/// <exception cref="System.IO.IOException"/> public Org.Apache.Hadoop.Security.Token.Token <object> Run() { Credentials c; try { c = DelegationTokenFetcher.GetDTfromRemote(this._enclosing.connectionFactory, this ._enclosing.nnUri, renewer, proxyUser); } catch (IOException e) { if (e.InnerException is ConnectException) { FileSystem.Log.Warn("Couldn't connect to " + this._enclosing.nnUri + ", assuming security is disabled" ); return(null); } if (FileSystem.Log.IsDebugEnabled()) { FileSystem.Log.Debug("Exception getting delegation token", e); } throw; } foreach (Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> t in c.GetAllTokens ()) { if (FileSystem.Log.IsDebugEnabled()) { FileSystem.Log.Debug("Got dt for " + this._enclosing.GetUri() + ";t.service=" + t .GetService()); } return(t); } return(null); }
/// <exception cref="System.Exception"/> public long Run() { IPEndPoint serviceAddr = SecurityUtil.GetTokenServiceAddr(token); return(DelegationTokenFetcher.RenewDelegationToken(this._enclosing.connectionFactory , DFSUtil.CreateUri(this._enclosing.GetUnderlyingProtocol(), serviceAddr), (Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>)token)); }
public virtual void TestCancelTokenFromHttp() { bootstrap = StartHttpServer(httpPort, testToken, serviceUrl); DelegationTokenFetcher.CancelDelegationToken(connectionFactory, serviceUrl, testToken ); if (assertionError != null) { throw assertionError; } }
public virtual void TestTokenFetchFail() { try { DelegationTokenFetcher.Main(new string[] { "-webservice=" + serviceUrl, tokenFile }); NUnit.Framework.Assert.Fail("Token fetcher shouldn't start in absense of NN"); } catch (IOException) { } }
public virtual void TestRenewTokenFromHttp() { bootstrap = StartHttpServer(httpPort, testToken, serviceUrl); NUnit.Framework.Assert.IsTrue("testRenewTokenFromHttp error", long.Parse(ExpDate) == DelegationTokenFetcher.RenewDelegationToken(connectionFactory, serviceUrl, testToken )); if (assertionError != null) { throw assertionError; } }
public virtual void TestTokenRenewFail() { try { DelegationTokenFetcher.RenewDelegationToken(connectionFactory, serviceUrl, testToken ); NUnit.Framework.Assert.Fail("Token fetcher shouldn't be able to renew tokens in absense of NN" ); } catch (IOException) { } }
public virtual void ExpectedTokenCancelFail() { try { DelegationTokenFetcher.CancelDelegationToken(connectionFactory, serviceUrl, testToken ); NUnit.Framework.Assert.Fail("Token fetcher shouldn't be able to cancel tokens in absense of NN" ); } catch (IOException) { } }
private static void ExpectDelegationTokenFetcherExit(string[] args) { try { DelegationTokenFetcher.Main(args); NUnit.Framework.Assert.Fail("should call exit"); } catch (ExitUtil.ExitException) { ExitUtil.ResetFirstExitException(); } catch (Exception ex) { NUnit.Framework.Assert.Fail("expectDelegationTokenFetcherExit ex error " + ex); } }
public virtual void ExpectedTokenRenewErrorHttpResponse() { bootstrap = StartHttpServer(httpPort, testToken, serviceUrl); try { DelegationTokenFetcher.RenewDelegationToken(connectionFactory, new URI(serviceUrl .ToString() + "/exception"), CreateToken(serviceUrl)); NUnit.Framework.Assert.Fail("Token fetcher shouldn't be able to renew tokens using an invalid" + " NN URL"); } catch (IOException) { } if (assertionError != null) { throw assertionError; } }
public virtual void ExpectedTokenIsRetrievedFromHttp() { bootstrap = StartHttpServer(httpPort, testToken, serviceUrl); DelegationTokenFetcher.Main(new string[] { "-webservice=" + serviceUrl, tokenFile }); Path p = new Path(fileSys.GetWorkingDirectory(), tokenFile); Credentials creds = Credentials.ReadTokenStorageFile(p, conf); IEnumerator <Org.Apache.Hadoop.Security.Token.Token <object> > itr = creds.GetAllTokens ().GetEnumerator(); NUnit.Framework.Assert.IsTrue("token not exist error", itr.HasNext()); Org.Apache.Hadoop.Security.Token.Token <object> fetchedToken = itr.Next(); Assert.AssertArrayEquals("token wrong identifier error", testToken.GetIdentifier( ), fetchedToken.GetIdentifier()); Assert.AssertArrayEquals("token wrong password error", testToken.GetPassword(), fetchedToken .GetPassword()); if (assertionError != null) { throw assertionError; } }
public virtual void ExpectedTokenIsRetrievedFromDFS() { byte[] ident = new DelegationTokenIdentifier(new Text("owner"), new Text("renewer" ), new Text("realuser")).GetBytes(); byte[] pw = new byte[] { 42 }; Text service = new Text(uri.ToString()); // Create a token for the fetcher to fetch, wire NN to return it when asked // for this particular user. Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> t = new Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>(ident, pw, FakeRenewer.Kind, service); Org.Mockito.Mockito.When(dfs.AddDelegationTokens(Matchers.Eq((string)null), Matchers.Any <Credentials>())).ThenAnswer(new _Answer_77(service, t)); Org.Mockito.Mockito.When(dfs.GetUri()).ThenReturn(uri); FakeRenewer.Reset(); FileSystem fileSys = FileSystem.GetLocal(conf); try { DelegationTokenFetcher.Main(new string[] { "-fs", uri.ToString(), tokenFile }); Path p = new Path(fileSys.GetWorkingDirectory(), tokenFile); Credentials creds = Credentials.ReadTokenStorageFile(p, conf); IEnumerator <Org.Apache.Hadoop.Security.Token.Token <object> > itr = creds.GetAllTokens ().GetEnumerator(); // make sure we got back exactly the 1 token we expected NUnit.Framework.Assert.IsTrue(itr.HasNext()); NUnit.Framework.Assert.AreEqual(t, itr.Next()); NUnit.Framework.Assert.IsTrue(!itr.HasNext()); DelegationTokenFetcher.Main(new string[] { "--print", tokenFile }); DelegationTokenFetcher.Main(new string[] { "--renew", tokenFile }); NUnit.Framework.Assert.AreEqual(t, FakeRenewer.lastRenewed); FakeRenewer.Reset(); DelegationTokenFetcher.Main(new string[] { "--cancel", tokenFile }); NUnit.Framework.Assert.AreEqual(t, FakeRenewer.lastCanceled); } finally { fileSys.Delete(new Path(tokenFile), true); } }