Package org.apache.hadoop.security.authentication.util

Class SubjectUtil

java.lang.Object
org.apache.hadoop.security.authentication.util.SubjectUtil
@Private public final class SubjectUtil extends Object
An utility class that adapts the Security Manager and APIs related to it for JDK 8 and above.

In JDK 17, the Security Manager and APIs related to it have been deprecated and are subject to removal in a future release. There is no replacement for the Security Manager. See JEP 411 for discussion and alternatives.

In JDK 24, the Security Manager has been permanently disabled. See JEP 486 for more information.

This is derived from Apache Calcite Avatica, which is derived from the Jetty implementation.

  • Field Details

    • THREAD_INHERITS_SUBJECT

      public static final boolean THREAD_INHERITS_SUBJECT
      True if the current JVM copies the current JAAS subject into new threads automatically.

  • Method Details

    • callAs

      public static <T> T callAs(Subject subject, Callable<T> action) throws CompletionException
      Map to Subject.callAs() if available, otherwise maps to Subject.doAs().
      Type Parameters:
      T - the type of the result
      Parameters:
      subject - the subject this action runs as
      action - the action to run
      Returns:
      the result of the action
      Throws:
      NullPointerException - if action is null
      CompletionException - if action.call() throws an exception. The cause of the CompletionException is set to the exception thrown by action.call().

    • doAs

      public static <T> T doAs(Subject subject, PrivilegedAction<T> action)
      Map action to a Callable on Java 18 onwards, and delegates to callAs(). Call Subject.doAs directly on older JVM.

      Note: Exception propagation behavior is different since Java 12, it always throw the original exception thrown by action; for lower Java versions, throw a PrivilegedActionException that wraps the original exception when action throw a checked exception.

      Type Parameters:
      T - the type of the result
      Parameters:
      subject - the subject this action runs as
      action - the action to run
      Returns:
      the result of the action
      Throws:
      NullPointerException - if action is null

    • doAs

      public static <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action) throws PrivilegedActionException
      Maps action to a Callable on Java 18 onwards, and delegates to callAs(). Call Subject.doAs directly on older JVM.
      Type Parameters:
      T - the type of the result
      Parameters:
      subject - the subject this action runs as
      action - the action to run
      Returns:
      the result of the action
      Throws:
      NullPointerException - if action is null
      PrivilegedActionException - if action.run() throws an checked exception. The cause of the PrivilegedActionException is set to the exception thrown by action.run().

    • current

      public static Subject current()
      Maps to Subject.current() if available, otherwise maps to Subject.getSubject().
      Returns:
      the current subject