Example 16 with AuthenticationException
use of org.apache.hadoop.security.authentication.client.AuthenticationException in project voldemort by voldemort.
the class HdfsCopyStatsTest method testReportExceptionForStats.
@Test
public void testReportExceptionForStats() throws NoSuchMethodException, InvocationTargetException, IllegalAccessException {
Map<Exception, Map> config = new HashMap<Exception, Map>();
config.put(new Exception(new AuthenticationException("test")), buildMethodResultMap(1, 0, 0, 0, 0));
config.put(new FileNotFoundException(), buildMethodResultMap(0, 1, 0, 0, 0));
config.put(new IOException(), buildMethodResultMap(0, 0, 1, 0, 0));
config.put(new QuotaExceededException("test"), buildMethodResultMap(0, 0, 0, 1, 0));
config.put(new UnauthorizedStoreException("test"), buildMethodResultMap(0, 0, 0, 0, 1));
HdfsFetcherAggStats aggStats = HdfsFetcherAggStats.getStats();
for (Map.Entry<Exception, Map> entry : config.entrySet()) {
Exception e = entry.getKey();
Map<String, Long> methodResMap = entry.getValue();
Set<String> methodSet = methodResMap.keySet();
// Get result before invocation
Map<String, Long> beforeRes = invokeInternalMethod(aggStats, methodSet);
HdfsCopyStats.reportExceptionForStats(e);
// Get result after invocation
Map<String, Long> afterRes = invokeInternalMethod(aggStats, methodSet);
// Compare the difference
for (String methodName : methodSet) {
String msg = "Method expects " + methodResMap.get(methodName) + " with exception: " + e.getClass().getName();
assertEquals(msg, methodResMap.get(methodName).longValue(), afterRes.get(methodName).longValue() - beforeRes.get(methodName).longValue());
}
}
}
Also used :
QuotaExceededException(voldemort.store.quota.QuotaExceededException)
UnauthorizedStoreException(voldemort.store.readonly.UnauthorizedStoreException)
HashMap(java.util.HashMap)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
FileNotFoundException(java.io.FileNotFoundException)
IOException(java.io.IOException)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
UnauthorizedStoreException(voldemort.store.readonly.UnauthorizedStoreException)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
Exception(java.lang.Exception)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
QuotaExceededException(voldemort.store.quota.QuotaExceededException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Test(org.junit.Test)
Example 17 with AuthenticationException
use of org.apache.hadoop.security.authentication.client.AuthenticationException in project voldemort by voldemort.
the class HadoopUtils method getHadoopFileSystem.
public static FileSystem getHadoopFileSystem(VoldemortConfig voldemortConfig, String sourceFileUrl) throws Exception {
final Path source = new Path(sourceFileUrl);
final Configuration config = getConfiguration(voldemortConfig, source);
final int maxAttempts = voldemortConfig.getReadOnlyFetchRetryCount();
final String keytabPath = voldemortConfig.getReadOnlyKeytabPath();
FileSystem fs = null;
for (int attempt = 1; attempt <= maxAttempts; attempt++) {
try {
if (keytabPath.length() > 0) {
// but we will redo it if an AuthenticationException is caught below.
synchronized (HadoopUtils.class) {
long timeSinceLastLogin = System.currentTimeMillis() - lastLoginTime;
// 2- To prevent NPEs if the currentHadoopUser is reset to null in the catch block.
if (currentHadoopUser == null || timeSinceLastLogin > voldemortConfig.getReadOnlyLoginIntervalMs()) {
if (!new File(keytabPath).exists()) {
logger.error("Invalid keytab file path. Please provide a valid keytab path");
throw new VoldemortException("Error in getting Hadoop filesystem. Invalid keytab file path.");
}
UserGroupInformation.setConfiguration(config);
UserGroupInformation.loginUserFromKeytab(voldemortConfig.getReadOnlyKerberosUser(), keytabPath);
currentHadoopUser = UserGroupInformation.getCurrentUser();
lastLoginTime = System.currentTimeMillis();
logger.info("I have logged in as " + currentHadoopUser.getUserName());
} else {
// FileSystem caching is disabled. If enabled, the code has a known bug
// FileSystem returns the cached object per scheme, authority and user
// This causes the FileSystem object to be shared among multiple fetches/lock
// But each owner closes the FileSystem at the end and surprising others still using it.
// reloginFromKeytab() will not actually do anything unless the token is close to expiring.
currentHadoopUser.reloginFromKeytab();
}
}
}
fs = source.getFileSystem(config);
// Just a small operation to make sure the FileSystem instance works.
fs.exists(source);
break;
} catch (VoldemortException e) {
IOUtils.closeQuietly(fs);
// We only intend to catch and retry Hadoop-related exceptions, not Voldemort ones.
throw e;
} catch (Exception e) {
IOUtils.closeQuietly(fs);
if (ExceptionUtils.recursiveClassEquals(e, AuthenticationException.class)) {
logger.info("Got an AuthenticationException from HDFS. " + "Will retry to login from scratch, on next attempt.", e);
synchronized (HadoopUtils.class) {
// Synchronized to prevent NPEs in the other synchronized block, above.
