Java Code Examples for org.apache.hadoop.security.token.Token#setKind()

The following examples show how to use org.apache.hadoop.security.token.Token#setKind() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: hadoop   File: TestWebHdfsUrl.java    License: Apache License 2.0 6 votes vote down vote up
private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}
 
Example 2
Source Project: big-c   File: TestWebHdfsUrl.java    License: Apache License 2.0 6 votes vote down vote up
private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}
 
Example 3
/**
 * Create a delegation token for the user. This will only be called if a new DT is needed, that
 * is: the filesystem has been deployed unbound.
 *
 * @return the token
 * @throws IOException if one cannot be created
 */
public Token<DelegationTokenIdentifier> createDelegationToken(String renewer) throws IOException {
  Text renewerText = new Text();
  if (renewer != null) {
    renewerText.set(renewer);
  }

  DelegationTokenIdentifier tokenIdentifier =
      requireNonNull(createTokenIdentifier(renewerText), "Token identifier");

  Token<DelegationTokenIdentifier> token = new Token<>(tokenIdentifier, secretManager);
  token.setKind(getKind());
  token.setService(service);
  logger.atFine().log("Created token %s with token identifier %s", token, tokenIdentifier);
  return token;
}
 
Example 4
@Override
public Token<OzoneTokenIdentifier> getDelegationToken(String renewer)
    throws IOException {
  if (!securityEnabled) {
    return null;
  }
  Token<OzoneTokenIdentifier> token = ozoneClient.getObjectStore()
      .getDelegationToken(renewer == null ? null : new Text(renewer));
  token.setKind(OzoneTokenIdentifier.KIND_NAME);
  return token;

}
 
Example 5
@Override
public Token<OzoneTokenIdentifier> getDelegationToken(String renewer)
    throws IOException {
  if (!securityEnabled) {
    return null;
  }
  Token<OzoneTokenIdentifier> token = ozoneClient.getObjectStore()
      .getDelegationToken(renewer == null ? null : new Text(renewer));
  token.setKind(OzoneTokenIdentifier.KIND_NAME);
  return token;

}
 
Example 6
Source Project: hadoop   File: TestProtocolRecords.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testNodeHeartBeatResponse() throws IOException {
  NodeHeartbeatResponse record =
      Records.newRecord(NodeHeartbeatResponse.class);
  Map<ApplicationId, ByteBuffer> appCredentials =
      new HashMap<ApplicationId, ByteBuffer>();
  Credentials app1Cred = new Credentials();

  Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>();
  token1.setKind(new Text("kind1"));
  app1Cred.addToken(new Text("token1"), token1);
  Token<DelegationTokenIdentifier> token2 =
      new Token<DelegationTokenIdentifier>();
  token2.setKind(new Text("kind2"));
  app1Cred.addToken(new Text("token2"), token2);

  DataOutputBuffer dob = new DataOutputBuffer();
  app1Cred.writeTokenStorageToStream(dob);
  ByteBuffer byteBuffer1 = ByteBuffer.wrap(dob.getData(), 0, dob.getLength());
  appCredentials.put(ApplicationId.newInstance(1234, 1), byteBuffer1);
  record.setSystemCredentialsForApps(appCredentials);

  NodeHeartbeatResponse proto =
      new NodeHeartbeatResponsePBImpl(
        ((NodeHeartbeatResponsePBImpl) record).getProto());
  Assert.assertEquals(appCredentials, proto.getSystemCredentialsForApps());
}
 
Example 7
Source Project: hadoop   File: NamenodeWebHdfsMethods.java    License: Apache License 2.0 5 votes vote down vote up
private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}
 
Example 8
Source Project: hadoop   File: WebHdfsHandler.java    License: Apache License 2.0 5 votes vote down vote up
private void injectToken() throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    Token<DelegationTokenIdentifier> token = params.delegationToken();
    token.setKind(HDFS_DELEGATION_KIND);
    ugi.addToken(token);
  }
}
 
Example 9
Source Project: hadoop   File: JspHelper.java    License: Apache License 2.0 5 votes vote down vote up
private static UserGroupInformation getTokenUGI(ServletContext context,
                                                HttpServletRequest request,
                                                String tokenString,
                                                Configuration conf)
                                                    throws IOException {
  final Token<DelegationTokenIdentifier> token =
      new Token<DelegationTokenIdentifier>();
  token.decodeFromUrlString(tokenString);
  InetSocketAddress serviceAddress = getNNServiceAddress(context, request);
  if (serviceAddress != null) {
    SecurityUtil.setTokenService(token, serviceAddress);
    token.setKind(DelegationTokenIdentifier.HDFS_DELEGATION_KIND);
  }

