org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier Java Examples

The following examples show how to use org.apache.hadoop.mapreduce.v2.api.MRDelegationTokenIdentifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: HistoryClientService.java    From XLearning with Apache License 2.0 6 votes vote down vote up
@Override
public CancelDelegationTokenResponse cancelDelegationToken(
    CancelDelegationTokenRequest request) throws IOException {
  if (!isAllowedDelegationTokenOp()) {
    throw new IOException(
        "Delegation Token can be cancelled only with kerberos authentication");
  }

  org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
  Token<MRDelegationTokenIdentifier> token =
      new Token<MRDelegationTokenIdentifier>(
          protoToken.getIdentifier().array(), protoToken.getPassword()
          .array(), new Text(protoToken.getKind()), new Text(
          protoToken.getService()));

  String user = UserGroupInformation.getCurrentUser().getUserName();
  jhsDTSecretManager.cancelToken(token, user);
  return Records.newRecord(CancelDelegationTokenResponse.class);
}
 
Example #2
Source File: HistoryServerFileSystemStateStoreService.java    From hadoop with Apache License 2.0 6 votes vote down vote up
private MRDelegationTokenIdentifier loadToken(HistoryServerState state,
    Path tokenFile, long numTokenFileBytes) throws IOException {
  MRDelegationTokenIdentifier tokenId = new MRDelegationTokenIdentifier();
  long renewDate;
  byte[] tokenData = readFile(tokenFile, numTokenFileBytes);
  DataInputStream in =
      new DataInputStream(new ByteArrayInputStream(tokenData));
  try {
    tokenId.readFields(in);
    renewDate = in.readLong();
  } finally {
    IOUtils.cleanup(LOG, in);
  }
  state.tokenState.put(tokenId, renewDate);
  return tokenId;
}
 
Example #3
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 6 votes vote down vote up
private MRDelegationTokenIdentifier loadToken(HistoryServerState state,
    Path tokenFile, long numTokenFileBytes) throws IOException {
  MRDelegationTokenIdentifier tokenId = new MRDelegationTokenIdentifier();
  long renewDate;
  byte[] tokenData = readFile(tokenFile, numTokenFileBytes);
  DataInputStream in =
      new DataInputStream(new ByteArrayInputStream(tokenData));
  try {
    tokenId.readFields(in);
    renewDate = in.readLong();
  } finally {
    IOUtils.cleanup(LOG, in);
  }
  state.tokenState.put(tokenId, renewDate);
  return tokenId;
}
 
Example #4
Source File: HistoryServerFileSystemStateStoreService.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Override
public void updateToken(MRDelegationTokenIdentifier tokenId,
    Long renewDate) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Updating token " + tokenId.getSequenceNumber());
  }

  // Files cannot be atomically replaced, therefore we write a temporary
  // update file, remove the original token file, then rename the update
  // file to the token file. During recovery either the token file will be
  // used or if that is missing and an update file is present then the
  // update file is used.
  Path tokenPath = getTokenPath(tokenId);
  Path tmp = new Path(tokenPath.getParent(),
      UPDATE_TMP_FILE_PREFIX + tokenPath.getName());
  writeFile(tmp, buildTokenData(tokenId, renewDate));
  try {
    deleteFile(tokenPath);
  } catch (IOException e) {
    fs.delete(tmp, false);
    throw e;
  }
  if (!fs.rename(tmp, tokenPath)) {
    throw new IOException("Could not rename " + tmp + " to " + tokenPath);
  }
}
 
Example #5
Source File: HistoryClientService.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Override
public CancelDelegationTokenResponse cancelDelegationToken(
    CancelDelegationTokenRequest request) throws IOException {
    if (!isAllowedDelegationTokenOp()) {
      throw new IOException(
          "Delegation Token can be cancelled only with kerberos authentication");
    }

    org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
    Token<MRDelegationTokenIdentifier> token =
        new Token<MRDelegationTokenIdentifier>(
            protoToken.getIdentifier().array(), protoToken.getPassword()
                .array(), new Text(protoToken.getKind()), new Text(
                protoToken.getService()));

    String user = UserGroupInformation.getCurrentUser().getUserName();
    jhsDTSecretManager.cancelToken(token, user);
    return Records.newRecord(CancelDelegationTokenResponse.class);
}
 
