Example 6 with Groups
use of org.apache.hadoop.security.Groups in project hadoop by apache.
the class TestGroupsCaching method testOnlyOneRequestWhenExpiredEntryExists.
@Test
public void testOnlyOneRequestWhenExpiredEntryExists() throws Exception {
conf.setLong(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_SECS, 1);
FakeTimer timer = new FakeTimer();
final Groups groups = new Groups(conf, timer);
groups.cacheGroupsAdd(Arrays.asList(myGroups));
groups.refresh();
FakeGroupMapping.clearBlackList();
FakeGroupMapping.setGetGroupsDelayMs(100);
// We make an initial request to populate the cache
groups.getGroups("me");
int startingRequestCount = FakeGroupMapping.getRequestCount();
// Then expire that entry
timer.advance(400 * 1000);
Thread.sleep(100);
ArrayList<Thread> threads = new ArrayList<Thread>();
for (int i = 0; i < 10; i++) {
threads.add(new Thread() {
public void run() {
try {
assertEquals(2, groups.getGroups("me").size());
} catch (IOException e) {
fail("Should not happen");
}
}
});
}
// We start a bunch of threads who all see the cached value
for (Thread t : threads) {
t.start();
}
for (Thread t : threads) {
t.join();
}
// Only one extra request is made
assertEquals(startingRequestCount + 1, FakeGroupMapping.getRequestCount());
}
Also used :
Groups(org.apache.hadoop.security.Groups)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
FakeTimer(org.apache.hadoop.util.FakeTimer)
Test(org.junit.Test)
Example 7 with Groups
use of org.apache.hadoop.security.Groups in project hadoop by apache.
the class TestGroupsCaching method testCacheEntriesExpire.
@Test
public void testCacheEntriesExpire() throws Exception {
conf.setLong(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_SECS, 1);
FakeTimer timer = new FakeTimer();
final Groups groups = new Groups(conf, timer);
groups.cacheGroupsAdd(Arrays.asList(myGroups));
groups.refresh();
FakeGroupMapping.clearBlackList();
// We make an entry
groups.getGroups("me");
int startingRequestCount = FakeGroupMapping.getRequestCount();
timer.advance(20 * 1000);
// Cache entry has expired so it results in a new fetch
groups.getGroups("me");
assertEquals(startingRequestCount + 1, FakeGroupMapping.getRequestCount());
}Example 8 with Groups
use of org.apache.hadoop.security.Groups in project hadoop by apache.
the class TestGroupsCaching method testCachePreventsImplRequest.
@Test
public void testCachePreventsImplRequest() throws Exception {
// Disable negative cache.
conf.setLong(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_NEGATIVE_CACHE_SECS, 0);
Groups groups = new Groups(conf);
groups.cacheGroupsAdd(Arrays.asList(myGroups));
groups.refresh();
FakeGroupMapping.clearBlackList();
assertEquals(0, FakeGroupMapping.getRequestCount());
// First call hits the wire
assertTrue(groups.getGroups("me").size() == 2);
assertEquals(1, FakeGroupMapping.getRequestCount());
// Second count hits cache
assertTrue(groups.getGroups("me").size() == 2);
assertEquals(1, FakeGroupMapping.getRequestCount());
}Example 9 with Groups
use of org.apache.hadoop.security.Groups in project hadoop by apache.
the class TestGroupsCaching method testExceptionOnBackgroundRefreshHandled.
@Test
public void testExceptionOnBackgroundRefreshHandled() throws Exception {
conf.setLong(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_SECS, 1);
conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_BACKGROUND_RELOAD, true);
FakeTimer timer = new FakeTimer();
final Groups groups = new Groups(conf, timer);
groups.cacheGroupsAdd(Arrays.asList(myGroups));
groups.refresh();
FakeGroupMapping.clearBlackList();
// We make an initial request to populate the cache
groups.getGroups("me");
// add another group
groups.cacheGroupsAdd(Arrays.asList("grp3"));
int startingRequestCount = FakeGroupMapping.getRequestCount();
// Arrange for an exception to occur only on the
// second call
FakeGroupMapping.setThrowException(true);
// Then expire that entry
timer.advance(4 * 1000);
// Now get the cache entry - it should return immediately
// with the old value and the cache will not have completed
// a request to getGroups yet.
assertEquals(groups.getGroups("me").size(), 2);
assertEquals(startingRequestCount, FakeGroupMapping.getRequestCount());
// Now sleep for a short time and re-check the request count. It should have
// increased, but the exception means the cache will not have updated
Thread.sleep(50);
FakeGroupMapping.setThrowException(false);
assertEquals(startingRequestCount + 1, FakeGroupMapping.getRequestCount());
assertEquals(groups.getGroups("me").size(), 2);
// Now sleep another short time - the 3rd call to getGroups above
// will have kicked off another refresh that updates the cache
Thread.sleep(50);
assertEquals(startingRequestCount + 2, FakeGroupMapping.getRequestCount());
assertEquals(groups.getGroups("me").size(), 3);
}Example 10 with Groups
use of org.apache.hadoop.security.Groups in project hadoop by apache.
the class TestGroupsCaching method testExceptionCallingLoadWithoutBackgroundRefreshReturnsOldValue.
@Test
public void testExceptionCallingLoadWithoutBackgroundRefreshReturnsOldValue() throws Exception {
conf.setLong(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_SECS, 1);
conf.setBoolean(CommonConfigurationKeys.HADOOP_SECURITY_GROUPS_CACHE_BACKGROUND_RELOAD, false);
FakeTimer timer = new FakeTimer();
final Groups groups = new Groups(conf, timer);
groups.cacheGroupsAdd(Arrays.asList(myGroups));
groups.refresh();
FakeGroupMapping.clearBlackList();
// First populate the cash
assertEquals(groups.getGroups("me").size(), 2);
// Advance the timer so a refresh is required
timer.advance(2 * 1000);
// This call should throw an exception
FakeGroupMapping.setThrowException(true);
assertEquals(groups.getGroups("me").size(), 2);
}Aggregations
Groups (org.apache.hadoop.security.Groups)29
Test (org.junit.Test)19
IOException (java.io.IOException)14
FakeTimer (org.apache.hadoop.util.FakeTimer)10
Configuration (org.apache.hadoop.conf.Configuration)8
ArrayList (java.util.ArrayList)5
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)3
ServletException (javax.servlet.ServletException)2
GrantedAuthority (org.springframework.security.core.GrantedAuthority)2
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
File (java.io.File)1
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
Principal (java.security.Principal)1
PrivilegedActionException (java.security.PrivilegedActionException)1
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1
CertificateException (java.security.cert.CertificateException)1
ParseException (java.text.ParseException)1
TimeoutException (java.util.concurrent.TimeoutException)1
Subject (javax.security.auth.Subject)1
