@Test
  public void invalidTokenThrows() {
    when(UserGroupInformation.isSecurityEnabled()).thenReturn(true);
    when(mockProtocolData.getToken()).thenReturn("This is odd");

    try {
      SecuredHDFS.verifyToken(mockProtocolData, mockContext);
      fail("invalid X-GP-TOKEN should throw");
    } catch (SecurityException e) {
      assertEquals("Failed to verify delegation token java.io.EOFException", e.getMessage());
    }
  }
Example #2
0
  /**
   * The function will get the token information from parameters and call SecuredHDFS to verify the
   * token.
   *
   * <p>All token properties will be deserialized from string to a Token object
   *
   * @param protData input parameters
   * @param context servlet context which contains the NN address
   * @throws SecurityException Thrown when authentication fails
   */
  public static void verifyToken(ProtocolData protData, ServletContext context) {
    try {
      if (UserGroupInformation.isSecurityEnabled()) {
        Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>();
        String tokenString = protData.getToken();
        token.decodeFromUrlString(tokenString);

        verifyToken(
            token.getIdentifier(),
            token.getPassword(),
            token.getKind(),
            token.getService(),
            context);
      }
    } catch (IOException e) {
      throw new SecurityException("Failed to verify delegation token " + e, e);
    }
  }