public virtual void TestServiceAclsRefreshWithLocalConfigurationProvider() { configuration.SetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization , true); ResourceManager resourceManager = null; try { resourceManager = new ResourceManager(); resourceManager.Init(configuration); resourceManager.Start(); resourceManager.adminService.RefreshServiceAcls(RefreshServiceAclsRequest.NewInstance ()); } catch (Exception) { NUnit.Framework.Assert.Fail("Using localConfigurationProvider. Should not get any exception." ); } finally { if (resourceManager != null) { resourceManager.Stop(); } } }
public virtual void TestRefreshServiceAcls() { RefreshServiceAclsRequest request = recordFactory.NewRecordInstance <RefreshServiceAclsRequest >(); RefreshServiceAclsResponse response = client.RefreshServiceAcls(request); NUnit.Framework.Assert.IsNotNull(response); }
/// <exception cref="System.IO.IOException"/> /// <exception cref="Org.Apache.Hadoop.Yarn.Exceptions.YarnException"/> private int RefreshServiceAcls() { // Refresh the service acls ResourceManagerAdministrationProtocol adminProtocol = CreateAdminProtocol(); RefreshServiceAclsRequest request = recordFactory.NewRecordInstance <RefreshServiceAclsRequest >(); adminProtocol.RefreshServiceAcls(request); return(0); }
/// <exception cref="Org.Apache.Hadoop.Yarn.Exceptions.YarnException"/> /// <exception cref="System.IO.IOException"/> public virtual RefreshServiceAclsResponse RefreshServiceAcls(RefreshServiceAclsRequest request) { YarnServerResourceManagerServiceProtos.RefreshServiceAclsRequestProto requestProto = ((RefreshServiceAclsRequestPBImpl)request).GetProto(); try { return(new RefreshServiceAclsResponsePBImpl(proxy.RefreshServiceAcls(null, requestProto ))); } catch (ServiceException e) { RPCUtil.UnwrapAndThrowException(e); return(null); } }
/// <exception cref="Org.Apache.Hadoop.HA.ServiceFailedException"/> private void RefreshAll() { try { RefreshQueues(RefreshQueuesRequest.NewInstance()); RefreshNodes(RefreshNodesRequest.NewInstance()); RefreshSuperUserGroupsConfiguration(RefreshSuperUserGroupsConfigurationRequest.NewInstance ()); RefreshUserToGroupsMappings(RefreshUserToGroupsMappingsRequest.NewInstance()); if (GetConfig().GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization , false)) { RefreshServiceAcls(RefreshServiceAclsRequest.NewInstance()); } } catch (Exception ex) { throw new ServiceFailedException(ex.Message); } }
/// <exception cref="Org.Apache.Hadoop.Yarn.Exceptions.YarnException"/> /// <exception cref="System.IO.IOException"/> public virtual RefreshServiceAclsResponse RefreshServiceAcls(RefreshServiceAclsRequest request) { if (!GetConfig().GetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization , false)) { throw RPCUtil.GetRemoteException(new IOException("Service Authorization (" + CommonConfigurationKeysPublic .HadoopSecurityAuthorization + ") not enabled.")); } string argName = "refreshServiceAcls"; UserGroupInformation user = CheckAcls(argName); CheckRMStatus(user.GetShortUserName(), argName, "refresh Service ACLs."); PolicyProvider policyProvider = RMPolicyProvider.GetInstance(); Configuration conf = GetConfiguration(new Configuration(false), YarnConfiguration .HadoopPolicyConfigurationFile); RefreshServiceAcls(conf, policyProvider); rmContext.GetClientRMService().RefreshServiceAcls(conf, policyProvider); rmContext.GetApplicationMasterService().RefreshServiceAcls(conf, policyProvider); rmContext.GetResourceTrackerService().RefreshServiceAcls(conf, policyProvider); RMAuditLogger.LogSuccess(user.GetShortUserName(), argName, "AdminService"); return(recordFactory.NewRecordInstance <RefreshServiceAclsResponse>()); }
public virtual void TestServiceAclsRefreshWithFileSystemBasedConfigurationProvider () { configuration.SetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization , true); configuration.Set(YarnConfiguration.RmConfigurationProviderClass, "org.apache.hadoop.yarn.FileSystemBasedConfigurationProvider" ); ResourceManager resourceManager = null; try { //upload default configurations UploadDefaultConfiguration(); Configuration conf = new Configuration(); conf.SetBoolean(CommonConfigurationKeysPublic.HadoopSecurityAuthorization, true); UploadConfiguration(conf, "core-site.xml"); try { resourceManager = new ResourceManager(); resourceManager.Init(configuration); resourceManager.Start(); } catch (Exception) { NUnit.Framework.Assert.Fail("Should not get any exceptions"); } string aclsString = "alice,bob users,wheel"; Configuration newConf = new Configuration(); newConf.Set("security.applicationclient.protocol.acl", aclsString); UploadConfiguration(newConf, "hadoop-policy.xml"); resourceManager.adminService.RefreshServiceAcls(RefreshServiceAclsRequest.NewInstance ()); // verify service Acls refresh for AdminService ServiceAuthorizationManager adminServiceServiceManager = resourceManager.adminService .GetServer().GetServiceAuthorizationManager(); VerifyServiceACLsRefresh(adminServiceServiceManager, typeof(ApplicationClientProtocolPB ), aclsString); // verify service ACLs refresh for ClientRMService ServiceAuthorizationManager clientRMServiceServiceManager = resourceManager.GetRMContext ().GetClientRMService().GetServer().GetServiceAuthorizationManager(); VerifyServiceACLsRefresh(clientRMServiceServiceManager, typeof(ApplicationClientProtocolPB ), aclsString); // verify service ACLs refresh for ApplicationMasterService ServiceAuthorizationManager appMasterService = resourceManager.GetRMContext().GetApplicationMasterService ().GetServer().GetServiceAuthorizationManager(); VerifyServiceACLsRefresh(appMasterService, typeof(ApplicationClientProtocolPB), aclsString ); // verify service ACLs refresh for ResourceTrackerService ServiceAuthorizationManager RTService = resourceManager.GetRMContext().GetResourceTrackerService ().GetServer().GetServiceAuthorizationManager(); VerifyServiceACLsRefresh(RTService, typeof(ApplicationClientProtocolPB), aclsString ); } finally { if (resourceManager != null) { resourceManager.Stop(); } } }