You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by ji...@apache.org on 2016/12/22 19:32:00 UTC
[34/51] [abbrv] hadoop git commit: YARN-5975. Remove the agent -
slider AM ssl related code. Contributed by Jian He
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
deleted file mode 100644
index e82ad84..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.commons.lang.RandomStringUtils;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.fs.RawLocalFileSystem;
-import org.apache.hadoop.fs.permission.FsAction;
-import org.apache.hadoop.fs.permission.FsPermission;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.MapOperations;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.File;
-import java.io.IOException;
-//import java.nio.file.Files;
-//import java.nio.file.Path;
-//import java.nio.file.Paths;
-//import java.nio.file.attribute.PosixFilePermission;
-//import java.nio.file.attribute.PosixFilePermissions;
-
-
-/**
- *
- */
-public class SecurityUtils {
- private static final Logger LOG =
- LoggerFactory.getLogger(SecurityUtils.class);
-
- private static String CA_CONFIG_CONTENTS = "HOME = .\n"
- + "RANDFILE = $ENV::HOME/.rnd\n\n"
- + "[ ca ]\n"
- + "default_ca = CA_CLIENT\n"
- + "[ CA_CLIENT ]\n"
- + "dir = ${SEC_DIR}/db\n"
- + "certs = $dir/certs\n"
- + "new_certs_dir = $dir/newcerts\n"
- + "\n"
- + "database = $dir/index.txt\n"
- + "serial = $dir/serial\n"
- + "default_days = 365 \n"
- + "\n"
- + "default_crl_days = 7 \n"
- + "default_md = sha256 \n"
- + "\n"
- + "policy = policy_anything \n"
- + "\n"
- + "[ policy_anything ]\n"
- + "countryName = optional\n"
- + "stateOrProvinceName = optional\n"
- + "localityName = optional\n"
- + "organizationName = optional\n"
- + "organizationalUnitName = optional\n"
- + "commonName = optional\n"
- + "emailAddress = optional\n"
- + "\n"
- + "[req]\n"
- + "distinguished_name = req_distinguished_name\n"
- + "\n"
- + "[ req_distinguished_name ]\n"
- + "\n"
- + "[ jdk7_ca ]\n"
- + "subjectKeyIdentifier = hash\n"
- + "authorityKeyIdentifier = keyid:always,issuer:always\n"
- + "basicConstraints = CA:true\n";
-
- private static final String PASS_TOKEN = "pass:";
- private static String keystorePass;
- private static String securityDir;
-
- public static void logOpenSslExitCode(String command, int exitCode) {
- if (exitCode == 0) {
- LOG.info(getOpenSslCommandResult(command, exitCode));
- } else {
- LOG.warn(getOpenSslCommandResult(command, exitCode));
- }
-
- }
-
- public static String hideOpenSslPassword(String command){
- int start = command.indexOf(PASS_TOKEN);
- while (start >= 0) {
- start += PASS_TOKEN.length();
- CharSequence cs = command.subSequence(start, command.indexOf(" ", start));
- command = command.replace(cs, "****");
- start = command.indexOf(PASS_TOKEN, start + 1);
- }
- return command;
- }
-
- public static String getOpenSslCommandResult(String command, int exitCode) {
- return new StringBuilder().append("Command ")
- .append(hideOpenSslPassword(command))
- .append(" was finished with exit code: ")
- .append(exitCode).append(" - ")
- .append(getOpenSslExitCodeDescription(exitCode)).toString();
- }
-
- private static String getOpenSslExitCodeDescription(int exitCode) {
- switch (exitCode) {
- case 0: {
- return "the operation was completed successfully.";
- }
- case 1: {
- return "an error occurred parsing the command options.";
- }
- case 2: {
- return "one of the input files could not be read.";
- }
- case 3: {
- return "an error occurred creating the PKCS#7 file or when reading the MIME message.";
- }
- case 4: {
- return "an error occurred decrypting or verifying the message.";
- }
- case 5: {
- return "the message was verified correctly but an error occurred writing out the signers certificates.";
- }
- default:
- return "unsupported code";
- }
- }
-
- public static void writeCaConfigFile(String path) throws IOException {
- String contents = CA_CONFIG_CONTENTS.replace("${SEC_DIR}", path);
- FileUtils.writeStringToFile(new File(path, "ca.config"), contents);
- }
-
- public static String getKeystorePass() {
- return keystorePass;
- }
-
- public static String getSecurityDir() {
- return securityDir;
- }
-
- public static void initializeSecurityParameters(MapOperations configMap) {
- initializeSecurityParameters(configMap, false);
- }
-
- public static void initializeSecurityParameters(MapOperations configMap,
- boolean persistPassword) {
- String keyStoreLocation = configMap.getOption(
- SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, getDefaultKeystoreLocation());
- if (keyStoreLocation == null) {
- LOG.error(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION
- + " is not specified. Unable to initialize security params.");
- return;
- }
- File secDirFile = new File(keyStoreLocation).getParentFile();
- if (!secDirFile.exists()) {
- // create entire required directory structure
- File dbDir = new File(secDirFile, "db");
- File newCertsDir = new File(dbDir, "newcerts");
- newCertsDir.mkdirs();
- RawLocalFileSystem fileSystem = null;
- try {
- fileSystem = new RawLocalFileSystem();
- FsPermission permissions = new FsPermission(FsAction.ALL, FsAction.NONE,
- FsAction.NONE);
- fileSystem.setPermission(new Path(dbDir.getAbsolutePath()),
- permissions);
- fileSystem.setPermission(new Path(dbDir.getAbsolutePath()), permissions);
- fileSystem.setPermission(new Path(newCertsDir.getAbsolutePath()),
- permissions);
- File indexFile = new File(dbDir, "index.txt");
- indexFile.createNewFile();
- SecurityUtils.writeCaConfigFile(secDirFile.getAbsolutePath().replace('\\', '/'));
-
- } catch (IOException e) {
- LOG.error("Unable to create SSL configuration directories/files", e);
- } finally {
- if (fileSystem != null) {
- try {
- fileSystem.close();
- } catch (IOException e) {
- LOG.warn("Unable to close fileSystem", e);
- }
- }
- }
- // need to create the password
- }
- keystorePass = getKeystorePassword(secDirFile, persistPassword);
- securityDir = secDirFile.getAbsolutePath();
- }
-
- private static String getKeystorePassword(File secDirFile,
- boolean persistPassword) {
- File passFile = new File(secDirFile, SliderKeys.CRT_PASS_FILE_NAME);
- String password = null;
- if (!passFile.exists()) {
- LOG.info("Generating keystore password");
- password = RandomStringUtils.randomAlphanumeric(
- Integer.valueOf(SliderKeys.PASS_LEN));
- if (persistPassword) {
- try {
- FileUtils.writeStringToFile(passFile, password);
- passFile.setWritable(true);
- passFile.setReadable(true);
- } catch (IOException e) {
- e.printStackTrace();
- throw new RuntimeException(
- "Error creating certificate password file");
- }
- }
- } else {
- LOG.info("Reading password from existing file");
- try {
- password = FileUtils.readFileToString(passFile);
- password = password.replaceAll("\\p{Cntrl}", "");
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
-
- return password;
- }
-
- private static String getDefaultKeystoreLocation() {
- File workDir = null;
- try {
- workDir = new File(FileUtils.getTempDirectory().getAbsolutePath()
- + "/sec" + System.currentTimeMillis());
- if (!workDir.mkdirs()) {
- throw new IOException("Unable to create temporary security directory");
- }
- } catch (IOException e) {
- LOG.warn("Unable to create security directory");
- return null;
- }
-
- return new StringBuilder().append(workDir.getAbsolutePath())
- .append(File.separator)
- .append(SliderKeys.SECURITY_DIR)
- .append(File.separator)
- .append(SliderKeys.KEYSTORE_FILE_NAME).toString();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
deleted file mode 100644
index 8437d88..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignCertResponse.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.slider.server.services.security;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- *
- * Sign certificate response data model.
- *
- */
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "", propOrder = {})
-public class SignCertResponse {
-
- public static final String ERROR_STATUS = "ERROR";
- public static final String OK_STATUS = "OK";
-
- @XmlElement
- private String result;
- @XmlElement
- private String signedCa;
- @XmlElement
- private String message;
-
- public String getResult() {
- return result;
- }
- public void setResult(String result) {
- this.result = result;
- }
- public String getSignedCa() {
- return signedCa;
- }
- public void setSignedCa(String signedCa) {
- this.signedCa = signedCa;
- }
-
- public String getMessage() {
- return message;
- }
- public void setMessage(String message) {
- this.message = message;
- }
-}
-
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
deleted file mode 100644
index 4bccb87..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/SignMessage.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.slider.server.services.security;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- *
- * Sign certificate request data model.
