Search in sources :

Example 6 with DelegationTokenIdentifier

use of org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier in project hadoop by apache.

the class TestProtocolRecords method testNodeHeartBeatResponse.

@Test
public void testNodeHeartBeatResponse() throws IOException {
    NodeHeartbeatResponse record = Records.newRecord(NodeHeartbeatResponse.class);
    Map<ApplicationId, ByteBuffer> appCredentials = new HashMap<ApplicationId, ByteBuffer>();
    Credentials app1Cred = new Credentials();
    Token<DelegationTokenIdentifier> token1 = new Token<DelegationTokenIdentifier>();
    token1.setKind(new Text("kind1"));
    app1Cred.addToken(new Text("token1"), token1);
    Token<DelegationTokenIdentifier> token2 = new Token<DelegationTokenIdentifier>();
    token2.setKind(new Text("kind2"));
    app1Cred.addToken(new Text("token2"), token2);
    DataOutputBuffer dob = new DataOutputBuffer();
    app1Cred.writeTokenStorageToStream(dob);
    ByteBuffer byteBuffer1 = ByteBuffer.wrap(dob.getData(), 0, dob.getLength());
    appCredentials.put(ApplicationId.newInstance(1234, 1), byteBuffer1);
    record.setSystemCredentialsForApps(appCredentials);
    NodeHeartbeatResponse proto = new NodeHeartbeatResponsePBImpl(((NodeHeartbeatResponsePBImpl) record).getProto());
    Assert.assertEquals(appCredentials, proto.getSystemCredentialsForApps());
}
Also used : HashMap(java.util.HashMap) DelegationTokenIdentifier(org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier) DataOutputBuffer(org.apache.hadoop.io.DataOutputBuffer) NodeHeartbeatResponsePBImpl(org.apache.hadoop.yarn.server.api.protocolrecords.impl.pb.NodeHeartbeatResponsePBImpl) Token(org.apache.hadoop.security.token.Token) Text(org.apache.hadoop.io.Text) ApplicationId(org.apache.hadoop.yarn.api.records.ApplicationId) ByteBuffer(java.nio.ByteBuffer) Credentials(org.apache.hadoop.security.Credentials) Test(org.junit.Test)

Example 7 with DelegationTokenIdentifier

use of org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier in project hadoop by apache.

the class TestZKDelegationTokenSecretManager method testNodeUpAferAWhile.

@SuppressWarnings("unchecked")
@Test
public void testNodeUpAferAWhile() throws Exception {
    for (int i = 0; i < TEST_RETRIES; i++) {
        String connectString = zkServer.getConnectString();
        Configuration conf = getSecretConf(connectString);
        DelegationTokenManager tm1 = new DelegationTokenManager(conf, new Text("bla"));
        tm1.init();
        Token<DelegationTokenIdentifier> token1 = (Token<DelegationTokenIdentifier>) tm1.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(token1);
        Token<DelegationTokenIdentifier> token2 = (Token<DelegationTokenIdentifier>) tm1.createToken(UserGroupInformation.getCurrentUser(), "bar");
        Assert.assertNotNull(token2);
        Token<DelegationTokenIdentifier> token3 = (Token<DelegationTokenIdentifier>) tm1.createToken(UserGroupInformation.getCurrentUser(), "boo");
        Assert.assertNotNull(token3);
        tm1.verifyToken(token1);
        tm1.verifyToken(token2);
        tm1.verifyToken(token3);
        // Cancel one token
        tm1.cancelToken(token1, "foo");
        // Start second node after some time..
        Thread.sleep(1000);
        DelegationTokenManager tm2 = new DelegationTokenManager(conf, new Text("bla"));
        tm2.init();
        tm2.verifyToken(token2);
        tm2.verifyToken(token3);
        try {
            verifyTokenFail(tm2, token1);
            fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken it) {
        // Ignore
        }
        // Create a new token thru the new ZKDTSM
        Token<DelegationTokenIdentifier> token4 = (Token<DelegationTokenIdentifier>) tm2.createToken(UserGroupInformation.getCurrentUser(), "xyz");
        Assert.assertNotNull(token4);
        tm2.verifyToken(token4);
        tm1.verifyToken(token4);
        // Bring down tm2
        verifyDestroy(tm2, conf);
        // Start third node after some time..
        Thread.sleep(1000);
        DelegationTokenManager tm3 = new DelegationTokenManager(conf, new Text("bla"));
        tm3.init();
        tm3.verifyToken(token2);
        tm3.verifyToken(token3);
        tm3.verifyToken(token4);
        try {
            verifyTokenFail(tm3, token1);
            fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken it) {
        // Ignore
        }
        verifyDestroy(tm3, conf);
        verifyDestroy(tm1, conf);
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DelegationTokenIdentifier(org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier) Text(org.apache.hadoop.io.Text) Token(org.apache.hadoop.security.token.Token) SecretManager(org.apache.hadoop.security.token.SecretManager) DelegationTokenManager(org.apache.hadoop.security.token.delegation.web.DelegationTokenManager) Test(org.junit.Test)

