Examples of TokenStorage

• org.apache.hadoop.security.TokenStorage
  A class that provides the facilities of reading and writing secret keys and Tokens.
• org.apache.rahas.TokenStorage
  The storage interface to store security tokens and manipulate them

Examples of org.apache.hadoop.security.TokenStorage

    p1 = new Path("file1");
    p2 = new Path("file2");

    p1 = fs.makeQualified(p1);
    // do not qualify p2
    TokenCache.setTokenStorage(new TokenStorage());
    TokenCache.obtainTokensForNamenodesInternal(new Path [] {p1, p2}, jConf);
  }

Examples of org.apache.hadoop.security.TokenStorage

     */
    @Override
    public void map(IntWritable key, IntWritable value, Context context)
    throws IOException, InterruptedException {
      // get token storage and a key
      TokenStorage ts = TokenCache.getTokenStorage();
      byte[] key1 = TokenCache.getSecretKey(new Text("alias1"));
      Collection<Token<? extends TokenIdentifier>> dts = TokenCache.getAllTokens();
      int dts_size = 0;
      if(dts != null)
        dts_size = dts.size();

      System.out.println("inside MAP: ts==NULL?=" + (ts==null) +
          "; #keys = " + (ts==null? 0:ts.numberOfSecretKeys()) +
          ";jobToken = " +  (ts==null? "n/a":TokenCache.getJobToken(ts)) +
          "; alias1 key=" + new String(key1) +
          "; dts size= " + dts_size);

      for(Token<? extends TokenIdentifier> t : dts) {
        System.out.println(t.getKind() + "=" + StringUtils.byteToHexString(t.getPassword()));
      }

      if(dts.size() != 2) { // one job token and one delegation token
        throw new RuntimeException("tokens are not available"); // fail the test
      }


      if(key1 == null || ts == null || ts.numberOfSecretKeys() != NUM_OF_KEYS) {
        throw new RuntimeException("secret keys are not available"); // fail the test
      }
      super.map(key, value, context);
    }

Examples of org.apache.hadoop.security.TokenStorage

    // two distinct Namenodes
    String nn1 = DelegationTokenRenewal.SCHEME + "://host1:0";
    String nn2 = DelegationTokenRenewal.SCHEME + "://host2:0";
    String nn3 = DelegationTokenRenewal.SCHEME + "://host3:0";

    TokenStorage ts = new TokenStorage();

    // register the token for renewal
    ts.addToken(new Text(nn1), token1);
    ts.addToken(new Text(nn2), token2);
    ts.addToken(new Text(nn3), token3);

    // register the tokens for renewal
    DelegationTokenRenewal.registerDelegationTokensForRenewal(
        new JobID("job1", 1), ts, conf);
    // first 3 initial renewals + 1 real
    int numberOfExpectedRenewals = 3+1;

    int attempts = 4;
    while(attempts-- > 0) {
      try {
        Thread.sleep(3*1000); // sleep 3 seconds, so it has time to renew
      } catch (InterruptedException e) {}

      // since we cannot guarantee timely execution - let's give few chances
      if(dfs.getCounter()==numberOfExpectedRenewals)
        break;
    }

    System.out.println("Counter = " + dfs.getCounter() + ";t="+
        dfs.getToken());
    assertEquals("renew wasn't called as many times as expected(4):",
        numberOfExpectedRenewals, dfs.getCounter());
    assertEquals("most recently renewed token mismatch", dfs.getToken(),
        token1);

    // Test 2.
    // add another token ( that expires in 2 secs). Then remove it, before
    // time is up.
    // Wait for 3 secs , and make sure no renews were called
    ts = new TokenStorage();
    MyToken token4 = dfs.getDelegationToken(new Text("user4"));

    //to cause this one to be set for renew in 2 secs
    dfs.setTokenToRenewIn2Sec(token4);
    System.out.println("token="+token4+" should be renewed for 2 secs");

    String nn4 = DelegationTokenRenewal.SCHEME + "://host4:0";
    ts.addToken(new Text(nn4), token4);


    JobID jid2 = new JobID("job2",1);
    DelegationTokenRenewal.registerDelegationTokensForRenewal(jid2, ts, conf);
    DelegationTokenRenewal.removeDelegationTokenRenewalForJob(jid2);