- *
- */
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "", propOrder = {})
-public class SignMessage {
-
- @XmlElement
- private String csr;
- @XmlElement
- private String passphrase;
- public String getCsr() {
- return csr;
- }
- public void setCsr(String csr) {
- this.csr = csr;
- }
- public String getPassphrase() {
- return passphrase;
- }
- public void setPassphrase(String passphrase) {
- this.passphrase = passphrase;
- }
-}
-
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
deleted file mode 100644
index 226250f..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/StoresGenerator.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- *
- */
-public class StoresGenerator {
-
- static CertificateManager certMgr = new CertificateManager();
- private static SecurityStoreGenerator[] GENERATORS = {
- new KeystoreGenerator(certMgr), new TruststoreGenerator(certMgr)
- };
-
- public static SecurityStore[] generateSecurityStores(String hostname,
- String containerId,
- String role,
- AggregateConf instanceDefinition,
- MapOperations compOps)
- throws SliderException, IOException {
- //discover which stores need generation based on the passwords configured
- List<SecurityStore> files = new ArrayList<SecurityStore>();
- for (SecurityStoreGenerator generator : GENERATORS) {
- if (generator.isStoreRequested(compOps)) {
- SecurityStore store = generator.generate(hostname,
- containerId,
- instanceDefinition,
- compOps,
- role);
- if (store != null) {
- files.add(store);
- }
- }
- }
-
- if (files.isEmpty()) {
- throw new SliderException("Security stores were requested but none were "
- + "generated. Check the AM logs and ensure "
- + "passwords are configured for the components "
- + "requiring the stores.");
- }
- return files.toArray(new SecurityStore[files.size()]);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
deleted file mode 100644
index d16dcbd..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/java/org/apache/slider/server/services/security/TruststoreGenerator.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-
-import java.io.IOException;
-
-/**
- *
- */
-public class TruststoreGenerator extends AbstractSecurityStoreGenerator {
-
-
- public TruststoreGenerator(CertificateManager certificateMgr) {
- super(certificateMgr);
- }
-
- @Override
- public SecurityStore generate(String hostname, String containerId,
- AggregateConf instanceDefinition,
- MapOperations compOps, String role)
- throws SliderException, IOException {
- SecurityStore truststore = null;
- String password = getStorePassword(
- instanceDefinition.getAppConf().credentials, compOps, role);
- if (password != null) {
- truststore = certificateMgr.generateContainerTruststore(containerId,
- role, password);
- }
- return truststore;
- }
-
- @Override
- String getPassword(MapOperations compOps) {
- return compOps.get(
- compOps.get(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY));
- }
-
- @Override
- String getAlias(MapOperations compOps) {
- return compOps.getOption(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY,
- SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT);
- }
-}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
index 4221b1d..d68da2b 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/main/proto/SliderClusterProtocol.proto
@@ -175,10 +175,4 @@ service SliderClusterProtocolPB {
// ConfTree getLiveResources
rpc getLiveResources(EmptyPayloadProto)
returns(WrappedJsonProto);
-
- rpc getClientCertificateStore(GetCertificateStoreRequestProto)
- returns(GetCertificateStoreResponseProto);
-
-
-
}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
deleted file mode 100644
index 7a4a586..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestCertificateManager.java
+++ /dev/null
@@ -1,540 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.alias.CredentialProvider;
-import org.apache.hadoop.security.alias.CredentialProviderFactory;
-import org.apache.hadoop.security.alias.JavaKeyStoreProvider;
-import org.apache.slider.Slider;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.InetAddress;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-
-import static org.junit.Assert.assertEquals;
-
-/**
- *
- */
-public class TestCertificateManager {
- @Rule
- public TemporaryFolder workDir = new TemporaryFolder();
- private File secDir;
- private CertificateManager certMan;
-
- @Before
- public void setup() throws Exception {
- certMan = new CertificateManager();
- MapOperations compOperations = new MapOperations();
- secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR);
