Example 1 with KerberosDelegationTokenAuthenticationHandler
use of org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticationHandler in project hadoop by apache.
the class TestHttpFSServer method testDelegationTokenOperations.
@Test
@TestDir
@TestJetty
@TestHdfs
public void testDelegationTokenOperations() throws Exception {
createHttpFSServer(true);
URL url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETHOMEDIRECTORY");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
AuthenticationToken token = new AuthenticationToken("u", "p", new KerberosDelegationTokenAuthenticationHandler().getType());
token.setExpires(System.currentTimeMillis() + 100000000);
SignerSecretProvider secretProvider = StringSignerSecretProviderCreator.newStringSignerSecretProvider();
Properties secretProviderProps = new Properties();
secretProviderProps.setProperty(AuthenticationFilter.SIGNATURE_SECRET, "secret");
secretProvider.init(secretProviderProps, null, -1);
Signer signer = new Signer(secretProvider);
String tokenSigned = signer.sign(token.toString());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETHOMEDIRECTORY");
conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Cookie", AuthenticatedURL.AUTH_COOKIE + "=" + tokenSigned);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETDELEGATIONTOKEN");
conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Cookie", AuthenticatedURL.AUTH_COOKIE + "=" + tokenSigned);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
JSONObject json = (JSONObject) new JSONParser().parse(new InputStreamReader(conn.getInputStream()));
json = (JSONObject) json.get(DelegationTokenAuthenticator.DELEGATION_TOKEN_JSON);
String tokenStr = (String) json.get(DelegationTokenAuthenticator.DELEGATION_TOKEN_URL_STRING_JSON);
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETHOMEDIRECTORY&delegation=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=RENEWDELEGATIONTOKEN&token=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("PUT");
Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=RENEWDELEGATIONTOKEN&token=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("PUT");
conn.setRequestProperty("Cookie", AuthenticatedURL.AUTH_COOKIE + "=" + tokenSigned);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=CANCELDELEGATIONTOKEN&token=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("PUT");
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETHOMEDIRECTORY&delegation=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
Assert.assertEquals(HttpURLConnection.HTTP_FORBIDDEN, conn.getResponseCode());
// getTrash test with delegation
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETTRASHROOT&delegation=" + tokenStr);
conn = (HttpURLConnection) url.openConnection();
Assert.assertEquals(HttpURLConnection.HTTP_FORBIDDEN, conn.getResponseCode());
url = new URL(TestJettyHelper.getJettyURL(), "/webhdfs/v1/?op=GETTRASHROOT");
conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Cookie", AuthenticatedURL.AUTH_COOKIE + "=" + tokenSigned);
Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
}
Also used :
Signer(org.apache.hadoop.security.authentication.util.Signer)
SignerSecretProvider(org.apache.hadoop.security.authentication.util.SignerSecretProvider)
HttpURLConnection(java.net.HttpURLConnection)
AuthenticationToken(org.apache.hadoop.security.authentication.server.AuthenticationToken)
JSONObject(org.json.simple.JSONObject)
InputStreamReader(java.io.InputStreamReader)
KerberosDelegationTokenAuthenticationHandler(org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticationHandler)
JSONParser(org.json.simple.parser.JSONParser)
Properties(java.util.Properties)
URL(java.net.URL)
AuthenticatedURL(org.apache.hadoop.security.authentication.client.AuthenticatedURL)
TestJetty(org.apache.hadoop.test.TestJetty)
TestHdfs(org.apache.hadoop.test.TestHdfs)
TestDir(org.apache.hadoop.test.TestDir)
Test(org.junit.Test)
Aggregations
InputStreamReader (java.io.InputStreamReader)1
HttpURLConnection (java.net.HttpURLConnection)1
URL (java.net.URL)1
Properties (java.util.Properties)1
AuthenticatedURL (org.apache.hadoop.security.authentication.client.AuthenticatedURL)1
AuthenticationToken (org.apache.hadoop.security.authentication.server.AuthenticationToken)1
Signer (org.apache.hadoop.security.authentication.util.Signer)1
SignerSecretProvider (org.apache.hadoop.security.authentication.util.SignerSecretProvider)1
KerberosDelegationTokenAuthenticationHandler (org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticationHandler)1
TestDir (org.apache.hadoop.test.TestDir)1
TestHdfs (org.apache.hadoop.test.TestHdfs)1
TestJetty (org.apache.hadoop.test.TestJetty)1
JSONObject (org.json.simple.JSONObject)1
JSONParser (org.json.simple.parser.JSONParser)1
Test (org.junit.Test)1
