public Token<?> getDelegationToken(String renewer) throws java.io.IOException { return this.underlyingFs.getDelegationToken(renewer); }
/** * Get a new delegation token for the current logged-in user. */ @VisibleForTesting synchronized void getNewDelegationTokenForLoginUser() throws IOException { this.token = this.fs.getDelegationToken(this.loginUser.getShortUserName()); }
private static void getHdfsToken(Configuration conf, Credentials cred) throws IOException { FileSystem fs = FileSystem.get(conf); LOG.info("Getting DFS token from " + fs.getUri()); Token<?> fsToken = fs.getDelegationToken(getMRTokenRenewerInternal(new JobConf()).toString()); if (fsToken == null) { LOG.error("Failed to fetch DFS token for "); throw new IOException("Failed to fetch DFS token."); } LOG.info("Created DFS token: " + fsToken.toString()); LOG.info("Token kind: " + fsToken.getKind()); LOG.info("Token id: " + Arrays.toString(fsToken.getIdentifier())); LOG.info("Token service: " + fsToken.getService()); cred.addToken(fsToken.getService(), fsToken); }
/** * Acquire the delegation token for the specified filesytem. * Before requesting a new delegation token, tries to find one already available. * * @param fs the filesystem that requires the delegation token * @throws IOException on fs.getDelegationToken() failure */ public void acquireDelegationToken(final FileSystem fs) throws IOException { if (userProvider.isHadoopSecurityEnabled()) { this.fs = fs; userToken = userProvider.getCurrent().getToken("HDFS_DELEGATION_TOKEN", fs.getCanonicalServiceName()); if (userToken == null) { hasForwardedToken = false; try { userToken = fs.getDelegationToken(renewer); } catch (NullPointerException npe) { // we need to handle NullPointerException in case HADOOP-10009 is missing LOG.error("Failed to get token for " + renewer); } } else { hasForwardedToken = true; LOG.info("Use the existing token: " + userToken); } } }
this.token.setKind(new Text("test")); this.token.setService(new Text("test")); Mockito.<Token<?>>when(this.localFs.getDelegationToken(UserGroupInformation.getLoginUser().getShortUserName())) .thenReturn(this.token);
/** * Returns Token object via FileSystem, null if bad argument. * @param conf - a Configuration object used with FileSystem.get() * @param creds - a Credentials object to which token(s) will be added * @param renewer - the renewer to send with the token request * @param url - the URL to which the request is sent * @return a Token, or null if fetch fails. */ public Token<?> addDelegationTokens(Configuration conf, Credentials creds, String renewer, String url) throws Exception { if (!url.startsWith(getServiceName().toString())) { url = getServiceName().toString() + "://" + url; } FileSystem fs = FileSystem.get(URI.create(url), conf); Token<?> token = fs.getDelegationToken(renewer); if (token == null) { LOG.error(FETCH_FAILED); throw new IOException(FETCH_FAILED); } creds.addToken(token.getService(), token); return token; } }
@VisibleForTesting static void saveDelegationToken(Configuration conf, FileSystem fs, final String renewer, final Path tokenFile) throws IOException { Token<?> token = fs.getDelegationToken(renewer); if (null != token) { Credentials cred = new Credentials(); cred.addToken(token.getService(), token); // dtutil is replacing this tool; preserve legacy functionality cred.writeTokenStorageFile(tokenFile, conf, Credentials.SerializedFormat.WRITABLE); if (LOG.isDebugEnabled()) { LOG.debug("Fetched token " + fs.getUri() + " for " + token.getService() + " into " + tokenFile); } } else { System.err.println("ERROR: Failed to fetch token from " + fs.getUri()); } }
@Override public Token<?> getDelegationToken(String renewer) throws IOException { return fileSystem.getDelegationToken(renewer); }
@Override public Token<?> getDelegationToken(String renewer) throws IOException { return fileSystem.getDelegationToken(renewer); }
/** * Get a new delegation token for the current logged-in user. */ @VisibleForTesting synchronized void getNewDelegationTokenForLoginUser() throws IOException { this.token = this.fs.getDelegationToken(this.loginUser.getShortUserName()); }
@Override // publicly expose for mocking public Token<?> getDelegationToken(String renewer) throws IOException { return fs.getDelegationToken(renewer); } }
@Override // publicly expose for mocking public Token<?> getDelegationToken(String renewer) throws IOException { return fs.getDelegationToken(renewer); } }
@Override @Private public Token<?> getDelegationToken(String renewer) throws IOException { return underlyingFs.getDelegationToken(renewer); }
/** * Get a delegation token from remote service endpoint if * 'fs.azure.enable.kerberos.support' is set to 'true', and * 'fs.azure.enable.delegation.token' is set to 'true'. * @param renewer the account name that is allowed to renew the token. * @return delegation token * @throws IOException thrown when getting the current user. */ @Override public synchronized Token<?> getDelegationToken(final String renewer) throws IOException { return this.delegationTokenEnabled ? this.delegationTokenManager.getDelegationToken(renewer) : super.getDelegationToken(renewer); }
/** * Get a delegation token from remote service endpoint if * 'fs.azure.enable.kerberos.support' is set to 'true'. * @param renewer the account name that is allowed to renew the token. * @return delegation token * @throws IOException thrown when getting the current user. */ @Override public synchronized Token<?> getDelegationToken(final String renewer) throws IOException { if (kerberosSupportEnabled) { return wasbDelegationTokenManager.getDelegationToken(renewer); } else { return super.getDelegationToken(renewer); } }
@Override public void addDelegationTokens(FileSystem fs, Credentials cred, String uname) throws IOException { Token<?> fsToken = fs.getDelegationToken(uname); cred.addToken(fsToken.getService(), fsToken); } }
@Override @Private public Token<?> getDelegationToken(String renewer) throws IOException { try { return underlyingFs.getDelegationToken(renewer); } catch(FSError e) { throw propagateFSError(e); } }
@Override public void addDelegationTokens(FileSystem fs, Credentials cred, String uname) throws IOException { Token<?> fsToken = fs.getDelegationToken(uname); cred.addToken(fsToken.getService(), fsToken); } }
synchronized void ensureTokenInitialized() throws IOException { // we haven't inited yet, or we used to have a token but it expired if (!hasInitedToken || (action != null && !action.isValid())) { //since we don't already have a token, go get one Token<?> token = fs.getDelegationToken(null); // security might be disabled if (token != null) { fs.setDelegationToken(token); addRenewAction(fs); LOG.debug("Created new DT for " + token.getService()); } hasInitedToken = true; } }
@Test public void testEmptyDelegationToken() throws IOException { Configuration conf = getTestConfiguration(); MiniDFSCluster cluster = null; try { cluster = new MiniDFSCluster.Builder(conf).numDataNodes(1).build(); FileSystem fileSys = cluster.getFileSystem(); fileSys.getDelegationToken(""); } finally { cluster.shutdown(); } }