- File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
- compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION,
- keystoreFile.getAbsolutePath());
- certMan.initialize(compOperations, "cahost", null, null);
- }
-
- @Test
- public void testServerCertificateGenerated() throws Exception {
- File serverCrt = new File(secDir, SliderKeys.CRT_FILE_NAME);
- Assert.assertTrue("Server CRD does not exist:" + serverCrt,
- serverCrt.exists());
- }
-
- @Test
- public void testAMKeystoreGenerated() throws Exception {
- File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
- Assert.assertTrue("Keystore does not exist: " + keystoreFile,
- keystoreFile.exists());
- InputStream is = null;
- try {
-
- is = new FileInputStream(keystoreFile);
- KeyStore keystore = KeyStore.getInstance("pkcs12");
- String password = SecurityUtils.getKeystorePass();
- keystore.load(is, password.toCharArray());
-
- Certificate certificate = keystore.getCertificate(
- keystore.aliases().nextElement());
- Assert.assertNotNull(certificate);
-
- if (certificate instanceof X509Certificate) {
- X509Certificate x509cert = (X509Certificate) certificate;
-
- // Get subject
- Principal principal = x509cert.getSubjectDN();
- String subjectDn = principal.getName();
- Assert.assertEquals("wrong DN",
- "CN=cahost",
- subjectDn);
-
- // Get issuer
- principal = x509cert.getIssuerDN();
- String issuerDn = principal.getName();
- Assert.assertEquals("wrong Issuer DN",
- "CN=cahost",
- issuerDn);
- }
- } finally {
- if(null != is) {
- is.close();
- }
- }
- }
-
- @Test
- public void testContainerCertificateGeneration() throws Exception {
- certMan.generateContainerCertificate("testhost", "container1");
- Assert.assertTrue("container certificate not generated",
- new File(secDir, "container1.crt").exists());
- }
-
- @Test
- public void testContainerKeystoreGeneration() throws Exception {
- SecurityStore keystoreFile = certMan.generateContainerKeystore("testhost",
- "container1",
- "component1",
- "password");
- validateKeystore(keystoreFile.getFile(), "testhost", "cahost");
- }
-
- private void validateKeystore(File keystoreFile, String certHostname,
- String issuerHostname)
- throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
- Assert.assertTrue("container keystore not generated",
- keystoreFile.exists());
-
- InputStream is = null;
- try {
-
- is = new FileInputStream(keystoreFile);
- KeyStore keystore = KeyStore.getInstance("pkcs12");
- String password = "password";
- keystore.load(is, password.toCharArray());
-
- Certificate certificate = keystore.getCertificate(
- keystore.aliases().nextElement());
- Assert.assertNotNull(certificate);
-
- if (certificate instanceof X509Certificate) {
- X509Certificate x509cert = (X509Certificate) certificate;
-
- // Get subject
- Principal principal = x509cert.getSubjectDN();
- String subjectDn = principal.getName();
- Assert.assertEquals("wrong DN", "CN=" + certHostname + ", OU=container1",
- subjectDn);
-
- // Get issuer
- principal = x509cert.getIssuerDN();
- String issuerDn = principal.getName();
- Assert.assertEquals("wrong Issuer DN",
- "CN=" + issuerHostname,
- issuerDn);
- }
- } finally {
- if(null != is) {
- is.close();
- }
- }
- }
-
- @Test
- public void testContainerKeystoreGenerationViaStoresGenerator() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = new MapOperations();
- instanceDefinition.getAppConf().components.put("component1", compOps);
- compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
- "app1.component1.password.property");
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
- instanceDefinition.getAppConf().global.put(
- "app1.component1.password.property", "password");
- instanceDefinition.resolve();
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- validateKeystore(files[0].getFile(), "testhost", "cahost");
- }
-
- @Test
- public void testContainerKeystoreGenerationViaStoresGeneratorUsingGlobalProps() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = new MapOperations();
- instanceDefinition.getAppConf().components.put("component1", compOps);
- compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
- "app1.component1.password.property");
- instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
- compOps.put(
- "app1.component1.password.property", "password");
- instanceDefinition.resolve();
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- validateKeystore(files[0].getFile(), "testhost", "cahost");
- }
-
- @Test
- public void testContainerKeystoreGenerationViaStoresGeneratorOverrideGlobalSetting() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = setupComponentOptions(true, null,
