org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager类的使用及代码示例

x33g5p2x  于2022-02-05 转载在 其他  
字(9.2k)|赞(0)|评价(0)|浏览(126)

本文整理了Java中org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager类的一些代码示例,展示了ZKDelegationTokenSecretManager类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ZKDelegationTokenSecretManager类的具体详情如下:
包路径:org.apache.hadoop.security.token.delegation.ZKDelegationTokenSecretManager
类名称:ZKDelegationTokenSecretManager

ZKDelegationTokenSecretManager介绍

[英]An implementation of AbstractDelegationTokenSecretManager that persists TokenIdentifiers and DelegationKeys in Zookeeper. This class can be used by HA (Highly available) services that consists of multiple nodes. This class ensures that Identifiers and Keys are replicated to all nodes of the service.
[中]AbstractDelegationTokenSecretManager的一种实现,它将TokenIdentifiers和DelegationKeys保存在Zookeeper中。此类可由多个节点组成的HA(高可用)服务使用。此类确保将标识符和密钥复制到服务的所有节点。

代码示例

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected void initializeAuthHandler(String authHandlerClassName,
  FilterConfig filterConfig) throws ServletException {
 // A single CuratorFramework should be used for a ZK cluster.
 // If the ZKSignerSecretProvider has already created it, it has to
 // be set here... to be used by the ZKDelegationTokenSecretManager
 ZKDelegationTokenSecretManager.setCurator((CuratorFramework)
   filterConfig.getServletContext().getAttribute(ZKSignerSecretProvider.
     ZOOKEEPER_SIGNER_SECRET_PROVIDER_CURATOR_CLIENT_ATTRIBUTE));
 super.initializeAuthHandler(authHandlerClassName, filterConfig);
 ZKDelegationTokenSecretManager.setCurator(null);
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected void updateDelegationKey(DelegationKey key) throws IOException {
 addOrUpdateDelegationKey(key, true);
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected void updateToken(TokenIdent ident,
  DelegationTokenInformation tokenInfo) throws IOException {
 String nodeRemovePath =
   getNodePath(ZK_DTSM_TOKENS_ROOT, DELEGATION_TOKEN_PREFIX
     + ident.getSequenceNumber());
 try {
  if (zkClient.checkExists().forPath(nodeRemovePath) != null) {
   addOrUpdateToken(ident, tokenInfo, true);
  } else {
   addOrUpdateToken(ident, tokenInfo, false);
   LOG.debug("Attempted to update a non-existing znode " + nodeRemovePath);
  }
 } catch (Exception e) {
  throw new RuntimeException("Could not update Stored Token ZKDTSMDelegationToken_"
    + ident.getSequenceNumber(), e);
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
public synchronized TokenIdent cancelToken(Token<TokenIdent> token,
  String canceller) throws IOException {
 ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
 DataInputStream in = new DataInputStream(buf);
 TokenIdent id = createIdentifier();
 id.readFields(in);
 syncLocalCacheWithZk(id);
 return super.cancelToken(token, canceller);
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

private DelegationTokenInformation getTokenInfoFromZK(TokenIdent ident,
  boolean quiet) throws IOException {
 String nodePath =
   getNodePath(ZK_DTSM_TOKENS_ROOT,
     DELEGATION_TOKEN_PREFIX + ident.getSequenceNumber());
 try {
  createIdentifier().readFields(din);
  long renewDate = din.readLong();
  int pwdLen = din.readInt();

代码示例来源:origin: org.apache.hadoop/hadoop-common

private DelegationKey getKeyFromZK(int keyId) throws IOException {
 String nodePath =
   getNodePath(ZK_DTSM_MASTER_KEY_ROOT, DELEGATION_KEY_PREFIX + keyId);
 try {
  byte[] data = zkClient.getData().forPath(nodePath);
  if ((data == null) || (data.length == 0)) {
   return null;
  }
  ByteArrayInputStream bin = new ByteArrayInputStream(data);
  DataInputStream din = new DataInputStream(bin);
  DelegationKey key = new DelegationKey();
  key.readFields(din);
  return key;
 } catch (KeeperException.NoNodeException e) {
  LOG.error("No node in path [" + nodePath + "]");
 } catch (Exception ex) {
  throw new IOException(ex);
 }
 return null;
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

private DelegationTokenInformation getTokenInfoFromZK(TokenIdent ident)
  throws IOException {
 return getTokenInfoFromZK(ident, false);
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

private void processTokenRemoved(ChildData data) throws IOException {
 ByteArrayInputStream bin = new ByteArrayInputStream(data.getData());
 DataInputStream din = new DataInputStream(bin);
 TokenIdent ident = createIdentifier();
 ident.readFields(din);
 synchronized (this) {
  currentTokens.remove(ident);
  // The cancel task might be waiting
  notifyAll();
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected int incrementDelegationTokenSeqNum() {
 try {
  incrSharedCount(delTokSeqCounter);
 } catch (InterruptedException e) {
  // The ExpirationThread is just finishing.. so dont do anything..
  LOG.debug("Thread interrupted while performing token counter increment", e);
  Thread.currentThread().interrupt();
 } catch (Exception e) {
  throw new RuntimeException("Could not increment shared counter !!", e);
 }
 return delTokSeqCounter.getCount();
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected void storeToken(TokenIdent ident,
  DelegationTokenInformation tokenInfo) throws IOException {
 try {
  addOrUpdateToken(ident, tokenInfo, false);
 } catch (Exception e) {
  throw new RuntimeException(e);
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected DelegationKey getDelegationKey(int keyId) {
 // First check if its I already have this key
 DelegationKey key = allKeys.get(keyId);
 // Then query ZK
 if (key == null) {
  try {
   key = getKeyFromZK(keyId);
   if (key != null) {
    allKeys.put(keyId, key);
   }
  } catch (IOException e) {
   LOG.error("Error retrieving key [" + keyId + "] from ZK", e);
  }
 }
 return key;
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