currentHadoopUser = null;
}
}
if (attempt < maxAttempts) {
// We may need to sleep
long retryDelayMs = voldemortConfig.getReadOnlyFetchRetryDelayMs();
if (retryDelayMs > 0) {
// Doing random back off so that all nodes do not end up swarming the KDC infra
long randomDelay = (long) (Math.random() * retryDelayMs + retryDelayMs);
logger.error("Could not get a valid Filesystem object on attempt # " + attempt + " / " + maxAttempts + ". Trying again in " + randomDelay + " ms.");
try {
Thread.sleep(randomDelay);
} catch (InterruptedException ie) {
logger.error("Fetcher interrupted while waiting to retry", ie);
Thread.currentThread().interrupt();
}
}
} else {
throw e;
}
}
}
return fs;
}
Also used :
Path(org.apache.hadoop.fs.Path)
Configuration(org.apache.hadoop.conf.Configuration)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
FileSystem(org.apache.hadoop.fs.FileSystem)
HftpFileSystem(org.apache.hadoop.hdfs.web.HftpFileSystem)
SequenceFile(org.apache.hadoop.io.SequenceFile)
File(java.io.File)
VoldemortException(voldemort.VoldemortException)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
UndefinedPropertyException(voldemort.utils.UndefinedPropertyException)
VoldemortException(voldemort.VoldemortException)
IOException(java.io.IOException)
Example 18 with AuthenticationException
use of org.apache.hadoop.security.authentication.client.AuthenticationException in project hadoop by apache.
the class TestJWTRedirectAuthentictionHandler method testInvalidAudienceJWT.
@Test
public void testInvalidAudienceJWT() throws Exception {
try {
handler.setPublicKey(publicKey);
Properties props = getProperties();
props.put(JWTRedirectAuthenticationHandler.EXPECTED_JWT_AUDIENCES, "foo");
handler.init(props);
SignedJWT jwt = getJWT("bob", new Date(new Date().getTime() + 5000), privateKey);
Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
AuthenticationToken token = handler.alternateAuthenticate(request, response);
Mockito.verify(response).sendRedirect(REDIRECT_LOCATION);
} catch (ServletException se) {
fail("alternateAuthentication should NOT have thrown a ServletException");
} catch (AuthenticationException ae) {
fail("alternateAuthentication should NOT have thrown a AuthenticationException");
}
}
Also used :
Cookie(javax.servlet.http.Cookie)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Properties(java.util.Properties)
Date(java.util.Date)
Test(org.junit.Test)
Example 19 with AuthenticationException
use of org.apache.hadoop.security.authentication.client.AuthenticationException in project hadoop by apache.
the class TestJWTRedirectAuthentictionHandler method testValidJWT.
@Test
public void testValidJWT() throws Exception {
try {
handler.setPublicKey(publicKey);
Properties props = getProperties();
handler.init(props);
SignedJWT jwt = getJWT("alice", new Date(new Date().getTime() + 5000), privateKey);
Cookie cookie = new Cookie("hadoop-jwt", jwt.serialize());
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
Mockito.when(request.getCookies()).thenReturn(new Cookie[] { cookie });
Mockito.when(request.getRequestURL()).thenReturn(new StringBuffer(SERVICE_URL));
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
Mockito.when(response.encodeRedirectURL(SERVICE_URL)).thenReturn(SERVICE_URL);
AuthenticationToken token = handler.alternateAuthenticate(request, response);
Assert.assertNotNull("Token should not be null.", token);
Assert.assertEquals("alice", token.getUserName());
} catch (ServletException se) {
fail("alternateAuthentication should NOT have thrown a ServletException.");
} catch (AuthenticationException ae) {
fail("alternateAuthentication should NOT have thrown an AuthenticationException");
}
}
Also used :
Cookie(javax.servlet.http.Cookie)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
SignedJWT(com.nimbusds.jwt.SignedJWT)
Properties(java.util.Properties)
Date(java.util.Date)
Test(org.junit.Test)
Example 20 with AuthenticationException
use of org.apache.hadoop.security.authentication.client.AuthenticationException in project hadoop by apache.
the class TestKerberosAuthenticationHandler method testRequestWithInvalidKerberosAuthorization.
public void testRequestWithInvalidKerberosAuthorization() throws Exception {
String token = new Base64(0).encodeToString(new byte[] { 0, 1, 2 });
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
Mockito.when(request.getHeader(KerberosAuthenticator.AUTHORIZATION)).thenReturn(KerberosAuthenticator.NEGOTIATE + token);
try {
handler.authenticate(request, response);
Assert.fail();
} catch (AuthenticationException ex) {
// Expected
} catch (Exception ex) {
Assert.fail();
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Base64(org.apache.commons.codec.binary.Base64)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException)
ServletException(javax.servlet.ServletException)
Aggregations
AuthenticationException (org.apache.hadoop.security.authentication.client.AuthenticationException)40
HttpServletRequest (javax.servlet.http.HttpServletRequest)18
Test (org.junit.Test)17
ServletException (javax.servlet.ServletException)16
HttpServletResponse (javax.servlet.http.HttpServletResponse)16
IOException (java.io.IOException)14
Cookie (javax.servlet.http.Cookie)14
Properties (java.util.Properties)12
SignedJWT (com.nimbusds.jwt.SignedJWT)10
Date (java.util.Date)9
URL (java.net.URL)7
AuthenticationToken (org.apache.hadoop.security.authentication.server.AuthenticationToken)6
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)5
File (java.io.File)4
InputStream (java.io.InputStream)4
HttpURLConnection (java.net.HttpURLConnection)4
PrivilegedActionException (java.security.PrivilegedActionException)4
HashMap (java.util.HashMap)4
Base64 (org.apache.commons.codec.binary.Base64)4
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
