org.apache.hadoop.security.authentication.client.ConnectionConfigurator Java Examples
The following examples show how to use
org.apache.hadoop.security.authentication.client.ConnectionConfigurator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecureClientUtils.java From atlas with Apache License 2.0 | 6 votes |
|
private ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf)
throws IOException, GeneralSecurityException {
final SSLSocketFactory sf;
final HostnameVerifier hv;
factory = getSSLFactory(conf);
sf = factory.createSSLSocketFactory();
hv = factory.getHostnameVerifier();
return new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
if (conn instanceof HttpsURLConnection) {
HttpsURLConnection c = (HttpsURLConnection) conn;
c.setSSLSocketFactory(sf);
c.setHostnameVerifier(hv);
}
setTimeouts(conn, timeout);
return conn;
}
};
}
Example #2
| Source File: TimelineReaderFactory.java From tez with Apache License 2.0 | 6 votes |
|
@Override
public HttpURLConnection getHttpURLConnection(URL url) throws IOException {
try {
AuthenticatedURL authenticatedURL= ReflectionUtils.createClazzInstance(
DELEGATION_TOKEN_AUTHENTICATED_URL_CLAZZ_NAME, new Class[] {
delegationTokenAuthenticatorClazz,
ConnectionConfigurator.class
}, new Object[] {
authenticator,
connConfigurator
});
return ReflectionUtils.invokeMethod(authenticatedURL,
delegationTokenAuthenticateURLOpenConnectionMethod, url, token, doAsUser);
} catch (Exception e) {
throw new IOException(e);
}
}
Example #3
| Source File: TestURLConnectionFactory.java From hadoop with Apache License 2.0 | 6 votes |
|
@Test
public void testConnConfiguratior() throws IOException {
final URL u = new URL("http://localhost");
final List<HttpURLConnection> conns = Lists.newArrayList();
URLConnectionFactory fc = new URLConnectionFactory(new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn)
throws IOException {
Assert.assertEquals(u, conn.getURL());
conns.add(conn);
return conn;
}
});
fc.openConnection(u);
Assert.assertEquals(1, conns.size());
}
Example #4
| Source File: TestURLConnectionFactory.java From big-c with Apache License 2.0 | 6 votes |
|
@Test
public void testConnConfiguratior() throws IOException {
final URL u = new URL("http://localhost");
final List<HttpURLConnection> conns = Lists.newArrayList();
URLConnectionFactory fc = new URLConnectionFactory(new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn)
throws IOException {
Assert.assertEquals(u, conn.getURL());
conns.add(conn);
return conn;
}
});
fc.openConnection(u);
Assert.assertEquals(1, conns.size());
}
Example #5
| Source File: KerberosWebHDFSConnection2.java From Transwarp-Sample-Code with MIT License | 6 votes |
|
public KerberosWebHDFSConnection2(String httpfsUrl, String principal, String password) {
this.httpfsUrl = httpfsUrl;
this.principal = principal;
this.password = password;
Configuration conf = new Configuration();
conf.addResource("conf/hdfs-site.xml");
conf.addResource("conf/core-site.xml");
newToken = new AuthenticatedURL.Token();
KerberosAuthenticator ka = new KerberosAuthenticator();
ConnectionConfigurator connectionConfigurator = new SSLFactory(SSLFactory.Mode.CLIENT,conf);
ka.setConnectionConfigurator(connectionConfigurator);
try{
URL url = new URL(httpfsUrl);
ka.authenticate(url,newToken);
}catch(Exception e){
e.printStackTrace();
}
this.authenticatedURL = new AuthenticatedURL(ka,connectionConfigurator);
// this.authenticatedURL = new AuthenticatedURL(
// new KerberosAuthenticator2(principal, password));
}
Example #6
| Source File: TestTimelineReaderFactory.java From tez with Apache License 2.0 | 5 votes |
|
@Test(timeout = 5000)
public void testPseudoAuthenticatorConnectionUrlShouldHaveUserName() throws Exception {
ConnectionConfigurator connConf = mock(ConnectionConfigurator.class);
TimelineReaderPseudoAuthenticatedStrategy.PseudoAuthenticatedURLConnectionFactory
connectionFactory = new TimelineReaderPseudoAuthenticatedStrategy
.PseudoAuthenticatedURLConnectionFactory(connConf);
String inputUrl = "http://host:8080/path";
String expectedUrl = inputUrl + "?user.name=" + UserGroupInformation.getCurrentUser().getShortUserName();
HttpURLConnection httpURLConnection = connectionFactory.getHttpURLConnection(new URL(inputUrl));
Assert.assertEquals(expectedUrl, httpURLConnection.getURL().toString());
}
Example #7
| Source File: SecureClientUtils.java From atlas with Apache License 2.0 | 5 votes |
