Java Code Examples for org.apache.hadoop.security.token.TokenIdentifier

The following are top voted examples for showing how to use org.apache.hadoop.security.token.TokenIdentifier. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: hadoop   File: TestFileSystemTokens.java   Source Code and License 6 votes vote down vote up
public static MockFileSystem createFileSystemForServiceName(
    final Text service, final FileSystem... children) throws IOException {
  final MockFileSystem fs = new MockFileSystem();
  final MockFileSystem mockFs = fs.getRawFileSystem();
  if (service != null) {
    when(mockFs.getCanonicalServiceName()).thenReturn(service.toString());
    when(mockFs.getDelegationToken(any(String.class))).thenAnswer(
      new Answer<Token<?>>() {
        @Override
        public Token<?> answer(InvocationOnMock invocation) throws Throwable {
          Token<?> token = new Token<TokenIdentifier>();
          token.setService(service);
          return token;
        }
      });
  }
  when(mockFs.getChildFileSystems()).thenReturn(children);
  return fs;
}
 
Example 2
Project: hadoop   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked") // from Mockito mocks
@Test (timeout = 30000)
public <T extends TokenIdentifier> void testAddCreds() throws Exception {
  UserGroupInformation ugi = 
      UserGroupInformation.createRemoteUser("someone"); 
  
  Text service = new Text("service");
  Token<T> t1 = mock(Token.class);
  when(t1.getService()).thenReturn(service);
  Token<T> t2 = mock(Token.class);
  when(t2.getService()).thenReturn(new Text("service2"));
  byte[] secret = new byte[]{};
  Text secretKey = new Text("sshhh");

  // fill credentials
  Credentials creds = new Credentials();
  creds.addToken(t1.getService(), t1);
  creds.addToken(t2.getService(), t2);
  creds.addSecretKey(secretKey, secret);
  
  // add creds to ugi, and check ugi
  ugi.addCredentials(creds);
  checkTokens(ugi, t1, t2);
  assertSame(secret, ugi.getCredentials().getSecretKey(secretKey));
}
 
Example 3
Project: hadoop   File: TestTokenAspect.java   Source Code and License 6 votes vote down vote up
@Test
public void testGetRemoteToken() throws IOException, URISyntaxException {
  Configuration conf = new Configuration();
  DummyFs fs = spy(new DummyFs());
  Token<TokenIdentifier> token = new Token<TokenIdentifier>(new byte[0],
      new byte[0], DummyFs.TOKEN_KIND, new Text("127.0.0.1:1234"));

  doReturn(token).when(fs).getDelegationToken(anyString());
  doReturn(token).when(fs).getRenewToken();

  fs.initialize(new URI("dummyfs://127.0.0.1:1234"), conf);

  fs.tokenAspect.ensureTokenInitialized();

  // Select a token, store and renew it
  verify(fs).setDelegationToken(token);
  assertNotNull(Whitebox.getInternalState(fs.tokenAspect, "dtRenewer"));
  assertNotNull(Whitebox.getInternalState(fs.tokenAspect, "action"));
}
 
Example 4
Project: hadoop   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked") // from Mockito mocks
@Test (timeout = 30000)
public <T extends TokenIdentifier> void testGetCreds() throws Exception {
  UserGroupInformation ugi = 
      UserGroupInformation.createRemoteUser("someone"); 
  
  Text service = new Text("service");
  Token<T> t1 = mock(Token.class);
  when(t1.getService()).thenReturn(service);
  Token<T> t2 = mock(Token.class);
  when(t2.getService()).thenReturn(new Text("service2"));
  Token<T> t3 = mock(Token.class);
  when(t3.getService()).thenReturn(service);
  
  // add token to ugi
  ugi.addToken(t1);
  ugi.addToken(t2);
  checkTokens(ugi, t1, t2);

