Java Code Examples for org.apache.hadoop.yarn.security.client.RMDelegationTokenIdentifier#getBytes()

The following examples show how to use org.apache.hadoop.yarn.security.client.RMDelegationTokenIdentifier#getBytes() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestYARNTokenIdentifier.java    From hadoop with Apache License 2.0 4 votes vote down vote up
@Test
public void testRMDelegationTokenIdentifier() throws IOException {
  
  Text owner = new Text("user1");
  Text renewer = new Text("user2");
  Text realUser = new Text("user3");
  long issueDate = 1;
  long maxDate = 2;
  int sequenceNumber = 3;
  int masterKeyId = 4;
  
  RMDelegationTokenIdentifier token = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token.setIssueDate(issueDate);
  token.setMaxDate(maxDate);
  token.setSequenceNumber(sequenceNumber);
  token.setMasterKeyId(masterKeyId);
  
  RMDelegationTokenIdentifier anotherToken = new RMDelegationTokenIdentifier();
  
  byte[] tokenContent = token.getBytes();
  DataInputBuffer dib = new DataInputBuffer();
  dib.reset(tokenContent, tokenContent.length);
  anotherToken.readFields(dib);
  dib.close();
  // verify the whole record equals with original record
  Assert.assertEquals("Token is not the same after serialization " +
      "and deserialization.", token, anotherToken);
  
  Assert.assertEquals("owner from proto is not the same with original token",
      anotherToken.getOwner(), owner);
  
  Assert.assertEquals("renewer from proto is not the same with original token",
      anotherToken.getRenewer(), renewer);
  
  Assert.assertEquals("realUser from proto is not the same with original token",
      anotherToken.getRealUser(), realUser);
  
  Assert.assertEquals("issueDate from proto is not the same with original token",
      anotherToken.getIssueDate(), issueDate);
  
  Assert.assertEquals("maxDate from proto is not the same with original token",
      anotherToken.getMaxDate(), maxDate);
  
  Assert.assertEquals("sequenceNumber from proto is not the same with original token",
      anotherToken.getSequenceNumber(), sequenceNumber);
  
  Assert.assertEquals("masterKeyId from proto is not the same with original token",
      anotherToken.getMasterKeyId(), masterKeyId);
  
  // Test getProto    
  RMDelegationTokenIdentifier token1 = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token1.setIssueDate(issueDate);
  token1.setMaxDate(maxDate);
  token1.setSequenceNumber(sequenceNumber);
  token1.setMasterKeyId(masterKeyId);
  YARNDelegationTokenIdentifierProto tokenProto = token1.getProto();
  // Write token proto to stream
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DataOutputStream out = new DataOutputStream(baos);
  tokenProto.writeTo(out);

  // Read token
  byte[] tokenData = baos.toByteArray();
  RMDelegationTokenIdentifier readToken = new RMDelegationTokenIdentifier();
  DataInputBuffer db = new DataInputBuffer();
  db.reset(tokenData, tokenData.length);
  readToken.readFields(db);

  // Verify if read token equals with original token
  Assert.assertEquals("Token from getProto is not the same after " +
      "serialization and deserialization.", token1, readToken);
  db.close();
  out.close();
}
 
Example 2
Source File: TestLogAggregationService.java    From hadoop with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 20000)
public void testAddNewTokenSentFromRMForLogAggregation() throws Exception {
  Configuration conf = new YarnConfiguration();
  conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
    "kerberos");
  UserGroupInformation.setConfiguration(conf);

  ApplicationId application1 = BuilderUtils.newApplicationId(1234, 1);
  Application mockApp = mock(Application.class);
  when(mockApp.getContainers()).thenReturn(
    new HashMap<ContainerId, Container>());
  this.context.getApplications().put(application1, mockApp);
  @SuppressWarnings("resource")
  LogAggregationService logAggregationService =
      new LogAggregationService(dispatcher, this.context, this.delSrvc,
        super.dirsHandler);
  logAggregationService.init(this.conf);
  logAggregationService.start();
  logAggregationService.handle(new LogHandlerAppStartedEvent(application1,
    this.user, null, ContainerLogsRetentionPolicy.ALL_CONTAINERS, this.acls,
    Records.newRecord(LogAggregationContext.class)));

  // Inject new token for log-aggregation after app log-aggregator init
  Text userText1 = new Text("user1");
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<RMDelegationTokenIdentifier> token1 =
      new Token<RMDelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));
  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);
  this.context.getSystemCredentialsForApps().put(application1, credentials);

  logAggregationService.handle(new LogHandlerAppFinishedEvent(application1));

  final UserGroupInformation ugi =
      ((AppLogAggregatorImpl) logAggregationService.getAppLogAggregators()
        .get(application1)).getUgi();

  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      boolean hasNewToken = false;
      for (Token<?> token : ugi.getCredentials().getAllTokens()) {
        if (token.equals(token1)) {
          hasNewToken = true;
        }
      }
      return hasNewToken;
    }
  }, 1000, 20000);
  logAggregationService.stop();
}
 
