Examples with TokenIdentifier org.apache.hadoop.security.token.TokenIdentifier used on opensource projects

Search in sources :

Example 11 with TokenIdentifier

use of org.apache.hadoop.security.token.TokenIdentifier in project hadoop by apache.

the class TestCredentials method testReadWriteStorage.

@SuppressWarnings("unchecked")
@Test
public <T extends TokenIdentifier> void testReadWriteStorage() throws IOException, NoSuchAlgorithmException {
    // create tokenStorage Object
    Credentials ts = new Credentials();
    Token<T> token1 = new Token();
    Token<T> token2 = new Token();
    Text service1 = new Text("service1");
    Text service2 = new Text("service2");
    Collection<Text> services = new ArrayList<Text>();
    services.add(service1);
    services.add(service2);
    token1.setService(service1);
    token2.setService(service2);
    ts.addToken(new Text("sometoken1"), token1);
    ts.addToken(new Text("sometoken2"), token2);
    // create keys and put it in
    final KeyGenerator kg = KeyGenerator.getInstance(DEFAULT_HMAC_ALGORITHM);
    String alias = "alias";
    Map<Text, byte[]> m = new HashMap<Text, byte[]>(10);
    for (int i = 0; i < 10; i++) {
        Key key = kg.generateKey();
        m.put(new Text(alias + i), key.getEncoded());
        ts.addSecretKey(new Text(alias + i), key.getEncoded());
    }
    // create file to store
    File tmpFileName = new File(tmpDir, "tokenStorageTest");
    DataOutputStream dos = new DataOutputStream(new FileOutputStream(tmpFileName));
    ts.write(dos);
    dos.close();
    // open and read it back
    DataInputStream dis = new DataInputStream(new FileInputStream(tmpFileName));
    ts = new Credentials();
    ts.readFields(dis);
    dis.close();
    // get the tokens and compare the services
    Collection<Token<? extends TokenIdentifier>> list = ts.getAllTokens();
    assertEquals("getAllTokens should return collection of size 2", list.size(), 2);
    boolean foundFirst = false;
    boolean foundSecond = false;
    for (Token<? extends TokenIdentifier> token : list) {
        if (token.getService().equals(service1)) {
            foundFirst = true;
        }
        if (token.getService().equals(service2)) {
            foundSecond = true;
        }
    }
    assertTrue("Tokens for services service1 and service2 must be present", foundFirst && foundSecond);
    // compare secret keys
    int mapLen = m.size();
    assertEquals("wrong number of keys in the Storage", mapLen, ts.numberOfSecretKeys());
    for (Text a : m.keySet()) {
        byte[] kTS = ts.getSecretKey(a);
        byte[] kLocal = m.get(a);
        assertTrue("keys don't match for " + a, WritableComparator.compareBytes(kTS, 0, kTS.length, kLocal, 0, kLocal.length) == 0);
    }
    tmpFileName.delete();
}
Also used : TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier) HashMap(java.util.HashMap) DataOutputStream(java.io.DataOutputStream) ArrayList(java.util.ArrayList) Token(org.apache.hadoop.security.token.Token) Text(org.apache.hadoop.io.Text) DataInputStream(java.io.DataInputStream) FileInputStream(java.io.FileInputStream) FileOutputStream(java.io.FileOutputStream) KeyGenerator(javax.crypto.KeyGenerator) File(java.io.File) Credentials(org.apache.hadoop.security.Credentials) Key(java.security.Key) Test(org.junit.Test)

Example 12 with TokenIdentifier

use of org.apache.hadoop.security.token.TokenIdentifier in project hadoop by apache.

the class TestTokenAspect method testGetRemoteToken.

@Test
public void testGetRemoteToken() throws IOException, URISyntaxException {
    Configuration conf = new Configuration();
    DummyFs fs = spy(new DummyFs());
    Token<TokenIdentifier> token = new Token<TokenIdentifier>(new byte[0], new byte[0], DummyFs.TOKEN_KIND, new Text("127.0.0.1:1234"));
    doReturn(token).when(fs).getDelegationToken(anyString());
    doReturn(token).when(fs).getRenewToken();
    fs.initialize(new URI("dummyfs://127.0.0.1:1234"), conf);
    fs.tokenAspect.ensureTokenInitialized();
    // Select a token, store and renew it
    verify(fs).setDelegationToken(token);
    assertNotNull(Whitebox.getInternalState(fs.tokenAspect, "dtRenewer"));
    assertNotNull(Whitebox.getInternalState(fs.tokenAspect, "action"));
}
Also used : TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier) Configuration(org.apache.hadoop.conf.Configuration) Token(org.apache.hadoop.security.token.Token) Text(org.apache.hadoop.io.Text) URI(java.net.URI) Test(org.junit.Test)

Example 13 with TokenIdentifier

use of org.apache.hadoop.security.token.TokenIdentifier in project hadoop by apache.

the class TestTokenAspect method testCachedInitialization.

