public virtual void TestSomeNodes() { Timing timing = new Timing(); ChildReaper reaper = null; CuratorFramework client = CuratorFrameworkFactory.NewClient(server.GetConnectString (), timing.Session(), timing.Connection(), new RetryOneTime(1)); try { client.Start(); Random r = new Random(); int nonEmptyNodes = 0; for (int i = 0; i < 10; ++i) { client.Create().CreatingParentsIfNeeded().ForPath("/test/" + Extensions.ToString (i)); if (r.NextBoolean()) { client.Create().ForPath("/test/" + Extensions.ToString(i) + "/foo"); ++nonEmptyNodes; } } reaper = new ChildReaper(client, "/test", Reaper.Mode.ReapUntilDelete, 1); reaper.Start(); timing.ForWaiting().SleepABit(); Stat stat = client.CheckExists().ForPath("/test"); Assert.Equal(stat.GetNumChildren(), nonEmptyNodes); } finally { CloseableUtils.CloseQuietly(reaper); CloseableUtils.CloseQuietly(client); } }
public virtual void TestOne() { // Test just one ZKSignerSecretProvider to verify that it works in the // simplest case long rolloverFrequency = 15 * 1000; // rollover every 15 sec // use the same seed so we can predict the RNG long seed = Runtime.CurrentTimeMillis(); Random rand = new Random(seed); byte[] secret2 = Runtime.GetBytesForString(System.Convert.ToString(rand.NextLong ())); byte[] secret1 = Runtime.GetBytesForString(System.Convert.ToString(rand.NextLong ())); byte[] secret3 = Runtime.GetBytesForString(System.Convert.ToString(rand.NextLong ())); ZKSignerSecretProvider secretProvider = new ZKSignerSecretProvider(seed); Properties config = new Properties(); config.SetProperty(ZKSignerSecretProvider.ZookeeperConnectionString, zkServer.GetConnectString ()); config.SetProperty(ZKSignerSecretProvider.ZookeeperPath, "/secret"); try { secretProvider.Init(config, GetDummyServletContext(), rolloverFrequency); byte[] currentSecret = secretProvider.GetCurrentSecret(); byte[][] allSecrets = secretProvider.GetAllSecrets(); Assert.AssertArrayEquals(secret1, currentSecret); Assert.Equal(2, allSecrets.Length); Assert.AssertArrayEquals(secret1, allSecrets[0]); NUnit.Framework.Assert.IsNull(allSecrets[1]); Thread.Sleep((rolloverFrequency + 2000)); currentSecret = secretProvider.GetCurrentSecret(); allSecrets = secretProvider.GetAllSecrets(); Assert.AssertArrayEquals(secret2, currentSecret); Assert.Equal(2, allSecrets.Length); Assert.AssertArrayEquals(secret2, allSecrets[0]); Assert.AssertArrayEquals(secret1, allSecrets[1]); Thread.Sleep((rolloverFrequency + 2000)); currentSecret = secretProvider.GetCurrentSecret(); allSecrets = secretProvider.GetAllSecrets(); Assert.AssertArrayEquals(secret3, currentSecret); Assert.Equal(2, allSecrets.Length); Assert.AssertArrayEquals(secret3, allSecrets[0]); Assert.AssertArrayEquals(secret2, allSecrets[1]); Thread.Sleep((rolloverFrequency + 2000)); } finally { secretProvider.Destroy(); } }
public virtual void TestMultipleKMSInstancesWithZKSigner() { FilePath testDir = TestKMS.GetTestDir(); Configuration conf = CreateBaseKMSConf(testDir); TestingServer zkServer = new TestingServer(); zkServer.Start(); MiniKMS kms1 = null; MiniKMS kms2 = null; conf.Set(KMSAuthenticationFilter.ConfigPrefix + AuthenticationFilter.SignerSecretProvider , "zookeeper"); conf.Set(KMSAuthenticationFilter.ConfigPrefix + ZKSignerSecretProvider.ZookeeperConnectionString , zkServer.GetConnectString()); conf.Set(KMSAuthenticationFilter.ConfigPrefix + ZKSignerSecretProvider.ZookeeperPath , "/secret"); TestKMS.WriteConf(testDir, conf); try { kms1 = new MiniKMS.Builder().SetKmsConfDir(testDir).SetLog4jConfFile("log4j.properties" ).Build(); kms1.Start(); kms2 = new MiniKMS.Builder().SetKmsConfDir(testDir).SetLog4jConfFile("log4j.properties" ).Build(); kms2.Start(); Uri url1 = new Uri(kms1.GetKMSUrl().ToExternalForm() + KMSRESTConstants.ServiceVersion + "/" + KMSRESTConstants.KeysNamesResource); Uri url2 = new Uri(kms2.GetKMSUrl().ToExternalForm() + KMSRESTConstants.ServiceVersion + "/" + KMSRESTConstants.KeysNamesResource); DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token (); DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL(); UserGroupInformation ugiFoo = UserGroupInformation.CreateUserForTesting("foo", new string[] { "gfoo" }); UserGroupInformation ugiBar = UserGroupInformation.CreateUserForTesting("bar", new string[] { "gBar" }); ugiFoo.DoAs(new _PrivilegedExceptionAction_135(aUrl, url1, token)); ugiBar.DoAs(new _PrivilegedExceptionAction_145(aUrl, url2, token)); ugiBar.DoAs(new _PrivilegedExceptionAction_155(aUrl, url2)); } finally { if (kms2 != null) { kms2.Stop(); } if (kms1 != null) { kms1.Stop(); } zkServer.Stop(); } }
public virtual void TestMultiNodeOperations() { for (int i = 0; i < TestRetries; i++) { DelegationTokenManager tm1; DelegationTokenManager tm2 = null; string connectString = zkServer.GetConnectString(); Configuration conf = GetSecretConf(connectString); tm1 = new DelegationTokenManager(conf, new Text("bla")); tm1.Init(); tm2 = new DelegationTokenManager(conf, new Text("bla")); tm2.Init(); Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = (Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>)tm1.CreateToken(UserGroupInformation.GetCurrentUser( ), "foo"); NUnit.Framework.Assert.IsNotNull(token); tm2.VerifyToken(token); tm2.RenewToken(token, "foo"); tm1.VerifyToken(token); tm1.CancelToken(token, "foo"); try { VerifyTokenFail(tm2, token); NUnit.Framework.Assert.Fail("Expected InvalidToken"); } catch (SecretManager.InvalidToken) { } // Ignore token = (Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>)tm2.CreateToken (UserGroupInformation.GetCurrentUser(), "bar"); NUnit.Framework.Assert.IsNotNull(token); tm1.VerifyToken(token); tm1.RenewToken(token, "bar"); tm2.VerifyToken(token); tm2.CancelToken(token, "bar"); try { VerifyTokenFail(tm1, token); NUnit.Framework.Assert.Fail("Expected InvalidToken"); } catch (SecretManager.InvalidToken) { } // Ignore VerifyDestroy(tm1, conf); VerifyDestroy(tm2, conf); } }