  Credentials creds = ugi.getCredentials();
  creds.addToken(t3.getService(), t3);
  assertSame(t3, creds.getToken(service));
  // check that ugi wasn't modified
  checkTokens(ugi, t1, t2);
}
 
Example 5
Project: hadoop-oss   File: TestSecurityUtil.java   Source Code and License 6 votes vote down vote up
private void
verifyTokenService(InetSocketAddress addr, String host, String ip, int port, boolean useIp) {
  //LOG.info("address:"+addr+" host:"+host+" ip:"+ip+" port:"+port);

  SecurityUtil.setTokenServiceUseIp(useIp);
  String serviceHost = useIp ? ip : StringUtils.toLowerCase(host);
  
  Token<?> token = new Token<TokenIdentifier>();
  Text service = new Text(serviceHost+":"+port);
  
  assertEquals(service, SecurityUtil.buildTokenService(addr));
  SecurityUtil.setTokenService(token, addr);
  assertEquals(service, token.getService());
  
  InetSocketAddress serviceAddr = SecurityUtil.getTokenServiceAddr(token);
  assertNotNull(serviceAddr);
  verifyValues(serviceAddr, serviceHost, ip, port);
}
 
Example 6
Project: hadoop-oss   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked") // from Mockito mocks
@Test (timeout = 30000)
public <T extends TokenIdentifier> void testGetCreds() throws Exception {
  UserGroupInformation ugi = 
      UserGroupInformation.createRemoteUser("someone"); 
  
  Text service = new Text("service");
  Token<T> t1 = mock(Token.class);
  when(t1.getService()).thenReturn(service);
  Token<T> t2 = mock(Token.class);
  when(t2.getService()).thenReturn(new Text("service2"));
  Token<T> t3 = mock(Token.class);
  when(t3.getService()).thenReturn(service);
  
  // add token to ugi
  ugi.addToken(t1);
  ugi.addToken(t2);
  checkTokens(ugi, t1, t2);

  Credentials creds = ugi.getCredentials();
  creds.addToken(t3.getService(), t3);
  assertSame(t3, creds.getToken(service));
  // check that ugi wasn't modified
  checkTokens(ugi, t1, t2);
}
 
Example 7
Project: hadoop-oss   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked") // from Mockito mocks
@Test (timeout = 30000)
public <T extends TokenIdentifier> void testAddCreds() throws Exception {
  UserGroupInformation ugi = 
      UserGroupInformation.createRemoteUser("someone"); 
  
  Text service = new Text("service");
  Token<T> t1 = mock(Token.class);
  when(t1.getService()).thenReturn(service);
  Token<T> t2 = mock(Token.class);
  when(t2.getService()).thenReturn(new Text("service2"));
  byte[] secret = new byte[]{};
  Text secretKey = new Text("sshhh");

  // fill credentials
  Credentials creds = new Credentials();
  creds.addToken(t1.getService(), t1);
  creds.addToken(t2.getService(), t2);
  creds.addSecretKey(secretKey, secret);
  
  // add creds to ugi, and check ugi
  ugi.addCredentials(creds);
  checkTokens(ugi, t1, t2);
  assertSame(secret, ugi.getCredentials().getSecretKey(secretKey));
}
 
Example 8
Project: hadoop-oss   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked") // from Mockito mocks
@Test (timeout = 30000)
public <T extends TokenIdentifier> void testAddNamedToken() throws Exception {
  UserGroupInformation ugi = 
      UserGroupInformation.createRemoteUser("someone"); 
  
  Token<T> t1 = mock(Token.class);
  Text service1 = new Text("t1");
  Text service2 = new Text("t2");
  when(t1.getService()).thenReturn(service1);
  
  // add token
  ugi.addToken(service1, t1);
  assertSame(t1, ugi.getCredentials().getToken(service1));

  // add token with another name
  ugi.addToken(service2, t1);
  assertSame(t1, ugi.getCredentials().getToken(service1));
  assertSame(t1, ugi.getCredentials().getToken(service2));
}
 
