public virtual void TestExternalDelegationTokenSecretManager()
{
TestWebDelegationToken.DummyDelegationTokenSecretManager secretMgr = new TestWebDelegationToken.DummyDelegationTokenSecretManager
();
Org.Mortbay.Jetty.Server jetty = CreateJettyServer();
Context context = new Context();
context.SetContextPath("/foo");
jetty.SetHandler(context);
context.AddFilter(new FilterHolder(typeof(TestWebDelegationToken.AFilter)), "/*",
0);
context.AddServlet(new ServletHolder(typeof(TestWebDelegationToken.PingServlet)),
"/bar");
try
{
secretMgr.StartThreads();
context.SetAttribute(DelegationTokenAuthenticationFilter.DelegationTokenSecretManagerAttr
, secretMgr);
jetty.Start();
Uri authURL = new Uri(GetJettyURL() + "/foo/bar?authenticated=foo");
DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token
();
DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL();
aUrl.GetDelegationToken(authURL, token, FooUser);
NUnit.Framework.Assert.IsNotNull(token.GetDelegationToken());
Assert.Equal(new Text("fooKind"), token.GetDelegationToken().GetKind
());
}
finally
{
jetty.Stop();
secretMgr.StopThreads();
}
}
/// <exception cref="System.Exception"/>
public Void Run()
{
DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token
();
DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL();
HttpURLConnection conn = aUrl.OpenConnection(url, token, TestWebDelegationToken.OkUser
);
Assert.Equal(HttpURLConnection.HttpOk, conn.GetResponseCode());
IList <string> ret = IOUtils.ReadLines(conn.GetInputStream());
Assert.Equal(1, ret.Count);
Assert.Equal(TestWebDelegationToken.OkUser, ret[0]);
conn = aUrl.OpenConnection(url, token, TestWebDelegationToken.FailUser);
Assert.Equal(HttpURLConnection.HttpForbidden, conn.GetResponseCode
());
aUrl.GetDelegationToken(url, token, TestWebDelegationToken.FooUser);
UserGroupInformation ugi = UserGroupInformation.GetCurrentUser();
ugi.AddToken(token.GetDelegationToken());
token = new DelegationTokenAuthenticatedURL.Token();
conn = aUrl.OpenConnection(url, token, TestWebDelegationToken.OkUser);
Assert.Equal(HttpURLConnection.HttpOk, conn.GetResponseCode());
ret = IOUtils.ReadLines(conn.GetInputStream());
Assert.Equal(1, ret.Count);
Assert.Equal(TestWebDelegationToken.FooUser, ret[0]);
return(null);
}
/// <exception cref="System.Exception"/>
public Void Run()
{
DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token
();
DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL();
HttpURLConnection conn = aUrl.OpenConnection(url, token);
Assert.Equal(HttpURLConnection.HttpOk, conn.GetResponseCode());
IList <string> ret = IOUtils.ReadLines(conn.GetInputStream());
Assert.Equal(1, ret.Count);
Assert.Equal(TestWebDelegationToken.FooUser, ret[0]);
aUrl.GetDelegationToken(url, token, TestWebDelegationToken.FooUser);
NUnit.Framework.Assert.IsNotNull(token.GetDelegationToken());
Assert.Equal(new Text("token-kind"), token.GetDelegationToken(
).GetKind());
return(null);
}
/// <exception cref="System.Exception"/>
private void TestDelegationTokenAuthenticatorCalls(bool useQS)
{
Org.Mortbay.Jetty.Server jetty = CreateJettyServer();
Context context = new Context();
context.SetContextPath("/foo");
jetty.SetHandler(context);
context.AddFilter(new FilterHolder(typeof(TestWebDelegationToken.AFilter)), "/*",
0);
context.AddServlet(new ServletHolder(typeof(TestWebDelegationToken.PingServlet)),
"/bar");
try
{
jetty.Start();
Uri nonAuthURL = new Uri(GetJettyURL() + "/foo/bar");
Uri authURL = new Uri(GetJettyURL() + "/foo/bar?authenticated=foo");
Uri authURL2 = new Uri(GetJettyURL() + "/foo/bar?authenticated=bar");
DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token
();
DelegationTokenAuthenticatedURL aUrl = new DelegationTokenAuthenticatedURL();
aUrl.SetUseQueryStringForDelegationToken(useQS);
try
{
aUrl.GetDelegationToken(nonAuthURL, token, FooUser);
NUnit.Framework.Assert.Fail();
}
catch (Exception ex)
{
Assert.True(ex.Message.Contains("401"));
}
aUrl.GetDelegationToken(authURL, token, FooUser);
NUnit.Framework.Assert.IsNotNull(token.GetDelegationToken());
Assert.Equal(new Text("token-kind"), token.GetDelegationToken(
).GetKind());
aUrl.RenewDelegationToken(authURL, token);
try
{
aUrl.RenewDelegationToken(nonAuthURL, token);
NUnit.Framework.Assert.Fail();
}
catch (Exception ex)
{
Assert.True(ex.Message.Contains("401"));
}
aUrl.GetDelegationToken(authURL, token, FooUser);
try
{
aUrl.RenewDelegationToken(authURL2, token);
NUnit.Framework.Assert.Fail();
}
catch (Exception ex)
{
Assert.True(ex.Message.Contains("403"));
}
aUrl.GetDelegationToken(authURL, token, FooUser);
aUrl.CancelDelegationToken(authURL, token);
aUrl.GetDelegationToken(authURL, token, FooUser);
aUrl.CancelDelegationToken(nonAuthURL, token);
aUrl.GetDelegationToken(authURL, token, FooUser);
try
{
aUrl.RenewDelegationToken(nonAuthURL, token);
}
catch (Exception ex)
{
Assert.True(ex.Message.Contains("401"));
}
aUrl.GetDelegationToken(authURL, token, "foo");
UserGroupInformation ugi = UserGroupInformation.GetCurrentUser();
ugi.AddToken(token.GetDelegationToken());
ugi.DoAs(new _PrivilegedExceptionAction_412(aUrl, nonAuthURL, useQS));
}
finally
{
jetty.Stop();
}
}
