当前位置: 首页>>代码示例>>Java>>正文


Java Token.getIdentifier方法代码示例

本文整理汇总了Java中org.apache.hadoop.security.token.Token.getIdentifier方法的典型用法代码示例。如果您正苦于以下问题:Java Token.getIdentifier方法的具体用法?Java Token.getIdentifier怎么用?Java Token.getIdentifier使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.apache.hadoop.security.token.Token的用法示例。


在下文中一共展示了Token.getIdentifier方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: testDelegationTokenSecretManager

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@Test
public void testDelegationTokenSecretManager() throws Exception {
  Token<DelegationTokenIdentifier> token = generateDelegationToken(
      "SomeUser", "JobTracker");
  // Fake renewer should not be able to renew
  try {
	  dtSecretManager.renewToken(token, "FakeRenewer");
	  Assert.fail("should have failed");
  } catch (AccessControlException ace) {
    // PASS
  }
 dtSecretManager.renewToken(token, "JobTracker");
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  identifier.readFields(new DataInputStream(
           new ByteArrayInputStream(tokenId)));
  Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
  LOG.info("Sleep to expire the token");
 Thread.sleep(6000);
 //Token should be expired
 try {
   dtSecretManager.retrievePassword(identifier);
   //Should not come here
   Assert.fail("Token should have expired");
 } catch (InvalidToken e) {
   //Success
 }
 dtSecretManager.renewToken(token, "JobTracker");
 LOG.info("Sleep beyond the max lifetime");
 Thread.sleep(5000);
 try {
	  dtSecretManager.renewToken(token, "JobTracker");
	  Assert.fail("should have been expired");
 } catch (InvalidToken it) {
   // PASS
 }
}
 
开发者ID:naver,项目名称:hadoop,代码行数:38,代码来源:TestDelegationToken.java

示例2: cancelToken

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@Override
public synchronized TokenIdent cancelToken(Token<TokenIdent> token,
    String canceller) throws IOException {
  ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  TokenIdent id = createIdentifier();
  id.readFields(in);
  try {
    if (!currentTokens.containsKey(id)) {
      // See if token can be retrieved and placed in currentTokens
      getTokenInfo(id);
    }
    return super.cancelToken(token, canceller);
  } catch (Exception e) {
    LOG.error("Exception while checking if token exist !!", e);
    return id;
  }
}
 
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:19,代码来源:ZKDelegationTokenSecretManager.java

示例3: decodeToken

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
private static DelegationTokenIdentifier decodeToken(
    Token<DelegationTokenIdentifier> token, Text tokenKind)
        throws IOException {
  ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
  DataInputStream dis = new DataInputStream(buf);
  DelegationTokenIdentifier id = new DelegationTokenIdentifier(tokenKind);
  id.readFields(dis);
  dis.close();
  return id;
}
 
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:11,代码来源:DelegationTokenManager.java

示例4: isTokenExpired

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
/**
 * check if a token is expired. for unit test only. return true when token is
 * expired, false otherwise
 */
static boolean isTokenExpired(Token<BlockTokenIdentifier> token)
    throws IOException {
  ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  long expiryDate = WritableUtils.readVLong(in);
  return isExpired(expiryDate);
}
 
开发者ID:naver,项目名称:hadoop,代码行数:12,代码来源:BlockTokenSecretManager.java

示例5: stringifyToken

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
/** @return a string representation of the token */
public static String stringifyToken(final Token<?> token) throws IOException {
  DelegationTokenIdentifier ident = new DelegationTokenIdentifier();
  ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);  
  ident.readFields(in);

  if (token.getService().getLength() > 0) {
    return ident + " on " + token.getService();
  } else {
    return ident.toString();
  }
}
 
开发者ID:naver,项目名称:hadoop,代码行数:14,代码来源:DelegationTokenIdentifier.java

示例6: renewDelegationToken

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
/**
 * 
 * @param token token to renew
 * @return new expiryTime of the token
 * @throws InvalidToken if {@code token} is invalid
 * @throws IOException on other errors
 */
long renewDelegationToken(Token<DelegationTokenIdentifier> token)
    throws InvalidToken, IOException {
  long expiryTime;
  checkOperation(OperationCategory.WRITE);
  writeLock();
  try {
    checkOperation(OperationCategory.WRITE);

    checkNameNodeSafeMode("Cannot renew delegation token");
    if (!isAllowedDelegationTokenOp()) {
      throw new IOException(
          "Delegation Token can be renewed only with kerberos or web authentication");
    }
    String renewer = getRemoteUser().getShortUserName();
    expiryTime = dtSecretManager.renewToken(token, renewer);
    DelegationTokenIdentifier id = new DelegationTokenIdentifier();
    ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
    DataInputStream in = new DataInputStream(buf);
    id.readFields(in);
    getEditLog().logRenewDelegationToken(id, expiryTime);
  } finally {
    writeUnlock();
  }
  getEditLog().logSync();
  return expiryTime;
}
 