- "app1.component1.password.property",
- null, null);
- instanceDefinition.getAppConf().components.put("component1", compOps);
- instanceDefinition.getAppConf().global.put(
- "app1.component1.password.property", "password");
- instanceDefinition.getAppConf().global.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "false");
- instanceDefinition.resolve();
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- validateKeystore(files[0].getFile(), "testhost", "cahost");
- }
-
- @Test
- public void testContainerTrusttoreGeneration() throws Exception {
- SecurityStore keystoreFile =
- certMan.generateContainerKeystore("testhost",
- "container1",
- "component1",
- "keypass");
- Assert.assertTrue("container keystore not generated",
- keystoreFile.getFile().exists());
- SecurityStore truststoreFile =
- certMan.generateContainerTruststore("container1",
- "component1", "trustpass"
- );
- Assert.assertTrue("container truststore not generated",
- truststoreFile.getFile().exists());
-
- validateTruststore(keystoreFile.getFile(), truststoreFile.getFile());
- }
-
- @Test
- public void testContainerGenerationUsingStoresGeneratorNoTruststore() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = new MapOperations();
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
- compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY,
- "test.keystore.password");
-
- setupCredentials(instanceDefinition, "test.keystore.password", null);
-
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
- "container1", "component1");
- Assert.assertTrue("container keystore not generated",
- keystoreFile.exists());
-
- Assert.assertTrue("keystore not in returned list",
- Arrays.asList(files).contains(new SecurityStore(keystoreFile,
- SecurityStore.StoreType.keystore)));
- File truststoreFile =
- CertificateManager.getContainerTruststoreFilePath("component1",
- "container1");
- Assert.assertFalse("container truststore generated",
- truststoreFile.exists());
- Assert.assertFalse("truststore in returned list",
- Arrays.asList(files).contains(new SecurityStore(truststoreFile,
- SecurityStore.StoreType.truststore)));
-
- }
-
- @Test
- public void testContainerGenerationUsingStoresGeneratorJustTruststoreWithDefaultAlias() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = setupComponentOptions(true);
-
- setupCredentials(instanceDefinition, null,
- SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_DEFAULT);
-
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
- "container1", "component1");
- Assert.assertFalse("container keystore generated",
- keystoreFile.exists());
- Assert.assertFalse("keystore in returned list",
- Arrays.asList(files).contains(keystoreFile));
- File truststoreFile =
- CertificateManager.getContainerTruststoreFilePath("component1",
- "container1");
- Assert.assertTrue("container truststore not generated",
- truststoreFile.exists());
- Assert.assertTrue("truststore not in returned list",
- Arrays.asList(files).contains(new SecurityStore(truststoreFile,
- SecurityStore.StoreType.truststore)));
-
- }
-
- @Test
- public void testContainerTrusttoreGenerationUsingStoresGenerator() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = setupComponentOptions(true,
- "test.keystore.password",
- null,
- "test.truststore.password",
- null);
-
- setupCredentials(instanceDefinition, "test.keystore.password",
- "test.truststore.password");
-
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 2, files.length);
- File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
- "container1", "component1");
- Assert.assertTrue("container keystore not generated",
- keystoreFile.exists());
- Assert.assertTrue("keystore not in returned list",
- Arrays.asList(files).contains(new SecurityStore(keystoreFile,
- SecurityStore.StoreType.keystore)));
- File truststoreFile =
- CertificateManager.getContainerTruststoreFilePath("component1",
- "container1");
- Assert.assertTrue("container truststore not generated",
- truststoreFile.exists());
- Assert.assertTrue("truststore not in returned list",
- Arrays.asList(files).contains(new SecurityStore(truststoreFile,
- SecurityStore.StoreType.truststore)));
-
- validateTruststore(keystoreFile, truststoreFile);
- }
-
- private void setupCredentials(AggregateConf instanceDefinition,
- String keyAlias, String trustAlias)
- throws Exception {
- Configuration conf = new Configuration();
- final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks");
- final String ourUrl =
- JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
-
- File file = new File(SecurityUtils.getSecurityDir(), "test.jks");
