@SuppressWarnings("unchecked") @Override public void cancel(Token<?> token, Configuration conf) throws IOException, InterruptedException { final ApplicationClientProtocol rmClient = getRmClient(token, conf); if (rmClient != null) { try { CancelDelegationTokenRequest request = Records.newRecord(CancelDelegationTokenRequest.class); request.setDelegationToken(convertToProtoToken(token)); rmClient.cancelDelegationToken(request); } catch (YarnException e) { throw new IOException(e); } finally { RPC.stopProxy(rmClient); } } else { localSecretManager.cancelToken( (Token<RMDelegationTokenIdentifier>)token, getRenewer(token)); } }
@Override public CancelDelegationTokenResponse cancelDelegationToken( CancelDelegationTokenRequest request) throws YarnException { try { if (!isAllowedDelegationTokenOp()) { throw new IOException( "Delegation Token can be cancelled only with kerberos authentication"); } org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken(); Token<RMDelegationTokenIdentifier> token = new Token<RMDelegationTokenIdentifier>( protoToken.getIdentifier().array(), protoToken.getPassword().array(), new Text(protoToken.getKind()), new Text(protoToken.getService())); String user = UserGroupInformation.getCurrentUser().getUserName(); rmDTSecretManager.cancelToken(token, user); return Records.newRecord(CancelDelegationTokenResponse.class); } catch (IOException e) { throw RPCUtil.getRemoteException(e); } }
private void checkTokenCancellation(ClientRMService rmService, UserGroupInformation owner, UserGroupInformation renewer) throws IOException, YarnException { RMDelegationTokenIdentifier tokenIdentifier = new RMDelegationTokenIdentifier(new Text(owner.getUserName()), new Text(renewer.getUserName()), null); Token<?> token = new Token<RMDelegationTokenIdentifier>(tokenIdentifier, dtsm); org.apache.hadoop.yarn.api.records.Token dToken = BuilderUtils.newDelegationToken(token.getIdentifier(), token.getKind() .toString(), token.getPassword(), token.getService().toString()); CancelDelegationTokenRequest request = Records.newRecord(CancelDelegationTokenRequest.class); request.setDelegationToken(dToken); rmService.cancelDelegationToken(request); }
@Override public CancelDelegationTokenResponse cancelDelegationToken( CancelDelegationTokenRequest request) throws YarnException { try { if (!isAllowedDelegationTokenOp()) { throw new IOException( "Delegation Token can be cancelled only with kerberos authentication"); } org.apache.hadoop.yarn.api.records.Token protoToken = request.getDelegationToken(); Token<RMDelegationTokenIdentifier> token = new Token<RMDelegationTokenIdentifier>( protoToken.getIdentifier().array(), protoToken.getPassword().array(), new Text(protoToken.getKind()), new Text(protoToken.getService())); String user = getRenewerForToken(token); rmDTSecretManager.cancelToken(token, user); return Records.newRecord(CancelDelegationTokenResponse.class); } catch (IOException e) { throw RPCUtil.getRemoteException(e); } }
@Override public CancelDelegationTokenResponse cancelDelegationToken( CancelDelegationTokenRequest request) throws YarnException, IOException { CancelDelegationTokenRequestProto requestProto = ((CancelDelegationTokenRequestPBImpl) request).getProto(); try { return new CancelDelegationTokenResponsePBImpl( proxy.cancelDelegationToken(null, requestProto)); } catch (ServiceException e) { RPCUtil.unwrapAndThrowException(e); return null; } }
private void cancelDelegationToken(final UserGroupInformation loggedInUser, final ApplicationClientProtocol clientRMService, final org.apache.hadoop.yarn.api.records.Token dToken) throws IOException, InterruptedException { loggedInUser.doAs(new PrivilegedExceptionAction<Void>() { @Override public Void run() throws YarnException, IOException { CancelDelegationTokenRequest request = Records .newRecord(CancelDelegationTokenRequest.class); request.setDelegationToken(dToken); clientRMService.cancelDelegationToken(request); return null; } }); }
@Test(timeout = 15000) public void testCancelDelegationTokenOnHA() throws Exception { CancelDelegationTokenRequest request = CancelDelegationTokenRequest.newInstance(cluster.createFakeToken()); ClientRMProxy.createRMProxy(this.conf, ApplicationClientProtocol.class) .cancelDelegationToken(request); }
@Override public CancelDelegationTokenResponse cancelDelegationToken( CancelDelegationTokenRequest request) throws YarnException { resetStartFailoverFlag(true); // make sure failover has been triggered Assert.assertTrue(waittingForFailOver()); return CancelDelegationTokenResponse.newInstance(); }