@SuppressWarnings("unchecked") @Override public long renew(Token<?> token, Configuration conf) throws IOException, InterruptedException { final ApplicationClientProtocol rmClient = getRmClient(token, conf); if (rmClient != null) { try { RenewDelegationTokenRequest request = Records.newRecord(RenewDelegationTokenRequest.class); request.setDelegationToken(convertToProtoToken(token)); return rmClient.renewDelegationToken(request).getNextExpirationTime(); } catch (YarnException e) { throw new IOException(e); } finally { RPC.stopProxy(rmClient); } } else { return localSecretManager.renewToken( (Token<RMDelegationTokenIdentifier>)token, getRenewer(token)); } }
@Override public RenewDelegationTokenResponse renewDelegationToken( RenewDelegationTokenRequest request) throws YarnException { try { if (!isAllowedDelegationTokenOp()) { throw new IOException( "Delegation Token can be renewed only with kerberos authentication"); } org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken(); Token<RMDelegationTokenIdentifier> token = new Token<RMDelegationTokenIdentifier>( protoToken.getIdentifier().array(), protoToken.getPassword().array(), new Text(protoToken.getKind()), new Text(protoToken.getService())); String user = getRenewerForToken(token); long nextExpTime = rmDTSecretManager.renewToken(token, user); RenewDelegationTokenResponse renewResponse = Records .newRecord(RenewDelegationTokenResponse.class); renewResponse.setNextExpirationTime(nextExpTime); return renewResponse; } catch (IOException e) { throw RPCUtil.getRemoteException(e); } }
private long renewDelegationToken(final UserGroupInformation loggedInUser, final ApplicationClientProtocol clientRMService, final org.apache.hadoop.yarn.api.records.Token dToken) throws IOException, InterruptedException { long nextExpTime = loggedInUser.doAs(new PrivilegedExceptionAction<Long>() { @Override public Long run() throws YarnException, IOException { RenewDelegationTokenRequest request = Records .newRecord(RenewDelegationTokenRequest.class); request.setDelegationToken(dToken); return clientRMService.renewDelegationToken(request) .getNextExpirationTime(); } }); return nextExpTime; }
private void checkTokenRenewal(UserGroupInformation owner, UserGroupInformation renewer) throws IOException, YarnException { RMDelegationTokenIdentifier tokenIdentifier = new RMDelegationTokenIdentifier( new Text(owner.getUserName()), new Text(renewer.getUserName()), null); Token<?> token = new Token<RMDelegationTokenIdentifier>(tokenIdentifier, dtsm); org.apache.hadoop.yarn.api.records.Token dToken = BuilderUtils.newDelegationToken( token.getIdentifier(), token.getKind().toString(), token.getPassword(), token.getService().toString()); RenewDelegationTokenRequest request = Records.newRecord(RenewDelegationTokenRequest.class); request.setDelegationToken(dToken); RMContext rmContext = mock(RMContext.class); ClientRMService rmService = new ClientRMService( rmContext, null, null, null, null, dtsm); rmService.renewDelegationToken(request); }
private void checkTokenRenewal(UserGroupInformation owner, UserGroupInformation renewer) throws IOException, YarnException { RMDelegationTokenIdentifier tokenIdentifier = new RMDelegationTokenIdentifier(new Text(owner.getUserName()), new Text(renewer.getUserName()), null); Token<?> token = new Token<RMDelegationTokenIdentifier>(tokenIdentifier, dtsm); org.apache.hadoop.yarn.api.records.Token dToken = BuilderUtils.newDelegationToken(token.getIdentifier(), token.getKind() .toString(), token.getPassword(), token.getService().toString()); RenewDelegationTokenRequest request = Records.newRecord(RenewDelegationTokenRequest.class); request.setDelegationToken(dToken); RMContext rmContext = mock(RMContext.class); ClientRMService rmService = new ClientRMService(rmContext, null, null, null, null, dtsm); rmService.renewDelegationToken(request); }
private void checkTokenRenewal(UserGroupInformation owner, UserGroupInformation renewer) throws IOException, YarnException { RMDelegationTokenIdentifier tokenIdentifier = new RMDelegationTokenIdentifier( new Text(owner.getUserName()), new Text(renewer.getUserName()), null); Token<?> token = new Token<RMDelegationTokenIdentifier>(tokenIdentifier, dtsm); org.apache.hadoop.yarn.api.records.Token dToken = BuilderUtils.newDelegationToken( token.getIdentifier(), token.getKind().toString(), token.getPassword(), token.getService().toString()); RenewDelegationTokenRequest request = Records.newRecord(RenewDelegationTokenRequest.class); request.setDelegationToken(dToken); RMContext rmContext = mock(RMContext.class); ClientRMService rmService = new ClientRMService( rmContext, null, null, null, dtsm); rmService.renewDelegationToken(request); }
@Override public RenewDelegationTokenResponse renewDelegationToken( RenewDelegationTokenRequest request) throws YarnException, IOException { RenewDelegationTokenRequestProto requestProto = ((RenewDelegationTokenRequestPBImpl) request).getProto(); try { return new RenewDelegationTokenResponsePBImpl(proxy.renewDelegationToken( null, requestProto)); } catch (ServiceException e) { RPCUtil.unwrapAndThrowException(e); return null; } }
@Test(timeout = 15000) public void testRenewDelegationTokenOnHA() throws Exception { RenewDelegationTokenRequest request = RenewDelegationTokenRequest.newInstance(cluster.createFakeToken()); long newExpirationTime = ClientRMProxy.createRMProxy(this.conf, ApplicationClientProtocol.class) .renewDelegationToken(request).getNextExpirationTime(); Assert.assertEquals(newExpirationTime, cluster.createNextExpirationTime()); }
@Override public RenewDelegationTokenResponse renewDelegationToken( RenewDelegationTokenRequest request) throws YarnException { resetStartFailoverFlag(true); // make sure failover has been triggered Assert.assertTrue(waittingForFailOver()); return RenewDelegationTokenResponse .newInstance(createNextExpirationTime()); }
