Java Code Examples for org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier#getKind()

The following examples show how to use org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier#getKind() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestDelegationTokenRenewer.java    From hadoop with Apache License 2.0 4 votes vote down vote up
@Test
public void testAppSubmissionWithoutDelegationToken() throws Exception {
  conf.setBoolean(YarnConfiguration.RM_PROXY_USER_PRIVILEGES_ENABLED, true);
  // create token2
  Text userText2 = new Text("user2");
  DelegationTokenIdentifier dtId2 =
      new DelegationTokenIdentifier(new Text("user2"), new Text("renewer2"),
        userText2);
  final Token<DelegationTokenIdentifier> token2 =
      new Token<DelegationTokenIdentifier>(dtId2.getBytes(),
        "password2".getBytes(), dtId2.getKind(), new Text("service2"));
  final MockRM rm = new TestSecurityMockRM(conf, null) {
    @Override
    protected DelegationTokenRenewer createDelegationTokenRenewer() {
      return new DelegationTokenRenewer() {
        @Override
        protected Token<?>[] obtainSystemTokensForUser(String user,
            final Credentials credentials) throws IOException {
          credentials.addToken(token2.getService(), token2);
          return new Token<?>[] { token2 };
        }
      };
    }
  };
  rm.start();

  // submit an app without delegationToken
  RMApp app = rm.submitApp(200);

  // wait for the new retrieved hdfs token.
  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      return rm.getRMContext().getDelegationTokenRenewer()
        .getDelegationTokens().contains(token2);
    }
  }, 1000, 20000);

  // check nm can retrieve the token
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();
  NodeHeartbeatResponse response = nm1.nodeHeartbeat(true);
  ByteBuffer tokenBuffer =
      response.getSystemCredentialsForApps().get(app.getApplicationId());
  Assert.assertNotNull(tokenBuffer);
  Credentials appCredentials = new Credentials();
  DataInputByteBuffer buf = new DataInputByteBuffer();
  tokenBuffer.rewind();
  buf.reset(tokenBuffer);
  appCredentials.readTokenStorageStream(buf);
  Assert.assertTrue(appCredentials.getAllTokens().contains(token2));
}
 
Example 2
Source File: TestDelegationTokenRenewer.java    From hadoop with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 30000)
public void testAppSubmissionWithPreviousToken() throws Exception{
  MockRM rm = new TestSecurityMockRM(conf, null);
  rm.start();
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();

  // create Token1:
  Text userText1 = new Text("user");
  DelegationTokenIdentifier dtId1 =
      new DelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));

  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);

  // submit app1 with a token, set cancelTokenWhenComplete to false;
  RMApp app1 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, false);
  MockAM am1 = MockRM.launchAndRegisterAM(app1, rm, nm1);
  rm.waitForState(app1.getApplicationId(), RMAppState.RUNNING);

  // submit app2 with the same token, set cancelTokenWhenComplete to true;
  RMApp app2 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am2 = MockRM.launchAndRegisterAM(app2, rm, nm1);
  rm.waitForState(app2.getApplicationId(), RMAppState.RUNNING);
  MockRM.finishAMAndVerifyAppState(app2, rm, nm1, am2);
  Assert.assertTrue(rm.getRMContext().getDelegationTokenRenewer()
    .getAllTokens().containsKey(token1));

  MockRM.finishAMAndVerifyAppState(app1, rm, nm1, am1);
  // app2 completes, app1 is still running, check the token is not cancelled
  Assert.assertFalse(Renewer.cancelled);
}
 
Example 3
Source File: TestDelegationTokenRenewer.java    From hadoop with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 30000)
public void testCancelWithMultipleAppSubmissions() throws Exception{
  MockRM rm = new TestSecurityMockRM(conf, null);
  rm.start();
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();

  //MyFS fs = (MyFS)FileSystem.get(conf);
  //MyToken token1 = fs.getDelegationToken("user123");

