Search in sources :

Example 1 with ConnectionConfigurator

use of org.apache.hadoop.security.authentication.client.ConnectionConfigurator in project hadoop by apache.

the class TestWebHdfsTokens method testSetTokenServiceAndKind.

@Test
public void testSetTokenServiceAndKind() throws Exception {
    MiniDFSCluster cluster = null;
    try {
        final Configuration clusterConf = new HdfsConfiguration(conf);
        SecurityUtil.setAuthenticationMethod(SIMPLE, clusterConf);
        clusterConf.setBoolean(DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_KEY, true);
        // trick the NN into thinking s[ecurity is enabled w/o it trying
        // to login from a keytab
        UserGroupInformation.setConfiguration(clusterConf);
        cluster = new MiniDFSCluster.Builder(clusterConf).numDataNodes(0).build();
        cluster.waitActive();
        SecurityUtil.setAuthenticationMethod(KERBEROS, clusterConf);
        final WebHdfsFileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem(clusterConf, "webhdfs");
        Whitebox.setInternalState(fs, "canRefreshDelegationToken", true);
        URLConnectionFactory factory = new URLConnectionFactory(new ConnectionConfigurator() {

            @Override
            public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
                return conn;
            }
        }) {

            @Override
            public URLConnection openConnection(URL url) throws IOException {
                return super.openConnection(new URL(url + "&service=foo&kind=bar"));
            }
        };
        Whitebox.setInternalState(fs, "connectionFactory", factory);
        Token<?> token1 = fs.getDelegationToken();
        Assert.assertEquals(new Text("bar"), token1.getKind());
        final HttpOpParam.Op op = GetOpParam.Op.GETDELEGATIONTOKEN;
        Token<DelegationTokenIdentifier> token2 = fs.new FsPathResponseRunner<Token<DelegationTokenIdentifier>>(op, null, new RenewerParam(null)) {

            @Override
            Token<DelegationTokenIdentifier> decodeResponse(Map<?, ?> json) throws IOException {
                return JsonUtilClient.toDelegationToken(json);
            }
        }.run();
        Assert.assertEquals(new Text("bar"), token2.getKind());
        Assert.assertEquals(new Text("foo"), token2.getService());
    } finally {
        if (cluster != null) {
            cluster.shutdown();
        }
    }
}
Also used : ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator) MiniDFSCluster(org.apache.hadoop.hdfs.MiniDFSCluster) Configuration(org.apache.hadoop.conf.Configuration) HdfsConfiguration(org.apache.hadoop.hdfs.HdfsConfiguration) DelegationTokenIdentifier(org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier) Text(org.apache.hadoop.io.Text) InvalidToken(org.apache.hadoop.security.token.SecretManager.InvalidToken) Token(org.apache.hadoop.security.token.Token) IOException(java.io.IOException) HdfsConfiguration(org.apache.hadoop.hdfs.HdfsConfiguration) URL(java.net.URL) HttpURLConnection(java.net.HttpURLConnection) Test(org.junit.Test)

Example 2 with ConnectionConfigurator

use of org.apache.hadoop.security.authentication.client.ConnectionConfigurator in project hadoop by apache.

the class TestURLConnectionFactory method testConnConfiguratior.

@Test
public void testConnConfiguratior() throws IOException {
    final URL u = new URL("http://localhost");
    final List<HttpURLConnection> conns = Lists.newArrayList();
    URLConnectionFactory fc = new URLConnectionFactory(new ConnectionConfigurator() {

        @Override
        public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
            Assert.assertEquals(u, conn.getURL());
            conns.add(conn);
            return conn;
        }
    });
    fc.openConnection(u);
    Assert.assertEquals(1, conns.size());
}
Also used : ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator) HttpURLConnection(java.net.HttpURLConnection) IOException(java.io.IOException) URL(java.net.URL) Test(org.junit.Test)

Example 3 with ConnectionConfigurator

use of org.apache.hadoop.security.authentication.client.ConnectionConfigurator in project hadoop by apache.

the class TimelineConnector method initSslConnConfigurator.

private static ConnectionConfigurator initSslConnConfigurator(final int timeout, SSLFactory sslFactory) throws IOException, GeneralSecurityException {
    final SSLSocketFactory sf;
    final HostnameVerifier hv;
    sf = sslFactory.createSSLSocketFactory();
    hv = sslFactory.getHostnameVerifier();
    return new ConnectionConfigurator() {

        @Override
        public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
            if (conn instanceof HttpsURLConnection) {
                HttpsURLConnection c = (HttpsURLConnection) conn;
                c.setSSLSocketFactory(sf);
                c.setHostnameVerifier(hv);
            }
            setTimeouts(conn, timeout);
            return conn;
        }
    };
}
Also used : ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator) HttpURLConnection(java.net.HttpURLConnection) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Example 4 with ConnectionConfigurator

use of org.apache.hadoop.security.authentication.client.ConnectionConfigurator in project hadoop by apache.

the class URLConnectionFactory method newOAuth2URLConnectionFactory.

