.conf.Configuration;
 5 import org.apache.hadoop.hbase.HBaseConfiguration;
 6 import org.apache.hadoop.hbase.client.Connection;
 7 import org.apache.hadoop.hbase.client.ConnectionFactory;
 8 import org.apache.hadoop.security.UserGroupInformation;
 9 
10 import java.io.IOException;
11 import java.io.InputStream;
12 import java.nio.file.Files;
13 import java.nio.file.Paths;
14 import java.util.Properties;
15 
16 public class HbaseConnKer {
17 
18     private static Connection connectionKer = null;
19 
20     private static volatile HbaseConnKer instanceKer;
21 
22     private HbaseConnKer() {
23         try {
24             Properties pro = ResourcesUtils.getResourceAsProperties("Kerberos/HbaseConfigKer.properties");
25 
26         /*   這個配置文件主要是記錄 kerberos的相關配置信息，例如KDC是哪一個IP？默認的realm是哪一個？
27              這個文件是從遠程服務器上copy下來的*/
28             System.setProperty("java.security.krb5.conf", pro.getProperty("java.security.krb5.conf"));
29 
30             Configuration conf = HBaseConfiguration.create();
31 
32             // -----Kerberos配置-----
33             InputStream hbaseSiteInputStream = Files.newInputStream(Paths.get(pro.getProperty("hbase.site")));
34             if (hbaseSiteInputStream == null) {
35                 System.out.println("The hbase-site.xml is null!");
36             }
37             conf.addResource(hbaseSiteInputStream);
38             conf.set("hadoop.security.authentication", pro.getProperty("hadoop.security.authentication"));
39 
40             // 這個能夠理解成用戶名信息，也就是Principal
41             conf.set("kerberos.principal", pro.getProperty("kerberos.principal"));
42 
43             UserGroupInformation.setConfiguration(conf);
44             UserGroupInformation.loginUserFromKeytab(pro.getProperty("kerberos.principal"),
45                     pro.getProperty("kerberos.keytab"));
46             // ----------
47 
48             //顯示鏈接的服務器
49             System.out.println("鏈接服務器："+conf.get("hbase.zookeeper.quorum"));
50 
51             connectionKer = ConnectionFactory.createConnection(conf);
52             System.out.println("建立connection成功！");
53         } catch (IOException e) {
54             e.printStackTrace();
55         }
56 
57     }
58 
59     public static Connection getConnection() {
60         return connectionKer;
61     }
62 
63     public static HbaseConnKer getIstance() {
64         // 定義一個共有的靜態方法，返回該類型實例
65         if (instanceKer == null) {
66             // 對象實例化時與否判斷（不使用同步代碼塊，instance不等於null時，直接返回對象，提升運行效率）
67             synchronized (HbaseConnKer.class) {
68                 // 同步代碼塊（對象未初始化時，使用同步代碼塊，保證多線程訪問時對象在第一次建立後，再也不重複被建立）
69                 if (instanceKer == null) {
70                     // 未初始化，則初始instance變量
71                     instanceKer = new HbaseConnKer();
72                 }
73             }
74         }
75         return instanceKer;
76     }
77 }

 

HbaseConfigKer.properties

# HBase config
hbase.zookeeper.quorum=20.1.1.93
hbase.zookeeper.property.clientPort=2181

java.security.krb5.conf=src/main/resources/Kerberos/krb5.conf
hadoop.security.authentication=kerberos
hbase.site=src/main/resources/Kerberos/hbase-site.xml
kerberos.keytab=src/main/resources/Kerberos/XXX.keytab
kerberos.principal=XXX@XX.COM