Example #6
Source File: HistoryClientService.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Override
public RenewDelegationTokenResponse renewDelegationToken(
    RenewDelegationTokenRequest request) throws IOException {
    if (!isAllowedDelegationTokenOp()) {
      throw new IOException(
          "Delegation Token can be renewed only with kerberos authentication");
    }

    org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
    Token<MRDelegationTokenIdentifier> token =
        new Token<MRDelegationTokenIdentifier>(
            protoToken.getIdentifier().array(), protoToken.getPassword()
                .array(), new Text(protoToken.getKind()), new Text(
                protoToken.getService()));

    String user = UserGroupInformation.getCurrentUser().getShortUserName();
    long nextExpTime = jhsDTSecretManager.renewToken(token, user);
    RenewDelegationTokenResponse renewResponse = Records
        .newRecord(RenewDelegationTokenResponse.class);
    renewResponse.setNextExpirationTime(nextExpTime);
    return renewResponse;
}
 
Example #7
Source File: ClientHSTokenSelector.java    From big-c with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<MRDelegationTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  LOG.debug("Looking for a token with service " + service.toString());
  for (Token<? extends TokenIdentifier> token : tokens) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Token kind is " + token.getKind().toString()
          + " and the token's service name is " + token.getService());
    }
    if (MRDelegationTokenIdentifier.KIND_NAME.equals(token.getKind())
        && service.equals(token.getService())) {
      return (Token<MRDelegationTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example #8
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Override
public void updateToken(MRDelegationTokenIdentifier tokenId,
    Long renewDate) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Updating token " + tokenId.getSequenceNumber());
  }

  // Files cannot be atomically replaced, therefore we write a temporary
  // update file, remove the original token file, then rename the update
  // file to the token file. During recovery either the token file will be
  // used or if that is missing and an update file is present then the
  // update file is used.
  Path tokenPath = getTokenPath(tokenId);
  Path tmp = new Path(tokenPath.getParent(),
      UPDATE_TMP_FILE_PREFIX + tokenPath.getName());
  writeFile(tmp, buildTokenData(tokenId, renewDate));
  try {
    deleteFile(tokenPath);
  } catch (IOException e) {
    fs.delete(tmp, false);
    throw e;
  }
  if (!fs.rename(tmp, tokenPath)) {
    throw new IOException("Could not rename " + tmp + " to " + tokenPath);
  }
}
 
Example #9
Source File: HistoryClientService.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Override
public CancelDelegationTokenResponse cancelDelegationToken(
    CancelDelegationTokenRequest request) throws IOException {
    if (!isAllowedDelegationTokenOp()) {
      throw new IOException(
          "Delegation Token can be cancelled only with kerberos authentication");
    }

    org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
    Token<MRDelegationTokenIdentifier> token =
        new Token<MRDelegationTokenIdentifier>(
            protoToken.getIdentifier().array(), protoToken.getPassword()
                .array(), new Text(protoToken.getKind()), new Text(
                protoToken.getService()));

    String user = UserGroupInformation.getCurrentUser().getUserName();
    jhsDTSecretManager.cancelToken(token, user);
    return Records.newRecord(CancelDelegationTokenResponse.class);
}
 
Example #10
Source File: HistoryServerLeveldbStateStoreService.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }

  ByteArrayOutputStream memStream = new ByteArrayOutputStream();
  DataOutputStream dataStream = new DataOutputStream(memStream);
  try {
    tokenId.write(dataStream);
    dataStream.writeLong(renewDate);
    dataStream.close();
    dataStream = null;
  } finally {
    IOUtils.cleanup(LOG, dataStream);
  }

  String dbKey = getTokenDatabaseKey(tokenId);
  try {
    db.put(bytes(dbKey), memStream.toByteArray());
  } catch (DBException e) {
    throw new IOException(e);
  }
}
 
Example #11
Source File: HistoryClientService.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Override
public RenewDelegationTokenResponse renewDelegationToken(
    RenewDelegationTokenRequest request) throws IOException {
    if (!isAllowedDelegationTokenOp()) {
      throw new IOException(
          "Delegation Token can be renewed only with kerberos authentication");
    }

    org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
    Token<MRDelegationTokenIdentifier> token =
        new Token<MRDelegationTokenIdentifier>(
            protoToken.getIdentifier().array(), protoToken.getPassword()
                .array(), new Text(protoToken.getKind()), new Text(
                protoToken.getService()));

