List of usage examples for org.apache.hadoop.security Credentials getToken
public Token<? extends TokenIdentifier> getToken(Text alias)
From source file:co.cask.cdap.app.runtime.spark.SparkCredentialsUpdaterTest.java
License:Apache License
@Test public void testUpdater() throws Exception { Location credentialsDir = Locations.toLocation(TEMPORARY_FOLDER.newFolder()); // Create a updater that don't do any auto-update within the test time and don't cleanup SparkCredentialsUpdater updater = new SparkCredentialsUpdater(createCredentialsSupplier(), credentialsDir, "credentials", TimeUnit.DAYS.toMillis(1), TimeUnit.DAYS.toMillis(1), Integer.MAX_VALUE) { @Override/*from w ww. ja v a 2s. c o m*/ long getNextUpdateDelay(Credentials credentials) throws IOException { return TimeUnit.DAYS.toMillis(1); } }; // Before the updater starts, the directory is empty Assert.assertTrue(credentialsDir.list().isEmpty()); UserGroupInformation.getCurrentUser().addToken( new Token<>(Bytes.toBytes("id"), Bytes.toBytes("pass"), new Text("kind"), new Text("service"))); updater.startAndWait(); try { List<Location> expectedFiles = new ArrayList<>(); expectedFiles.add(credentialsDir.append("credentials-1")); for (int i = 1; i <= 10; i++) { Assert.assertEquals(expectedFiles, listAndSort(credentialsDir)); // Read the credentials from the last file Credentials newCredentials = new Credentials(); try (DataInputStream is = new DataInputStream( expectedFiles.get(expectedFiles.size() - 1).getInputStream())) { newCredentials.readTokenStorageStream(is); } // Should contains all tokens of the current user Credentials userCredentials = UserGroupInformation.getCurrentUser().getCredentials(); for (Token<? extends TokenIdentifier> token : userCredentials.getAllTokens()) { Assert.assertEquals(token, newCredentials.getToken(token.getService())); } UserGroupInformation.getCurrentUser().addToken(new Token<>(Bytes.toBytes("id" + i), Bytes.toBytes("pass" + i), new Text("kind" + i), new Text("service" + i))); updater.run(); expectedFiles.add(credentialsDir.append("credentials-" + (i + 1))); } } finally { updater.stopAndWait(); } }
From source file:com.cloudera.recordservice.mr.PlanUtil.java
License:Apache License
/** * Returns a connected planner client from the jobConf. The caller needs to close * the planner.//from ww w . j a v a2s. com */ @SuppressWarnings("unchecked") public static RecordServicePlannerClient getPlanner(Configuration jobConf, RecordServicePlannerClient.Builder builder, List<NetworkAddress> plannerHostPorts, String kerberosPrincipal, Credentials credentials) throws IOException { // If debug mode is enabled, dump all the configuration properties and their // sources to the log. if (LOG.isDebugEnabled()) { LOG.debug(dumpConfiguration(jobConf, LOG.isTraceEnabled())); } // Try to get the delegation token from the credentials. If it is there, use it. Token<DelegationTokenIdentifier> delegationToken = null; if (credentials != null) { delegationToken = (Token<DelegationTokenIdentifier>) credentials .getToken(DelegationTokenIdentifier.DELEGATION_KIND); } if (delegationToken != null) { builder.setDelegationToken(TokenUtils.toDelegationToken(delegationToken)); } else if (kerberosPrincipal != null) { builder.setKerberosPrincipal(kerberosPrincipal); } // Try all the host ports in order. // TODO: we can randomize the list for load balancing but it might be more // efficient to be sticky (hotter cache, etc). RecordServicePlannerClient planner; Exception lastException = null; for (int i = 0; i < plannerHostPorts.size(); ++i) { NetworkAddress hostPort = plannerHostPorts.get(i); try { planner = builder.connect(hostPort.hostname, hostPort.port); if (planner != null) return planner; } catch (RecordServiceException e) { // Ignore, try next host. The errors in builder should be sufficient. lastException = e; } catch (IOException e) { // Ignore, try next host. The errors in builder should be sufficient. lastException = e; } } throw new IOException("Could not connect to any of the configured planners.", lastException); }
