001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 */ 019package org.apache.reef.runtime.common; 020 021import org.apache.reef.annotations.audience.ClientSide; 022import org.apache.reef.annotations.audience.DriverSide; 023import org.apache.reef.annotations.audience.Public; 024import org.apache.reef.runtime.common.client.defaults.DefaultUserCredentials; 025import org.apache.reef.tang.annotations.DefaultImplementation; 026 027import java.io.IOException; 028import java.security.PrivilegedExceptionAction; 029 030/** 031 * A holder object for REEF user credentials. 032 * Implementations of this interface are used e.g. for Unmanaged AM applications on YARN. 033 */ 034@Public 035@ClientSide 036@DriverSide 037@DefaultImplementation(DefaultUserCredentials.class) 038public interface UserCredentials { 039 040 /** 041 * Copy credentials from another existing user. 042 * This method can be called only once per instance. 043 * @param name name of the new user. 044 * @param other Credentials of another user. 045 * @throws IOException if unable to copy. 046 */ 047 void set(final String name, final UserCredentials other) throws IOException; 048 049 /** 050 * Check if the user credentials had been set. 051 * @return true if set() method had been called successfully before, false otherwise. 052 */ 053 boolean isSet(); 054 055 /** 056 * Execute the privileged action as a given user. 057 * If user credentials are not set, execute the action outside the user context. 058 * @param action an action to run. 059 * @param <T> action return type. 060 * @return result of an action. 061 * @throws Exception whatever the action can throw. 062 */ 063 <T> T doAs(final PrivilegedExceptionAction<T> action) throws Exception; 064}