Examples of org.apache.rahas.TokenStorage

        if(this.tokenStorage != null) {
            return this.tokenStorage;
        }

        TokenStorage storage = (TokenStorage) this.msgContext.getProperty(
                        TokenStorage.TOKEN_STORAGE_KEY);

        if (storage != null) {
            this.tokenStorage = storage;
        } else {

Examples of org.apache.rahas.TokenStorage

                        Date created = assertion.getNotBefore();
                        Date expires = assertion.getNotOnOrAfter();
                        SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                                signatureCrypto, tokenCallbackHandler);
                        try {
                            TokenStorage store = rmd.getTokenStorage();
                            if(store.getToken(id) == null) {
                                Token token = new Token(id, (OMElement)assertion.toDOM(), created, expires);
                                token.setSecret(samlKi.getSecret());
                                store.add(token);
                            }
                        } catch (Exception e) {
                            throw new RampartException(
                                    "errorInAddingTokenIntoStore", e);
                        }

Examples of org.apache.rahas.TokenStorage

            throw new TrustException("cannotDetermineTokenId");
        }

        // Cancel the token
        MessageContext inMsgCtx = data.getInMessageContext();
        TokenStorage tokenStore = TrustUtil.getTokenStore(inMsgCtx);
        Token token = tokenStore.getToken(tokenId);
        if (token == null) {
            throw new TrustException("tokenNotFound", new String[]{tokenId});
        }
        token.setState(Token.CANCELLED);
        tokenStore.update(token);

        // Create the response SOAP Envelope
        SOAPEnvelope responseEnv =
                TrustUtil.
                        createSOAPEnvelope(inMsgCtx.getEnvelope().getNamespace().getNamespaceURI());

Examples of org.apache.rahas.TokenStorage

        String tokenType =
            TrustUtil.getWSTNamespace(version) + RahasConstants.TOK_TYPE_STATUS;

        tokenTypeElem.setText(tokenType);

        TokenStorage store = TrustUtil.getTokenStore(configCtx);

        Token token = store.getToken(tokenId);

        if ( token != null) {

            OMElement str = token.getUnattachedReference();

Examples of org.apache.rahas.TokenStorage

        TrustUtil.createRequestTypeElement(this.version, rst, requestType);

        OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(version, rst);
        tokenTypeElem.setText(tokenType);

        TokenStorage store = TrustUtil.getTokenStore(configCtx);

        Token token = store.getToken(tokenId);

        if ( token != null) {

            OMElement str = token.getUnattachedReference();

Examples of org.apache.rahas.TokenStorage

        if(this.tokenStorage != null) {
            return this.tokenStorage;
        }

        TokenStorage storage = (TokenStorage) this.msgContext.getConfigurationContext().getProperty(
                        TokenStorage.TOKEN_STORAGE_KEY);

        if (storage != null) {
            this.tokenStorage = storage;
        } else {

Examples of org.apache.rahas.TokenStorage

                    SAML2KeyInfo saml2KeyInfo = SAML2Utils.
                            getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);

                    //Store the token
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) SAML2Utils.getElementFromAssertion(assertion), dateOfCreation, dateOfExpiration);
                            token.setSecret(saml2KeyInfo.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
                                "errorInAddingTokenIntoStore", e);
                    }

                }
                //if this is a SAML1.1 assertion
                else {
                    final SAMLAssertion assertion = ((SAMLAssertion) wser.get(
                            WSSecurityEngineResult.TAG_SAML_ASSERTION));

                    // if the subject confirmation method is Bearer, do not try to get the KeyInfo
                    if(RahasConstants.SAML11_SUBJECT_CONFIRMATION_BEARER.equals(
                            TrustUtil.getSAML11SubjectConfirmationMethod(assertion))){
                        break;
                    }

                    String id = assertion.getId();
                    Date created = assertion.getNotBefore();
                    Date expires = assertion.getNotOnOrAfter();
                    SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
                            signatureCrypto, tokenCallbackHandler);
                    try {
                        TokenStorage store = rmd.getTokenStorage();
                        if (store.getToken(id) == null) {
                            Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
                            token.setSecret(samlKi.getSecret());
                            store.add(token);
                        }
                    } catch (Exception e) {
                        throw new RampartException(
                                "errorInAddingTokenIntoStore", e);
                    }