Java Code Examples for org.apache.hadoop.security.authentication.client.ConnectionConfigurator

The following examples show how to use org.apache.hadoop.security.authentication.client.ConnectionConfigurator. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: atlas   Source File: SecureClientUtils.java    License: Apache License 2.0 6 votes vote down vote up
private  ConnectionConfigurator newSslConnConfigurator(final int timeout, Configuration conf)
throws IOException, GeneralSecurityException {
    final SSLSocketFactory sf;
    final HostnameVerifier hv;

    factory = getSSLFactory(conf);
    sf = factory.createSSLSocketFactory();
    hv = factory.getHostnameVerifier();

    return new ConnectionConfigurator() {
        @Override
        public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
            if (conn instanceof HttpsURLConnection) {
                HttpsURLConnection c = (HttpsURLConnection) conn;
                c.setSSLSocketFactory(sf);
                c.setHostnameVerifier(hv);
            }
            setTimeouts(conn, timeout);
            return conn;
        }
    };
}
 
Example 2
Source Project: hadoop   Source File: TestURLConnectionFactory.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testConnConfiguratior() throws IOException {
  final URL u = new URL("http://localhost");
  final List<HttpURLConnection> conns = Lists.newArrayList();
  URLConnectionFactory fc = new URLConnectionFactory(new ConnectionConfigurator() {
    @Override
    public HttpURLConnection configure(HttpURLConnection conn)
        throws IOException {
      Assert.assertEquals(u, conn.getURL());
      conns.add(conn);
      return conn;
    }
  });

  fc.openConnection(u);
  Assert.assertEquals(1, conns.size());
}
 
Example 3
Source Project: Transwarp-Sample-Code   Source File: KerberosWebHDFSConnection2.java    License: MIT License 6 votes vote down vote up
public KerberosWebHDFSConnection2(String httpfsUrl, String principal, String password)  {
        this.httpfsUrl = httpfsUrl;
        this.principal = principal;
        this.password = password;

        Configuration conf = new Configuration();
        conf.addResource("conf/hdfs-site.xml");
        conf.addResource("conf/core-site.xml");
        newToken = new AuthenticatedURL.Token();

        KerberosAuthenticator ka = new KerberosAuthenticator();
        ConnectionConfigurator connectionConfigurator = new SSLFactory(SSLFactory.Mode.CLIENT,conf);
        ka.setConnectionConfigurator(connectionConfigurator);

        try{
            URL url = new URL(httpfsUrl);
            ka.authenticate(url,newToken);
        }catch(Exception e){
            e.printStackTrace();
        }


         this.authenticatedURL = new AuthenticatedURL(ka,connectionConfigurator);
//        this.authenticatedURL = new AuthenticatedURL(
//                new KerberosAuthenticator2(principal, password));
    }
 
Example 4
Source Project: big-c   Source File: TestURLConnectionFactory.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testConnConfiguratior() throws IOException {
  final URL u = new URL("http://localhost");
  final List<HttpURLConnection> conns = Lists.newArrayList();
  URLConnectionFactory fc = new URLConnectionFactory(new ConnectionConfigurator() {
    @Override
    public HttpURLConnection configure(HttpURLConnection conn)
        throws IOException {
      Assert.assertEquals(u, conn.getURL());
      conns.add(conn);
      return conn;
    }
  });

  fc.openConnection(u);
  Assert.assertEquals(1, conns.size());
}
 
Example 5
Source Project: tez   Source File: TimelineReaderFactory.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public HttpURLConnection getHttpURLConnection(URL url) throws IOException {
  try {
    AuthenticatedURL authenticatedURL= ReflectionUtils.createClazzInstance(
        DELEGATION_TOKEN_AUTHENTICATED_URL_CLAZZ_NAME, new Class[] {
        delegationTokenAuthenticatorClazz,
        ConnectionConfigurator.class
    }, new Object[] {
        authenticator,
        connConfigurator
    });
    return ReflectionUtils.invokeMethod(authenticatedURL,
        delegationTokenAuthenticateURLOpenConnectionMethod, url, token, doAsUser);
  } catch (Exception e) {
    throw new IOException(e);
  }
}
 