@Test
public void testCachedInitialization() throws IOException, URISyntaxException {
    Configuration conf = new Configuration();
    DummyFs fs = spy(new DummyFs());
    Token<TokenIdentifier> token = new Token<TokenIdentifier>(new byte[0], new byte[0], DummyFs.TOKEN_KIND, new Text("127.0.0.1:1234"));
    doReturn(token).when(fs).getDelegationToken(anyString());
    doReturn(token).when(fs).getRenewToken();
    fs.emulateSecurityEnabled = true;
    fs.initialize(new URI("dummyfs://127.0.0.1:1234"), conf);
    fs.tokenAspect.ensureTokenInitialized();
    verify(fs, times(1)).getDelegationToken(null);
    verify(fs, times(1)).setDelegationToken(token);
    // For the second iteration, the token should be cached.
    fs.tokenAspect.ensureTokenInitialized();
    verify(fs, times(1)).getDelegationToken(null);
    verify(fs, times(1)).setDelegationToken(token);
}
Also used : TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier) Configuration(org.apache.hadoop.conf.Configuration) Token(org.apache.hadoop.security.token.Token) Text(org.apache.hadoop.io.Text) URI(java.net.URI) Test(org.junit.Test)

Example 14 with TokenIdentifier

use of org.apache.hadoop.security.token.TokenIdentifier in project hadoop by apache.

the class TestTokenAspect method testInitWithUGIToken.

@Test
public void testInitWithUGIToken() throws IOException, URISyntaxException {
    Configuration conf = new Configuration();
    DummyFs fs = spy(new DummyFs());
    doReturn(null).when(fs).getDelegationToken(anyString());
    Token<TokenIdentifier> token = new Token<TokenIdentifier>(new byte[0], new byte[0], DummyFs.TOKEN_KIND, new Text("127.0.0.1:1234"));
    fs.ugi.addToken(token);
    fs.ugi.addToken(new Token<TokenIdentifier>(new byte[0], new byte[0], new Text("Other token"), new Text("127.0.0.1:8021")));
    assertEquals("wrong tokens in user", 2, fs.ugi.getTokens().size());
    fs.emulateSecurityEnabled = true;
    fs.initialize(new URI("dummyfs://127.0.0.1:1234"), conf);
    fs.tokenAspect.ensureTokenInitialized();
    // Select a token from ugi (not from the remote host), store it but don't
    // renew it
    verify(fs).setDelegationToken(token);
    verify(fs, never()).getDelegationToken(anyString());
    assertNull(Whitebox.getInternalState(fs.tokenAspect, "dtRenewer"));
    assertNull(Whitebox.getInternalState(fs.tokenAspect, "action"));
}
Also used : TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier) Configuration(org.apache.hadoop.conf.Configuration) Token(org.apache.hadoop.security.token.Token) Text(org.apache.hadoop.io.Text) URI(java.net.URI) Test(org.junit.Test)

Example 15 with TokenIdentifier

use of org.apache.hadoop.security.token.TokenIdentifier in project hadoop by apache.

the class TestDtUtilShell method makeTokenFile.

public void makeTokenFile(Path tokenPath, boolean legacy, Text service) throws IOException {
    if (service == null) {
        service = SERVICE;
    }
    Credentials creds = new Credentials();
    Token<? extends TokenIdentifier> tok = (Token<? extends TokenIdentifier>) new Token(IDENTIFIER, PASSWORD, KIND, service);
    creds.addToken(tok.getService(), tok);
    if (legacy) {
        creds.writeLegacyTokenStorageLocalFile(new File(tokenPath.toString()));
    } else {
        creds.writeTokenStorageFile(tokenPath, defaultConf);
    }
}
Also used : TokenIdentifier(org.apache.hadoop.security.token.TokenIdentifier) Token(org.apache.hadoop.security.token.Token) File(java.io.File) Credentials(org.apache.hadoop.security.Credentials)

Aggregations

TokenIdentifier (org.apache.hadoop.security.token.TokenIdentifier)35 Token (org.apache.hadoop.security.token.Token)25 Text (org.apache.hadoop.io.Text)16 Credentials (org.apache.hadoop.security.Credentials)13 Test (org.junit.Test)12 IOException (java.io.IOException)11 Configuration (org.apache.hadoop.conf.Configuration)7 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)6 URI (java.net.URI)5 ByteBuffer (java.nio.ByteBuffer)5 DataOutputBuffer (org.apache.hadoop.io.DataOutputBuffer)5 HashMap (java.util.HashMap)4 AMRMTokenIdentifier (org.apache.hadoop.yarn.security.AMRMTokenIdentifier)4 InetSocketAddress (java.net.InetSocketAddress)3 AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)3 TestTokenIdentifier (org.apache.hadoop.ipc.TestRpcBase.TestTokenIdentifier)3 IAutoCredentials (org.apache.storm.security.auth.IAutoCredentials)3 File (java.io.File)2 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial