@Test public void testJksProvider() throws Exception { Configuration conf = new Configuration(); final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(tmpDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); Path path = ProviderUtils.unnestUri(new URI(ourUrl)); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue(s.getPermission().toString().equals("rwx------")); assertTrue(file + " should exist", file.isFile()); // check permission retention after explicit change fs.setPermission(path, new FsPermission("777")); checkPermissionRetention(conf, ourUrl, path); }
@Test public void testLocalJksProvider() throws Exception { Configuration conf = new Configuration(); final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final String ourUrl = LocalJavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(tmpDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); Path path = ProviderUtils.unnestUri(new URI(ourUrl)); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Unexpected permissions: " + s.getPermission().toString(), s.getPermission().toString().equals("rwx------")); assertTrue(file + " should exist", file.isFile()); // check permission retention after explicit change fs.setPermission(path, new FsPermission("777")); checkPermissionRetention(conf, ourUrl, path); }
public ReEncryptionClientProvider(URI uri, Configuration conf) throws IOException { setConf(conf); renUrl = createServiceURL(ProviderUtils.unnestUri(uri)); if ("https".equalsIgnoreCase(new URL(renUrl).getProtocol())) { sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); } catch (GeneralSecurityException ex) { throw new IOException(ex); } } int timeout = conf.getInt(TIMEOUT_ATTR, DEFAULT_TIMEOUT); authRetry = conf.getInt(AUTH_RETRY, DEFAULT_AUTH_RETRY); configurator = new TimeoutConnConfigurator(timeout, sslFactory); authToken = new DelegationTokenAuthenticatedURL.Token(); UserGroupInformation.AuthenticationMethod authMethod = UserGroupInformation.getCurrentUser().getAuthenticationMethod(); if (authMethod == UserGroupInformation.AuthenticationMethod.PROXY) { actualUgi = UserGroupInformation.getCurrentUser().getRealUser(); } else if (authMethod == UserGroupInformation.AuthenticationMethod.TOKEN) { actualUgi = UserGroupInformation.getLoginUser(); } else { actualUgi =UserGroupInformation.getCurrentUser(); } }
@Test public void testCredentialProvider() throws Exception { // set up conf to have a cred provider final Configuration conf = new Configuration(); final File file = tempDir.newFile("test.jks"); final URI jks = ProviderUtils.nestURIForLocalJavaKeyStoreProvider( file.toURI()); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, jks.toString()); // add our creds to the provider final CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0); provider.createCredentialEntry("fs.s3.awsSecretAccessKey", EXAMPLE_KEY.toCharArray()); provider.flush(); // make sure S3Creds can retrieve things. S3Credentials s3Credentials = new S3Credentials(); conf.set("fs.s3.awsAccessKeyId", EXAMPLE_ID); s3Credentials.initialize(new URI("s3://foobar"), conf); assertEquals("Could not retrieve proper access key", EXAMPLE_ID, s3Credentials.getAccessKey()); assertEquals("Could not retrieve proper secret", EXAMPLE_KEY, s3Credentials.getSecretAccessKey()); }
@Test public void testJksProvider() throws Exception { Configuration conf = new Configuration(); final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final String ourUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(tmpDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); Path path = ProviderUtils.unnestUri(new URI(ourUrl)); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue(s.getPermission().toString().equals("rw-------")); assertTrue(file + " should exist", file.isFile()); // check permission retention after explicit change fs.setPermission(path, new FsPermission("777")); checkPermissionRetention(conf, ourUrl, path); }
@Test public void testLocalJksProvider() throws Exception { Configuration conf = new Configuration(); final Path jksPath = new Path(tmpDir.toString(), "test.jks"); final String ourUrl = LocalJavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); File file = new File(tmpDir, "test.jks"); file.delete(); conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); Path path = ProviderUtils.unnestUri(new URI(ourUrl)); FileSystem fs = path.getFileSystem(conf); FileStatus s = fs.getFileStatus(path); assertTrue("Unexpected permissions: " + s.getPermission().toString(), s.getPermission().toString().equals("rw-------")); assertTrue(file + " should exist", file.isFile()); // check permission retention after explicit change fs.setPermission(path, new FsPermission("777")); checkPermissionRetention(conf, ourUrl, path); }
protected void initFileSystem(URI keystoreUri, Configuration conf) throws IOException { path = ProviderUtils.unnestUri(keystoreUri); if (LOG.isDebugEnabled()) { LOG.debug("backing jks path initialized to " + path); } }
protected void initFileSystem(URI keystoreUri) throws IOException { path = ProviderUtils.unnestUri(keystoreUri); if (LOG.isDebugEnabled()) { LOG.debug("backing jks path initialized to " + path); } }
private JavaKeyStoreProvider(URI uri, Configuration conf) throws IOException { super(conf); this.uri = uri; path = ProviderUtils.unnestUri(uri); fs = path.getFileSystem(conf); locateKeystore(); ReadWriteLock lock = new ReentrantReadWriteLock(true); readLock = lock.readLock(); writeLock = lock.writeLock(); }
@Test public void testStrict() throws Exception { outContent.reset(); int rc = 0; KeyShell ks = new KeyShell(); ks.setConf(new Configuration()); final String[] args1 = {"create", "hello", "-provider", jceksProvider, "-strict"}; rc = ks.run(args1); assertEquals(1, rc); assertTrue(outContent.toString() .contains(ProviderUtils.NO_PASSWORD_ERROR)); assertTrue(outContent.toString() .contains(ProviderUtils.NO_PASSWORD_INSTRUCTIONS_DOC)); }
private static Path extractKMSPath(URI uri) throws MalformedURLException, IOException { return ProviderUtils.unnestUri(uri); }
protected void initFileSystem(URI keystoreUri, Configuration conf) throws IOException { path = ProviderUtils.unnestUri(keystoreUri); }
@Override public boolean needsPassword() throws IOException { return (null == ProviderUtils.locatePassword(CREDENTIAL_PASSWORD_ENV_VAR, conf.get(CREDENTIAL_PASSWORD_FILE_KEY))); }