|
private ConnectionConfigurator newConnConfigurator(Configuration conf) {
try {
return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT_IN_MSECS, conf);
} catch (Exception e) {
LOG.debug("Cannot load customized ssl related configuration. " + "Fallback to system-generic settings.", e);
return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
}
Example #8
| Source File: TimelineReaderFactory.java From tez with Apache License 2.0 | 5 votes |
|
public TokenAuthenticatedURLConnectionFactory(ConnectionConfigurator connConfigurator,
Authenticator authenticator,
UserGroupInformation authUgi,
String doAsUser) throws TezException {
this.connConfigurator = connConfigurator;
this.authenticator = authenticator;
this.authUgi = authUgi;
this.doAsUser = doAsUser;
this.token = ReflectionUtils.createClazzInstance(
DELEGATION_TOKEN_AUTHENTICATED_URL_TOKEN_CLASS_NAME, null, null);
}
Example #9
| Source File: SecureClientUtils.java From incubator-atlas with Apache License 2.0 | 5 votes |
|
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
try {
return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT_IN_MSECS, conf);
} catch (Exception e) {
LOG.debug("Cannot load customized ssl related configuration. " + "Fallback to system-generic settings.", e);
return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
}
Example #10
| Source File: ResourceRequest.java From sqoop-on-spark with Apache License 2.0 | 5 votes |
|
public Token<?>[] addDelegationTokens(String strURL, String renewer,
Credentials credentials) throws IOException {
Token<?>[] tokens = null;
Text dtService = getDelegationTokenService(strURL);
Token<?> token = credentials.getToken(dtService);
if (token == null) {
URL url = new URL(strURL);
DelegationTokenAuthenticatedURL authUrl =
new DelegationTokenAuthenticatedURL(new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
return conn;
}
});
try {
token = authUrl.getDelegationToken(url, authToken, renewer);
if (token != null) {
credentials.addToken(token.getService(), token);
tokens = new Token<?>[]{token};
} else {
throw new IOException("Got NULL as delegation token");
}
} catch (AuthenticationException ex) {
throw new IOException(ex);
}
}
return tokens;
}
Example #11
| Source File: DelegationTokenAuthenticatedURL.java From big-c with Apache License 2.0 | 5 votes |
|
private static DelegationTokenAuthenticator
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
ConnectionConfigurator connConfigurator) {
try {
if (dta == null) {
dta = DEFAULT_AUTHENTICATOR.newInstance();
dta.setConnectionConfigurator(connConfigurator);
}
return dta;
} catch (Exception ex) {
throw new IllegalArgumentException(ex);
}
}
Example #12
| Source File: URLConnectionFactory.java From big-c with Apache License 2.0 | 5 votes |
|
/**
* Construct a new URLConnectionFactory based on the configuration. It will
* try to load SSL certificates when it is specified.
*/
public static URLConnectionFactory newDefaultURLConnectionFactory(Configuration conf) {
ConnectionConfigurator conn = null;
try {
conn = newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
} catch (Exception e) {
LOG.debug(
"Cannot load customized ssl related configuration. Fallback to system-generic settings.",
e);
conn = DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
return new URLConnectionFactory(conn);
}
Example #13
| Source File: TimelineClientImpl.java From big-c with Apache License 2.0 | 5 votes |
|
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
try {
return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
} catch (Exception e) {
LOG.debug("Cannot load customized ssl related configuration. " +
"Fallback to system-generic settings.", e);
return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
}
Example #14
| Source File: TimelineClientImpl.java From hadoop with Apache License 2.0 | 5 votes |
|
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
try {
return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
} catch (Exception e) {
LOG.debug("Cannot load customized ssl related configuration. " +
"Fallback to system-generic settings.", e);
return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
}
Example #15
| Source File: URLConnectionFactory.java From hadoop with Apache License 2.0 | 5 votes |
|
/**
* Construct a new URLConnectionFactory based on the configuration. It will
* try to load SSL certificates when it is specified.