Example 6
Source Project: atlas   Source File: SecureClientUtils.java    License: Apache License 2.0 5 votes vote down vote up
private  ConnectionConfigurator newConnConfigurator(Configuration conf) {
    try {
        return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT_IN_MSECS, conf);
    } catch (Exception e) {
        LOG.debug("Cannot load customized ssl related configuration. " + "Fallback to system-generic settings.", e);
        return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
    }
}
 
Example 7
Source Project: hadoop   Source File: TimelineClientImpl.java    License: Apache License 2.0 5 votes vote down vote up
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
  try {
    return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
  } catch (Exception e) {
    LOG.debug("Cannot load customized ssl related configuration. " +
        "Fallback to system-generic settings.", e);
    return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
  }
}
 
Example 8
Source Project: hadoop   Source File: URLConnectionFactory.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Construct a new URLConnectionFactory based on the configuration. It will
 * try to load SSL certificates when it is specified.
 */
public static URLConnectionFactory newDefaultURLConnectionFactory(Configuration conf) {
  ConnectionConfigurator conn = null;
  try {
    conn = newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
  } catch (Exception e) {
    LOG.debug(
        "Cannot load customized ssl related configuration. Fallback to system-generic settings.",
        e);
    conn = DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
  }
  return new URLConnectionFactory(conn);
}
 
Example 9
Source Project: hadoop   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 5 votes vote down vote up
private static DelegationTokenAuthenticator
    obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
          ConnectionConfigurator connConfigurator) {
  try {
    if (dta == null) {
      dta = DEFAULT_AUTHENTICATOR.newInstance();
      dta.setConnectionConfigurator(connConfigurator);
    }
    return dta;
  } catch (Exception ex) {
    throw new IllegalArgumentException(ex);
  }
}
 
Example 10
Source Project: big-c   Source File: TimelineClientImpl.java    License: Apache License 2.0 5 votes vote down vote up
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
  try {
    return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
  } catch (Exception e) {
    LOG.debug("Cannot load customized ssl related configuration. " +
        "Fallback to system-generic settings.", e);
    return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
  }
}
 
Example 11
Source Project: big-c   Source File: URLConnectionFactory.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Construct a new URLConnectionFactory based on the configuration. It will
 * try to load SSL certificates when it is specified.
 */
public static URLConnectionFactory newDefaultURLConnectionFactory(Configuration conf) {
  ConnectionConfigurator conn = null;
  try {
    conn = newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf);
  } catch (Exception e) {
    LOG.debug(
        "Cannot load customized ssl related configuration. Fallback to system-generic settings.",
        e);
    conn = DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
  }
  return new URLConnectionFactory(conn);
}
 
Example 12
Source Project: big-c   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 5 votes vote down vote up
private static DelegationTokenAuthenticator
    obtainDelegationTokenAuthenticator(DelegationTokenAuthenticator dta,
          ConnectionConfigurator connConfigurator) {
  try {
    if (dta == null) {
      dta = DEFAULT_AUTHENTICATOR.newInstance();
      dta.setConnectionConfigurator(connConfigurator);
    }
    return dta;
  } catch (Exception ex) {
    throw new IllegalArgumentException(ex);
  }
}
 
