List of usage examples for org.apache.hadoop.security.token Token getService
public Text getService()
From source file:org.apache.slider.server.services.security.FsDelegationTokenManager.java
License:Apache License
public void acquireDelegationToken(Configuration configuration) throws IOException, InterruptedException { if (remoteUser == null) { createRemoteUser(configuration); }//from www.ja va 2 s . c o m if (SliderUtils.isHadoopClusterSecure(configuration) && renewingAction == null) { renewInterval = configuration.getLong(DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY, DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT); // constructor of action will retrieve initial token. One may already be // associated with user, but its lifecycle/management is not clear so let's // create and manage a token explicitly renewAction = new RenewAction("HDFS renew", configuration); // set retrieved token as the user associated delegation token and // start a renewing action to renew Token<?> token = renewAction.getToken(); currentUser.addToken(token.getService(), token); log.info("HDFS delegation token {} acquired and set as credential for current user", token); renewingAction = new RenewingAction<RenewAction>(renewAction, (int) renewInterval, (int) renewInterval, TimeUnit.MILLISECONDS, getRenewingLimit()); log.info("queuing HDFS delegation token renewal interval of {} milliseconds", renewInterval); queue(renewingAction); } }
From source file:org.apache.sqoop.client.request.ResourceRequest.java
License:Apache License
public Token<?>[] addDelegationTokens(String strURL, String renewer, Credentials credentials) throws IOException { Token<?>[] tokens = null;/*from w ww. j ava 2 s .co m*/ Text dtService = getDelegationTokenService(strURL); Token<?> token = credentials.getToken(dtService); if (token == null) { URL url = new URL(strURL); DelegationTokenAuthenticatedURL authUrl = new DelegationTokenAuthenticatedURL( new ConnectionConfigurator() { @Override public HttpURLConnection configure(HttpURLConnection conn) throws IOException { return conn; } }); try { token = authUrl.getDelegationToken(url, authToken, renewer); if (token != null) { credentials.addToken(token.getService(), token); tokens = new Token<?>[] { token }; } else { throw new IOException("Got NULL as delegation token"); } } catch (AuthenticationException ex) { throw new IOException(ex); } } return tokens; }
From source file:org.apache.sqoop.connector.hdfs.security.TestSecurityUtils.java
License:Apache License
@Test public void testTokenSerializationDeserialization() throws Exception { byte[] identifier = "identifier".getBytes(); byte[] password = "password".getBytes(); Text kind = new Text("kind"); Text service = new Text("service"); Token token = new Token(identifier, password, kind, service); String serializedForm = SecurityUtils.serializeToken(token); assertNotNull(serializedForm);/* www . j ava 2s . c om*/ Token deserializedToken = SecurityUtils.deserializeToken(serializedForm); assertNotNull(deserializedToken); assertEquals(identifier, deserializedToken.getIdentifier()); assertEquals(password, deserializedToken.getPassword()); assertEquals(kind.toString(), deserializedToken.getKind().toString()); assertEquals(service.toString(), deserializedToken.getService().toString()); }
From source file:org.apache.tez.auxservices.ShuffleHandler.java
License:Apache License
private void recordJobShuffleInfo(JobID jobId, String user, Token<JobTokenIdentifier> jobToken) throws IOException { if (stateDb != null) { TokenProto tokenProto = TokenProto.newBuilder() .setIdentifier(ByteString.copyFrom(jobToken.getIdentifier())) .setPassword(ByteString.copyFrom(jobToken.getPassword())).setKind(jobToken.getKind().toString()) .setService(jobToken.getService().toString()).build(); JobShuffleInfoProto proto = JobShuffleInfoProto.newBuilder().setUser(user).setJobToken(tokenProto) .build();/*w w w .j av a 2s .com*/ try { stateDb.put(bytes(jobId.toString()), proto.toByteArray()); } catch (DBException e) { throw new IOException("Error storing " + jobId, e); } } addJobToken(jobId, user, jobToken); }
From source file:org.apache.tez.common.impl.LogUtils.java
License:Apache License