/**
   * Construct a new URLConnectionFactory that supports OAut-based connections.
   * It will also try to load the SSL configuration when they are specified.
   */
public static URLConnectionFactory newOAuth2URLConnectionFactory(Configuration conf) throws IOException {
    ConnectionConfigurator conn;
    try {
        ConnectionConfigurator sslConnConfigurator = newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
        conn = new OAuth2ConnectionConfigurator(conf, sslConnConfigurator);
    } catch (Exception e) {
        throw new IOException("Unable to load OAuth2 connection factory.", e);
    }
    return new URLConnectionFactory(conn);
}
Also used : ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator) OAuth2ConnectionConfigurator(org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator) IOException(java.io.IOException) AuthenticationException(org.apache.hadoop.security.authentication.client.AuthenticationException) IOException(java.io.IOException) GeneralSecurityException(java.security.GeneralSecurityException) OAuth2ConnectionConfigurator(org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator)

Example 5 with ConnectionConfigurator

use of org.apache.hadoop.security.authentication.client.ConnectionConfigurator in project hadoop by apache.

the class URLConnectionFactory method newSslConnConfigurator.

/**
   * Create a new ConnectionConfigurator for SSL connections
   */
private static ConnectionConfigurator newSslConnConfigurator(final int defaultTimeout, Configuration conf) throws IOException, GeneralSecurityException {
    final SSLFactory factory;
    final SSLSocketFactory sf;
    final HostnameVerifier hv;
    final int connectTimeout;
    final int readTimeout;
    factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf);
    factory.init();
    sf = factory.createSSLSocketFactory();
    hv = factory.getHostnameVerifier();
    connectTimeout = (int) conf.getTimeDuration(HdfsClientConfigKeys.DFS_WEBHDFS_SOCKET_CONNECT_TIMEOUT_KEY, defaultTimeout, TimeUnit.MILLISECONDS);
    readTimeout = (int) conf.getTimeDuration(HdfsClientConfigKeys.DFS_WEBHDFS_SOCKET_READ_TIMEOUT_KEY, defaultTimeout, TimeUnit.MILLISECONDS);
    return new ConnectionConfigurator() {

        @Override
        public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
            if (conn instanceof HttpsURLConnection) {
                HttpsURLConnection c = (HttpsURLConnection) conn;
                c.setSSLSocketFactory(sf);
                c.setHostnameVerifier(hv);
            }
            URLConnectionFactory.setTimeouts(conn, connectTimeout, readTimeout);
            return conn;
        }
    };
}
Also used : ConnectionConfigurator(org.apache.hadoop.security.authentication.client.ConnectionConfigurator) OAuth2ConnectionConfigurator(org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator) SSLFactory(org.apache.hadoop.security.ssl.SSLFactory) HttpURLConnection(java.net.HttpURLConnection) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) HostnameVerifier(javax.net.ssl.HostnameVerifier)

Aggregations

ConnectionConfigurator (org.apache.hadoop.security.authentication.client.ConnectionConfigurator)7 HttpURLConnection (java.net.HttpURLConnection)6 IOException (java.io.IOException)4 URL (java.net.URL)3 HostnameVerifier (javax.net.ssl.HostnameVerifier)3 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)3 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)3 GeneralSecurityException (java.security.GeneralSecurityException)2 Configuration (org.apache.hadoop.conf.Configuration)2 OAuth2ConnectionConfigurator (org.apache.hadoop.hdfs.web.oauth2.OAuth2ConnectionConfigurator)2 SSLFactory (org.apache.hadoop.security.ssl.SSLFactory)2 Test (org.junit.Test)2 HttpURLConnectionFactory (com.sun.jersey.client.urlconnection.HttpURLConnectionFactory)1 URLConnectionClientHandler (com.sun.jersey.client.urlconnection.URLConnectionClientHandler)1 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)1 AtlasException (org.apache.atlas.AtlasException)1 HdfsConfiguration (org.apache.hadoop.hdfs.HdfsConfiguration)1 MiniDFSCluster (org.apache.hadoop.hdfs.MiniDFSCluster)1 DelegationTokenIdentifier (org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier)1 Text (org.apache.hadoop.io.Text)1