/** * Create an empty block token identifier * * @return a newly created empty block token identifier */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** Return an empty BlockTokenIdentifer */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** * Deserializes a base64-encoded binary representation of a block access * token. * * @param str String to deserialize * @return BlockTokenIdentifier deserialized from str * @throws IOException if there is any I/O error */ private BlockTokenIdentifier deserializeIdentifier(String str) throws IOException { BlockTokenIdentifier identifier = new BlockTokenIdentifier(); identifier.readFields(new DataInputStream(new ByteArrayInputStream( Base64.decodeBase64(str)))); return identifier; }
private void checkBlockToken(ExtendedBlock block, Token<BlockTokenIdentifier> token, AccessMode accessMode) throws IOException { if (isBlockTokenEnabled) { BlockTokenIdentifier id = new BlockTokenIdentifier(); ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); id.readFields(in); LOG.debug("Got: {}", id); blockPoolTokenSecretManager.checkAccess(id, null, block, accessMode, null, null); } }
/** Generate a block token for a specified user */ public Token<BlockTokenIdentifier> generateToken(String userId, ExtendedBlock block, EnumSet<BlockTokenIdentifier.AccessMode> modes, StorageType[] storageTypes, String[] storageIds) throws IOException { BlockTokenIdentifier id = new BlockTokenIdentifier(userId, block .getBlockPoolId(), block.getBlockId(), modes, storageTypes, storageIds, useProto); return new Token<BlockTokenIdentifier>(id, this); }
/** Check if access should be allowed. userID is not checked if null */ public void checkAccess(Token<BlockTokenIdentifier> token, String userId, ExtendedBlock block, BlockTokenIdentifier.AccessMode mode, StorageType[] storageTypes, String[] storageIds) throws InvalidToken { BlockTokenIdentifier id = new BlockTokenIdentifier(); try { id.readFields(new DataInputStream(new ByteArrayInputStream(token .getIdentifier()))); } catch (IOException e) { throw new InvalidToken( "Unable to de-serialize block token identifier for user=" + userId + ", block=" + block + ", access mode=" + mode); } checkAccess(id, userId, block, mode, storageTypes, storageIds); if (!Arrays.equals(retrievePassword(id), token.getPassword())) { throw new InvalidToken("Block token with " + id + " doesn't have the correct token password"); } }
/** * Create an empty block token identifier * * @return a newly created empty block token identifier */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** * Create an empty block token identifier * * @return a newly created empty block token identifier */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** Return an empty BlockTokenIdentifer */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** Return an empty BlockTokenIdentifer */ @Override public BlockTokenIdentifier createIdentifier() { return new BlockTokenIdentifier(); }
/** * Deserializes a base64-encoded binary representation of a block access * token. * * @param str String to deserialize * @return BlockTokenIdentifier deserialized from str * @throws IOException if there is any I/O error */ private BlockTokenIdentifier deserializeIdentifier(String str) throws IOException { BlockTokenIdentifier identifier = new BlockTokenIdentifier(); identifier.readFields(new DataInputStream(new ByteArrayInputStream( Base64.decodeBase64(str)))); return identifier; }
/** * Deserializes a base64-encoded binary representation of a block access * token. * * @param str String to deserialize * @return BlockTokenIdentifier deserialized from str * @throws IOException if there is any I/O error */ private BlockTokenIdentifier deserializeIdentifier(String str) throws IOException { BlockTokenIdentifier identifier = new BlockTokenIdentifier(); identifier.readFields(new DataInputStream(new ByteArrayInputStream( Base64.decodeBase64(str)))); return identifier; }