Example 9
Project: ditb   File: AuthenticationTokenSelector.java   Source Code and License 6 votes vote down vote up
@Override
public Token<AuthenticationTokenIdentifier> selectToken(Text serviceName,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (serviceName != null) {
    for (Token ident : tokens) {
      if (serviceName.equals(ident.getService()) &&
          AuthenticationTokenIdentifier.AUTH_TOKEN_TYPE.equals(ident.getKind())) {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Returning token "+ident);
        }
        return (Token<AuthenticationTokenIdentifier>)ident;
      }
    }
  }
  LOG.debug("No matching token found");
  return null;
}
 
Example 10
Project: hadoop   File: TestUserGroupInformation.java   Source Code and License 6 votes vote down vote up
/**
 * In some scenario, such as HA, delegation tokens are associated with a
 * logical name. The tokens are cloned and are associated with the
 * physical address of the server where the service is provided.
 * This test ensures cloned delegated tokens are locally used
 * and are not returned in {@link UserGroupInformation#getCredentials()}
 */
@Test
public void testPrivateTokenExclusion() throws Exception  {
  UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
  TestTokenIdentifier tokenId = new TestTokenIdentifier();
  Token<TestTokenIdentifier> token = new Token<TestTokenIdentifier>(
          tokenId.getBytes(), "password".getBytes(),
          tokenId.getKind(), null);
  ugi.addToken(new Text("regular-token"), token);

  // Now add cloned private token
  ugi.addToken(new Text("private-token"), new Token.PrivateToken<TestTokenIdentifier>(token));
  ugi.addToken(new Text("private-token1"), new Token.PrivateToken<TestTokenIdentifier>(token));

  // Ensure only non-private tokens are returned
  Collection<Token<? extends TokenIdentifier>> tokens = ugi.getCredentials().getAllTokens();
  assertEquals(1, tokens.size());
}
 
Example 11
Project: hadoop-oss   File: TestFileSystemTokens.java   Source Code and License 6 votes vote down vote up
public static MockFileSystem createFileSystemForServiceName(
    final Text service, final FileSystem... children) throws IOException {
  final MockFileSystem fs = new MockFileSystem();
  final MockFileSystem mockFs = fs.getRawFileSystem();
  if (service != null) {
    when(mockFs.getCanonicalServiceName()).thenReturn(service.toString());
    when(mockFs.getDelegationToken(any(String.class))).thenAnswer(
      new Answer<Token<?>>() {
        @Override
        public Token<?> answer(InvocationOnMock invocation) throws Throwable {
          Token<?> token = new Token<TokenIdentifier>();
          token.setService(service);
          return token;
        }
      });
  }
  when(mockFs.getChildFileSystems()).thenReturn(children);
  return fs;
}
 
Example 12
Project: hadoop   File: AMRMTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<AMRMTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  LOG.debug("Looking for a token with service " + service.toString());
  for (Token<? extends TokenIdentifier> token : tokens) {
    LOG.debug("Token kind is " + token.getKind().toString()
        + " and the token's service name is " + token.getService());
    if (AMRMTokenIdentifier.KIND_NAME.equals(token.getKind())
        && checkService(service, token)) {
      return (Token<AMRMTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example 13
Project: hadoop   File: ContainerManagerSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol
      .equals(ContainerManagementProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      return NMTokenSelector.class;
    }
  };

}
 
Example 14
Project: hadoop   File: SchedulerSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol.equals(ApplicationMasterProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      return AMRMTokenSelector.class;
    }
  };
}
 