Example 3
Source File: RMStateStoreTestBase.java    From hadoop with Apache License 2.0 4 votes vote down vote up
public void testRMDTSecretManagerStateStore(
    RMStateStoreHelper stateStoreHelper) throws Exception {
  RMStateStore store = stateStoreHelper.getRMStateStore();
  TestDispatcher dispatcher = new TestDispatcher();
  store.setRMDispatcher(dispatcher);

  // store RM delegation token;
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(new Text("owner1"),
        new Text("renewer1"), new Text("realuser1"));
  int sequenceNumber = 1111;
  dtId1.setSequenceNumber(sequenceNumber);
  byte[] tokenBeforeStore = dtId1.getBytes();
  Long renewDate1 = new Long(System.currentTimeMillis());
  store.storeRMDelegationToken(dtId1, renewDate1);
  modifyRMDelegationTokenState();
  Map<RMDelegationTokenIdentifier, Long> token1 =
      new HashMap<RMDelegationTokenIdentifier, Long>();
  token1.put(dtId1, renewDate1);
  // store delegation key;
  DelegationKey key = new DelegationKey(1234, 4321 , "keyBytes".getBytes());
  HashSet<DelegationKey> keySet = new HashSet<DelegationKey>();
  keySet.add(key);
  store.storeRMDTMasterKey(key);

  RMDTSecretManagerState secretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, secretManagerState.getTokenState());
  Assert.assertEquals(keySet, secretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      secretManagerState.getDTSequenceNumber());
  RMDelegationTokenIdentifier tokenAfterStore =
      secretManagerState.getTokenState().keySet().iterator().next();
  Assert.assertTrue(Arrays.equals(tokenBeforeStore,
    tokenAfterStore.getBytes()));

  // update RM delegation token;
  renewDate1 = new Long(System.currentTimeMillis());
  store.updateRMDelegationToken(dtId1, renewDate1);
  token1.put(dtId1, renewDate1);

  RMDTSecretManagerState updateSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, updateSecretManagerState.getTokenState());
  Assert.assertEquals(keySet, updateSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      updateSecretManagerState.getDTSequenceNumber());

  // check to delete delegationKey
  store.removeRMDTMasterKey(key);
  keySet.clear();
  RMDTSecretManagerState noKeySecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, noKeySecretManagerState.getTokenState());
  Assert.assertEquals(keySet, noKeySecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());

  // check to delete delegationToken
  store.removeRMDelegationToken(dtId1);
  RMDTSecretManagerState noKeyAndTokenSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  token1.clear();
  Assert.assertEquals(token1,
      noKeyAndTokenSecretManagerState.getTokenState());
  Assert.assertEquals(keySet,
      noKeyAndTokenSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());
  store.close();

}
 
Example 4
Source File: TestYARNTokenIdentifier.java    From big-c with Apache License 2.0 4 votes vote down vote up
@Test
public void testRMDelegationTokenIdentifier() throws IOException {
  
  Text owner = new Text("user1");
  Text renewer = new Text("user2");
  Text realUser = new Text("user3");
  long issueDate = 1;
  long maxDate = 2;
  int sequenceNumber = 3;
  int masterKeyId = 4;
  
  RMDelegationTokenIdentifier token = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token.setIssueDate(issueDate);
  token.setMaxDate(maxDate);
  token.setSequenceNumber(sequenceNumber);
  token.setMasterKeyId(masterKeyId);
  
  RMDelegationTokenIdentifier anotherToken = new RMDelegationTokenIdentifier();
  
  byte[] tokenContent = token.getBytes();
  DataInputBuffer dib = new DataInputBuffer();
  dib.reset(tokenContent, tokenContent.length);
  anotherToken.readFields(dib);
  dib.close();
  // verify the whole record equals with original record
  Assert.assertEquals("Token is not the same after serialization " +
      "and deserialization.", token, anotherToken);
  
  Assert.assertEquals("owner from proto is not the same with original token",
      anotherToken.getOwner(), owner);
  
  Assert.assertEquals("renewer from proto is not the same with original token",
      anotherToken.getRenewer(), renewer);
  
  Assert.assertEquals("realUser from proto is not the same with original token",
      anotherToken.getRealUser(), realUser);
  
  Assert.assertEquals("issueDate from proto is not the same with original token",
      anotherToken.getIssueDate(), issueDate);
  
  Assert.assertEquals("maxDate from proto is not the same with original token",
      anotherToken.getMaxDate(), maxDate);
  
  Assert.assertEquals("sequenceNumber from proto is not the same with original token",
      anotherToken.getSequenceNumber(), sequenceNumber);
  
  Assert.assertEquals("masterKeyId from proto is not the same with original token",
      anotherToken.getMasterKeyId(), masterKeyId);
  
  // Test getProto    
  RMDelegationTokenIdentifier token1 = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token1.setIssueDate(issueDate);
  token1.setMaxDate(maxDate);
  token1.setSequenceNumber(sequenceNumber);
  token1.setMasterKeyId(masterKeyId);
  YARNDelegationTokenIdentifierProto tokenProto = token1.getProto();
  // Write token proto to stream
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DataOutputStream out = new DataOutputStream(baos);
  tokenProto.writeTo(out);