开发者ID:naver,项目名称:hadoop,代码行数:34,代码来源:FSNamesystem.java

示例7: tokenUGI

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
private UserGroupInformation tokenUGI() throws IOException {
  Token<DelegationTokenIdentifier> token = params.delegationToken();
  ByteArrayInputStream buf =
    new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  DelegationTokenIdentifier id = new DelegationTokenIdentifier();
  id.readFields(in);
  UserGroupInformation ugi = id.getUser();
  ugi.addToken(token);
  return ugi;
}
 
开发者ID:naver,项目名称:hadoop,代码行数:12,代码来源:DataNodeUGIProvider.java

示例8: checkBlockToken

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
private void checkBlockToken(ExtendedBlock block, Token<BlockTokenIdentifier> token,
    AccessMode accessMode) throws IOException {
  if (isBlockTokenEnabled) {
    BlockTokenIdentifier id = new BlockTokenIdentifier();
    ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
    DataInputStream in = new DataInputStream(buf);
    id.readFields(in);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Got: " + id.toString());
    }
    blockPoolTokenSecretManager.checkAccess(id, null, block, accessMode);
  }
}
 
开发者ID:naver,项目名称:hadoop,代码行数:14,代码来源:DataNode.java

示例9: getTokenUGI

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
private static UserGroupInformation getTokenUGI(ServletContext context,
                                                HttpServletRequest request,
                                                String tokenString,
                                                Configuration conf)
                                                    throws IOException {
  final Token<DelegationTokenIdentifier> token =
      new Token<DelegationTokenIdentifier>();
  token.decodeFromUrlString(tokenString);
  InetSocketAddress serviceAddress = getNNServiceAddress(context, request);
  if (serviceAddress != null) {
    SecurityUtil.setTokenService(token, serviceAddress);
    token.setKind(DelegationTokenIdentifier.HDFS_DELEGATION_KIND);
  }

  ByteArrayInputStream buf =
      new ByteArrayInputStream(token.getIdentifier());
  DataInputStream in = new DataInputStream(buf);
  DelegationTokenIdentifier id = new DelegationTokenIdentifier();
  id.readFields(in);
  if (context != null) {
    final NameNode nn = NameNodeHttpServer.getNameNodeFromContext(context);
    if (nn != null) {
      // Verify the token.
      nn.getNamesystem().verifyToken(id, token.getPassword());
    }
  }
  UserGroupInformation ugi = id.getUser();
  ugi.addToken(token);
  return ugi;
}
 
开发者ID:naver,项目名称:hadoop,代码行数:31,代码来源:JspHelper.java

示例10: checkTokenIdentifier

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@SuppressWarnings("unchecked")
private void checkTokenIdentifier(UserGroupInformation ugi, final Token<?> token)
    throws Exception {
  Assert.assertNotNull(token);
  // should be able to use token.decodeIdentifier() but webhdfs isn't
  // registered with the service loader for token decoding
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  DataInputStream in = new DataInputStream(new ByteArrayInputStream(tokenId));
  try {
    identifier.readFields(in);
  } finally {
    in.close();
  }
  Assert.assertNotNull(identifier);
  LOG.info("A valid token should have non-null password, and should be renewed successfully");
  Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
  dtSecretManager.renewToken((Token<DelegationTokenIdentifier>) token, "JobTracker");
  ugi.doAs(
      new PrivilegedExceptionAction<Object>() {
        @Override
        public Object run() throws Exception {
          token.renew(config);
          token.cancel(config);
          return null;
        }
      });
}
 
开发者ID:naver,项目名称:hadoop,代码行数:29,代码来源:TestDelegationToken.java

示例11: testDelegationTokenDFSApi

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@Test(timeout = 300000)
public void testDelegationTokenDFSApi() throws Exception {
  final Token<DelegationTokenIdentifier> token =
      getDelegationToken(fs, "JobTracker");
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  identifier.readFields(new DataInputStream(
           new ByteArrayInputStream(tokenId)));

  // Ensure that it's present in the NN's secret manager and can
  // be renewed directly from there.
  LOG.info("A valid token should have non-null password, " +
      "and should be renewed successfully");
  assertTrue(null != dtSecretManager.retrievePassword(identifier));
  dtSecretManager.renewToken(token, "JobTracker");
  
  // Use the client conf with the failover info present to check
  // renewal.
  Configuration clientConf = dfs.getConf();
  doRenewOrCancel(token, clientConf, TokenTestAction.RENEW);
  
  // Using a configuration that doesn't have the logical nameservice
  // configured should result in a reasonable error message.
  Configuration emptyConf = new Configuration();
  try {
    doRenewOrCancel(token, emptyConf, TokenTestAction.RENEW);
    fail("Did not throw trying to renew with an empty conf!");
  } catch (IOException ioe) {
    GenericTestUtils.assertExceptionContains(
        "Unable to map logical nameservice URI", ioe);
  }

  
  // Ensure that the token can be renewed again after a failover.
  cluster.transitionToStandby(0);
  cluster.transitionToActive(1);
  doRenewOrCancel(token, clientConf, TokenTestAction.RENEW);
  
  doRenewOrCancel(token, clientConf, TokenTestAction.CANCEL);
}
 
开发者ID:naver,项目名称:hadoop,代码行数:41,代码来源:TestDelegationTokensWithHA.java

示例12: testDelegationTokenSecretManager

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@Test
public void testDelegationTokenSecretManager() throws Exception {
  final TestDelegationTokenSecretManager dtSecretManager = 
    new TestDelegationTokenSecretManager(24*60*60*1000,
        3*1000,1*1000,3600000);
  try {
    dtSecretManager.startThreads();
    final Token<TestDelegationTokenIdentifier> token = 
      generateDelegationToken(
        dtSecretManager, "SomeUser", "JobTracker");
    Assert.assertTrue(dtSecretManager.isStoreNewTokenCalled);
    // Fake renewer should not be able to renew
    shouldThrow(new PrivilegedExceptionAction<Object>() {
      @Override
      public Object run() throws Exception {
        dtSecretManager.renewToken(token, "FakeRenewer");
        return null;
      }
    }, AccessControlException.class);
    long time = dtSecretManager.renewToken(token, "JobTracker");
    Assert.assertTrue(dtSecretManager.isUpdateStoredTokenCalled);
    assertTrue("renew time is in future", time > Time.now());
    TestDelegationTokenIdentifier identifier = 
      new TestDelegationTokenIdentifier();
    byte[] tokenId = token.getIdentifier();
    identifier.readFields(new DataInputStream(
        new ByteArrayInputStream(tokenId)));
    Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
    LOG.info("Sleep to expire the token");
    Thread.sleep(2000);
    //Token should be expired
    try {
      dtSecretManager.retrievePassword(identifier);
      //Should not come here
      Assert.fail("Token should have expired");
    } catch (InvalidToken e) {
      //Success
    }
    dtSecretManager.renewToken(token, "JobTracker");
    LOG.info("Sleep beyond the max lifetime");
    Thread.sleep(2000);
    
    shouldThrow(new PrivilegedExceptionAction<Object>() {
      @Override
      public Object run() throws Exception {
        dtSecretManager.renewToken(token, "JobTracker");
        return null;
      }
    }, InvalidToken.class);
  } finally {
    dtSecretManager.stopThreads();
  }
}
 
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:54,代码来源:TestDelegationToken.java

示例13: testRollMasterKey

import org.apache.hadoop.security.token.Token; //导入方法依赖的package包/类
@Test(timeout = 10000)
public void testRollMasterKey() throws Exception {
  TestDelegationTokenSecretManager dtSecretManager = 
    new TestDelegationTokenSecretManager(800,
      800,1*1000,3600000);
  try {
    dtSecretManager.startThreads();
    //generate a token and store the password
    Token<TestDelegationTokenIdentifier> token = generateDelegationToken(
        dtSecretManager, "SomeUser", "JobTracker");
    byte[] oldPasswd = token.getPassword();
    //store the length of the keys list
    int prevNumKeys = dtSecretManager.getAllKeys().length;
    
    dtSecretManager.rollMasterKey();
    Assert.assertTrue(dtSecretManager.isStoreNewMasterKeyCalled);

    //after rolling, the length of the keys list must increase
    int currNumKeys = dtSecretManager.getAllKeys().length;
    Assert.assertEquals((currNumKeys - prevNumKeys) >= 1, true);
    
    //after rolling, the token that was generated earlier must
    //still be valid (retrievePassword will fail if the token
    //is not valid)
    ByteArrayInputStream bi = 
      new ByteArrayInputStream(token.getIdentifier());
    TestDelegationTokenIdentifier identifier = 
      dtSecretManager.createIdentifier();
    identifier.readFields(new DataInputStream(bi));
    byte[] newPasswd = 
      dtSecretManager.retrievePassword(identifier);
    //compare the passwords
    Assert.assertEquals(oldPasswd, newPasswd);
    // wait for keys to expire
    while(!dtSecretManager.isRemoveStoredMasterKeyCalled) {
      Thread.sleep(200);
    }
  } finally {
    dtSecretManager.stopThreads();
  }
}
 
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:42,代码来源:TestDelegationToken.java


注:本文中的org.apache.hadoop.security.token.Token.getIdentifier方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。