/// <exception cref="System.Exception"/> public virtual void TestGetCredsNotSame <T>() where T : TokenIdentifier { UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("someone"); Credentials creds = ugi.GetCredentials(); // should always get a new copy NUnit.Framework.Assert.AreNotSame(creds, ugi.GetCredentials()); }
/// <exception cref="System.Exception"/> public virtual void TestAddCreds <T>() where T : TokenIdentifier { // from Mockito mocks UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("someone"); Text service = new Text("service"); Org.Apache.Hadoop.Security.Token.Token <T> t1 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t1.GetService()).ThenReturn(service); Org.Apache.Hadoop.Security.Token.Token <T> t2 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t2.GetService()).ThenReturn(new Text("service2")); byte[] secret = new byte[] { }; Text secretKey = new Text("sshhh"); // fill credentials Credentials creds = new Credentials(); creds.AddToken(t1.GetService(), t1); creds.AddToken(t2.GetService(), t2); creds.AddSecretKey(secretKey, secret); // add creds to ugi, and check ugi ugi.AddCredentials(creds); CheckTokens(ugi, t1, t2); NUnit.Framework.Assert.AreSame(secret, ugi.GetCredentials().GetSecretKey(secretKey )); }
/// <exception cref="System.Exception"/> public virtual void TestGetCreds <T>() where T : TokenIdentifier { // from Mockito mocks UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("someone"); Text service = new Text("service"); Org.Apache.Hadoop.Security.Token.Token <T> t1 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t1.GetService()).ThenReturn(service); Org.Apache.Hadoop.Security.Token.Token <T> t2 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t2.GetService()).ThenReturn(new Text("service2")); Org.Apache.Hadoop.Security.Token.Token <T> t3 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t3.GetService()).ThenReturn(service); // add token to ugi ugi.AddToken(t1); ugi.AddToken(t2); CheckTokens(ugi, t1, t2); Credentials creds = ugi.GetCredentials(); creds.AddToken(t3.GetService(), t3); NUnit.Framework.Assert.AreSame(t3, creds.GetToken(service)); // check that ugi wasn't modified CheckTokens(ugi, t1, t2); }
/// <exception cref="System.Exception"/> public virtual void TestAddNamedToken <T>() where T : TokenIdentifier { // from Mockito mocks UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("someone"); Org.Apache.Hadoop.Security.Token.Token <T> t1 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Text service1 = new Text("t1"); Text service2 = new Text("t2"); Org.Mockito.Mockito.When(t1.GetService()).ThenReturn(service1); // add token ugi.AddToken(service1, t1); NUnit.Framework.Assert.AreSame(t1, ugi.GetCredentials().GetToken(service1)); // add token with another name ugi.AddToken(service2, t1); NUnit.Framework.Assert.AreSame(t1, ugi.GetCredentials().GetToken(service1)); NUnit.Framework.Assert.AreSame(t1, ugi.GetCredentials().GetToken(service2)); }
/// <exception cref="System.Exception"/> public virtual void TestUGITokens <T>() where T : TokenIdentifier { // from Mockito mocks UserGroupInformation ugi = UserGroupInformation.CreateUserForTesting("TheDoctor", new string[] { "TheTARDIS" }); Org.Apache.Hadoop.Security.Token.Token <T> t1 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t1.GetService()).ThenReturn(new Text("t1")); Org.Apache.Hadoop.Security.Token.Token <T> t2 = Org.Mockito.Mockito.Mock <Org.Apache.Hadoop.Security.Token.Token >(); Org.Mockito.Mockito.When(t2.GetService()).ThenReturn(new Text("t2")); Credentials creds = new Credentials(); byte[] secretKey = new byte[] { }; Text secretName = new Text("shhh"); creds.AddSecretKey(secretName, secretKey); ugi.AddToken(t1); ugi.AddToken(t2); ugi.AddCredentials(creds); ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > z = ugi.GetTokens (); Assert.True(z.Contains(t1)); Assert.True(z.Contains(t2)); Assert.Equal(2, z.Count); Credentials ugiCreds = ugi.GetCredentials(); NUnit.Framework.Assert.AreSame(secretKey, ugiCreds.GetSecretKey(secretName)); Assert.Equal(1, ugiCreds.NumberOfSecretKeys()); try { z.Remove(t1); NUnit.Framework.Assert.Fail("Shouldn't be able to modify token collection from UGI" ); } catch (NotSupportedException) { } // Can't modify tokens // ensure that the tokens are passed through doAs ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > otherSet = ugi .DoAs(new _PrivilegedExceptionAction_612()); Assert.True(otherSet.Contains(t1)); Assert.True(otherSet.Contains(t2)); }
public virtual void TestAddTokensToUGI() { UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("someone"); Credentials creds = new Credentials(); for (int i = 0; i < service.Length; i++) { creds.AddToken(service[i], token[i]); } ugi.AddCredentials(creds); creds = ugi.GetCredentials(); for (int i_1 = 0; i_1 < service.Length; i_1++) { NUnit.Framework.Assert.AreSame(token[i_1], creds.GetToken(service[i_1])); } Assert.Equal(service.Length, creds.NumberOfTokens()); }