Example 13
Source Project: sqoop-on-spark   Source File: ResourceRequest.java    License: Apache License 2.0 5 votes vote down vote up
public Token<?>[] addDelegationTokens(String strURL, String renewer,
                                      Credentials credentials) throws IOException {
  Token<?>[] tokens = null;
  Text dtService = getDelegationTokenService(strURL);
  Token<?> token = credentials.getToken(dtService);
  if (token == null) {
    URL url = new URL(strURL);
    DelegationTokenAuthenticatedURL authUrl =
            new DelegationTokenAuthenticatedURL(new ConnectionConfigurator() {
              @Override
              public HttpURLConnection configure(HttpURLConnection conn) throws IOException {
                return conn;
              }
            });
    try {
      token = authUrl.getDelegationToken(url, authToken, renewer);
      if (token != null) {
        credentials.addToken(token.getService(), token);
        tokens = new Token<?>[]{token};
      } else {
        throw new IOException("Got NULL as delegation token");
      }
    } catch (AuthenticationException ex) {
      throw new IOException(ex);
    }
  }
  return tokens;
}
 
Example 14
Source Project: incubator-atlas   Source File: SecureClientUtils.java    License: Apache License 2.0 5 votes vote down vote up
private static ConnectionConfigurator newConnConfigurator(Configuration conf) {
    try {
        return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT_IN_MSECS, conf);
    } catch (Exception e) {
        LOG.debug("Cannot load customized ssl related configuration. " + "Fallback to system-generic settings.", e);
        return DEFAULT_TIMEOUT_CONN_CONFIGURATOR;
    }
}
 
Example 15
Source Project: tez   Source File: TimelineReaderFactory.java    License: Apache License 2.0 5 votes vote down vote up
public TokenAuthenticatedURLConnectionFactory(ConnectionConfigurator connConfigurator,
                                              Authenticator authenticator,
                                              UserGroupInformation authUgi,
                                              String doAsUser) throws TezException {
  this.connConfigurator = connConfigurator;
  this.authenticator = authenticator;
  this.authUgi = authUgi;
  this.doAsUser = doAsUser;
  this.token = ReflectionUtils.createClazzInstance(
      DELEGATION_TOKEN_AUTHENTICATED_URL_TOKEN_CLASS_NAME, null, null);
}
 
Example 16
Source Project: tez   Source File: TestTimelineReaderFactory.java    License: Apache License 2.0 5 votes vote down vote up
@Test(timeout = 5000)
public void testPseudoAuthenticatorConnectionUrlShouldHaveUserName() throws Exception {
  ConnectionConfigurator connConf = mock(ConnectionConfigurator.class);
  TimelineReaderPseudoAuthenticatedStrategy.PseudoAuthenticatedURLConnectionFactory
      connectionFactory = new TimelineReaderPseudoAuthenticatedStrategy
        .PseudoAuthenticatedURLConnectionFactory(connConf);
  String inputUrl = "http://host:8080/path";
  String expectedUrl = inputUrl + "?user.name=" + UserGroupInformation.getCurrentUser().getShortUserName();
  HttpURLConnection httpURLConnection = connectionFactory.getHttpURLConnection(new URL(inputUrl));
  Assert.assertEquals(expectedUrl, httpURLConnection.getURL().toString());
}
 
Example 17
Source Project: hadoop   Source File: URLConnectionFactory.java    License: Apache License 2.0 4 votes vote down vote up
@VisibleForTesting
URLConnectionFactory(ConnectionConfigurator connConfigurator) {
  this.connConfigurator = connConfigurator;
}
 
Example 18
Source Project: hadoop   Source File: TestWebHdfsTokens.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testSetTokenServiceAndKind() throws Exception {
  MiniDFSCluster cluster = null;

  try {
    final Configuration clusterConf = new HdfsConfiguration(conf);
    SecurityUtil.setAuthenticationMethod(SIMPLE, clusterConf);
    clusterConf.setBoolean(DFSConfigKeys
            .DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_KEY, true);

    // trick the NN into thinking s[ecurity is enabled w/o it trying
    // to login from a keytab
    UserGroupInformation.setConfiguration(clusterConf);
    cluster = new MiniDFSCluster.Builder(clusterConf).numDataNodes(0).build();
    cluster.waitActive();
    SecurityUtil.setAuthenticationMethod(KERBEROS, clusterConf);
    final WebHdfsFileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem
            (clusterConf, "webhdfs");
    Whitebox.setInternalState(fs, "canRefreshDelegationToken", true);

