Example 1 with TestTokenIdentifier
use of org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier in project hadoop by apache.
the class TestUserGroupInformation method testPrivateTokenExclusion.
/**
* In some scenario, such as HA, delegation tokens are associated with a
* logical name. The tokens are cloned and are associated with the
* physical address of the server where the service is provided.
* This test ensures cloned delegated tokens are locally used
* and are not returned in {@link UserGroupInformation#getCredentials()}
*/
@Test
public void testPrivateTokenExclusion() throws Exception {
UserGroupInformation ugi = UserGroupInformation.createUserForTesting("privateUser", new String[] { "PRIVATEUSERS" });
TestTokenIdentifier tokenId = new TestTokenIdentifier();
Token<TestTokenIdentifier> token = new Token<TestTokenIdentifier>(tokenId.getBytes(), "password".getBytes(), tokenId.getKind(), null);
ugi.addToken(new Text("regular-token"), token);
// Now add cloned private token
Text service = new Text("private-token");
ugi.addToken(service, token.privateClone(service));
Text service1 = new Text("private-token1");
ugi.addToken(service1, token.privateClone(service1));
// Ensure only non-private tokens are returned
Collection<Token<? extends TokenIdentifier>> tokens = ugi.getCredentials().getAllTokens();
assertEquals(1, tokens.size());
}
Also used :
TestTokenIdentifier(org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier)
TestTokenIdentifier(org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier)
TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier)
Token(org.apache.hadoop.security.token.Token)
Text(org.apache.hadoop.io.Text)
Test(org.junit.Test)
Example 2 with TestTokenIdentifier
use of org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier in project hadoop by apache.
the class TestUserGroupInformation method testExternalTokenFiles.
@Test
public void testExternalTokenFiles() throws Exception {
StringBuilder tokenFullPathnames = new StringBuilder();
String tokenFilenames = "token1,token2";
String[] tokenFiles = StringUtils.getTrimmedStrings(tokenFilenames);
final File testDir = new File("target", TestUserGroupInformation.class.getName() + "-tmpDir").getAbsoluteFile();
String testDirPath = testDir.getAbsolutePath();
// create path for token files
for (String tokenFile : tokenFiles) {
if (tokenFullPathnames.length() > 0) {
tokenFullPathnames.append(",");
}
tokenFullPathnames.append(testDirPath).append("/").append(tokenFile);
}
// create new token and store it
TestTokenIdentifier tokenId = new TestTokenIdentifier();
Credentials cred1 = new Credentials();
Token<TestTokenIdentifier> token1 = new Token<TestTokenIdentifier>(tokenId.getBytes(), "password".getBytes(), tokenId.getKind(), new Text("token-service1"));
cred1.addToken(token1.getService(), token1);
cred1.writeTokenStorageFile(new Path(testDirPath, tokenFiles[0]), conf);
Credentials cred2 = new Credentials();
Token<TestTokenIdentifier> token2 = new Token<TestTokenIdentifier>(tokenId.getBytes(), "password".getBytes(), tokenId.getKind(), new Text("token-service2"));
cred2.addToken(token2.getService(), token2);
cred2.writeTokenStorageFile(new Path(testDirPath, tokenFiles[1]), conf);
// set property for token external token files
System.setProperty("hadoop.token.files", tokenFullPathnames.toString());
UserGroupInformation.setLoginUser(null);
UserGroupInformation tokenUgi = UserGroupInformation.getLoginUser();
Collection<Token<?>> credsugiTokens = tokenUgi.getTokens();
assertTrue(credsugiTokens.contains(token1));
assertTrue(credsugiTokens.contains(token2));
}Aggregations
Text (org.apache.hadoop.io.Text)2
TestTokenIdentifier (org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier)2
Token (org.apache.hadoop.security.token.Token)2
Test (org.junit.Test)2
File (java.io.File)1
Path (org.apache.hadoop.fs.Path)1
TokenIdentifier (org.apache.hadoop.security.token.TokenIdentifier)1
