use of org.apache.twill.filesystem.Location in project cdap by caskdata.
the class AuthorizerInstantiatorTest method createInvalidExternalAuthJar.
private Location createInvalidExternalAuthJar(@Nullable Manifest manifest) throws IOException {
String jarName = "external-authorizer";
Location externalAuthJar = locationFactory.create(jarName).getTempFile(".jar");
try (OutputStream out = externalAuthJar.getOutputStream();
JarOutputStream jarOutput = manifest == null ? new JarOutputStream(out) : new JarOutputStream(out, manifest)) {
JarEntry entry = new JarEntry("dummy.class");
jarOutput.putNextEntry(entry);
jarOutput.closeEntry();
}
return externalAuthJar;
}
use of org.apache.twill.filesystem.Location in project cdap by caskdata.
the class AuthorizerInstantiatorTest method testDoesNotImplementAuthorizer.
@Test(expected = InvalidAuthorizerException.class)
public void testDoesNotImplementAuthorizer() throws Throwable {
Manifest manifest = new Manifest();
Attributes mainAttributes = manifest.getMainAttributes();
mainAttributes.put(Attributes.Name.MAIN_CLASS, DoesNotImplementAuthorizer.class.getName());
Location externalAuthJar = AppJarHelper.createDeploymentJar(locationFactory, DoesNotImplementAuthorizer.class, manifest);
CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, externalAuthJar.toString());
try (AuthorizerInstantiator instantiator = new AuthorizerInstantiator(CCONF, AUTH_CONTEXT_FACTORY)) {
instantiator.get();
Assert.fail("Instantiation of Authorizer should have failed because the Authorizer class defined in the" + " extension jar's manifest does not implement " + Authorizer.class.getName());
} catch (Throwable e) {
throw Throwables.getRootCause(e);
}
}
use of org.apache.twill.filesystem.Location in project cdap by caskdata.
the class AuthorizerInstantiatorTest method testMissingManifest.
@Test(expected = InvalidAuthorizerException.class)
public void testMissingManifest() throws Throwable {
Location externalAuthJar = createInvalidExternalAuthJar(null);
CCONF.set(Constants.Security.Authorization.EXTENSION_JAR_PATH, externalAuthJar.toString());
try (AuthorizerInstantiator instantiator = new AuthorizerInstantiator(CCONF, AUTH_CONTEXT_FACTORY)) {
instantiator.get();
Assert.fail("Instantiation of Authorizer should have failed because extension jar does not have a manifest");
} catch (Throwable e) {
throw Throwables.getRootCause(e);
}
}
use of org.apache.twill.filesystem.Location in project cdap by caskdata.
the class UGIProviderTest method copyFileToHDFS.
private Location copyFileToHDFS(Location hdfsKeytabDir, File localFile) throws IOException {
Location remoteFile = hdfsKeytabDir.append(localFile.getName());
Assert.assertTrue(remoteFile.createNew());
Files.copy(localFile, Locations.newOutputSupplier(remoteFile));
return remoteFile;
}
use of org.apache.twill.filesystem.Location in project cdap by caskdata.
the class UGIProviderTest method testDefaultUGIProviderWithHDFSFiles.
@Test
public void testDefaultUGIProviderWithHDFSFiles() throws Exception {
// create a location on hdfs for keytabs
Location hdfsKeytabDir = locationFactory.create("keytabs");
// set in the cConf so that later it can be used to fetch the keytabs for the given principal
setKeytabDir(hdfsKeytabDir.toURI().toString());
Location aliceRemoteKeytabFile = copyFileToHDFS(hdfsKeytabDir, aliceKeytabFile);
Location bobRemoteKeytabFile = copyFileToHDFS(hdfsKeytabDir, bobKeytabFile);
OwnerAdmin ownerAdmin = getOwnerAdmin();
DefaultUGIProvider provider = new DefaultUGIProvider(cConf, locationFactory, ownerAdmin, namespaceClient);
// add some entity owners
ownerAdmin.add(aliceEntity, aliceKerberosPrincipalId);
ownerAdmin.add(bobEntity, bobKerberosPrincipalId);
// Try with keytab file on hdfs
ImpersonationRequest aliceImpRequest = new ImpersonationRequest(aliceEntity, ImpersonatedOpType.OTHER);
ImpersonationRequest bobImpRequest = new ImpersonationRequest(bobEntity, ImpersonatedOpType.OTHER);
UGIWithPrincipal aliceUGIWithPrincipal = verifyAndGetUGI(provider, aliceKerberosPrincipalId, aliceImpRequest);
UGIWithPrincipal bobUGIWithPrincipal = verifyAndGetUGI(provider, bobKerberosPrincipalId, bobImpRequest);
// delete bob's keytab file on hdfs
Assert.assertTrue(bobRemoteKeytabFile.delete());
// verify caching by ensuring that we are able to fetch bob's ugi even after delete but not after invalidating the
// cache
verifyCaching(provider, aliceImpRequest, bobImpRequest, aliceUGIWithPrincipal, bobUGIWithPrincipal);
// cleanup
ownerAdmin.delete(aliceEntity);
ownerAdmin.delete(bobEntity);
}
Aggregations