    URLConnectionFactory factory = new URLConnectionFactory(new ConnectionConfigurator() {
      @Override
      public HttpURLConnection configure(HttpURLConnection conn)
              throws IOException {
        return conn;
      }
    }) {
      @Override
      public URLConnection openConnection(URL url) throws IOException {
        return super.openConnection(new URL(url + "&service=foo&kind=bar"));
      }
    };
    Whitebox.setInternalState(fs, "connectionFactory", factory);
    Token<?> token1 = fs.getDelegationToken();
    Assert.assertEquals(new Text("bar"), token1.getKind());

    final HttpOpParam.Op op = GetOpParam.Op.GETDELEGATIONTOKEN;
    Token<DelegationTokenIdentifier> token2 =
        fs.new FsPathResponseRunner<Token<DelegationTokenIdentifier>>(
            op, null, new RenewerParam(null)) {
          @Override
          Token<DelegationTokenIdentifier> decodeResponse(Map<?, ?> json)
              throws IOException {
            return JsonUtil.toDelegationToken(json);
          }
        }.run();

    Assert.assertEquals(new Text("bar"), token2.getKind());
    Assert.assertEquals(new Text("foo"), token2.getService());
  } finally {
    if (cluster != null) {
      cluster.shutdown();
    }
  }
}
 
Example 19
Source Project: hadoop   Source File: DelegationTokenAuthenticator.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
  authenticator.setConnectionConfigurator(configurator);
  connConfigurator = configurator;
}
 
Example 20
Source Project: Transwarp-Sample-Code   Source File: PseudoAuthenticator.java    License: MIT License 4 votes vote down vote up
public void setConnectionConfigurator(ConnectionConfigurator arg0) {
    // TODO Auto-generated method stub
}
 
Example 21
Source Project: Transwarp-Sample-Code   Source File: KerberosAuthenticator2.java    License: MIT License 4 votes vote down vote up
public void setConnectionConfigurator(ConnectionConfigurator arg0) {
    // TODO Auto-generated method stub
}
 
Example 22
Source Project: big-c   Source File: URLConnectionFactory.java    License: Apache License 2.0 4 votes vote down vote up
@VisibleForTesting
URLConnectionFactory(ConnectionConfigurator connConfigurator) {
  this.connConfigurator = connConfigurator;
}
 
Example 23
Source Project: big-c   Source File: TestWebHdfsTokens.java    License: Apache License 2.0 4 votes vote down vote up
@Test
public void testSetTokenServiceAndKind() throws Exception {
  MiniDFSCluster cluster = null;

  try {
    final Configuration clusterConf = new HdfsConfiguration(conf);
    SecurityUtil.setAuthenticationMethod(SIMPLE, clusterConf);
    clusterConf.setBoolean(DFSConfigKeys
            .DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_KEY, true);

    // trick the NN into thinking s[ecurity is enabled w/o it trying
    // to login from a keytab
    UserGroupInformation.setConfiguration(clusterConf);
    cluster = new MiniDFSCluster.Builder(clusterConf).numDataNodes(0).build();
    cluster.waitActive();
    SecurityUtil.setAuthenticationMethod(KERBEROS, clusterConf);
    final WebHdfsFileSystem fs = WebHdfsTestUtil.getWebHdfsFileSystem
            (clusterConf, "webhdfs");
    Whitebox.setInternalState(fs, "canRefreshDelegationToken", true);

