Java 类org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager 实例源码

项目：hadoop 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：aliyun-oss-hadoop-fs 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsConstants.WEBHDFS_TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：big-c 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hadoop-2.6.0-cdh5.4.3 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hadoop-plus 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：FlexMap 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hops 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId =
        new DelegationTokenIdentifier(new Text(ugi.getUserName()), null,
            null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager =
        new DelegationTokenSecretManager(86400000, 86400000, 86400000,
            86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token =
        new Token<>(dtId, dtSecretManager);
    SecurityUtil.setTokenService(token,
        NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hadoop-TCP 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hadoop-on-lustre 文件：TestDelegationToken.java

@Test 
public void testCancelDelegationToken() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  Token<DelegationTokenIdentifier> token = generateDelegationToken(
      "SomeUser", "JobTracker");
  //Fake renewer should not be able to renew
  try {
    dtSecretManager.cancelToken(token, "FakeCanceller");
    Assert.fail("should have failed");
  } catch (AccessControlException ace) {
    // PASS
  }
  dtSecretManager.cancelToken(token, "JobTracker");
  try {
    dtSecretManager.renewToken(token, "JobTracker");
    Assert.fail("should have failed");
  } catch (InvalidToken it) {
    // PASS
  }
}

项目：hadoop-on-lustre 文件：TestDelegationToken.java

@Test
public void testDelegationTokenDFSApi() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  DistributedFileSystem dfs = (DistributedFileSystem) cluster.getFileSystem();
  final Token<DelegationTokenIdentifier> token = dfs.getDelegationToken(new Text("JobTracker"));
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  identifier.readFields(new DataInputStream(
           new ByteArrayInputStream(tokenId)));
  LOG.info("A valid token should have non-null password, and should be renewed successfully");
  Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
  dtSecretManager.renewToken(token, "JobTracker");
  UserGroupInformation.createRemoteUser("JobTracker").doAs(
      new PrivilegedExceptionAction<Object>() {
        @Override
        public Object run() throws Exception {
          token.renew(config);
          token.cancel(config);
          return null;
        }
      });
}

项目：hardfs 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：hadoop-on-lustre2 文件：TestWebHdfsUrl.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf) throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(
        token, NetUtils.createSocketAddr(uri.getAuthority()));
    token.setKind(WebHdfsFileSystem.TOKEN_KIND);
    ugi.addToken(token);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：cumulus 文件：TestDelegationToken.java

@Test 
public void testCancelDelegationToken() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNamesystem()
      .getDelegationTokenSecretManager();
  Token<DelegationTokenIdentifier> token = generateDelegationToken(
      "SomeUser", "JobTracker");
  //Fake renewer should not be able to renew
  try {
    dtSecretManager.cancelToken(token, "FakeCanceller");
    Assert.fail("should have failed");
  } catch (AccessControlException ace) {
    // PASS
  }
  dtSecretManager.cancelToken(token, "JobTracker");
  try {
    dtSecretManager.renewToken(token, "JobTracker");
    Assert.fail("should have failed");
  } catch (InvalidToken it) {
    // PASS
  }
}

项目：hortonworks-extension 文件：TestDelegationToken.java

@Test 
public void testCancelDelegationToken() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  Token<DelegationTokenIdentifier> token = generateDelegationToken(
      "SomeUser", "JobTracker");
  //Fake renewer should not be able to renew
  try {
    dtSecretManager.cancelToken(token, "FakeCanceller");
    Assert.fail("should have failed");
  } catch (AccessControlException ace) {
    // PASS
  }
  dtSecretManager.cancelToken(token, "JobTracker");
  try {
    dtSecretManager.renewToken(token, "JobTracker");
    Assert.fail("should have failed");
  } catch (InvalidToken it) {
    // PASS
  }
}

项目：hortonworks-extension 文件：TestDelegationToken.java

@Test
public void testDelegationTokenDFSApi() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  DistributedFileSystem dfs = (DistributedFileSystem) cluster.getFileSystem();
  final Token<DelegationTokenIdentifier> token = dfs.getDelegationToken(new Text("JobTracker"));
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  identifier.readFields(new DataInputStream(
           new ByteArrayInputStream(tokenId)));
  LOG.info("A valid token should have non-null password, and should be renewed successfully");
  Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
  dtSecretManager.renewToken(token, "JobTracker");
  UserGroupInformation.createRemoteUser("JobTracker").doAs(
      new PrivilegedExceptionAction<Object>() {
        @Override
        public Object run() throws Exception {
          token.renew(config);
          token.cancel(config);
          return null;
        }
      });
}

项目：hortonworks-extension 文件：TestDelegationToken.java

@Test 
public void testCancelDelegationToken() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  Token<DelegationTokenIdentifier> token = generateDelegationToken(
      "SomeUser", "JobTracker");
  //Fake renewer should not be able to renew
  try {
    dtSecretManager.cancelToken(token, "FakeCanceller");
    Assert.fail("should have failed");
  } catch (AccessControlException ace) {
    // PASS
  }
  dtSecretManager.cancelToken(token, "JobTracker");
  try {
    dtSecretManager.renewToken(token, "JobTracker");
    Assert.fail("should have failed");
  } catch (InvalidToken it) {
    // PASS
  }
}