LOG.info("Connecting to ZooKeeper with SASL/Kerberos"
  + "and using 'sasl' ACLs");
String principal = setJaasConfiguration(conf);
System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY,
  JAAS_LOGIN_ENTRY_NAME);

代码示例来源:origin: org.apache.hadoop/hadoop-common

createPersistentNode(ZK_DTSM_MASTER_KEY_ROOT);
 createPersistentNode(ZK_DTSM_TOKENS_ROOT);
} catch (Exception e) {
 throw new RuntimeException("Could not create ZK paths");
  loadFromZKCache(false);
  loadFromZKCache(true);

代码示例来源:origin: io.hops/hadoop-common

@Override
public synchronized TokenIdent cancelToken(Token<TokenIdent> token,
  String canceller) throws IOException {
 ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
 DataInputStream in = new DataInputStream(buf);
 TokenIdent id = createIdentifier();
 id.readFields(in);
 try {
  if (!currentTokens.containsKey(id)) {
   // See if token can be retrieved and placed in currentTokens
   getTokenInfo(id);
  }
  return super.cancelToken(token, canceller);
 } catch (Exception e) {
  LOG.error("Exception while checking if token exist !!", e);
  return id;
 }
}

代码示例来源:origin: io.prestosql.hadoop/hadoop-apache

createPersistentNode(ZK_DTSM_MASTER_KEY_ROOT);
 createPersistentNode(ZK_DTSM_TOKENS_ROOT);
} catch (Exception e) {
 throw new RuntimeException("Could not create ZK paths");

代码示例来源:origin: com.github.jiayuhan-it/hadoop-common

private DelegationTokenInformation getTokenInfoFromZK(TokenIdent ident,
  boolean quiet) throws IOException {
 String nodePath =
   getNodePath(ZK_DTSM_TOKENS_ROOT,
     DELEGATION_TOKEN_PREFIX + ident.getSequenceNumber());
 try {
  createIdentifier().readFields(din);
  long renewDate = din.readLong();
  int pwdLen = din.readInt();

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected void removeStoredMasterKey(DelegationKey key) {
 String nodeRemovePath =
   getNodePath(ZK_DTSM_MASTER_KEY_ROOT,
     DELEGATION_KEY_PREFIX + key.getKeyId());
 if (LOG.isDebugEnabled()) {
  LOG.debug("Removing ZKDTSMDelegationKey_" + key.getKeyId());
 }
 try {
  if (zkClient.checkExists().forPath(nodeRemovePath) != null) {
   while(zkClient.checkExists().forPath(nodeRemovePath) != null){
    try {
     zkClient.delete().guaranteed().forPath(nodeRemovePath);
    } catch (NoNodeException nne) {
     // It is possible that the node might be deleted between the
     // check and the actual delete.. which might lead to an
     // exception that can bring down the daemon running this
     // SecretManager
     LOG.debug("Node already deleted by peer " + nodeRemovePath);
    }
   }
  } else {
   LOG.debug("Attempted to delete a non-existing znode " + nodeRemovePath);
  }
 } catch (Exception e) {
  LOG.debug(nodeRemovePath + " znode could not be removed!!");
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected DelegationTokenInformation getTokenInfo(TokenIdent ident) {
 // First check if I have this..
 DelegationTokenInformation tokenInfo = currentTokens.get(ident);
 // Then query ZK
 if (tokenInfo == null) {
  try {
   tokenInfo = getTokenInfoFromZK(ident);
   if (tokenInfo != null) {
    currentTokens.put(ident, tokenInfo);
   }
  } catch (IOException e) {
   LOG.error("Error retrieving tokenInfo [" + ident.getSequenceNumber()
     + "] from ZK", e);
  }
 }
 return tokenInfo;
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

private void processTokenAddOrUpdate(ChildData data) throws IOException {
 ByteArrayInputStream bin = new ByteArrayInputStream(data.getData());
 DataInputStream din = new DataInputStream(bin);
 TokenIdent ident = createIdentifier();
 ident.readFields(din);
 long renewDate = din.readLong();
 int pwdLen = din.readInt();
 byte[] password = new byte[pwdLen];
 int numRead = din.read(password, 0, pwdLen);
 if (numRead > -1) {
  DelegationTokenInformation tokenInfo =
    new DelegationTokenInformation(renewDate, password);
  synchronized (this) {
   currentTokens.put(ident, tokenInfo);
   // The cancel task might be waiting
   notifyAll();
  }
 }
}

代码示例来源:origin: org.apache.hadoop/hadoop-common

@Override
protected int incrementCurrentKeyId() {
 try {
  incrSharedCount(keyIdSeqCounter);
 } catch (InterruptedException e) {
  // The ExpirationThread is just finishing.. so dont do anything..
  LOG.debug("Thread interrupted while performing keyId increment", e);
  Thread.currentThread().interrupt();
 } catch (Exception e) {
  throw new RuntimeException("Could not increment shared keyId counter !!", e);
 }
 return keyIdSeqCounter.getCount();
}

相关文章