public virtual void TestSerialization() { TestDelegationToken.TestDelegationTokenIdentifier origToken = new TestDelegationToken.TestDelegationTokenIdentifier (new Text("alice"), new Text("bob"), new Text("colin")); TestDelegationToken.TestDelegationTokenIdentifier newToken = new TestDelegationToken.TestDelegationTokenIdentifier (); origToken.SetIssueDate(123); origToken.SetMasterKeyId(321); origToken.SetMaxDate(314); origToken.SetSequenceNumber(12345); // clone origToken into newToken DataInputBuffer inBuf = new DataInputBuffer(); DataOutputBuffer outBuf = new DataOutputBuffer(); origToken.Write(outBuf); inBuf.Reset(outBuf.GetData(), 0, outBuf.GetLength()); newToken.ReadFields(inBuf); // now test the fields Assert.Equal("alice", newToken.GetUser().GetUserName()); Assert.Equal(new Text("bob"), newToken.GetRenewer()); Assert.Equal("colin", newToken.GetUser().GetRealUser().GetUserName ()); Assert.Equal(123, newToken.GetIssueDate()); Assert.Equal(321, newToken.GetMasterKeyId()); Assert.Equal(314, newToken.GetMaxDate()); Assert.Equal(12345, newToken.GetSequenceNumber()); Assert.Equal(origToken, newToken); }
public virtual void TestDelegationTokenSecretManager() { TestDelegationToken.TestDelegationTokenSecretManager dtSecretManager = new TestDelegationToken.TestDelegationTokenSecretManager (24 * 60 * 60 * 1000, 3 * 1000, 1 * 1000, 3600000); try { dtSecretManager.StartThreads(); Org.Apache.Hadoop.Security.Token.Token <TestDelegationToken.TestDelegationTokenIdentifier > token = GenerateDelegationToken(dtSecretManager, "SomeUser", "JobTracker"); Assert.True(dtSecretManager.isStoreNewTokenCalled); // Fake renewer should not be able to renew ShouldThrow(new _PrivilegedExceptionAction_272(dtSecretManager, token), typeof(AccessControlException )); long time = dtSecretManager.RenewToken(token, "JobTracker"); Assert.True(dtSecretManager.isUpdateStoredTokenCalled); Assert.True("renew time is in future", time > Time.Now()); TestDelegationToken.TestDelegationTokenIdentifier identifier = new TestDelegationToken.TestDelegationTokenIdentifier (); byte[] tokenId = token.GetIdentifier(); identifier.ReadFields(new DataInputStream(new ByteArrayInputStream(tokenId))); Assert.True(null != dtSecretManager.RetrievePassword(identifier )); Log.Info("Sleep to expire the token"); Thread.Sleep(2000); //Token should be expired try { dtSecretManager.RetrievePassword(identifier); //Should not come here NUnit.Framework.Assert.Fail("Token should have expired"); } catch (SecretManager.InvalidToken) { } //Success dtSecretManager.RenewToken(token, "JobTracker"); Log.Info("Sleep beyond the max lifetime"); Thread.Sleep(2000); ShouldThrow(new _PrivilegedExceptionAction_302(dtSecretManager, token), typeof(SecretManager.InvalidToken )); } finally { dtSecretManager.StopThreads(); } }
/// <exception cref="System.Exception"/> public virtual void TestRollMasterKey() { TestDelegationToken.TestDelegationTokenSecretManager dtSecretManager = new TestDelegationToken.TestDelegationTokenSecretManager (800, 800, 1 * 1000, 3600000); try { dtSecretManager.StartThreads(); //generate a token and store the password Org.Apache.Hadoop.Security.Token.Token <TestDelegationToken.TestDelegationTokenIdentifier > token = GenerateDelegationToken(dtSecretManager, "SomeUser", "JobTracker"); byte[] oldPasswd = token.GetPassword(); //store the length of the keys list int prevNumKeys = dtSecretManager.GetAllKeys().Length; dtSecretManager.RollMasterKey(); Assert.True(dtSecretManager.isStoreNewMasterKeyCalled); //after rolling, the length of the keys list must increase int currNumKeys = dtSecretManager.GetAllKeys().Length; Assert.Equal((currNumKeys - prevNumKeys) >= 1, true); //after rolling, the token that was generated earlier must //still be valid (retrievePassword will fail if the token //is not valid) ByteArrayInputStream bi = new ByteArrayInputStream(token.GetIdentifier()); TestDelegationToken.TestDelegationTokenIdentifier identifier = dtSecretManager.CreateIdentifier (); identifier.ReadFields(new DataInputStream(bi)); byte[] newPasswd = dtSecretManager.RetrievePassword(identifier); //compare the passwords Assert.Equal(oldPasswd, newPasswd); // wait for keys to expire while (!dtSecretManager.isRemoveStoredMasterKeyCalled) { Thread.Sleep(200); } } finally { dtSecretManager.StopThreads(); } }
//PASS /// <exception cref="System.IO.IOException"/> private bool TestDelegationTokenIdentiferSerializationRoundTrip(Text owner, Text renewer, Text realUser) { TestDelegationToken.TestDelegationTokenIdentifier dtid = new TestDelegationToken.TestDelegationTokenIdentifier (owner, renewer, realUser); DataOutputBuffer @out = new DataOutputBuffer(); dtid.WriteImpl(@out); DataInputBuffer @in = new DataInputBuffer(); @in.Reset(@out.GetData(), @out.GetLength()); try { TestDelegationToken.TestDelegationTokenIdentifier dtid2 = new TestDelegationToken.TestDelegationTokenIdentifier (); dtid2.ReadFields(@in); Assert.True(dtid.Equals(dtid2)); return(true); } catch (IOException) { return(false); } }