Example 15
Project: hadoop   File: TimelineDelegationTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<TimelineDelegationTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  if (LOG.isDebugEnabled()) {
    LOG.debug("Looking for a token with service " + service.toString());
  }
  for (Token<? extends TokenIdentifier> token : tokens) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Token kind is " + token.getKind().toString()
          + " and the token's service name is " + token.getService());
    }
    if (TimelineDelegationTokenIdentifier.KIND_NAME.equals(token.getKind())
        && service.equals(token.getService())) {
      return (Token<TimelineDelegationTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example 16
Project: hadoop   File: RMDelegationTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<RMDelegationTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  LOG.debug("Looking for a token with service " + service.toString());
  for (Token<? extends TokenIdentifier> token : tokens) {
    LOG.debug("Token kind is " + token.getKind().toString()
        + " and the token's service name is " + token.getService());
    if (RMDelegationTokenIdentifier.KIND_NAME.equals(token.getKind())
        && checkService(service, token)) {
      return (Token<RMDelegationTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example 17
Project: hadoop   File: ClientRMSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol
      .equals(ApplicationClientProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      return RMDelegationTokenSelector.class;
    }
  };
}
 
Example 18
Project: hadoop   File: ClientToAMTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<ClientToAMTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  LOG.debug("Looking for a token with service " + service.toString());
  for (Token<? extends TokenIdentifier> token : tokens) {
    LOG.debug("Token kind is " + token.getKind().toString()
        + " and the token's service name is " + token.getService());
    if (ClientToAMTokenIdentifier.KIND_NAME.equals(token.getKind())
        && service.equals(token.getService())) {
      return (Token<ClientToAMTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example 19
Project: hadoop   File: ClientTimelineSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol
      .equals(ApplicationHistoryProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      return TimelineDelegationTokenSelector.class;
    }
  };
}
 
Example 20
Project: hadoop   File: NMTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
public Token<NMTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  for (Token<? extends TokenIdentifier> token : tokens) {
    if (LOG.isDebugEnabled()) {
      LOG.info("Looking for service: " + service + ". Current token is "
          + token);
    }
    if (NMTokenIdentifier.KIND.equals(token.getKind()) && 
        service.equals(token.getService())) {
      return (Token<NMTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example 21
Project: hadoop   File: ConverterUtils.java   Source Code and License 6 votes vote down vote up
/**
 * Convert a protobuf token into a rpc token and set its service. Supposed
 * to be used for tokens other than RMDelegationToken. For
 * RMDelegationToken, use
 * {@link #convertFromYarn(org.apache.hadoop.yarn.api.records.Token,
 * org.apache.hadoop.io.Text)} instead.
 *
 * @param protoToken the yarn token
 * @param serviceAddr the connect address for the service
 * @return rpc token
 */
public static <T extends TokenIdentifier> Token<T> convertFromYarn(
    org.apache.hadoop.yarn.api.records.Token protoToken,
    InetSocketAddress serviceAddr) {
  Token<T> token = new Token<T>(protoToken.getIdentifier().array(),
                                protoToken.getPassword().array(),
                                new Text(protoToken.getKind()),
                                new Text(protoToken.getService()));
  if (serviceAddr != null) {
    SecurityUtil.setTokenService(token, serviceAddr);
  }
  return token;
}
 
Example 22
Project: hadoop   File: LocalizerSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol
      .equals(LocalizationProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      LOG.debug("Using localizerTokenSecurityInfo");
      return LocalizerTokenSelector.class;
    }
  };
}
 
Example 23
Project: hadoop   File: LocalizerTokenSelector.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
public Token<LocalizerTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {

  LOG.debug("Using localizerTokenSelector.");

  for (Token<? extends TokenIdentifier> token : tokens) {
    LOG.debug("Token of kind " + token.getKind() + " is found");
    if (LocalizerTokenIdentifier.KIND.equals(token.getKind())) {
      return (Token<LocalizerTokenIdentifier>) token;
    }
  }
  LOG.debug("Returning null.");
  return null;
}
 