    String user = UserGroupInformation.getCurrentUser().getShortUserName();
    long nextExpTime = jhsDTSecretManager.renewToken(token, user);
    RenewDelegationTokenResponse renewResponse = Records
        .newRecord(RenewDelegationTokenResponse.class);
    renewResponse.setNextExpirationTime(nextExpTime);
    return renewResponse;
}
 
Example #12
Source File: ClientHSTokenSelector.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public Token<MRDelegationTokenIdentifier> selectToken(Text service,
    Collection<Token<? extends TokenIdentifier>> tokens) {
  if (service == null) {
    return null;
  }
  LOG.debug("Looking for a token with service " + service.toString());
  for (Token<? extends TokenIdentifier> token : tokens) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Token kind is " + token.getKind().toString()
          + " and the token's service name is " + token.getService());
    }
    if (MRDelegationTokenIdentifier.KIND_NAME.equals(token.getKind())
        && service.equals(token.getService())) {
      return (Token<MRDelegationTokenIdentifier>) token;
    }
  }
  return null;
}
 
Example #13
Source File: HistoryServerLeveldbStateStoreService.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }

  ByteArrayOutputStream memStream = new ByteArrayOutputStream();
  DataOutputStream dataStream = new DataOutputStream(memStream);
  try {
    tokenId.write(dataStream);
    dataStream.writeLong(renewDate);
    dataStream.close();
    dataStream = null;
  } finally {
    IOUtils.cleanup(LOG, dataStream);
  }

  String dbKey = getTokenDatabaseKey(tokenId);
  try {
    db.put(bytes(dbKey), memStream.toByteArray());
  } catch (DBException e) {
    throw new IOException(e);
  }
}
 
Example #14
Source File: HistoryClientService.java    From XLearning with Apache License 2.0 6 votes vote down vote up
@Override
public RenewDelegationTokenResponse renewDelegationToken(
    RenewDelegationTokenRequest request) throws IOException {
  if (!isAllowedDelegationTokenOp()) {
    throw new IOException(
        "Delegation Token can be renewed only with kerberos authentication");
  }

  org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken();
  Token<MRDelegationTokenIdentifier> token =
      new Token<MRDelegationTokenIdentifier>(
          protoToken.getIdentifier().array(), protoToken.getPassword()
          .array(), new Text(protoToken.getKind()), new Text(
          protoToken.getService()));

  String user = UserGroupInformation.getCurrentUser().getShortUserName();
  long nextExpTime = jhsDTSecretManager.renewToken(token, user);
  RenewDelegationTokenResponse renewResponse = Records
      .newRecord(RenewDelegationTokenResponse.class);
  renewResponse.setNextExpirationTime(nextExpTime);
  return renewResponse;
}
 
Example #15
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
private void loadTokenFromBucket(int bucketId,
    HistoryServerState state, Path tokenFile, long numTokenFileBytes)
        throws IOException {
  MRDelegationTokenIdentifier token =
      loadToken(state, tokenFile, numTokenFileBytes);
  int tokenBucketId = getBucketId(token);
  if (tokenBucketId != bucketId) {
    throw new IOException("Token " + tokenFile
        + " should be in bucket " + tokenBucketId + ", found in bucket "
        + bucketId);
  }
}
 
Example #16
Source File: HistoryServerMemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public void updateToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (!state.tokenState.containsKey(tokenId)) {
    throw new IOException("token " + tokenId + " not in store");
  }
  state.tokenState.put(tokenId, renewDate);
}
 
Example #17
Source File: HistoryServerFileSystemStateStoreService.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId,
    Long renewDate) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }

  Path tokenPath = getTokenPath(tokenId);
  if (fs.exists(tokenPath)) {
    throw new IOException(tokenPath + " already exists");
  }

  createNewFile(tokenPath, buildTokenData(tokenId, renewDate));
}
 
Example #18
Source File: HistoryServerFileSystemStateStoreService.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
public void removeToken(MRDelegationTokenIdentifier tokenId)
    throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Removing token " + tokenId.getSequenceNumber());
  }
  deleteFile(getTokenPath(tokenId));
}
 
Example #19
Source File: HistoryServerMemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (state.tokenState.containsKey(tokenId)) {
    throw new IOException("token " + tokenId + " was stored twice");
  }
  state.tokenState.put(tokenId, renewDate);
}
 