项目：hortonworks-extension 文件：TestDelegationToken.java

@Test
public void testDelegationTokenDFSApi() throws Exception {
  DelegationTokenSecretManager dtSecretManager = cluster.getNameNode()
      .getNamesystem().getDelegationTokenSecretManager();
  DistributedFileSystem dfs = (DistributedFileSystem) cluster.getFileSystem();
  final Token<DelegationTokenIdentifier> token = dfs.getDelegationToken(new Text("JobTracker"));
  DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
  byte[] tokenId = token.getIdentifier();
  identifier.readFields(new DataInputStream(
           new ByteArrayInputStream(tokenId)));
  LOG.info("A valid token should have non-null password, and should be renewed successfully");
  Assert.assertTrue(null != dtSecretManager.retrievePassword(identifier));
  dtSecretManager.renewToken(token, "JobTracker");
  UserGroupInformation.createRemoteUser("JobTracker").doAs(
      new PrivilegedExceptionAction<Object>() {
        @Override
        public Object run() throws Exception {
          token.renew(config);
          token.cancel(config);
          return null;
        }
      });
}

项目：hadoop 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}

项目：hadoop 文件：FSImageFormatProtobuf.java

private void saveSecretManagerSection(FileSummary.Builder summary)
    throws IOException {
  final FSNamesystem fsn = context.getSourceNamesystem();
  DelegationTokenSecretManager.SecretManagerState state = fsn
      .saveSecretManagerState();
  state.section.writeDelimitedTo(sectionOutputStream);
  for (SecretManagerSection.DelegationKey k : state.keys)
    k.writeDelimitedTo(sectionOutputStream);

  for (SecretManagerSection.PersistToken t : state.tokens)
    t.writeDelimitedTo(sectionOutputStream);

  commitSection(summary, SectionName.SECRET_MANAGER);
}

项目：hadoop 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}

项目：aliyun-oss-hadoop-fs 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsConstants.WEBHDFS_TOKEN_KIND
      : WebHdfsConstants.SWEBHDFS_TOKEN_KIND;
  t.setKind(kind);
  return t;
}

项目：aliyun-oss-hadoop-fs 文件：FSImageFormatProtobuf.java

private void saveSecretManagerSection(FileSummary.Builder summary)
    throws IOException {
  final FSNamesystem fsn = context.getSourceNamesystem();
  DelegationTokenSecretManager.SecretManagerState state = fsn
      .saveSecretManagerState();
  state.section.writeDelimitedTo(sectionOutputStream);
  for (SecretManagerSection.DelegationKey k : state.keys)
    k.writeDelimitedTo(sectionOutputStream);

  for (SecretManagerSection.PersistToken t : state.tokens)
    t.writeDelimitedTo(sectionOutputStream);

  commitSection(summary, SectionName.SECRET_MANAGER);
}

项目：aliyun-oss-hadoop-fs 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}

项目：aliyun-oss-hadoop-fs 文件：DelegationTokenFetcher.java

private static void printTokens(final Configuration conf,
                                final Path tokenFile)
        throws IOException {
  DelegationTokenIdentifier id = new DelegationTokenSecretManager(0, 0, 0,
          0, null).createIdentifier();
  for (Token<?> token : readTokens(tokenFile, conf)) {
    DataInputStream in = new DataInputStream(new ByteArrayInputStream(token
            .getIdentifier()));
    id.readFields(in);
    System.out.println("Token (" + id + ") for " + token.getService());
  }
}

项目：aliyun-oss-hadoop-fs 文件：TestDataNodeUGIProvider.java

private WebHdfsFileSystem getWebHdfsFileSystem(UserGroupInformation ugi,
    Configuration conf, List<Token<DelegationTokenIdentifier>> tokens)
    throws IOException {
  if (UserGroupInformation.isSecurityEnabled()) {
    DelegationTokenIdentifier dtId = new DelegationTokenIdentifier(new Text(
        ugi.getUserName()), null, null);
    FSNamesystem namesystem = mock(FSNamesystem.class);
    DelegationTokenSecretManager dtSecretManager = new DelegationTokenSecretManager(
        86400000, 86400000, 86400000, 86400000, namesystem);
    dtSecretManager.startThreads();
    Token<DelegationTokenIdentifier> token1 = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    Token<DelegationTokenIdentifier> token2 = new Token<DelegationTokenIdentifier>(
        dtId, dtSecretManager);
    SecurityUtil.setTokenService(token1,
        NetUtils.createSocketAddr(uri.getAuthority()));
    SecurityUtil.setTokenService(token2,
        NetUtils.createSocketAddr(uri.getAuthority()));
    token1.setKind(WebHdfsConstants.WEBHDFS_TOKEN_KIND);
    token2.setKind(WebHdfsConstants.WEBHDFS_TOKEN_KIND);

    tokens.add(token1);
    tokens.add(token2);

    ugi.addToken(token1);
    ugi.addToken(token2);
  }
  return (WebHdfsFileSystem) FileSystem.get(uri, conf);
}