private void checkBlockToken(ExtendedBlock block, Token<BlockTokenIdentifier> token, AccessMode accessMode) throws IOException { if (isBlockTokenEnabled) { BlockTokenIdentifier id = new BlockTokenIdentifier(); ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); id.readFields(in); if (LOG.isDebugEnabled()) { LOG.debug("Got: " + id.toString()); } blockPoolTokenSecretManager.checkAccess(id, null, block, accessMode); } }
private void checkBlockToken(Block block, Token<BlockTokenIdentifier> token, AccessMode accessMode) throws IOException { if (isBlockTokenEnabled && UserGroupInformation.isSecurityEnabled()) { BlockTokenIdentifier id = new BlockTokenIdentifier(); ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); id.readFields(in); if (LOG.isDebugEnabled()) { LOG.debug("Got: " + id.toString()); } blockTokenSecretManager.checkAccess(id, null, block, accessMode); } }
/** Generate a block token for a specified user */ public Token<BlockTokenIdentifier> generateToken(String userId, ExtendedBlock block, EnumSet<AccessMode> modes) throws IOException { BlockTokenIdentifier id = new BlockTokenIdentifier(userId, block .getBlockPoolId(), block.getBlockId(), modes); return new Token<BlockTokenIdentifier>(id, this); }
/** Generate a block token for a specified user */ public Token<BlockTokenIdentifier> generateToken(String userId, ExtendedBlock block, EnumSet<AccessMode> modes) throws IOException { BlockTokenIdentifier id = new BlockTokenIdentifier(userId, block .getBlockPoolId(), block.getBlockId(), modes); return new Token<BlockTokenIdentifier>(id, this); }
private void checkBlockToken(ExtendedBlock block, Token<BlockTokenIdentifier> token, AccessMode accessMode) throws IOException { if (isBlockTokenEnabled) { BlockTokenIdentifier id = new BlockTokenIdentifier(); ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier()); DataInputStream in = new DataInputStream(buf); id.readFields(in); if (LOG.isDebugEnabled()) { LOG.debug("Got: " + id.toString()); } blockPoolTokenSecretManager.checkAccess(id, null, block, accessMode); } }
@Test public void testWritable() throws Exception { TestWritable.testWritable(new BlockTokenIdentifier()); BlockTokenSecretManager sm = new BlockTokenSecretManager(true, blockKeyUpdateInterval, blockTokenLifetime); TestWritable.testWritable(generateTokenId(sm, block1, EnumSet .allOf(BlockTokenSecretManager.AccessMode.class))); TestWritable.testWritable(generateTokenId(sm, block2, EnumSet .of(BlockTokenSecretManager.AccessMode.WRITE))); TestWritable.testWritable(generateTokenId(sm, block3, EnumSet .noneOf(BlockTokenSecretManager.AccessMode.class))); }
/** Check if access should be allowed. userID is not checked if null */ public void checkAccess(Token<BlockTokenIdentifier> token, String userId, ExtendedBlock block, AccessMode mode) throws InvalidToken { BlockTokenIdentifier id = new BlockTokenIdentifier(); try { id.readFields(new DataInputStream(new ByteArrayInputStream(token .getIdentifier()))); } catch (IOException e) { throw new InvalidToken( "Unable to de-serialize block token identifier for user=" + userId + ", block=" + block + ", access mode=" + mode); } checkAccess(id, userId, block, mode); if (!Arrays.equals(retrievePassword(id), token.getPassword())) { throw new InvalidToken("Block token with " + id.toString() + " doesn't have the correct token password"); } }
@Test public void testWritable() throws Exception { TestWritable.testWritable(new BlockTokenIdentifier()); BlockTokenSecretManager sm = new BlockTokenSecretManager( blockKeyUpdateInterval, blockTokenLifetime, 0, "fake-pool", null); TestWritable.testWritable(generateTokenId(sm, block1, EnumSet.allOf(BlockTokenSecretManager.AccessMode.class))); TestWritable.testWritable(generateTokenId(sm, block2, EnumSet.of(BlockTokenSecretManager.AccessMode.WRITE))); TestWritable.testWritable(generateTokenId(sm, block3, EnumSet.noneOf(BlockTokenSecretManager.AccessMode.class))); }