- file.delete();
- conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
-
- instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList<String>());
-
- CredentialProvider provider =
- CredentialProviderFactory.getProviders(conf).get(0);
-
- // create new aliases
- try {
-
- if (keyAlias != null) {
- char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'};
- provider.createCredentialEntry(
- keyAlias, storepass);
- }
-
- if (trustAlias != null) {
- char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'};
- provider.createCredentialEntry(
- trustAlias, trustpass);
- }
-
- // write out so that it can be found in checks
- provider.flush();
- } catch (Exception e) {
- e.printStackTrace();
- throw e;
- }
- }
-
- private MapOperations setupComponentOptions(boolean storesRequired) {
- return this.setupComponentOptions(storesRequired, null, null, null, null);
- }
-
- private MapOperations setupComponentOptions(boolean storesRequired,
- String keyAlias,
- String keyPwd,
- String trustAlias,
- String trustPwd) {
- MapOperations compOps = new MapOperations();
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY,
- Boolean.toString(storesRequired));
- if (keyAlias != null) {
- compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_KEY,
- "test.keystore.password");
- }
- if (trustAlias != null) {
- compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_ALIAS_KEY,
- "test.truststore.password");
- }
- if (keyPwd != null) {
- compOps.put(SliderKeys.COMP_KEYSTORE_PASSWORD_PROPERTY_KEY,
- keyPwd);
- }
- if (trustPwd != null) {
- compOps.put(SliderKeys.COMP_TRUSTSTORE_PASSWORD_PROPERTY_KEY,
- trustPwd);
- }
- return compOps;
- }
-
- @Test
- public void testContainerStoresGenerationKeystoreOnly() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = new MapOperations();
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
- setupCredentials(instanceDefinition,
- SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null);
-
- SecurityStore[]
- files = StoresGenerator.generateSecurityStores("testhost",
- "container1",
- "component1",
- instanceDefinition,
- compOps);
- assertEquals("wrong number of stores", 1, files.length);
- File keystoreFile = CertificateManager.getContainerKeystoreFilePath(
- "container1", "component1");
- Assert.assertTrue("container keystore not generated",
- keystoreFile.exists());
- Assert.assertTrue("keystore not in returned list",
- Arrays.asList(files).contains(new SecurityStore(keystoreFile,
- SecurityStore.StoreType.keystore)));
- File truststoreFile =
- CertificateManager.getContainerTruststoreFilePath("component1",
- "container1");
- Assert.assertFalse("container truststore generated",
- truststoreFile.exists());
- Assert.assertFalse("truststore in returned list",
- Arrays.asList(files).contains(new SecurityStore(truststoreFile,
- SecurityStore.StoreType.truststore)));
-
- }
-
- @Test
- public void testContainerStoresGenerationMisconfiguration() throws Exception {
- AggregateConf instanceDefinition = new AggregateConf();
- MapOperations compOps = new MapOperations();
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
- setupCredentials(instanceDefinition, "cant.be.found", null);
-
- try {
- StoresGenerator.generateSecurityStores("testhost", "container1",
- "component1", instanceDefinition,
- compOps);
- Assert.fail("SliderException should have been generated");
- } catch (SliderException e) {
- // ignore - should be thrown
- }
- }
-
- private void validateTruststore(File keystoreFile, File truststoreFile)
- throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
- InputStream keyis = null;
- InputStream trustis = null;
- try {
-
- // create keystore
- keyis = new FileInputStream(keystoreFile);
- KeyStore keystore = KeyStore.getInstance("pkcs12");
- String password = "keypass";
- keystore.load(keyis, password.toCharArray());
-
- // obtain server cert
- Certificate certificate = keystore.getCertificate(
- keystore.aliases().nextElement());
- Assert.assertNotNull(certificate);
-
- // create trust store from generated trust store file
- trustis = new FileInputStream(truststoreFile);
- KeyStore truststore = KeyStore.getInstance("pkcs12");
- password = "trustpass";
- truststore.load(trustis, password.toCharArray());
-
- // validate keystore cert using trust store
- TrustManagerFactory
- trustManagerFactory =
- TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustManagerFactory.init(truststore);
-
- for (TrustManager trustManager: trustManagerFactory.getTrustManagers()) {
- if (trustManager instanceof X509TrustManager) {
- X509TrustManager x509TrustManager = (X509TrustManager)trustManager;