Example 24
Project: ditb   File: RpcServer.java   Source Code and License 6 votes vote down vote up
private UserGroupInformation getAuthorizedUgi(String authorizedId)
    throws IOException {
  UserGroupInformation authorizedUgi;
  if (authMethod == AuthMethod.DIGEST) {
    TokenIdentifier tokenId = HBaseSaslRpcServer.getIdentifier(authorizedId,
        secretManager);
    authorizedUgi = tokenId.getUser();
    if (authorizedUgi == null) {
      throw new AccessDeniedException(
          "Can't retrieve username from tokenIdentifier.");
    }
    authorizedUgi.addTokenIdentifier(tokenId);
  } else {
    authorizedUgi = UserGroupInformation.createRemoteUser(authorizedId);
  }
  authorizedUgi.setAuthenticationMethod(authMethod.authenticationMethod.getAuthMethod());
  return authorizedUgi;
}
 
Example 25
Project: ditb   File: TestHBaseSaslRpcClient.java   Source Code and License 6 votes vote down vote up
@Test
public void testSaslClientCallbackHandler() throws UnsupportedCallbackException {
  final Token<? extends TokenIdentifier> token = createTokenMock();
  when(token.getIdentifier()).thenReturn(DEFAULT_USER_NAME.getBytes());
  when(token.getPassword()).thenReturn(DEFAULT_USER_PASSWORD.getBytes());

  final NameCallback nameCallback = mock(NameCallback.class);
  final PasswordCallback passwordCallback = mock(PasswordCallback.class);
  final RealmCallback realmCallback = mock(RealmCallback.class);
  final RealmChoiceCallback realmChoiceCallback = mock(RealmChoiceCallback.class);

  Callback[] callbackArray = {nameCallback, passwordCallback,
      realmCallback, realmChoiceCallback};
  final SaslClientCallbackHandler saslClCallbackHandler = new SaslClientCallbackHandler(token);
  saslClCallbackHandler.handle(callbackArray);
  verify(nameCallback).setName(anyString());
  verify(realmCallback).setText(anyString());
  verify(passwordCallback).setPassword(any(char[].class));
}
 
Example 26
Project: hadoop   File: TestBinaryTokenFile.java   Source Code and License 6 votes vote down vote up
private static void createBinaryTokenFile(Configuration conf) {
  // Fetch delegation tokens and store in binary token file.
  try {
    Credentials cred1 = new Credentials();
    Credentials cred2 = new Credentials();
    TokenCache.obtainTokensForNamenodesInternal(cred1, new Path[] { p1 },
        conf);
    for (Token<? extends TokenIdentifier> t : cred1.getAllTokens()) {
      cred2.addToken(new Text(DELEGATION_TOKEN_KEY), t);
    }
    DataOutputStream os = new DataOutputStream(new FileOutputStream(
        binaryTokenFileName.toString()));
    try {
      cred2.writeTokenStorageToStream(os);
    } finally {
      os.close();
    }
  } catch (IOException e) {
    Assert.fail("Exception " + e);
  }
}
 
Example 27
Project: hadoop   File: ClientHSSecurityInfo.java   Source Code and License 6 votes vote down vote up
@Override
public TokenInfo getTokenInfo(Class<?> protocol, Configuration conf) {
  if (!protocol
      .equals(HSClientProtocolPB.class)) {
    return null;
  }
  return new TokenInfo() {

    @Override
    public Class<? extends Annotation> annotationType() {
      return null;
    }

    @Override
    public Class<? extends TokenSelector<? extends TokenIdentifier>>
        value() {
      return ClientHSTokenSelector.class;
    }
  };  }
 
Example 28
Project: hadoop   File: TestTokenCache.java   Source Code and License 6 votes vote down vote up
private MockFileSystem createFileSystemForServiceName(final String service)
    throws IOException {
  MockFileSystem mockFs = new MockFileSystem();
  when(mockFs.getCanonicalServiceName()).thenReturn(service);
  when(mockFs.getDelegationToken(any(String.class))).thenAnswer(
      new Answer<Token<?>>() {
        int unique = 0;
        @Override
        public Token<?> answer(InvocationOnMock invocation) throws Throwable {
          Token<?> token = new Token<TokenIdentifier>();
          token.setService(new Text(service));
          // use unique value so when we restore from token storage, we can
          // tell if it's really the same token
          token.setKind(new Text("token" + unique++));
          return token;
        }
      });
  return mockFs;
}
 