  // create Token1:
  Text userText1 = new Text("user");
  DelegationTokenIdentifier dtId1 =
      new DelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));

  Credentials credentials = new Credentials();
  credentials.addToken(token1.getService(), token1);

  DelegationTokenRenewer renewer =
      rm.getRMContext().getDelegationTokenRenewer();
  Assert.assertTrue(renewer.getAllTokens().isEmpty());
  Assert.assertFalse(Renewer.cancelled);

  RMApp app1 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am1 = MockRM.launchAndRegisterAM(app1, rm, nm1);
  rm.waitForState(app1.getApplicationId(), RMAppState.RUNNING);

  DelegationTokenToRenew dttr = renewer.getAllTokens().get(token1);
  Assert.assertNotNull(dttr);
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  RMApp app2 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am2 = MockRM.launchAndRegisterAM(app2, rm, nm1);
  rm.waitForState(app2.getApplicationId(), RMAppState.RUNNING);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app2, rm, nm1, am2);
  // app2 completes, app1 is still running, check the token is not cancelled
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertFalse(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  RMApp app3 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am3 = MockRM.launchAndRegisterAM(app3, rm, nm1);
  rm.waitForState(app3.getApplicationId(), RMAppState.RUNNING);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app3.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app1, rm, nm1, am1);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertFalse(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app3.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app3, rm, nm1, am3);
  Assert.assertFalse(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.isEmpty());
  Assert.assertTrue(dttr.isTimerCancelled());
  Assert.assertTrue(Renewer.cancelled);
}
 
Example 4
Source File: TestDelegationTokenRenewer.java    From big-c with Apache License 2.0 4 votes vote down vote up
@Test
public void testAppSubmissionWithoutDelegationToken() throws Exception {
  conf.setBoolean(YarnConfiguration.RM_PROXY_USER_PRIVILEGES_ENABLED, true);
  // create token2
  Text userText2 = new Text("user2");
  DelegationTokenIdentifier dtId2 =
      new DelegationTokenIdentifier(new Text("user2"), new Text("renewer2"),
        userText2);
  final Token<DelegationTokenIdentifier> token2 =
      new Token<DelegationTokenIdentifier>(dtId2.getBytes(),
        "password2".getBytes(), dtId2.getKind(), new Text("service2"));
  final MockRM rm = new TestSecurityMockRM(conf, null) {
    @Override
    protected DelegationTokenRenewer createDelegationTokenRenewer() {
      return new DelegationTokenRenewer() {
        @Override
        protected Token<?>[] obtainSystemTokensForUser(String user,
            final Credentials credentials) throws IOException {
          credentials.addToken(token2.getService(), token2);
          return new Token<?>[] { token2 };
        }
      };
    }
  };
  rm.start();

  // submit an app without delegationToken
  RMApp app = rm.submitApp(200);

  // wait for the new retrieved hdfs token.
  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      return rm.getRMContext().getDelegationTokenRenewer()
        .getDelegationTokens().contains(token2);
    }
  }, 1000, 20000);

  // check nm can retrieve the token
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();
  NodeHeartbeatResponse response = nm1.nodeHeartbeat(true);
  ByteBuffer tokenBuffer =
      response.getSystemCredentialsForApps().get(app.getApplicationId());
  Assert.assertNotNull(tokenBuffer);
  Credentials appCredentials = new Credentials();
  DataInputByteBuffer buf = new DataInputByteBuffer();
  tokenBuffer.rewind();
  buf.reset(tokenBuffer);
  appCredentials.readTokenStorageStream(buf);
  Assert.assertTrue(appCredentials.getAllTokens().contains(token2));
}
 
Example 5
Source File: TestDelegationTokenRenewer.java    From big-c with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 30000)
public void testAppSubmissionWithPreviousToken() throws Exception{
  MockRM rm = new TestSecurityMockRM(conf, null);
  rm.start();
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();

