return new LoadBalancingKMSClientProvider(providerUri, providers, conf);
this.providers = (seed != 0) ? shuffle(providers) : providers; for (KMSClientProvider provider : providers) { provider.setClientTokenProvider(this);
@Override public KeyVersion rollNewVersion(final String name, final byte[] material) throws IOException { final KeyVersion newVersion = doOp(new ProviderCallable<KeyVersion>() { @Override public KeyVersion call(KMSClientProvider provider) throws IOException { return provider.rollNewVersion(name, material); } }, nextIdx(), false); invalidateCache(name); return newVersion; }
@Override public org.apache.hadoop.security.token.Token<? extends TokenIdentifier> selectDelegationToken(Credentials creds) { Token<? extends TokenIdentifier> token = KMSClientProvider.selectDelegationToken(creds, canonicalService); // fallback to querying each sub-provider. if (token == null) { for (KMSClientProvider provider : getProviders()) { token = provider.selectDelegationToken(creds); if (token != null) { break; } } } return token; }
@Override public KeyVersion rollNewVersion(final String name) throws NoSuchAlgorithmException, IOException { try { final KeyVersion newVersion = doOp(new ProviderCallable<KeyVersion>() { @Override public KeyVersion call(KMSClientProvider provider) throws IOException, NoSuchAlgorithmException { return provider.rollNewVersion(name); } }, nextIdx(), false); invalidateCache(name); return newVersion; } catch (WrapperException e) { if (e.getCause() instanceof GeneralSecurityException) { throw (NoSuchAlgorithmException) e.getCause(); } throw new IOException(e.getCause()); } }
private Text getTokenService(KeyProvider provider) { assertTrue("KeyProvider should be an instance of " + "LoadBalancingKMSClientProvider", (provider instanceof LoadBalancingKMSClientProvider)); assertEquals("Num client providers should be 1", 1, ((LoadBalancingKMSClientProvider)provider).getProviders().length); final Text tokenService = new Text( (((LoadBalancingKMSClientProvider)provider).getProviders()[0]) .getCanonicalServiceName()); return tokenService; }
private KeyProvider createProvider(URI providerUri, Configuration conf, URL origUrl, int port, String hostsPart) throws IOException { String[] hosts = hostsPart.split(";"); if (hosts.length == 1) { return new KMSClientProvider(providerUri, conf); } else { KMSClientProvider[] providers = new KMSClientProvider[hosts.length]; for (int i = 0; i < hosts.length; i++) { try { providers[i] = new KMSClientProvider( new URI("kms", origUrl.getProtocol(), hosts[i], port, origUrl.getPath(), null, null), conf); } catch (URISyntaxException e) { throw new IOException("Could not instantiate KMSProvider..", e); } } return new LoadBalancingKMSClientProvider(providers, conf); } } }
public LoadBalancingKMSClientProvider(KMSClientProvider[] providers, Configuration conf) { this(shuffle(providers), Time.monotonicNow(), conf); }
assertTrue(kp instanceof LoadBalancingKMSClientProvider); KMSClientProvider[] providers = ((LoadBalancingKMSClientProvider) kp).getProviders(); assertEquals(3, providers.length); assertEquals(Sets.newHashSet("http://host1/kms/foo/v1/", assertTrue(kp instanceof LoadBalancingKMSClientProvider); providers = ((LoadBalancingKMSClientProvider) kp).getProviders(); assertEquals(3, providers.length); assertEquals(Sets.newHashSet("http://host1:16000/kms/foo/v1/",
private KeyProvider createProvider(URI providerUri, Configuration conf, URL origUrl, int port, String hostsPart) throws IOException { String[] hosts = hostsPart.split(";"); if (hosts.length == 1) { return new KMSClientProvider(providerUri, conf); } else { KMSClientProvider[] providers = new KMSClientProvider[hosts.length]; for (int i = 0; i < hosts.length; i++) { try { providers[i] = new KMSClientProvider( new URI("kms", origUrl.getProtocol(), hosts[i], port, origUrl.getPath(), null, null), conf); } catch (URISyntaxException e) { throw new IOException("Could not instantiate KMSProvider..", e); } } return new LoadBalancingKMSClientProvider(providers, conf); } } }
public LoadBalancingKMSClientProvider(KMSClientProvider[] providers, Configuration conf) { this(shuffle(providers), Time.monotonicNow(), conf); }
assertTrue(kp instanceof LoadBalancingKMSClientProvider); KMSClientProvider[] providers = ((LoadBalancingKMSClientProvider) kp).getProviders(); assertEquals(3, providers.length); assertEquals(Sets.newHashSet("http://host1/kms/foo/v1/", assertTrue(kp instanceof LoadBalancingKMSClientProvider); providers = ((LoadBalancingKMSClientProvider) kp).getProviders(); assertEquals(3, providers.length); assertEquals(Sets.newHashSet("http://host1:16000/kms/foo/v1/",
private KeyProvider createProvider(URI providerUri, Configuration conf, URL origUrl, int port, String hostsPart) throws IOException { String[] hosts = hostsPart.split(";"); if (hosts.length == 1) { return new KMSClientProvider(providerUri, conf); } else { KMSClientProvider[] providers = new KMSClientProvider[hosts.length]; for (int i = 0; i < hosts.length; i++) { try { providers[i] = new KMSClientProvider( new URI("kms", origUrl.getProtocol(), hosts[i], port, origUrl.getPath(), null, null), conf); } catch (URISyntaxException e) { throw new IOException("Could not instantiate KMSProvider..", e); } } return new LoadBalancingKMSClientProvider(providers, conf); } } }
public LoadBalancingKMSClientProvider(KMSClientProvider[] providers, Configuration conf) { this(shuffle(providers), Time.monotonicNow(), conf); }
private KeyProvider createProvider(URI providerUri, Configuration conf, URL origUrl, int port, String hostsPart) throws IOException { String[] hosts = hostsPart.split(";"); if (hosts.length == 1) { return new KMSClientProvider(providerUri, conf); } else { KMSClientProvider[] providers = new KMSClientProvider[hosts.length]; for (int i = 0; i < hosts.length; i++) { try { providers[i] = new KMSClientProvider( new URI("kms", origUrl.getProtocol(), hosts[i], port, origUrl.getPath(), null, null), conf); } catch (URISyntaxException e) { throw new IOException("Could not instantiate KMSProvider..", e); } } return new LoadBalancingKMSClientProvider(providers, conf); } } }