  ByteArrayInputStream buf =
      new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  DelegationTokenIdentifier id = new DelegationTokenIdentifier();
  id.readFields(in);
  if (context != null) {
    final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
    if (nn != null) {
      // Verify the token.
      nn.getNamesystem().verifyToken(id, token.getPassword());
    }
  }
  UserGroupInformation ugi = id.getUser();
  ugi.addToken(token);
  return ugi;
}
 
Example 10
Source Project: hadoop   File: TestWebHdfsTokens.java    License: Apache License 2.0 5 votes vote down vote up
private String getTokenOwner(Token<?> token) throws IOException {
  // webhdfs doesn't register properly with the class loader
  @SuppressWarnings({ "rawtypes", "unchecked" })
  Token<?> clone = new Token(token);
  clone.setKind(DelegationTokenIdentifier.HDFS_DELEGATION_KIND);
  return clone.decodeIdentifier().getUser().getUserName();
}
 
Example 11
Source Project: big-c   File: TestProtocolRecords.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void testNodeHeartBeatResponse() throws IOException {
  NodeHeartbeatResponse record =
      Records.newRecord(NodeHeartbeatResponse.class);
  Map<ApplicationId, ByteBuffer> appCredentials =
      new HashMap<ApplicationId, ByteBuffer>();
  Credentials app1Cred = new Credentials();

  Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>();
  token1.setKind(new Text("kind1"));
  app1Cred.addToken(new Text("token1"), token1);
  Token<DelegationTokenIdentifier> token2 =
      new Token<DelegationTokenIdentifier>();
  token2.setKind(new Text("kind2"));
  app1Cred.addToken(new Text("token2"), token2);

  DataOutputBuffer dob = new DataOutputBuffer();
  app1Cred.writeTokenStorageToStream(dob);
  ByteBuffer byteBuffer1 = ByteBuffer.wrap(dob.getData(), 0, dob.getLength());
  appCredentials.put(ApplicationId.newInstance(1234, 1), byteBuffer1);
  record.setSystemCredentialsForApps(appCredentials);

  NodeHeartbeatResponse proto =
      new NodeHeartbeatResponsePBImpl(
        ((NodeHeartbeatResponsePBImpl) record).getProto());
  Assert.assertEquals(appCredentials, proto.getSystemCredentialsForApps());
}
 
Example 12
Source Project: big-c   File: NamenodeWebHdfsMethods.java    License: Apache License 2.0 5 votes vote down vote up
private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}
 
Example 13
Source Project: big-c   File: WebHdfsHandler.java    License: Apache License 2.0 5 votes vote down vote up
private void injectToken() throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    Token<DelegationTokenIdentifier> token = params.delegationToken();
    token.setKind(HDFS_DELEGATION_KIND);
    ugi.addToken(token);
  }
}
 
Example 14
Source Project: big-c   File: JspHelper.java    License: Apache License 2.0 5 votes vote down vote up
private static UserGroupInformation getTokenUGI(ServletContext context,
                                                HttpServletRequest request,
                                                String tokenString,
                                                Configuration conf)
                                                    throws IOException {
  final Token<DelegationTokenIdentifier> token =
      new Token<DelegationTokenIdentifier>();
  token.decodeFromUrlString(tokenString);
  InetSocketAddress serviceAddress = getNNServiceAddress(context, request);
  if (serviceAddress != null) {
    SecurityUtil.setTokenService(token, serviceAddress);
    token.setKind(DelegationTokenIdentifier.HDFS_DELEGATION_KIND);
  }

  ByteArrayInputStream buf =
      new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  DelegationTokenIdentifier id = new DelegationTokenIdentifier();
  id.readFields(in);
  if (context != null) {
    final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
    if (nn != null) {
      // Verify the token.
      nn.getNamesystem().verifyToken(id, token.getPassword());
    }
  }
  UserGroupInformation ugi = id.getUser();
  ugi.addToken(token);
  return ugi;
}
 
Example 15
Source Project: big-c   File: TestWebHdfsTokens.java    License: Apache License 2.0 5 votes vote down vote up
private String getTokenOwner(Token<?> token) throws IOException {
  // webhdfs doesn't register properly with the class loader
  @SuppressWarnings({ "rawtypes", "unchecked" })
  Token<?> clone = new Token(token);
  clone.setKind(DelegationTokenIdentifier.HDFS_DELEGATION_KIND);
  return clone.decodeIdentifier().getUser().getUserName();
}
 
Example 16
Source Project: flink   File: HadoopUtilsTest.java    License: Apache License 2.0 4 votes vote down vote up
private static Token<DelegationTokenIdentifier> getHDFSDelegationToken() {
	Token<DelegationTokenIdentifier> token = new Token<>();
	token.setKind(HDFS_DELEGATION_TOKEN_KIND);
	return token;
}