- x509TrustManager.checkServerTrusted(
- new X509Certificate[] {(X509Certificate) certificate},
- "RSA_EXPORT");
- }
- }
-
- } finally {
- if(null != keyis) {
- keyis.close();
- }
- if(null != trustis) {
- trustis.close();
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/cef1ce44/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
deleted file mode 100644
index 2e2ffce..0000000
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-slider/hadoop-yarn-slider-core/src/test/java/org/apache/slider/server/services/security/TestMultiThreadedStoreGeneration.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.slider.server.services.security;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.alias.CredentialProvider;
-import org.apache.hadoop.security.alias.CredentialProviderFactory;
-import org.apache.hadoop.security.alias.JavaKeyStoreProvider;
-import org.apache.slider.common.SliderKeys;
-import org.apache.slider.common.SliderXmlConfKeys;
-import org.apache.slider.core.conf.AggregateConf;
-import org.apache.slider.core.conf.MapOperations;
-import org.apache.slider.core.exceptions.SliderException;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.CountDownLatch;
-
-import static org.junit.Assert.assertTrue;
-
-/**
- *
- */
-public class TestMultiThreadedStoreGeneration {
-
- public static final int NUM_THREADS = 30;
- @Rule
- public TemporaryFolder workDir = new TemporaryFolder();;
-
- private void setupCredentials(AggregateConf instanceDefinition,
- String keyAlias, String trustAlias)
- throws Exception {
- Configuration conf = new Configuration();
- final Path jksPath = new Path(SecurityUtils.getSecurityDir(), "test.jks");
- final String ourUrl =
- JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri();
-
- File file = new File(SecurityUtils.getSecurityDir(), "test.jks");
- file.delete();
- conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
-
- instanceDefinition.getAppConf().credentials.put(ourUrl, new ArrayList<String>());
-
- CredentialProvider provider =
- CredentialProviderFactory.getProviders(conf).get(0);
-
- // create new aliases
- try {
-
- if (keyAlias != null) {
- char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'};
- provider.createCredentialEntry(
- keyAlias, storepass);
- }
-
- if (trustAlias != null) {
- char[] trustpass = {'t', 'r', 'u', 's', 't', 'p', 'a', 's', 's'};
- provider.createCredentialEntry(
- trustAlias, trustpass);
- }
-
- // write out so that it can be found in checks
- provider.flush();
- } catch (Exception e) {
- e.printStackTrace();
- throw e;
- }
- }
-
-
- @Test
- public void testMultiThreadedStoreGeneration() throws Exception {
-
- CertificateManager certMan = new CertificateManager();
- MapOperations compOperations = new MapOperations();
- File secDir = new File(workDir.getRoot(), SliderKeys.SECURITY_DIR);
- File keystoreFile = new File(secDir, SliderKeys.KEYSTORE_FILE_NAME);
- compOperations.put(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION,
- keystoreFile.getAbsolutePath());
- certMan.initialize(compOperations, "cahost", null, null);
-
- final CountDownLatch latch = new CountDownLatch(1);
- final List<SecurityStore> stores = new ArrayList<>();
- List<Thread> threads = new ArrayList<>();
- final AggregateConf instanceDefinition = new AggregateConf();
-
- setupCredentials(instanceDefinition,
- SliderKeys.COMP_KEYSTORE_PASSWORD_ALIAS_DEFAULT, null);
- final MapOperations compOps = new MapOperations();
- compOps.put(SliderKeys.COMP_STORES_REQUIRED_KEY, "true");
-
- for (int i=0; i<NUM_THREADS; ++i) {
- final int finalI = i;
- Runnable runner = new Runnable() {
- public void run() {
- System.out.println ("----> In run");
- try {
- latch.await();
- SecurityStore[] stores1 = StoresGenerator.generateSecurityStores(
- "testhost",
- "container" + finalI,
- "component" + finalI,
- instanceDefinition,
- compOps);
- System.out.println ("----> stores1" + stores1);
- List<SecurityStore>
- securityStores =
- Arrays.asList(stores1);
- stores.addAll(securityStores);
- } catch (InterruptedException e) {
- e.printStackTrace();
- } catch (SliderException e) {
- e.printStackTrace();
- } catch (IOException e) {
- e.printStackTrace();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- };
- Thread thread = new Thread(runner, "TestThread" + i);
- threads.add(thread);
- thread.start();
- }
- latch.countDown();
- for (Thread t : threads) {
- t.join();
- }
-
- for (int i=0; i < NUM_THREADS; i++) {
- assertTrue("keystore " + i + " not generated", stores.get(i).getFile().exists());
- }
- }
-
-}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org