Example 29
Project: hadoop   File: DataNode.java   Source Code and License 6 votes vote down vote up
private void checkReadAccess(final ExtendedBlock block) throws IOException {
  if (isBlockTokenEnabled) {
    Set<TokenIdentifier> tokenIds = UserGroupInformation.getCurrentUser()
        .getTokenIdentifiers();
    if (tokenIds.size() != 1) {
      throw new IOException("Can't continue since none or more than one "
          + "BlockTokenIdentifier is found.");
    }
    for (TokenIdentifier tokenId : tokenIds) {
      BlockTokenIdentifier id = (BlockTokenIdentifier) tokenId;
      if (LOG.isDebugEnabled()) {
        LOG.debug("Got: " + id.toString());
      }
      blockPoolTokenSecretManager.checkAccess(id, null, block,
          BlockTokenSecretManager.AccessMode.READ);
    }
  }
}
 
Example 30
Project: hadoop   File: TestTokenAspect.java   Source Code and License 6 votes vote down vote up
@Test
public void testCachedInitialization() throws IOException, URISyntaxException {
  Configuration conf = new Configuration();
  DummyFs fs = spy(new DummyFs());
  Token<TokenIdentifier> token = new Token<TokenIdentifier>(new byte[0],
      new byte[0], DummyFs.TOKEN_KIND, new Text("127.0.0.1:1234"));

  doReturn(token).when(fs).getDelegationToken(anyString());
  doReturn(token).when(fs).getRenewToken();

  fs.emulateSecurityEnabled = true;
  fs.initialize(new URI("dummyfs://127.0.0.1:1234"), conf);

  fs.tokenAspect.ensureTokenInitialized();
  verify(fs, times(1)).getDelegationToken(null);
  verify(fs, times(1)).setDelegationToken(token);

  // For the second iteration, the token should be cached.
  fs.tokenAspect.ensureTokenInitialized();
  verify(fs, times(1)).getDelegationToken(null);
  verify(fs, times(1)).setDelegationToken(token);
}
 
Example 31
Project: hadoop-oss   File: Credentials.java   Source Code and License 5 votes vote down vote up
/**
 * Add a token in the storage (in memory)
 * @param alias the alias for the key
 * @param t the token object
 */
public void addToken(Text alias, Token<? extends TokenIdentifier> t) {
  if (t != null) {
    tokenMap.put(alias, t);
  } else {
    LOG.warn("Null token ignored for " + alias);
  }
}
 
Example 32
Project: hadoop-oss   File: AbstractDelegationTokenSelector.java   Source Code and License 5 votes vote down vote up
@SuppressWarnings("unchecked")
@Override
public Token<TokenIdent> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  for (Token<? extends TokenIdentifier> token : tokens) {
    if (kindName.equals(token.getKind())
        && service.equals(token.getService())) {
      return (Token<TokenIdent>) token;
    }
  }
  return null;
}
 
Example 33
Project: ditb   File: TestHBaseSaslRpcClient.java   Source Code and License 5 votes vote down vote up
private Token<? extends TokenIdentifier> createTokenMockWithCredentials(
    String principal, String password)
    throws IOException {
  Token<? extends TokenIdentifier> token = createTokenMock();
  if (!Strings.isNullOrEmpty(principal) && !Strings.isNullOrEmpty(password)) {
    when(token.getIdentifier()).thenReturn(DEFAULT_USER_NAME.getBytes());
    when(token.getPassword()).thenReturn(DEFAULT_USER_PASSWORD.getBytes());
  }
  return token;
}
 
