C# (CSharp) DelegationTokenSecretManager.StartThreadsの例

コード例 #1

ファイル: TestClientProtocolWithDelegationToken.cs プロジェクト: orf53975/hadoop.net

        public virtual void TestDelegationTokenRpc()
        {
            ClientProtocol mockNN           = Org.Mockito.Mockito.Mock <ClientProtocol>();
            FSNamesystem   mockNameSys      = Org.Mockito.Mockito.Mock <FSNamesystem>();
            DelegationTokenSecretManager sm = new DelegationTokenSecretManager(DFSConfigKeys.
                                                                               DfsNamenodeDelegationKeyUpdateIntervalDefault, DFSConfigKeys.DfsNamenodeDelegationKeyUpdateIntervalDefault
                                                                               , DFSConfigKeys.DfsNamenodeDelegationTokenMaxLifetimeDefault, 3600000, mockNameSys
                                                                               );

            sm.StartThreads();
            Org.Apache.Hadoop.Ipc.Server server = new RPC.Builder(conf).SetProtocol(typeof(ClientProtocol
                                                                                           )).SetInstance(mockNN).SetBindAddress(Address).SetPort(0).SetNumHandlers(5).SetVerbose
                                                      (true).SetSecretManager(sm).Build();
            server.Start();
            UserGroupInformation current = UserGroupInformation.GetCurrentUser();
            IPEndPoint           addr    = NetUtils.GetConnectAddress(server);
            string user  = current.GetUserName();
            Text   owner = new Text(user);
            DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(owner, owner, null
                                                                           );

            Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token
                                                                                       <DelegationTokenIdentifier>(dtId, sm);
            SecurityUtil.SetTokenService(token, addr);
            Log.Info("Service for token is " + token.GetService());
            current.AddToken(token);
            current.DoAs(new _PrivilegedExceptionAction_100(addr, server));
        }

コード例 #2

 /// <exception cref="System.IO.IOException"/>
 private WebHdfsFileSystem GetWebHdfsFileSystem(UserGroupInformation ugi, Configuration
                                                conf)
 {
     if (UserGroupInformation.IsSecurityEnabled())
     {
         DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(ugi.GetUserName
                                                                                     ()), null, null);
         FSNamesystem namesystem = Org.Mockito.Mockito.Mock <FSNamesystem>();
         DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(86400000
                                                                                         , 86400000, 86400000, 86400000, namesystem);
         dtSecretManager.StartThreads();
         Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token
                                                                                    <DelegationTokenIdentifier>(dtId, dtSecretManager);
         SecurityUtil.SetTokenService(token, NetUtils.CreateSocketAddr(uri.GetAuthority())
                                      );
         token.SetKind(WebHdfsFileSystem.TokenKind);
         ugi.AddToken(token);
     }
     return((WebHdfsFileSystem)FileSystem.Get(uri, conf));
 }

コード例 #3

        /// <exception cref="System.IO.IOException"/>
        /// <exception cref="System.Exception"/>
        public virtual void TestEditsForCancelOnTokenExpire()
        {
            long          renewInterval = 2000;
            Configuration conf          = new Configuration();

            conf.SetBoolean(DFSConfigKeys.DfsNamenodeDelegationTokenAlwaysUseKey, true);
            conf.SetLong(DfsNamenodeDelegationTokenRenewIntervalKey, renewInterval);
            conf.SetLong(DfsNamenodeDelegationTokenMaxLifetimeKey, renewInterval * 2);
            Text      renewer = new Text(UserGroupInformation.GetCurrentUser().GetUserName());
            FSImage   fsImage = Org.Mockito.Mockito.Mock <FSImage>();
            FSEditLog log     = Org.Mockito.Mockito.Mock <FSEditLog>();

            Org.Mockito.Mockito.DoReturn(log).When(fsImage).GetEditLog();
            FSNamesystem fsn = new FSNamesystem(conf, fsImage);
            DelegationTokenSecretManager dtsm = fsn.GetDelegationTokenSecretManager();

            try
            {
                dtsm.StartThreads();
                // get two tokens
                Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token1 = fsn.GetDelegationToken
                                                                                                (renewer);
                Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token2 = fsn.GetDelegationToken
                                                                                                (renewer);
                DelegationTokenIdentifier ident1 = token1.DecodeIdentifier();
                DelegationTokenIdentifier ident2 = token2.DecodeIdentifier();
                // verify we got the tokens
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogGetDelegationToken
                    (Eq(ident1), AnyLong());
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogGetDelegationToken
                    (Eq(ident2), AnyLong());
                // this is a little tricky because DTSM doesn't let us set scan interval
                // so need to periodically sleep, then stop/start threads to force scan
                // renew first token 1/2 to expire
                Sharpen.Thread.Sleep(renewInterval / 2);
                fsn.RenewDelegationToken(token2);
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogRenewDelegationToken
                    (Eq(ident2), AnyLong());
                // force scan and give it a little time to complete
                dtsm.StopThreads();
                dtsm.StartThreads();
                Sharpen.Thread.Sleep(250);
                // no token has expired yet
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(0)).LogCancelDelegationToken
                    (Eq(ident1));
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(0)).LogCancelDelegationToken
                    (Eq(ident2));
                // sleep past expiration of 1st non-renewed token
                Sharpen.Thread.Sleep(renewInterval / 2);
                dtsm.StopThreads();
                dtsm.StartThreads();
                Sharpen.Thread.Sleep(250);
                // non-renewed token should have implicitly been cancelled
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogCancelDelegationToken
                    (Eq(ident1));
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(0)).LogCancelDelegationToken
                    (Eq(ident2));
                // sleep past expiration of 2nd renewed token
                Sharpen.Thread.Sleep(renewInterval / 2);
                dtsm.StopThreads();
                dtsm.StartThreads();
                Sharpen.Thread.Sleep(250);
                // both tokens should have been implicitly cancelled by now
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogCancelDelegationToken
                    (Eq(ident1));
                Org.Mockito.Mockito.Verify(log, Org.Mockito.Mockito.Times(1)).LogCancelDelegationToken
                    (Eq(ident2));
            }
            finally
            {
                dtsm.StopThreads();
            }
        }