*/
public static URLConnectionFactory newDefaultURLConnectionFactory(Configuration conf) {
ConnectionConfigurator conn = null;
try {
conn = newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
} catch (Exception e) {
LOG.debug(
"Cannot load customized ssl related configuration. Fallback to system-generic settings.",
e);
conn = DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
}
return new URLConnectionFactory(conn);
}
Example #16
| Source File: DelegationTokenAuthenticatedURL.java From hadoop with Apache License 2.0 | 5 votes |
|
private static DelegationTokenAuthenticator
obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
ConnectionConfigurator connConfigurator) {
try {
if (dta == null) {
dta = DEFAULT_AUTHENTICATOR.newInstance();
dta.setConnectionConfigurator(connConfigurator);
}
return dta;
} catch (Exception ex) {
throw new IllegalArgumentException(ex);
}
}
Example #17
| Source File: KerberosAuthenticator2.java From Transwarp-Sample-Code with MIT License | 4 votes |
|
public void setConnectionConfigurator(ConnectionConfigurator arg0) {
// TODO Auto-generated method stub
}
Example #18
| Source File: TimelineReaderFactory.java From tez with Apache License 2.0 | 4 votes |
|
public PseudoAuthenticatedURLConnectionFactory(ConnectionConfigurator connectionConf) {
this.connectionConf = connectionConf;
}
Example #19
| Source File: URLConnectionFactory.java From hadoop with Apache License 2.0 | 4 votes |
|
@VisibleForTesting
URLConnectionFactory(ConnectionConfigurator connConfigurator) {
this.connConfigurator = connConfigurator;
}
Example #20
| Source File: TestWebHdfsTokens.java From hadoop with Apache License 2.0 | 4 votes |
|
@Test
public void testSetTokenServiceAndKind() throws Exception {
MiniDFSCluster cluster = null;
try {
final Configuration clusterConf = new HdfsConfiguration(conf);
SecurityUtil.setAuthenticationMethod(SIMPLE, clusterConf);
clusterConf.setBoolean(DFSConfigKeys
.DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_KEY, true);
// trick the NN into thinking s[ecurity is enabled w/o it trying
// to login from a keytab
UserGroupInformation.setConfiguration(clusterConf);
cluster = new MiniDFSCluster.Builder(clusterConf).numDataNodes(0).build();
cluster.waitActive();
SecurityUtil.setAuthenticationMethod(KERBEROS, clusterConf);
final WebHdfsFileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem
(clusterConf, "webhdfs");
Whitebox.setInternalState(fs, "canRefreshDelegationToken", true);
URLConnectionFactory factory = new URLConnectionFactory(new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn)
throws IOException {
return conn;
}
}) {
@Override
public URLConnection openConnection(URL url) throws IOException {
return super.openConnection(new URL(url + "&service=foo&kind=bar"));
}
};
Whitebox.setInternalState(fs, "connectionFactory", factory);
Token<?> token1 = fs.getDelegationToken();
Assert.assertEquals(new Text("bar"), token1.getKind());
final HttpOpParam.Op op = GetOpParam.Op.GETDELEGATIONTOKEN;
Token<DelegationTokenIdentifier> token2 =
fs.new FsPathResponseRunner<Token<DelegationTokenIdentifier>>(
op, null, new RenewerParam(null)) {
@Override
Token<DelegationTokenIdentifier> decodeResponse(Map<?, ?> json)
throws IOException {
return JsonUtil.toDelegationToken(json);
}
}.run();
Assert.assertEquals(new Text("bar"), token2.getKind());
Assert.assertEquals(new Text("foo"), token2.getService());
} finally {
if (cluster != null) {
cluster.shutdown();
}
}
}
Example #21
| Source File: DelegationTokenAuthenticator.java From hadoop with Apache License 2.0 | 4 votes |
|
@Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
authenticator.setConnectionConfigurator(configurator);
connConfigurator = configurator;
}
Example #22
| Source File: DelegationTokenAuthenticator.java From big-c with Apache License 2.0 | 4 votes |
|
@Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
authenticator.setConnectionConfigurator(configurator);
connConfigurator = configurator;
}
Example #23
| Source File: TestWebHdfsTokens.java From big-c with Apache License 2.0 | 4 votes |
|
@Test
public void testSetTokenServiceAndKind() throws Exception {
MiniDFSCluster cluster = null;
try {
final Configuration clusterConf = new HdfsConfiguration(conf);
SecurityUtil.setAuthenticationMethod(SIMPLE, clusterConf);
clusterConf.setBoolean(DFSConfigKeys
.DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_KEY, true);