Example #20
Source File: JHSDelegationTokenSecretManager.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
protected void storeNewToken(MRDelegationTokenIdentifier tokenId,
    long renewDate) {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }
  try {
    store.storeToken(tokenId, renewDate);
  } catch (IOException e) {
    LOG.error("Unable to store token " + tokenId.getSequenceNumber(), e);
  }
}
 
Example #21
Source File: JHSDelegationTokenSecretManager.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
protected void removeStoredToken(MRDelegationTokenIdentifier tokenId)
    throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }
  try {
    store.removeToken(tokenId);
  } catch (IOException e) {
    LOG.error("Unable to remove token " + tokenId.getSequenceNumber(), e);
  }
}
 
Example #22
Source File: JHSDelegationTokenSecretManager.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
protected void updateStoredToken(MRDelegationTokenIdentifier tokenId,
    long renewDate) {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Updating token " + tokenId.getSequenceNumber());
  }
  try {
    store.updateToken(tokenId, renewDate);
  } catch (IOException e) {
    LOG.error("Unable to update token " + tokenId.getSequenceNumber(), e);
  }
}
 
Example #23
Source File: JHSDelegationTokenSecretManager.java    From hadoop with Apache License 2.0 5 votes vote down vote up
public void recover(HistoryServerState state) throws IOException {
  LOG.info("Recovering " + getClass().getSimpleName());
  for (DelegationKey key : state.tokenMasterKeyState) {
    addKey(key);
  }
  for (Entry<MRDelegationTokenIdentifier, Long> entry :
      state.tokenState.entrySet()) {
    addPersistedDelegationToken(entry.getKey(), entry.getValue());
  }
}
 
Example #24
Source File: HistoryServerLeveldbStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public void removeToken(MRDelegationTokenIdentifier tokenId)
    throws IOException {
  String dbKey = getTokenDatabaseKey(tokenId);
  try {
    db.delete(bytes(dbKey));
  } catch (DBException e) {
    throw new IOException(e);
  }
}
 
Example #25
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
private byte[] buildTokenData(MRDelegationTokenIdentifier tokenId,
    Long renewDate) throws IOException {
  ByteArrayOutputStream memStream = new ByteArrayOutputStream();
  DataOutputStream dataStream = new DataOutputStream(memStream);
  try {
    tokenId.write(dataStream);
    dataStream.writeLong(renewDate);
    dataStream.close();
    dataStream = null;
  } finally {
    IOUtils.cleanup(LOG, dataStream);
  }
  return memStream.toByteArray();
}
 
Example #26
Source File: HistoryServerMemStateStoreService.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (state.tokenState.containsKey(tokenId)) {
    throw new IOException("token " + tokenId + " was stored twice");
  }
  state.tokenState.put(tokenId, renewDate);
}
 
Example #27
Source File: HistoryServerMemStateStoreService.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Override
public void updateToken(MRDelegationTokenIdentifier tokenId, Long renewDate)
    throws IOException {
  if (!state.tokenState.containsKey(tokenId)) {
    throw new IOException("token " + tokenId + " not in store");
  }
  state.tokenState.put(tokenId, renewDate);
}
 
Example #28
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public void removeToken(MRDelegationTokenIdentifier tokenId)
    throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Removing token " + tokenId.getSequenceNumber());
  }
  deleteFile(getTokenPath(tokenId));
}
 
Example #29
Source File: HistoryServerLeveldbStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
private void loadToken(HistoryServerState state, byte[] data)
    throws IOException {
  MRDelegationTokenIdentifier tokenId = new MRDelegationTokenIdentifier();
  long renewDate;
  DataInputStream in = new DataInputStream(new ByteArrayInputStream(data));
  try {
    tokenId.readFields(in);
    renewDate = in.readLong();
  } finally {
    IOUtils.cleanup(LOG, in);
  }
  state.tokenState.put(tokenId, renewDate);
}
 
Example #30
Source File: HistoryServerFileSystemStateStoreService.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Override
public void storeToken(MRDelegationTokenIdentifier tokenId,
    Long renewDate) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Storing token " + tokenId.getSequenceNumber());
  }

  Path tokenPath = getTokenPath(tokenId);
  if (fs.exists(tokenPath)) {
    throw new IOException(tokenPath + " already exists");
  }

  createNewFile(tokenPath, buildTokenData(tokenId, renewDate));
}