Example 8 with DelegationTokenIdentifier

use of org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier in project hadoop by apache.

the class TestZKDelegationTokenSecretManager method testCancelTokenSingleManager.

@SuppressWarnings("unchecked")
@Test
public void testCancelTokenSingleManager() throws Exception {
    for (int i = 0; i < TEST_RETRIES; i++) {
        DelegationTokenManager tm1 = null;
        String connectString = zkServer.getConnectString();
        Configuration conf = getSecretConf(connectString);
        tm1 = new DelegationTokenManager(conf, new Text("foo"));
        tm1.init();
        Token<DelegationTokenIdentifier> token = (Token<DelegationTokenIdentifier>) tm1.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(token);
        tm1.cancelToken(token, "foo");
        try {
            verifyTokenFail(tm1, token);
            fail("Expected InvalidToken");
        } catch (SecretManager.InvalidToken it) {
            it.printStackTrace();
        }
        verifyDestroy(tm1, conf);
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DelegationTokenIdentifier(org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier) Text(org.apache.hadoop.io.Text) Token(org.apache.hadoop.security.token.Token) SecretManager(org.apache.hadoop.security.token.SecretManager) DelegationTokenManager(org.apache.hadoop.security.token.delegation.web.DelegationTokenManager) Test(org.junit.Test)

Example 9 with DelegationTokenIdentifier

use of org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier in project hadoop by apache.

the class TestZKDelegationTokenSecretManager method testRenewTokenSingleManager.

@SuppressWarnings("unchecked")
@Test
public void testRenewTokenSingleManager() throws Exception {
    for (int i = 0; i < TEST_RETRIES; i++) {
        DelegationTokenManager tm1 = null;
        String connectString = zkServer.getConnectString();
        Configuration conf = getSecretConf(connectString);
        tm1 = new DelegationTokenManager(conf, new Text("foo"));
        tm1.init();
        Token<DelegationTokenIdentifier> token = (Token<DelegationTokenIdentifier>) tm1.createToken(UserGroupInformation.getCurrentUser(), "foo");
        Assert.assertNotNull(token);
        tm1.renewToken(token, "foo");
        tm1.verifyToken(token);
        verifyDestroy(tm1, conf);
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) DelegationTokenIdentifier(org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier) Text(org.apache.hadoop.io.Text) Token(org.apache.hadoop.security.token.Token) DelegationTokenManager(org.apache.hadoop.security.token.delegation.web.DelegationTokenManager) Test(org.junit.Test)

Aggregations

DelegationTokenIdentifier (org.apache.hadoop.security.token.delegation.web.DelegationTokenIdentifier)9 Configuration (org.apache.hadoop.conf.Configuration)8 Token (org.apache.hadoop.security.token.Token)8 Test (org.junit.Test)8 Text (org.apache.hadoop.io.Text)7 DelegationTokenManager (org.apache.hadoop.security.token.delegation.web.DelegationTokenManager)6 IOException (java.io.IOException)3 Credentials (org.apache.hadoop.security.Credentials)3 SecretManager (org.apache.hadoop.security.token.SecretManager)3 File (java.io.File)2 InetSocketAddress (java.net.InetSocketAddress)2 SocketTimeoutException (java.net.SocketTimeoutException)2 URI (java.net.URI)2 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)2 KeyProvider (org.apache.hadoop.crypto.key.KeyProvider)2 KeyProviderDelegationTokenExtension (org.apache.hadoop.crypto.key.KeyProviderDelegationTokenExtension)2 AuthorizationException (org.apache.hadoop.security.authorize.AuthorizationException)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 DataInputStream (java.io.DataInputStream)1 ByteBuffer (java.nio.ByteBuffer)1