    URLConnectionFactory factory = new URLConnectionFactory(new ConnectionConfigurator() {
      @Override
      public HttpURLConnection configure(HttpURLConnection conn)
              throws IOException {
        return conn;
      }
    }) {
      @Override
      public URLConnection openConnection(URL url) throws IOException {
        return super.openConnection(new URL(url + "&service=foo&kind=bar"));
      }
    };
    Whitebox.setInternalState(fs, "connectionFactory", factory);
    Token<?> token1 = fs.getDelegationToken();
    Assert.assertEquals(new Text("bar"), token1.getKind());

    final HttpOpParam.Op op = GetOpParam.Op.GETDELEGATIONTOKEN;
    Token<DelegationTokenIdentifier> token2 =
        fs.new FsPathResponseRunner<Token<DelegationTokenIdentifier>>(
            op, null, new RenewerParam(null)) {
          @Override
          Token<DelegationTokenIdentifier> decodeResponse(Map<?, ?> json)
              throws IOException {
            return JsonUtil.toDelegationToken(json);
          }
        }.run();

    Assert.assertEquals(new Text("bar"), token2.getKind());
    Assert.assertEquals(new Text("foo"), token2.getService());
  } finally {
    if (cluster != null) {
      cluster.shutdown();
    }
  }
}
 
Example 24
Source Project: big-c   Source File: DelegationTokenAuthenticator.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void setConnectionConfigurator(ConnectionConfigurator configurator) {
  authenticator.setConnectionConfigurator(configurator);
  connConfigurator = configurator;
}
 
Example 25
Source Project: tez   Source File: TimelineReaderFactory.java    License: Apache License 2.0 4 votes vote down vote up
public PseudoAuthenticatedURLConnectionFactory(ConnectionConfigurator connectionConf) {
  this.connectionConf = connectionConf;
}
 
Example 26
Source Project: hadoop   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 3 votes vote down vote up
/**
 * Creates an <code>DelegationTokenAuthenticatedURL</code>.
 *
 * @param authenticator the {@link DelegationTokenAuthenticator} instance to
 * use, if <code>null</code> the default one will be used.
 * @param connConfigurator a connection configurator.
 */
public DelegationTokenAuthenticatedURL(
    DelegationTokenAuthenticator authenticator,
    ConnectionConfigurator connConfigurator) {
  super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
          connConfigurator);
}
 
Example 27
Source Project: big-c   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 3 votes vote down vote up
/**
 * Creates an <code>DelegationTokenAuthenticatedURL</code>.
 *
 * @param authenticator the {@link DelegationTokenAuthenticator} instance to
 * use, if <code>null</code> the default one will be used.
 * @param connConfigurator a connection configurator.
 */
public DelegationTokenAuthenticatedURL(
    DelegationTokenAuthenticator authenticator,
    ConnectionConfigurator connConfigurator) {
  super(obtainDelegationTokenAuthenticator(authenticator, connConfigurator),
          connConfigurator);
}
 
Example 28
Source Project: hadoop   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 2 votes vote down vote up
/**
 * Creates an <code>DelegationTokenAuthenticatedURL</code> using the default
 * {@link DelegationTokenAuthenticator} class.
 *
 * @param connConfigurator a connection configurator.
 */
public DelegationTokenAuthenticatedURL(
    ConnectionConfigurator connConfigurator) {
  this(null, connConfigurator);
}
 
Example 29
Source Project: hadoop   Source File: KMSClientProvider.java    License: Apache License 2.0 2 votes vote down vote up
/**
 * Sets the timeout and wraps another connection configurator
 * @param timeout - will set both connect and read timeouts - in seconds
 * @param cc - another configurator to wrap - may be null
 */
public TimeoutConnConfigurator(int timeout, ConnectionConfigurator cc) {
  this.timeout = timeout;
  this.cc = cc;
}
 
Example 30
Source Project: big-c   Source File: DelegationTokenAuthenticatedURL.java    License: Apache License 2.0 2 votes vote down vote up
/**
 * Creates an <code>DelegationTokenAuthenticatedURL</code> using the default
 * {@link DelegationTokenAuthenticator} class.
 *
 * @param connConfigurator a connection configurator.
 */
public DelegationTokenAuthenticatedURL(
    ConnectionConfigurator connConfigurator) {
  this(null, connConfigurator);
}