  // Read token
  byte[] tokenData = baos.toByteArray();
  RMDelegationTokenIdentifier readToken = new RMDelegationTokenIdentifier();
  DataInputBuffer db = new DataInputBuffer();
  db.reset(tokenData, tokenData.length);
  readToken.readFields(db);

  // Verify if read token equals with original token
  Assert.assertEquals("Token from getProto is not the same after " +
      "serialization and deserialization.", token1, readToken);
  db.close();
  out.close();
}
 
Example 5
Source File: TestLogAggregationService.java    From big-c with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 20000)
public void testAddNewTokenSentFromRMForLogAggregation() throws Exception {
  Configuration conf = new YarnConfiguration();
  conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
    "kerberos");
  UserGroupInformation.setConfiguration(conf);

  ApplicationId application1 = BuilderUtils.newApplicationId(1234, 1);
  Application mockApp = mock(Application.class);
  when(mockApp.getContainers()).thenReturn(
    new HashMap<ContainerId, Container>());
  this.context.getApplications().put(application1, mockApp);
  @SuppressWarnings("resource")
  LogAggregationService logAggregationService =
      new LogAggregationService(dispatcher, this.context, this.delSrvc,
        super.dirsHandler);
  logAggregationService.init(this.conf);
  logAggregationService.start();
  logAggregationService.handle(new LogHandlerAppStartedEvent(application1,
    this.user, null, ContainerLogsRetentionPolicy.ALL_CONTAINERS, this.acls,
    Records.newRecord(LogAggregationContext.class)));

  // Inject new token for log-aggregation after app log-aggregator init
  Text userText1 = new Text("user1");
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<RMDelegationTokenIdentifier> token1 =
      new Token<RMDelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));
  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);
  this.context.getSystemCredentialsForApps().put(application1, credentials);

  logAggregationService.handle(new LogHandlerAppFinishedEvent(application1));

  final UserGroupInformation ugi =
      ((AppLogAggregatorImpl) logAggregationService.getAppLogAggregators()
        .get(application1)).getUgi();

  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      boolean hasNewToken = false;
      for (Token<?> token : ugi.getCredentials().getAllTokens()) {
        if (token.equals(token1)) {
          hasNewToken = true;
        }
      }
      return hasNewToken;
    }
  }, 1000, 20000);
  logAggregationService.stop();
}
 
Example 6
Source File: RMStateStoreTestBase.java    From big-c with Apache License 2.0 4 votes vote down vote up
public void testRMDTSecretManagerStateStore(
    RMStateStoreHelper stateStoreHelper) throws Exception {
  RMStateStore store = stateStoreHelper.getRMStateStore();
  TestDispatcher dispatcher = new TestDispatcher();
  store.setRMDispatcher(dispatcher);

  // store RM delegation token;
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(new Text("owner1"),
        new Text("renewer1"), new Text("realuser1"));
  int sequenceNumber = 1111;
  dtId1.setSequenceNumber(sequenceNumber);
  byte[] tokenBeforeStore = dtId1.getBytes();
  Long renewDate1 = new Long(System.currentTimeMillis());
  store.storeRMDelegationToken(dtId1, renewDate1);
  modifyRMDelegationTokenState();
  Map<RMDelegationTokenIdentifier, Long> token1 =
      new HashMap<RMDelegationTokenIdentifier, Long>();
  token1.put(dtId1, renewDate1);
  // store delegation key;
  DelegationKey key = new DelegationKey(1234, 4321 , "keyBytes".getBytes());
  HashSet<DelegationKey> keySet = new HashSet<DelegationKey>();
  keySet.add(key);
  store.storeRMDTMasterKey(key);

  RMDTSecretManagerState secretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, secretManagerState.getTokenState());
  Assert.assertEquals(keySet, secretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      secretManagerState.getDTSequenceNumber());
  RMDelegationTokenIdentifier tokenAfterStore =
      secretManagerState.getTokenState().keySet().iterator().next();
  Assert.assertTrue(Arrays.equals(tokenBeforeStore,
    tokenAfterStore.getBytes()));

  // update RM delegation token;
  renewDate1 = new Long(System.currentTimeMillis());
  store.updateRMDelegationToken(dtId1, renewDate1);
  token1.put(dtId1, renewDate1);

  RMDTSecretManagerState updateSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, updateSecretManagerState.getTokenState());
  Assert.assertEquals(keySet, updateSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      updateSecretManagerState.getDTSequenceNumber());

  // check to delete delegationKey
  store.removeRMDTMasterKey(key);
  keySet.clear();
  RMDTSecretManagerState noKeySecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, noKeySecretManagerState.getTokenState());
  Assert.assertEquals(keySet, noKeySecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());

  // check to delete delegationToken
  store.removeRMDelegationToken(dtId1);
  RMDTSecretManagerState noKeyAndTokenSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  token1.clear();
  Assert.assertEquals(token1,
      noKeyAndTokenSecretManagerState.getTokenState());
  Assert.assertEquals(keySet,
      noKeyAndTokenSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());
  store.close();

}