  // create Token1:
  Text userText1 = new Text("user");
  DelegationTokenIdentifier dtId1 =
      new DelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));

  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);

  // submit app1 with a token, set cancelTokenWhenComplete to false;
  RMApp app1 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, false);
  MockAM am1 = MockRM.launchAndRegisterAM(app1, rm, nm1);
  rm.waitForState(app1.getApplicationId(), RMAppState.RUNNING);

  // submit app2 with the same token, set cancelTokenWhenComplete to true;
  RMApp app2 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am2 = MockRM.launchAndRegisterAM(app2, rm, nm1);
  rm.waitForState(app2.getApplicationId(), RMAppState.RUNNING);
  MockRM.finishAMAndVerifyAppState(app2, rm, nm1, am2);
  Assert.assertTrue(rm.getRMContext().getDelegationTokenRenewer()
    .getAllTokens().containsKey(token1));

  MockRM.finishAMAndVerifyAppState(app1, rm, nm1, am1);
  // app2 completes, app1 is still running, check the token is not cancelled
  Assert.assertFalse(Renewer.cancelled);
}
 
Example 6
Source File: TestDelegationTokenRenewer.java    From big-c with Apache License 2.0 4 votes vote down vote up
@Test (timeout = 30000)
public void testCancelWithMultipleAppSubmissions() throws Exception{
  MockRM rm = new TestSecurityMockRM(conf, null);
  rm.start();
  final MockNM nm1 =
      new MockNM("127.0.0.1:1234", 15120, rm.getResourceTrackerService());
  nm1.registerNode();

  //MyFS fs = (MyFS)FileSystem.get(conf);
  //MyToken token1 = fs.getDelegationToken("user123");

  // create Token1:
  Text userText1 = new Text("user");
  DelegationTokenIdentifier dtId1 =
      new DelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<DelegationTokenIdentifier> token1 =
      new Token<DelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));

  Credentials credentials = new Credentials();
  credentials.addToken(token1.getService(), token1);

  DelegationTokenRenewer renewer =
      rm.getRMContext().getDelegationTokenRenewer();
  Assert.assertTrue(renewer.getAllTokens().isEmpty());
  Assert.assertFalse(Renewer.cancelled);

  RMApp app1 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am1 = MockRM.launchAndRegisterAM(app1, rm, nm1);
  rm.waitForState(app1.getApplicationId(), RMAppState.RUNNING);

  DelegationTokenToRenew dttr = renewer.getAllTokens().get(token1);
  Assert.assertNotNull(dttr);
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  RMApp app2 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am2 = MockRM.launchAndRegisterAM(app2, rm, nm1);
  rm.waitForState(app2.getApplicationId(), RMAppState.RUNNING);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app2, rm, nm1, am2);
  // app2 completes, app1 is still running, check the token is not cancelled
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertFalse(dttr.referringAppIds.contains(app2.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  RMApp app3 =
      rm.submitApp(200, "name", "user", null, false, null, 2, credentials,
        null, true, false, false, null, 0, null, true);
  MockAM am3 = MockRM.launchAndRegisterAM(app3, rm, nm1);
  rm.waitForState(app3.getApplicationId(), RMAppState.RUNNING);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app3.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app1, rm, nm1, am1);
  Assert.assertTrue(renewer.getAllTokens().containsKey(token1));
  Assert.assertFalse(dttr.referringAppIds.contains(app1.getApplicationId()));
  Assert.assertTrue(dttr.referringAppIds.contains(app3.getApplicationId()));
  Assert.assertFalse(dttr.isTimerCancelled());
  Assert.assertFalse(Renewer.cancelled);

  MockRM.finishAMAndVerifyAppState(app3, rm, nm1, am3);
  Assert.assertFalse(renewer.getAllTokens().containsKey(token1));
  Assert.assertTrue(dttr.referringAppIds.isEmpty());
  Assert.assertTrue(dttr.isTimerCancelled());
  Assert.assertTrue(Renewer.cancelled);
}