HADOOP-7792. Common component for HDFS-2416: Add verifyToken method to AbstractDelegationTokenSecretManager.

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1196386 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jitendra Nath Pandey 2011-11-01 23:15:13 +00:00
parent bb35bff29b
commit cd2a553fbd
3 changed files with 20 additions and 0 deletions

View File

@ -52,6 +52,9 @@ Trunk (unreleased changes)
HADOOP-7424. Log an error if the topology script doesn't handle multiple args. HADOOP-7424. Log an error if the topology script doesn't handle multiple args.
(Uma Maheswara Rao G via eli) (Uma Maheswara Rao G via eli)
HADOOP-7792. Add verifyToken method to AbstractDelegationTokenSecretManager.
(jitendra)
BUGS BUGS
HADOOP-7606. Upgrade Jackson to version 1.7.1 to match the version required HADOOP-7606. Upgrade Jackson to version 1.7.1 to match the version required

View File

@ -209,6 +209,21 @@ public synchronized byte[] retrievePassword(TokenIdent identifier)
return info.getPassword(); return info.getPassword();
} }
/**
* Verifies that the given identifier and password are valid and match.
* @param identifier Token identifier.
* @param password Password in the token.
* @throws InvalidToken
*/
public synchronized void verifyToken(TokenIdent identifier, byte[] password)
throws InvalidToken {
byte[] storedPassword = retrievePassword(identifier);
if (!Arrays.equals(password, storedPassword)) {
throw new InvalidToken("token (" + identifier
+ ") is invalid, password doesn't match");
}
}
/** /**
* Renew a delegation token. * Renew a delegation token.
* @param token the token to renew * @param token the token to renew

View File

@ -360,6 +360,8 @@ public void run() {
byte[] storedPassword = dtSecretManager.retrievePassword(id); byte[] storedPassword = dtSecretManager.retrievePassword(id);
byte[] password = dtSecretManager.createPassword(id, key); byte[] password = dtSecretManager.createPassword(id, key);
Assert.assertTrue(Arrays.equals(password, storedPassword)); Assert.assertTrue(Arrays.equals(password, storedPassword));
//verify by secret manager api
dtSecretManager.verifyToken(id, password);
} }
} finally { } finally {
dtSecretManager.stopThreads(); dtSecretManager.stopThreads();