public static void logCredentials(Log log, Credentials credentials, String identifier) { if (log.isDebugEnabled()) { StringBuilder sb = new StringBuilder(); sb.append("#" + identifier + "Tokens=").append(credentials.numberOfTokens()); if (credentials.numberOfTokens() > 0) { sb.append(", Services: "); for (Token<?> t : credentials.getAllTokens()) { sb.append(t.getService()).append(","); }/* ww w .j a v a 2s . co m*/ } log.debug(sb.toString()); } }
From source file:org.apache.tez.common.security.TestTokenCache.java
License:Apache License
@Test(timeout = 5000) @SuppressWarnings("deprecation") public void testBinaryCredentials() throws Exception { String binaryTokenFile = null; try {/*w w w . ja v a 2 s . co m*/ Path TEST_ROOT_DIR = new Path("target"); binaryTokenFile = FileSystem.getLocal(conf).makeQualified(new Path(TEST_ROOT_DIR, "tokenFile")).toUri() .getPath(); MockFileSystem fs1 = createFileSystemForServiceName("service1"); MockFileSystem fs2 = createFileSystemForServiceName("service2"); MockFileSystem fs3 = createFileSystemForServiceName("service3"); // get the tokens for fs1 & fs2 and write out to binary creds file Credentials creds = new Credentials(); Token<?> token1 = fs1.getDelegationToken(renewer); Token<?> token2 = fs2.getDelegationToken(renewer); creds.addToken(token1.getService(), token1); creds.addToken(token2.getService(), token2); creds.writeTokenStorageFile(new Path(binaryTokenFile), conf); Credentials newCreds = new Credentials(); TokenCache.mergeBinaryTokens(newCreds, conf, binaryTokenFile); Assert.assertTrue(newCreds.getAllTokens().size() > 0); checkTokens(creds, newCreds); } finally { if (binaryTokenFile != null) { try { FileSystem.getLocal(conf).delete(new Path(binaryTokenFile)); } catch (IOException e) { // Ignore } } } }
From source file:org.apache.tez.common.security.TestTokenCache.java
License:Apache License
private void checkTokens(Credentials creds, Credentials newCreds) { Assert.assertEquals(creds.getAllTokens().size(), newCreds.getAllTokens().size()); for (Token<?> token : newCreds.getAllTokens()) { Token<?> credsToken = creds.getToken(token.getService()); Assert.assertTrue(credsToken != null); Assert.assertEquals(token, credsToken); }//w w w .j a v a 2 s .c o m }
From source file:org.apache.tez.common.TezCommonUtils.java
License:Apache License
public static String getCredentialsInfo(Credentials credentials, String identifier) { StringBuilder sb = new StringBuilder(); sb.append("Credentials: #" + identifier + "Tokens=").append(credentials.numberOfTokens()); if (credentials.numberOfTokens() > 0) { sb.append(", Services="); Iterator<Token<?>> tokenItr = credentials.getAllTokens().iterator(); if (tokenItr.hasNext()) { Token token = tokenItr.next(); sb.append(token.getService()).append("(").append(token.getKind()).append(")"); }/*from w w w .j a v a2 s . c om*/ while (tokenItr.hasNext()) { Token token = tokenItr.next(); sb.append(",").append(token.getService()).append("(").append(token.getKind()).append(")"); } } return sb.toString(); }
From source file:org.apache.tez.engine.common.security.DelegationTokenRenewal.java
License:Apache License
public static synchronized void registerDelegationTokensForRenewal(ApplicationId jobId, Credentials ts, Configuration conf) throws IOException { if (ts == null) return; //nothing to add Collection<Token<?>> tokens = ts.getAllTokens(); long now = System.currentTimeMillis(); for (Token<?> t : tokens) { // first renew happens immediately if (t.isManaged()) { DelegationTokenToRenew dtr = new DelegationTokenToRenew(jobId, t, conf, now); addTokenToList(dtr);//from www . j a va 2 s .co m setTimerForTokenRenewal(dtr, true); LOG.info("registering token for renewal for service =" + t.getService() + " and jobID = " + jobId); } } }
From source file:org.apache.tez.engine.common.security.JobTokenSelector.java
License:Apache License
@SuppressWarnings("unchecked") @Override//from w ww . j a va2 s . c o m public Token<JobTokenIdentifier> selectToken(Text service, Collection<Token<? extends TokenIdentifier>> tokens) { if (service == null) { return null; } for (Token<? extends TokenIdentifier> token : tokens) { if (JobTokenIdentifier.KIND_NAME.equals(token.getKind()) && service.equals(token.getService())) { return (Token<JobTokenIdentifier>) token; } } return null; }