Example usage for org.apache.hadoop.hdfs.security.token.delegation DelegationTokenIdentifier readFields

List of usage examples for org.apache.hadoop.hdfs.security.token.delegation DelegationTokenIdentifier readFields

  1. HOME
  2. Java
  3. org.apache.hadoop
  4. org.apache.hadoop.hdfs.security.token.delegation.*
  5. DelegationTokenIdentifier
  6. readFields

Introduction

In this page you can find the example usage for org.apache.hadoop.hdfs.security.token.delegation DelegationTokenIdentifier readFields.

Prototype

@Override
    public void readFields(DataInput in) throws IOException

Source Link

Usage

From source file:co.cask.cdap.app.runtime.spark.SparkCredentialsUpdater.java

License:Apache License

@VisibleForTesting
long getNextUpdateDelay(Credentials credentials) throws IOException {
    long now = System.currentTimeMillis();

    // This is almost the same logic as in SparkHadoopUtil.getTimeFromNowToRenewal
    for (Token<? extends TokenIdentifier> token : credentials.getAllTokens()) {
        if (DelegationTokenIdentifier.HDFS_DELEGATION_KIND.equals(token.getKind())) {
            DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
            try (DataInputStream input = new DataInputStream(new ByteArrayInputStream(token.getIdentifier()))) {
                identifier.readFields(input);

                // speed up by 2 seconds to account for any time race between driver and executor
                return Math.max(0L, (long) (identifier.getIssueDate() + 0.8 * updateIntervalMs) - now - 2000);
            }/*w w  w  .j ava 2 s  .c o m*/
        }
    }
    return 0L;
}

From source file:org.apache.hawq.pxf.service.utilities.SecuredHDFS.java

License:Apache License

/**
 * The function will verify the token with NameNode if available and will
 * create a UserGroupInformation./*from   ww  w  . ja  v a 2 s.  c  o m*/
 *
 * Code in this function is copied from JspHelper.getTokenUGI
 *
 * @param identifier Delegation token identifier
 * @param password Delegation token password
 * @param kind the kind of token
 * @param service the service for this token
 * @param servletContext Jetty servlet context which contains the NN address
 *
 * @throws SecurityException Thrown when authentication fails
 */
private static void verifyToken(byte[] identifier, byte[] password, Text kind, Text service,
        ServletContext servletContext) {
    try {
        Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(identifier, password,
                kind, service);

        ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
        DataInputStream in = new DataInputStream(buf);
        DelegationTokenIdentifier id = new DelegationTokenIdentifier();
        id.readFields(in);

        final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(servletContext);
        if (nn != null) {
            nn.getNamesystem().verifyToken(id, token.getPassword());
        }

        UserGroupInformation userGroupInformation = id.getUser();
        userGroupInformation.addToken(token);
        LOG.debug("user " + userGroupInformation.getUserName() + " (" + userGroupInformation.getShortUserName()
                + ") authenticated");

        // re-login if necessary
        userGroupInformation.checkTGTAndReloginFromKeytab();
    } catch (IOException e) {
        throw new SecurityException("Failed to verify delegation token " + e, e);
    }
}