private void CheckTokens(UserGroupInformation ugi, params Org.Apache.Hadoop.Security.Token.Token <object>[] tokens) { // check the ugi's token collection ICollection <Org.Apache.Hadoop.Security.Token.Token <object> > ugiTokens = ugi.GetTokens (); foreach (Org.Apache.Hadoop.Security.Token.Token <object> t in tokens) { Assert.True(ugiTokens.Contains(t)); } Assert.Equal(tokens.Length, ugiTokens.Count); // check the ugi's credentials Credentials ugiCreds = ugi.GetCredentials(); foreach (Org.Apache.Hadoop.Security.Token.Token <object> t_1 in tokens) { NUnit.Framework.Assert.AreSame(t_1, ugiCreds.GetToken(t_1.GetService())); } Assert.Equal(tokens.Length, ugiCreds.NumberOfTokens()); }
/// <exception cref="System.IO.IOException"/> private UserProvider() { user = UserGroupInformation.GetCurrentUser(); credentials = user.GetCredentials(); }
public virtual void TestPrivateTokenExclusion() { UserGroupInformation ugi = UserGroupInformation.GetCurrentUser(); TestSaslRPC.TestTokenIdentifier tokenId = new TestSaslRPC.TestTokenIdentifier(); Org.Apache.Hadoop.Security.Token.Token <TestSaslRPC.TestTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token <TestSaslRPC.TestTokenIdentifier>(tokenId. GetBytes(), Runtime.GetBytesForString("password"), tokenId.GetKind(), null ); ugi.AddToken(new Text("regular-token"), token); // Now add cloned private token ugi.AddToken(new Text("private-token"), new Token.PrivateToken <TestSaslRPC.TestTokenIdentifier >(token)); ugi.AddToken(new Text("private-token1"), new Token.PrivateToken <TestSaslRPC.TestTokenIdentifier >(token)); // Ensure only non-private tokens are returned ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > tokens = ugi .GetCredentials().GetAllTokens(); Assert.Equal(1, tokens.Count); }
// my sleep class /// <summary>attempts to access tokenCache as from client</summary> /// <exception cref="System.IO.IOException"/> /// <exception cref="System.Exception"/> protected override void Map(IntWritable key, IntWritable value, Mapper.Context context ) { // get context token storage: Credentials contextCredentials = context.GetCredentials(); ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > contextTokenCollection = contextCredentials.GetAllTokens(); foreach (Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> t in contextTokenCollection) { System.Console.Out.WriteLine("Context token: [" + t + "]"); } if (contextTokenCollection.Count != 2) { // one job token and one delegation token // fail the test: throw new RuntimeException("Exactly 2 tokens are expected in the contextTokenCollection: " + "one job token and one delegation token, but was found " + contextTokenCollection .Count + " tokens."); } Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> dt = contextCredentials.GetToken (new Text(DelegationTokenKey)); if (dt == null) { throw new RuntimeException("Token for key [" + DelegationTokenKey + "] not found in the job context." ); } string tokenFile0 = context.GetConfiguration().Get(MRJobConfig.MapreduceJobCredentialsBinary ); if (tokenFile0 != null) { throw new RuntimeException("Token file key [" + MRJobConfig.MapreduceJobCredentialsBinary + "] found in the configuration. It should have been removed from the configuration." ); } string tokenFile = context.GetConfiguration().Get(KeySecurityTokenFileName); if (tokenFile == null) { throw new RuntimeException("Token file key [" + KeySecurityTokenFileName + "] not found in the job configuration." ); } Credentials binaryCredentials = new Credentials(); binaryCredentials.ReadTokenStorageStream(new DataInputStream(new FileInputStream( tokenFile))); ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > binaryTokenCollection = binaryCredentials.GetAllTokens(); if (binaryTokenCollection.Count != 1) { throw new RuntimeException("The token collection read from file [" + tokenFile + "] must have size = 1."); } Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> binTok = binaryTokenCollection .GetEnumerator().Next(); System.Console.Out.WriteLine("The token read from binary file: t = [" + binTok + "]"); // Verify that dt is same as the token in the file: if (!dt.Equals(binTok)) { throw new RuntimeException("Delegation token in job is not same as the token passed in file:" + " tokenInFile=[" + binTok + "], dt=[" + dt + "]."); } // Now test the user tokens. UserGroupInformation ugi = UserGroupInformation.GetCurrentUser(); // Print all the UGI tokens for diagnostic purposes: ICollection <Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> > ugiTokenCollection = ugi.GetTokens(); foreach (Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> t_1 in ugiTokenCollection) { System.Console.Out.WriteLine("UGI token: [" + t_1 + "]"); } Org.Apache.Hadoop.Security.Token.Token <TokenIdentifier> ugiToken = ugi.GetCredentials ().GetToken(new Text(DelegationTokenKey)); if (ugiToken == null) { throw new RuntimeException("Token for key [" + DelegationTokenKey + "] not found among the UGI tokens." ); } if (!ugiToken.Equals(binTok)) { throw new RuntimeException("UGI token is not same as the token passed in binary file:" + " tokenInBinFile=[" + binTok + "], ugiTok=[" + ugiToken + "]."); } base.Map(key, value, context); }
/// <exception cref="System.IO.IOException"/> private UserProvider(Configuration conf) : base(conf) { user = UserGroupInformation.GetCurrentUser(); credentials = user.GetCredentials(); }