Example 34
Project: hadoop-oss   File: SaslRpcServer.java   Source Code and License 5 votes vote down vote up
public static <T extends TokenIdentifier> T getIdentifier(String id,
    SecretManager<T> secretManager) throws InvalidToken {
  byte[] tokenId = decodeIdentifier(id);
  T tokenIdentifier = secretManager.createIdentifier();
  try {
    tokenIdentifier.readFields(new DataInputStream(new ByteArrayInputStream(
        tokenId)));
  } catch (IOException e) {
    throw (InvalidToken) new InvalidToken(
        "Can't de-serialize tokenIdentifier").initCause(e);
  }
  return tokenIdentifier;
}
 
Example 35
Project: hadoop-oss   File: KDiag.java   Source Code and License 5 votes vote down vote up
/**
 * Dump all tokens of a UGI.
 * @param ugi UGI to examine
 */
public void dumpTokens(UserGroupInformation ugi) {
  Collection<Token<? extends TokenIdentifier>> tokens
    = ugi.getCredentials().getAllTokens();
  title("Token Count: %d", tokens.size());
  for (Token<? extends TokenIdentifier> token : tokens) {
    println("Token %s", token.getKind());
  }
  endln();
}
 
Example 36
Project: hadoop   File: TestRPC.java   Source Code and License 5 votes vote down vote up
@Override
public org.apache.hadoop.ipc.RPC.Server getServer(Class<?> protocol,
    Object instance, String bindAddress, int port, int numHandlers,
    int numReaders, int queueSizePerHandler, boolean verbose, Configuration conf,
    SecretManager<? extends TokenIdentifier> secretManager, 
    String portRangeConfig) throws IOException {
  return null;
}
 
Example 37
Project: hadoop-oss   File: UserGroupInformation.java   Source Code and License 5 votes vote down vote up
/**
 * Obtain the collection of tokens associated with this user.
 * 
 * @return an unmodifiable collection of tokens associated with user
 */
public Collection<Token<? extends TokenIdentifier>> getTokens() {
  synchronized (subject) {
    return Collections.unmodifiableCollection(
        new ArrayList<Token<?>>(getCredentialsInternal().getAllTokens()));
  }
}
 
Example 38
Project: hadoop-oss   File: WritableRpcEngine.java   Source Code and License 5 votes vote down vote up
@Override
public RPC.Server getServer(Class<?> protocolClass,
                    Object protocolImpl, String bindAddress, int port,
                    int numHandlers, int numReaders, int queueSizePerHandler,
                    boolean verbose, Configuration conf,
                    SecretManager<? extends TokenIdentifier> secretManager,
                    String portRangeConfig) 
  throws IOException {
  return new Server(protocolClass, protocolImpl, conf, bindAddress, port,
      numHandlers, numReaders, queueSizePerHandler, verbose, secretManager,
      portRangeConfig);
}
 
Example 39
Project: hadoop-oss   File: Server.java   Source Code and License 5 votes vote down vote up
protected Server(String bindAddress, int port,
    Class<? extends Writable> rpcRequestClass, int handlerCount,
    int numReaders, int queueSizePerHandler, Configuration conf,
    String serverName, SecretManager<? extends TokenIdentifier> secretManager)
  throws IOException {
  this(bindAddress, port, rpcRequestClass, handlerCount, numReaders, 
      queueSizePerHandler, conf, serverName, secretManager, null);
}
 
Example 40
Project: hadoop-oss   File: ProtobufRpcEngine.java   Source Code and License 5 votes vote down vote up
@Override
public RPC.Server getServer(Class<?> protocol, Object protocolImpl,
    String bindAddress, int port, int numHandlers, int numReaders,
    int queueSizePerHandler, boolean verbose, Configuration conf,
    SecretManager<? extends TokenIdentifier> secretManager,
    String portRangeConfig)
    throws IOException {
  return new Server(protocol, protocolImpl, conf, bindAddress, port,
      numHandlers, numReaders, queueSizePerHandler, verbose, secretManager,
      portRangeConfig);
}