From source file:com.cloudera.recordservice.mr.RecordReaderCore.java
License:Apache License
/** * Creates a RecordReaderCore to read the records for taskInfo. *///from ww w . j ava 2 s .com @SuppressWarnings("unchecked") public RecordReaderCore(Configuration config, Credentials credentials, TaskInfo taskInfo) throws RecordServiceException, IOException { Token<DelegationTokenIdentifier> token = (Token<DelegationTokenIdentifier>) credentials .getToken(DelegationTokenIdentifier.DELEGATION_KIND); RecordServiceWorkerClient.Builder builder = WorkerUtil.getBuilder(config, TokenUtils.toDelegationToken(token)); NetworkAddress address = WorkerUtil.getWorkerToConnectTo(taskInfo.getTask().taskId, taskInfo.getLocations(), taskInfo.getAllWorkerAddresses()); try { worker_ = builder.connect(address.hostname, address.port); records_ = worker_.execAndFetch(taskInfo.getTask()); } finally { if (records_ == null) close(); } schema_ = new Schema(records_.getSchema()); }
From source file:org.apache.accumulo.core.client.impl.DelegationTokenImpl.java
License:Apache License
public DelegationTokenImpl(Instance instance, UserGroupInformation user, AuthenticationTokenIdentifier identifier) { requireNonNull(instance);//from w ww .j a v a 2 s .co m requireNonNull(user); requireNonNull(identifier); Credentials creds = user.getCredentials(); Token<? extends TokenIdentifier> token = creds .getToken(new Text(SERVICE_NAME + "-" + instance.getInstanceID())); if (null == token) { throw new IllegalArgumentException( "Did not find Accumulo delegation token in provided UserGroupInformation"); } setPasswordFromToken(token, identifier); }
From source file:org.apache.accumulo.core.client.security.tokens.DelegationToken.java
License:Apache License
public DelegationToken(Instance instance, UserGroupInformation user, AuthenticationTokenIdentifier identifier) { checkNotNull(instance);/*from w w w .j a va 2 s .c om*/ checkNotNull(user); checkNotNull(identifier); Credentials creds = user.getCredentials(); Token<? extends TokenIdentifier> token = creds .getToken(new Text(SERVICE_NAME + "-" + instance.getInstanceID())); if (null == token) { throw new IllegalArgumentException( "Did not find Accumulo delegation token in provided UserGroupInformation"); } setPasswordFromToken(token, identifier); }
From source file:org.apache.accumulo.core.clientImpl.DelegationTokenImpl.java
License:Apache License
public DelegationTokenImpl(String instanceID, UserGroupInformation user, AuthenticationTokenIdentifier identifier) { requireNonNull(instanceID);// ww w . j a v a2s . c o m requireNonNull(user); requireNonNull(identifier); Credentials creds = user.getCredentials(); Token<? extends TokenIdentifier> token = creds.getToken(new Text(SERVICE_NAME + "-" + instanceID)); if (token == null) { throw new IllegalArgumentException( "Did not find Accumulo delegation token in provided UserGroupInformation"); } setPasswordFromToken(token, identifier); }
From source file:org.apache.sqoop.client.request.ResourceRequest.java
License:Apache License
