/// <exception cref="System.IO.IOException"/> /// <exception cref="System.Exception"/> private void CheckShortCircuitRenewCancel(IPEndPoint rmAddr, IPEndPoint serviceAddr , bool shouldShortCircuit) { Configuration conf = new Configuration(); conf.SetClass(YarnConfiguration.IpcRpcImpl, typeof(TestClientRMTokens.YarnBadRPC) , typeof(YarnRPC)); RMDelegationTokenSecretManager secretManager = Org.Mockito.Mockito.Mock <RMDelegationTokenSecretManager >(); RMDelegationTokenIdentifier.Renewer.SetSecretManager(secretManager, rmAddr); RMDelegationTokenIdentifier ident = new RMDelegationTokenIdentifier(new Text("owner" ), new Text("renewer"), null); Org.Apache.Hadoop.Security.Token.Token <RMDelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token <RMDelegationTokenIdentifier>(ident, secretManager); SecurityUtil.SetTokenService(token, serviceAddr); if (shouldShortCircuit) { token.Renew(conf); Org.Mockito.Mockito.Verify(secretManager).RenewToken(Matchers.Eq(token), Matchers.Eq ("renewer")); Org.Mockito.Mockito.Reset(secretManager); token.Cancel(conf); Org.Mockito.Mockito.Verify(secretManager).CancelToken(Matchers.Eq(token), Matchers.Eq ("renewer")); } else { try { token.Renew(conf); NUnit.Framework.Assert.Fail(); } catch (RuntimeException e) { NUnit.Framework.Assert.AreEqual("getProxy", e.Message); } Org.Mockito.Mockito.Verify(secretManager, Org.Mockito.Mockito.Never()).RenewToken (Matchers.Any <Org.Apache.Hadoop.Security.Token.Token>(), Matchers.AnyString()); try { token.Cancel(conf); NUnit.Framework.Assert.Fail(); } catch (RuntimeException e) { NUnit.Framework.Assert.AreEqual("getProxy", e.Message); } Org.Mockito.Mockito.Verify(secretManager, Org.Mockito.Mockito.Never()).CancelToken (Matchers.Any <Org.Apache.Hadoop.Security.Token.Token>(), Matchers.AnyString()); } }
/// <exception cref="System.IO.IOException"/> /// <exception cref="System.Exception"/> private void Cancel() { T fs = weakFs.Get(); if (fs != null) { token.Cancel(fs.GetConf()); } }
/// <exception cref="System.Exception"/> public virtual void TestHdfsGetCanonicalServiceName() { Configuration conf = dfs.GetConf(); URI haUri = HATestUtil.GetLogicalUri(cluster); AbstractFileSystem afs = AbstractFileSystem.CreateFileSystem(haUri, conf); string haService = HAUtil.BuildTokenServiceForLogicalUri(haUri, HdfsConstants.HdfsUriScheme ).ToString(); NUnit.Framework.Assert.AreEqual(haService, afs.GetCanonicalServiceName()); Org.Apache.Hadoop.Security.Token.Token <object> token = afs.GetDelegationTokens(UserGroupInformation .GetCurrentUser().GetShortUserName())[0]; NUnit.Framework.Assert.AreEqual(haService, token.GetService().ToString()); // make sure the logical uri is handled correctly token.Renew(conf); token.Cancel(conf); }
/// <summary> /// HDFS-3062: DistributedFileSystem.getCanonicalServiceName() throws an /// exception if the URI is a logical URI. /// </summary> /// <remarks> /// HDFS-3062: DistributedFileSystem.getCanonicalServiceName() throws an /// exception if the URI is a logical URI. This bug fails the combination of /// ha + mapred + security. /// </remarks> /// <exception cref="System.Exception"/> public virtual void TestDFSGetCanonicalServiceName() { URI hAUri = HATestUtil.GetLogicalUri(cluster); string haService = HAUtil.BuildTokenServiceForLogicalUri(hAUri, HdfsConstants.HdfsUriScheme ).ToString(); NUnit.Framework.Assert.AreEqual(haService, dfs.GetCanonicalServiceName()); string renewer = UserGroupInformation.GetCurrentUser().GetShortUserName(); Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = GetDelegationToken (dfs, renewer); NUnit.Framework.Assert.AreEqual(haService, token.GetService().ToString()); // make sure the logical uri is handled correctly token.Renew(dfs.GetConf()); token.Cancel(dfs.GetConf()); }