项目：big-c 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}

项目：big-c 文件：FSImageFormatProtobuf.java

private void saveSecretManagerSection(FileSummary.Builder summary)
    throws IOException {
  final FSNamesystem fsn = context.getSourceNamesystem();
  DelegationTokenSecretManager.SecretManagerState state = fsn
      .saveSecretManagerState();
  state.section.writeDelimitedTo(sectionOutputStream);
  for (SecretManagerSection.DelegationKey k : state.keys)
    k.writeDelimitedTo(sectionOutputStream);

  for (SecretManagerSection.PersistToken t : state.tokens)
    t.writeDelimitedTo(sectionOutputStream);

  commitSection(summary, SectionName.SECRET_MANAGER);
}

项目：big-c 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}

项目：hadoop-2.6.0-cdh5.4.3 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}

项目：hadoop-2.6.0-cdh5.4.3 文件：FSImageFormatProtobuf.java

private void saveSecretManagerSection(FileSummary.Builder summary)
    throws IOException {
  final FSNamesystem fsn = context.getSourceNamesystem();
  DelegationTokenSecretManager.SecretManagerState state = fsn
      .saveSecretManagerState();
  state.section.writeDelimitedTo(sectionOutputStream);
  for (SecretManagerSection.DelegationKey k : state.keys)
    k.writeDelimitedTo(sectionOutputStream);

  for (SecretManagerSection.PersistToken t : state.tokens)
    t.writeDelimitedTo(sectionOutputStream);

  commitSection(summary, SectionName.SECRET_MANAGER);
}

项目：hadoop-2.6.0-cdh5.4.3 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}

项目：hadoop-plus 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  t.setKind(WebHdfsFileSystem.TOKEN_KIND);
  return t;
}

项目：hadoop-plus 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL, this);
}

项目：FlexMap 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  if (c == null) {
    return null;
  }
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  Text kind = request.getScheme().equals("http") ? WebHdfsFileSystem.TOKEN_KIND
      : SWebHdfsFileSystem.TOKEN_KIND;
  t.setKind(kind);
  return t;
}

项目：FlexMap 文件：FSImageFormatProtobuf.java

private void saveSecretManagerSection(FileSummary.Builder summary)
    throws IOException {
  final FSNamesystem fsn = context.getSourceNamesystem();
  DelegationTokenSecretManager.SecretManagerState state = fsn
      .saveSecretManagerState();
  state.section.writeDelimitedTo(sectionOutputStream);
  for (SecretManagerSection.DelegationKey k : state.keys)
    k.writeDelimitedTo(sectionOutputStream);

  for (SecretManagerSection.PersistToken t : state.tokens)
    t.writeDelimitedTo(sectionOutputStream);

  commitSection(summary, SectionName.SECRET_MANAGER);
}

项目：FlexMap 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}

项目：hops 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager
      .createCredentials(namenode, ugi,
          renewer != null ? renewer : ugi.getShortUserName());
  final Token<? extends TokenIdentifier> t =
      c.getAllTokens().iterator().next();
  t.setKind(WebHdfsFileSystem.TOKEN_KIND);
  SecurityUtil.setTokenService(t, namenode.getHttpAddress());
  return t;
}

项目：hops 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(
      conf.getLong(DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL, this);
}

项目：hadoop-TCP 文件：NamenodeWebHdfsMethods.java

private Token<? extends TokenIdentifier> generateDelegationToken(
    final NameNode namenode, final UserGroupInformation ugi,
    final String renewer) throws IOException {
  final Credentials c = DelegationTokenSecretManager.createCredentials(
      namenode, ugi, renewer != null? renewer: ugi.getShortUserName());
  final Token<? extends TokenIdentifier> t = c.getAllTokens().iterator().next();
  t.setKind(WebHdfsFileSystem.TOKEN_KIND);
  return t;
}

项目：hadoop-TCP 文件：FSNamesystem.java

/**
 * Create delegation token secret manager
 */
private DelegationTokenSecretManager createDelegationTokenSecretManager(
    Configuration conf) {
  return new DelegationTokenSecretManager(conf.getLong(
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY,
      DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_MAX_LIFETIME_DEFAULT),
      conf.getLong(DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_KEY,
          DFS_NAMENODE_DELEGATION_TOKEN_RENEW_INTERVAL_DEFAULT),
      DELEGATION_TOKEN_REMOVER_SCAN_INTERVAL,
      conf.getBoolean(DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_KEY,
          DFS_NAMENODE_AUDIT_LOG_TOKEN_TRACKING_ID_DEFAULT),
      this);
}