public Token<?>[] addDelegationTokens(String strURL, String renewer, Credentials credentials) throws IOException { Token<?>[] tokens = null;/*from w ww.j av a2s . com*/ Text dtService = getDelegationTokenService(strURL); Token<?> token = credentials.getToken(dtService); if (token == null) { URL url = new URL(strURL); DelegationTokenAuthenticatedURL authUrl = new DelegationTokenAuthenticatedURL( new ConnectionConfigurator() { @Override public HttpURLConnection configure(HttpURLConnection conn) throws IOException { return conn; } }); try { token = authUrl.getDelegationToken(url, authToken, renewer); if (token != null) { credentials.addToken(token.getService(), token); tokens = new Token<?>[] { token }; } else { throw new IOException("Got NULL as delegation token"); } } catch (AuthenticationException ex) { throw new IOException(ex); } } return tokens; }
From source file:org.apache.tez.common.security.TestTokenCache.java
License:Apache License
private void checkTokens(Credentials creds, Credentials newCreds) { Assert.assertEquals(creds.getAllTokens().size(), newCreds.getAllTokens().size()); for (Token<?> token : newCreds.getAllTokens()) { Token<?> credsToken = creds.getToken(token.getService()); Assert.assertTrue(credsToken != null); Assert.assertEquals(token, credsToken); }/*from w w w . j ava2 s.c o m*/ }
From source file:org.apache.tez.common.security.TokenCache.java
License:Apache License
/** * // w w w.j av a 2s . c om * @return session token */ @SuppressWarnings("unchecked") @InterfaceAudience.Private public static Token<JobTokenIdentifier> getSessionToken(Credentials credentials) { Token<?> token = credentials.getToken(SESSION_TOKEN); if (token == null) { return null; } return (Token<JobTokenIdentifier>) token; }
From source file:org.apache.tez.dag.api.TestDAGPlan.java
License:Apache License
@Test(timeout = 5000) public void testCredentialsSerde() { DAG dag = DAG.create("testDag"); ProcessorDescriptor pd1 = ProcessorDescriptor.create("processor1") .setUserPayload(UserPayload.create(ByteBuffer.wrap("processor1Bytes".getBytes()))); ProcessorDescriptor pd2 = ProcessorDescriptor.create("processor2") .setUserPayload(UserPayload.create(ByteBuffer.wrap("processor2Bytes".getBytes()))); Vertex v1 = Vertex.create("v1", pd1, 10, Resource.newInstance(1024, 1)); Vertex v2 = Vertex.create("v2", pd2, 1, Resource.newInstance(1024, 1)); v1.setTaskLaunchCmdOpts("").setTaskEnvironment(new HashMap<String, String>()) .addTaskLocalFiles(new HashMap<String, LocalResource>()); v2.setTaskLaunchCmdOpts("").setTaskEnvironment(new HashMap<String, String>()) .addTaskLocalFiles(new HashMap<String, LocalResource>()); InputDescriptor inputDescriptor = InputDescriptor.create("input") .setUserPayload(UserPayload.create(ByteBuffer.wrap("inputBytes".getBytes()))); OutputDescriptor outputDescriptor = OutputDescriptor.create("output") .setUserPayload(UserPayload.create(ByteBuffer.wrap("outputBytes".getBytes()))); Edge edge = Edge.create(v1, v2, EdgeProperty.create(DataMovementType.SCATTER_GATHER, DataSourceType.PERSISTED, SchedulingType.SEQUENTIAL, outputDescriptor, inputDescriptor)); dag.addVertex(v1).addVertex(v2).addEdge(edge); Credentials dagCredentials = new Credentials(); Token<TokenIdentifier> token1 = new Token<TokenIdentifier>(); Token<TokenIdentifier> token2 = new Token<TokenIdentifier>(); dagCredentials.addToken(new Text("Token1"), token1); dagCredentials.addToken(new Text("Token2"), token2); dag.setCredentials(dagCredentials);//w w w. j a v a2 s. co m DAGPlan dagProto = dag.createDag(new TezConfiguration(), null, null, null, true); assertTrue(dagProto.hasCredentialsBinary()); Credentials fetchedCredentials = DagTypeConverters .convertByteStringToCredentials(dagProto.getCredentialsBinary()); assertEquals(2, fetchedCredentials.numberOfTokens()); assertNotNull(fetchedCredentials.getToken(new Text("Token1"))); assertNotNull(fetchedCredentials.getToken(new Text("Token2"))); }