// trick the NN into thinking s[ecurity is enabled w/o it trying
// to login from a keytab
UserGroupInformation.setConfiguration(clusterConf);
cluster = new MiniDFSCluster.Builder(clusterConf).numDataNodes(0).build();
cluster.waitActive();
SecurityUtil.setAuthenticationMethod(KERBEROS, clusterConf);
final WebHdfsFileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem
(clusterConf, "webhdfs");
Whitebox.setInternalState(fs, "canRefreshDelegationToken", true);
URLConnectionFactory factory = new URLConnectionFactory(new ConnectionConfigurator() {
@Override
public HttpURLConnection configure(HttpURLConnection conn)
throws IOException {
return conn;
}
}) {
@Override
public URLConnection openConnection(URL url) throws IOException {
return super.openConnection(new URL(url + "&service=foo&kind=bar"));
}
};
Whitebox.setInternalState(fs, "connectionFactory", factory);
Token<?> token1 = fs.getDelegationToken();
Assert.assertEquals(new Text("bar"), token1.getKind());
final HttpOpParam.Op op = GetOpParam.Op.GETDELEGATIONTOKEN;
Token<DelegationTokenIdentifier> token2 =
fs.new FsPathResponseRunner<Token<DelegationTokenIdentifier>>(
op, null, new RenewerParam(null)) {
@Override
Token<DelegationTokenIdentifier> decodeResponse(Map<?, ?> json)
throws IOException {
return JsonUtil.toDelegationToken(json);
}
}.run();
Assert.assertEquals(new Text("bar"), token2.getKind());
Assert.assertEquals(new Text("foo"), token2.getService());
} finally {
if (cluster != null) {
cluster.shutdown();
}
}
}
Example #24
| Source File: URLConnectionFactory.java From big-c with Apache License 2.0 | 4 votes |
|
@VisibleForTesting
URLConnectionFactory(ConnectionConfigurator connConfigurator) {
this.connConfigurator = connConfigurator;
}
Example #25
| Source File: PseudoAuthenticator.java From Transwarp-Sample-Code with MIT License | 4 votes |
|
public void setConnectionConfigurator(ConnectionConfigurator arg0) {
// TODO Auto-generated method stub
}
Example #26
| Source File: DelegationTokenAuthenticatedURL.java From big-c with Apache License 2.0 | 3 votes |
|
/**
* Creates an <code>DelegationTokenAuthenticatedURL</code>.
*
* @param authenticator the {@link DelegationTokenAuthenticator} instance to
* use, if <code>null</code> the default one will be used.
* @param connConfigurator a connection configurator.
*/
public DelegationTokenAuthenticatedURL(
DelegationTokenAuthenticator authenticator,
ConnectionConfigurator connConfigurator) {
super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
connConfigurator);
}
Example #27
| Source File: DelegationTokenAuthenticatedURL.java From hadoop with Apache License 2.0 | 3 votes |
|
/**
* Creates an <code>DelegationTokenAuthenticatedURL</code>.
*
* @param authenticator the {@link DelegationTokenAuthenticator} instance to
* use, if <code>null</code> the default one will be used.
* @param connConfigurator a connection configurator.
*/
public DelegationTokenAuthenticatedURL(
DelegationTokenAuthenticator authenticator,
ConnectionConfigurator connConfigurator) {
super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
connConfigurator);
}
Example #28
| Source File: DelegationTokenAuthenticatedURL.java From big-c with Apache License 2.0 | 2 votes |
|
/**
* Creates an <code>DelegationTokenAuthenticatedURL</code> using the default
* {@link DelegationTokenAuthenticator} class.
*
* @param connConfigurator a connection configurator.
*/
public DelegationTokenAuthenticatedURL(
ConnectionConfigurator connConfigurator) {
this(null, connConfigurator);
}
Example #29
| Source File: KMSClientProvider.java From big-c with Apache License 2.0 | 2 votes |
|
/**
* Sets the timeout and wraps another connection configurator
* @param timeout - will set both connect and read timeouts - in seconds
* @param cc - another configurator to wrap - may be null
*/
public TimeoutConnConfigurator(int timeout, ConnectionConfigurator cc) {
this.timeout = timeout;
this.cc = cc;
}
Example #30
| Source File: DelegationTokenAuthenticatedURL.java From hadoop with Apache License 2.0 | 2 votes |
|
/**
* Creates an <code>DelegationTokenAuthenticatedURL</code> using the default
* {@link DelegationTokenAuthenticator} class.
*
* @param connConfigurator a connection configurator.
*/
public DelegationTokenAuthenticatedURL(
ConnectionConfigurator connConfigurator) {
this(null, connConfigurator);
}
